aa0e1a2ecf
getcleanvnode() sets v_type to VNON after releasing v_interlock. So the thread doing quotaon(), quotaoff() or qsync() could vget() a vnode which is being recycled in getcleanvnode(), after is has been cleaned and v_interlock released, but before v_type has been reset, leading to KASSERT(vp->v_usecount == 1) firing in getnewvnode(), or qsync() dereferending a NULL pointer as in PR kern/42205. Fix by using the same tests as other ffs function traversing the mount list: also check for VTOI(vp) == NULL, and VI_XLOCK in addition to VI_CLEAN. |
||
---|---|---|
.. | ||
ext2fs | ||
ffs | ||
lfs | ||
mfs | ||
ufs | ||
files.ufs | ||
Makefile |