From 2b0b4bee36b2ab7971635c800a04a5b19b972166 Mon Sep 17 00:00:00 2001
From: Ingo Weinhold <ingo_weinhold@gmx.de>
Date: Thu, 13 Mar 2008 23:41:14 +0000
Subject: [PATCH] store_acquire_unreferenced_ref() saves the pointer of the
 vnode it got from the call to vfs_get_vnode() now. Only this way it is safe
 to call store_release_ref() later (as the page writer does). We had a
 potential race condition -- if called after vm_cache_remove_consumer() had
 released the last reference, the old vnode might already have been deleted.

git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24386 a95241bf-73f2-0310-859d-f6bbb57e9c96
---
 src/system/kernel/cache/vnode_store.cpp | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/system/kernel/cache/vnode_store.cpp b/src/system/kernel/cache/vnode_store.cpp
index 11652a380a..60c8cf6ddb 100644
--- a/src/system/kernel/cache/vnode_store.cpp
+++ b/src/system/kernel/cache/vnode_store.cpp
@@ -88,7 +88,14 @@ store_acquire_unreferenced_ref(struct vm_store *_store)
 {
 	vnode_store *store = (vnode_store *)_store;
 	struct vnode *vnode;
-	return vfs_get_vnode(store->device, store->inode, false, &vnode);
+	status_t status = vfs_get_vnode(store->device, store->inode, false, &vnode);
+
+	// If successful, update the store's vnode pointer, so that release_ref()
+	// won't use a stale pointer.
+	if (status == B_OK)
+		store->vnode = vnode;
+
+	return status;
 }