From bafa6cfc93c0c830530bfea34c1bb19cd2b24c76 Mon Sep 17 00:00:00 2001 From: Konstantin Belousov Date: Thu, 28 Mar 2013 06:39:27 +0000 Subject: [PATCH] Release the v_writecount reference on the vnode in case of error, before the vnode is vput() in vm_mmap_vnode(). Error return means that there is no use reference on the vnode from the vm object reference, and failing to restore v_writecount breaks the invariant that v_writecount is less or equal to the usecount. The situation observed when nfs client returns ESTALE for VOP_GETATTR() after the open. In collaboration with: pho MFC after: 1 week --- sys/vm/vm_mmap.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c index 248d9e8c247..c17e9cee9ce 100644 --- a/sys/vm/vm_mmap.c +++ b/sys/vm/vm_mmap.c @@ -1345,6 +1345,10 @@ mark_atime: vfs_mark_atime(vp, cred); done: + if (error != 0 && *writecounted) { + *writecounted = FALSE; + vnode_pager_update_writecount(obj, objsize, 0); + } vput(vp); return (error); }