From 80d8e16746a7e6c767e69f1dd26ae918524229ad Mon Sep 17 00:00:00 2001 From: iedowse Date: Fri, 9 Mar 2001 18:25:54 +0000 Subject: When creating a shadow vm_object in vmspace_fork(), only one reference count was transferred to the new object, but both the new and the old map entries had pointers to the new object. Correct this by transferring the second reference. This fixes a panic that can occur when mmap(2) is used with the MAP_INHERIT flag. PR: i386/25603 Reviewed by: dillon, alc --- sys/vm/vm_map.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sys/vm/vm_map.c') diff --git a/sys/vm/vm_map.c b/sys/vm/vm_map.c index 471e0af..e2e9f47 100644 --- a/sys/vm/vm_map.c +++ b/sys/vm/vm_map.c @@ -2155,6 +2155,10 @@ vmspace_fork(vm1) &old_entry->offset, atop(old_entry->end - old_entry->start)); old_entry->eflags &= ~MAP_ENTRY_NEEDS_COPY; + /* Transfer the second reference too. */ + vm_object_reference( + old_entry->object.vm_object); + vm_object_deallocate(object); object = old_entry->object.vm_object; } vm_object_clear_flag(object, OBJ_ONEMAPPING); -- cgit v1.1