vm: object: fix vm_object_cleanup referencing a vmo controller after the pointer is erased
This commit is contained in:
+3
-2
@@ -31,9 +31,10 @@ static kern_status_t vm_object_cleanup(struct object *obj)
|
|||||||
|
|
||||||
if (vmo->vo_ctrl) {
|
if (vmo->vo_ctrl) {
|
||||||
unsigned long flags;
|
unsigned long flags;
|
||||||
vm_controller_lock_irqsave(vmo->vo_ctrl, &flags);
|
struct vm_controller *ctrl = vmo->vo_ctrl;
|
||||||
|
vm_controller_lock_irqsave(ctrl, &flags);
|
||||||
vm_controller_detach_object(vmo->vo_ctrl, vmo);
|
vm_controller_detach_object(vmo->vo_ctrl, vmo);
|
||||||
vm_controller_unlock_irqrestore(vmo->vo_ctrl, flags);
|
vm_controller_unlock_irqrestore(ctrl, flags);
|
||||||
}
|
}
|
||||||
|
|
||||||
return KERN_OK;
|
return KERN_OK;
|
||||||
|
|||||||
Reference in New Issue
Block a user