FREF() and FRELE() should be used for modify file reference count, so
direct f_count modification replaced by their calls. Only one direct f_count
decrement was kept in closef() since FRELE() call looks inapplicable here.
Index: kern/kern_descrip.c
===================================================================
RCS file: /home/cvsync/openbsd-cvs/src/sys/kern/kern_descrip.c,v
retrieving revision 1.117
diff -u -p -r1.117 kern_descrip.c
--- kern/kern_descrip.c 14 Mar 2015 03:38:50 -0000 1.117
+++ kern/kern_descrip.c 30 Apr 2015 02:08:52 -0000
@@ -566,7 +566,7 @@ finishdup(struct proc *p, struct file *f
fdp->fd_ofiles[new] = fp;
fdp->fd_ofileflags[new] = fdp->fd_ofileflags[old] & ~UF_EXCLOSE;
- fp->f_count++;
+ FREF(fp);
FRELE(fp, p);
if (dup2 && oldfp == NULL)
fd_used(fdp, new);
@@ -1001,7 +1001,7 @@ fdcopy(struct process *pr)
(*fpp)->f_type == DTYPE_SYSTRACE)
fdremove(newfdp, i);
else
- (*fpp)->f_count++;
+ FREF(*fpp);
}
/* finish cleaning up kq bits */
@@ -1075,6 +1075,11 @@ closef(struct file *fp, struct proc *p)
if (fp->f_count < 2)
panic("closef: count (%ld) < 2", fp->f_count);
#endif
+ /*
+ * XXX: The fp has its usecount bumped by FREF() call. FRELE()
+ * call will not destroy fp here. This direct modification
+ * kept here until usecount logic will be refactored.
+ */
fp->f_count--;
/*
@@ -1249,7 +1254,7 @@ dupfdopen(struct filedesc *fdp, int indx
fdp->fd_ofiles[indx] = wfp;
fdp->fd_ofileflags[indx] = (fdp->fd_ofileflags[indx] & UF_EXCLOSE) |
(fdp->fd_ofileflags[dfd] & ~UF_EXCLOSE);
- wfp->f_count++;
+ FREF(wfp);
fd_used(fdp, indx);
return (0);
}
Index: kern/uipc_usrreq.c
===================================================================
RCS file: /home/cvsync/openbsd-cvs/src/sys/kern/uipc_usrreq.c,v
retrieving revision 1.80
diff -u -p -r1.80 uipc_usrreq.c
--- kern/uipc_usrreq.c 28 Mar 2015 23:50:55 -0000 1.80
+++ kern/uipc_usrreq.c 30 Apr 2015 02:08:52 -0000
@@ -837,7 +837,7 @@ morespace:
}
memcpy(rp, &fp, sizeof fp);
rp--;
- fp->f_count++;
+ FREF(fp);
fp->f_msgcount++;
unp_rights++;
}
@@ -847,8 +847,8 @@ fail:
for ( ; i > 0; i--) {
rp++;
memcpy(&fp, rp, sizeof(fp));
- fp->f_count--;
fp->f_msgcount--;
+ FRELE(fp, NULL);
unp_rights--;
}
@@ -962,7 +962,7 @@ unp_gc(void)
*fpp++ = fp;
nunref++;
FREF(fp);
- fp->f_count++;
+ FREF(fp);
}
}
for (i = nunref, fpp = extra_ref; --i >= 0; ++fpp)
Index: nfs/nfs_syscalls.c
===================================================================
RCS file: /home/cvsync/openbsd-cvs/src/sys/nfs/nfs_syscalls.c,v
retrieving revision 1.99
diff -u -p -r1.99 nfs_syscalls.c
--- nfs/nfs_syscalls.c 14 Mar 2015 03:38:52 -0000 1.99
+++ nfs/nfs_syscalls.c 30 Apr 2015 02:08:52 -0000
@@ -276,7 +276,7 @@ nfssvc_addsock(struct file *fp, struct m
}
slp->ns_so = so;
slp->ns_nam = mynam;
- fp->f_count++;
+ FREF(fp);
slp->ns_fp = fp;
s = splsoftnet();
so->so_upcallarg = (caddr_t)slp;
