From owner-freebsd-current@FreeBSD.ORG  Wed Dec 22 18:05:34 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 62BD016A4CE; Wed, 22 Dec 2004 18:05:34 +0000 (GMT)
Received: from critter.freebsd.dk (f170.freebsd.dk [212.242.86.170])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 9FE1743D2F; Wed, 22 Dec 2004 18:05:33 +0000 (GMT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id iBMI5V3H008932;
	Wed, 22 Dec 2004 19:05:31 +0100 (CET)
	(envelope-from phk@critter.freebsd.dk)
To: Don Lewis <truckman@freebsd.org>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
In-Reply-To: Your message of "Sat, 18 Dec 2004 23:32:28 PST."
             <200412190732.iBJ7WSHC066183@gw.catspoiler.org> 
Date: Wed, 22 Dec 2004 19:05:31 +0100
Message-ID: <8931.1103738731@critter.freebsd.dk>
Sender: phk@critter.freebsd.dk
cc: current@freebsd.org
Subject: Re: vnode lock assertion violation in devfs_fixup() 
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Dec 2004 18:05:34 -0000

In message <200412190732.iBJ7WSHC066183@gw.catspoiler.org>, Don Lewis writes:

>The vput() call is actually in devfs_fixup():
>
>        mp->mnt_vnodecovered = vp;
>        vp->v_mountedhere = mp;
>        mtx_lock(&mountlist_mtx);
>        TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list);
>        mtx_unlock(&mountlist_mtx);
>        VOP_UNLOCK(vp, 0, td);
>        vfs_unbusy(mp, td);
>        VREF(vp);
>--->    vput(vp);
>        vput(dvp);  
>
>vput() is supposed to be called with the vnode lock held and it releases
>the lock, which won't work too well because the vnode was just unlocked
>3 lines earlier.  vput() also decrements the vnode reference count, but
>why are we incrementing the reference count on the line above?   I
>suspect that the VREF()/vput() sequence should just go away.

That sounds like the most likely fix :-)

I just tried to faithfully emulate the previous code in all respects
and never got around to fix this up.

If you can confirm that just removing VREF+vput works, then by all
means commit it.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.