From owner-cvs-src-old@FreeBSD.ORG  Mon Dec 29 12:07:25 2008
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8FAC2106575D
	for <cvs-src-old@freebsd.org>; Mon, 29 Dec 2008 12:07:25 +0000 (UTC)
	(envelope-from kib@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 6B6308FC08
	for <cvs-src-old@freebsd.org>; Mon, 29 Dec 2008 12:07:25 +0000 (UTC)
	(envelope-from kib@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id mBTC7PFw050089
	for <cvs-src-old@freebsd.org>; Mon, 29 Dec 2008 12:07:25 GMT
	(envelope-from kib@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id mBTC7PYG050088
	for cvs-src-old@freebsd.org; Mon, 29 Dec 2008 12:07:25 GMT
	(envelope-from kib@repoman.freebsd.org)
Message-Id: <200812291207.mBTC7PYG050088@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	kib@repoman.freebsd.org using -f
From: Konstantin Belousov <kib@FreeBSD.org>
Date: Mon, 29 Dec 2008 12:07:18 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/sys/fs/pseudofs pseudofs_vncache.c
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Dec 2008 12:07:25 -0000

kib         2008-12-29 12:07:18 UTC

  FreeBSD src repository

  Modified files:
    sys/fs/pseudofs      pseudofs_vncache.c 
  Log:
  SVN rev 186560 on 2008-12-29 12:07:18Z by kib
  
  After the pfs_vncache_mutex is dropped, another thread may attempt to
  do pfs_vncache_alloc() for the same pfs_node and pid. In this case, we
  could end up with two vnodes for the pair. Recheck the cache under the
  locked pfs_vncache_mutex after all sleeping operations are done [1].
  
  This case mostly cannot happen now because pseudofs uses exclusive vnode
  locking for lookup. But it does drop the vnode lock for dotdot lookups,
  and Marcus' pseudofs_vptocnp implementation is vulnerable too.
  
  Do not call free() on the struct pfs_vdata after insmntque() failure,
  because vp->v_data points to the structure, and pseudofs_reclaim()
  frees it by the call to pfs_vncache_free().
  
  Tested by:      pho [1]
  Approved by:    des
  MFC after:      2 weeks
  
  Revision  Changes    Path
  1.43      +26 -13    src/sys/fs/pseudofs/pseudofs_vncache.c