Date: Thu, 5 Feb 2009 08:46:18 +0000 (UTC) From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r188141 - head/sys/kern Message-ID: <200902050846.n158kI1D020988@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: trasz Date: Thu Feb 5 08:46:18 2009 New Revision: 188141 URL: http://svn.freebsd.org/changeset/base/188141 Log: In some situations, mnt_lockref could go negative due to vfs_unbusy() being called without calling vfs_busy() first. This made umount(8) hang waiting for mnt_lockref to become zero, which would never happen. Reviewed by: kib Approved by: rwatson (mentor) Reported by: pho Found with: stress2 Sponsored by: FreeBSD Foundation Modified: head/sys/kern/vfs_syscalls.c Modified: head/sys/kern/vfs_syscalls.c ============================================================================== --- head/sys/kern/vfs_syscalls.c Thu Feb 5 04:02:15 2009 (r188140) +++ head/sys/kern/vfs_syscalls.c Thu Feb 5 08:46:18 2009 (r188141) @@ -395,14 +395,16 @@ kern_fstatfs(struct thread *td, int fd, vfs_ref(mp); VOP_UNLOCK(vp, 0); fdrop(fp, td); - if (vp->v_iflag & VI_DOOMED) { + if (mp == NULL) { error = EBADF; goto out; } error = vfs_busy(mp, 0); vfs_rel(mp); - if (error) - goto out; + if (error) { + VFS_UNLOCK_GIANT(vfslocked); + return (error); + } #ifdef MAC error = mac_mount_check_stat(td->td_ucred, mp); if (error)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902050846.n158kI1D020988>