From owner-freebsd-hackers  Thu Apr  3 19:20:47 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA11203
          for hackers-outgoing; Thu, 3 Apr 1997 19:20:47 -0800 (PST)
Received: from dg-rtp.dg.com (dg-rtp.rtp.dg.com [128.222.1.2])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id TAA11190
          for <freebsd-hackers@freefall.FreeBSD.org>; Thu, 3 Apr 1997 19:20:41 -0800 (PST)
Received: by dg-rtp.dg.com (5.4R3.10/dg-rtp-v02)
	id AA15400; Thu, 3 Apr 1997 22:20:05 -0500
Received: from ponds by dg-rtp.dg.com.rtp.dg.com; Thu,  3 Apr 1997 22:20 EST
Received: from lakes.water.net (lakes [10.0.0.3]) by ponds.water.net (8.8.3/8.7.3) with ESMTP id WAA15955; Thu, 3 Apr 1997 22:04:49 -0500 (EST)
Received: (from rivers@localhost) by lakes.water.net (8.8.3/8.6.9) id WAA09093; Thu, 3 Apr 1997 22:10:40 -0500 (EST)
Date: Thu, 3 Apr 1997 22:10:40 -0500 (EST)
From: Thomas David Rivers <ponds!rivers@dg-rtp.dg.com>
Message-Id: <199704040310.WAA09093@lakes.water.net>
To: ponds!freefall.cdrom.com!freebsd-hackers, ponds!dg.com!root,
        ponds!idi.ntnu.no!Tor.Egge
Subject: Re: kern/3184: vnodes are used after they are freed.  (dup alloc?)
Content-Type: text
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


Wow!

 I was _very_ excited by this report; especially since it seemed
to match the 'dup alloc' panic I've reported, and it was a timing
issue, and this is certainly the area where I get "dup alloc"s and
"free vnode isn't" panics...

 So, I applied the following diff to a 2.1.7 tree, which basically
moves the call to VOP_INACTIVE() until after the vnode has been
added to the free list (as Tor had described) [Tor - does this seem
to be what you intended?  The source in 2.1.7, of course, doesn't
have the SMP locking, etc....]:

*** vfs_subr.c.ori	Thu Aug 15 13:08:20 1996
--- vfs_subr.c	Thu Apr  3 20:07:46 1997
***************
*** 835,840 ****
--- 835,843 ----
  		panic("vrele: ref cnt");
  	}
  #endif
+ 
+ 	VOP_INACTIVE(vp);
+ 
  	if (vp->v_flag & VAGE) {
  		TAILQ_INSERT_HEAD(&vnode_free_list, vp, v_freelist);
  		vp->v_flag &= ~VAGE;
***************
*** 843,849 ****
  	}
  	freevnodes++;
  
- 	VOP_INACTIVE(vp);
  }
  
  /*
--- 846,851 ----




Unfortunately, I am still able to demonstrate my particular problem :-(

So, I'm beginning to wonder... is there a way a vnode can get
onto the freelist; but still be "busy" somehow...  Of hand,
is there a way to check for this condition I could add to the code
to see if that's what's going on?


	- Thanks -
	- Dave Rivers -