On Mon, Jun 04, 2018 at 08:53:49PM +0200, Alexander Bluhm wrote:
> userret: returning with the following locks held:
> exclusive rrwlock inode r = 0 (0xffffff023d492b48) locked @
> /usr/src/sys/ufs/uf
> s/ufs_vnops.c:1559
> #0 witness_lock+0x254
> #1 _rw_enter+0x29b
> #2 _rrw_enter+0x3e
> #3 VOP_LOCK+0x3d
> #4 vn_lock+0x34
> #5 vget+0xf7
> #6 cache_lookup+0x217
> #7 ufs_lookup+0x112
> #8 VOP_LOOKUP+0x4f
> #9 vfs_lookup+0x27e
> #10 namei+0x226
> #11 vn_open+0xcf
> #12 doopenat+0x1af
> #13 syscall+0x32a
> #14 Xsyscall_untramp+0xc0
> panic: witness_warn
We are leaking a vnode in namei(). The mount check was copied from
NetBSD in 2003. Later in 2006 they added a vput(). As we have not
locked the directory vnode, call vrele() there.
ok?
bluhm
Index: kern/vfs_lookup.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/kern/vfs_lookup.c,v
retrieving revision 1.69
diff -u -p -r1.69 vfs_lookup.c
--- kern/vfs_lookup.c 2 May 2018 02:24:56 -0000 1.69
+++ kern/vfs_lookup.c 4 Jul 2018 10:44:48 -0000
@@ -203,6 +203,8 @@ fail:
if (!dp->v_mount) {
/* Give up if the directory is no longer mounted */
pool_put(&namei_pool, cnp->cn_pnbuf);
+ vrele(dp);
+ ndp->ni_vp = NULL;
return (ENOENT);
}
cnp->cn_nameptr = cnp->cn_pnbuf;
