From 0e81db38b549d79a3af5fce0f9f8fa48d9e6efeb Mon Sep 17 00:00:00 2001 From: Andrew Deason Date: Fri, 18 May 2012 17:40:38 -0400 Subject: [PATCH] afs: Do not QueueVCB before osi_dnlc_purge* In afs_FlushVCache, when we QueueVCB, we might drop the afs_xvcache lock (as of 76158df491f47de56d1febe1d1d2d17d316c9a74). The vcache may still be on the DNLC, so a lookup while xvcache is dropped can cause someone else to grab a reference to the vcache while it is being flushed. This can cause panics and failed assertions, since someone will have a reference to the flushed vcache, which is effectively freed and many of the structure fields are no longer valid. So instead, do not call QueueVCB until we have purged the vcache from the DNLC. Change-Id: Ia6b51b4a2bb26903346217fbd6fc7d959d87eae7 Reviewed-on: http://gerrit.openafs.org/7430 Tested-by: BuildBot Reviewed-by: Derrick Brashear --- src/afs/afs_vcache.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/afs/afs_vcache.c b/src/afs/afs_vcache.c index 5f6c9b185..1904848f3 100644 --- a/src/afs/afs_vcache.c +++ b/src/afs/afs_vcache.c @@ -205,8 +205,6 @@ afs_FlushVCache(struct vcache *avc, int *slept) vn_reinit(AFSTOV(avc)); #endif afs_FreeAllAxs(&(avc->Access)); - if (!afs_shuttingdown) - afs_QueueVCB(avc, slept); ObtainWriteLock(&afs_xcbhash, 460); afs_DequeueCallback(avc); /* remove it from queued callbacks list */ avc->f.states &= ~(CStatd | CUnique); @@ -216,6 +214,9 @@ afs_FlushVCache(struct vcache *avc, int *slept) else osi_dnlc_purgevp(avc); + if (!afs_shuttingdown) + afs_QueueVCB(avc, slept); + /* * Next, keep track of which vnodes we've deleted for create's * optimistic synchronization algorithm -- 2.39.5