From 93f9c397a22b6fa4ad0bf5b0c497380732b60165 Mon Sep 17 00:00:00 2001 From: Andrew Deason Date: Fri, 18 May 2012 17:40:38 -0400 Subject: [PATCH] afs: Do not QueueVCB before osi_dnlc_purge* In afs_FlushVCache, when we QueueVCB, we might drop the afs_xvcache lock (as of 76158df491f47de56d1febe1d1d2d17d316c9a74). The vcache may still be on the DNLC, so a lookup while xvcache is dropped can cause someone else to grab a reference to the vcache while it is being flushed. This can cause panics and failed assertions, since someone will have a reference to the flushed vcache, which is effectively freed and many of the structure fields are no longer valid. So instead, do not call QueueVCB until we have purged the vcache from the DNLC. Reviewed-on: http://gerrit.openafs.org/7430 Tested-by: BuildBot Reviewed-by: Derrick Brashear (cherry picked from commit 0e81db38b549d79a3af5fce0f9f8fa48d9e6efeb) Change-Id: Idabad9076c6c36bede3faf459abb940aae5a975c Reviewed-on: http://gerrit.openafs.org/7502 Tested-by: BuildBot Reviewed-by: Derrick Brashear --- src/afs/afs_vcache.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/afs/afs_vcache.c b/src/afs/afs_vcache.c index be668aa06..d8e4cdebb 100644 --- a/src/afs/afs_vcache.c +++ b/src/afs/afs_vcache.c @@ -205,8 +205,6 @@ afs_FlushVCache(struct vcache *avc, int *slept) vn_reinit(AFSTOV(avc)); #endif afs_FreeAllAxs(&(avc->Access)); - if (!afs_shuttingdown) - afs_QueueVCB(avc, slept); ObtainWriteLock(&afs_xcbhash, 460); afs_DequeueCallback(avc); /* remove it from queued callbacks list */ avc->f.states &= ~(CStatd | CUnique); @@ -216,6 +214,9 @@ afs_FlushVCache(struct vcache *avc, int *slept) else osi_dnlc_purgevp(avc); + if (!afs_shuttingdown) + afs_QueueVCB(avc, slept); + /* * Next, keep track of which vnodes we've deleted for create's * optimistic synchronization algorithm -- 2.39.5