cvs commit: src/sys/kern vfs_cache.c
David O'Brien
obrien at FreeBSD.org
Fri Jun 17 06:49:27 GMT 2005
On Fri, Jun 17, 2005 at 01:05:13AM +0000, Jeff Roberson wrote:
> Log:
> - Fix a leaked reference to a vnode via v_dd. We rely on cache_purge() and
> cache_zap() to clear the v_dd pointers when a directory vnode is forcibly
> discarded. For this to work, all vnodes with v_dd pointers to a directory
> must also have name cache entries linked via v_cache_dst to that dvp
> otherwise we could not find them at cache_purge() time. The following
> code snipit could break this guarantee by unlinking a directory before
> fetching it's dotdot. The dotdot lookup would initialize the v_dd field
> of the unlinked directory which could never be cleared. To fix this
> we don't initialize v_dd for orphaned vnodes.
> printf("rmdir: %d\n", rmdir("../foo")); /* foo is cwd */
> printf("chdir: %d\n", chdir(".."));
> printf("%s\n", getwd(NULL));
>
> Discovered by: kkenn
Isn't this the same bug Peter discovered back in April at USENIX (via
Kmail). I thought this bug was fixed.
--
-- David (obrien at FreeBSD.org)
More information about the cvs-src
mailing list