Kernel - Fix double-unlock in nlookupdotdot

* Fix double-unlock assertion in the compat nlookupdotdot code

* This code is basically only triggered when a machine is acting as a NFS
  server when serving out a UFS mount (since HAMMER has its own).  Only
  NFS servers can access directories not connected through to the root
  via the namecache hierarchy and those are the only situations where
  nlookupdotdot is actually used.  ".." is normally handled directly by
  the namecache.

diff --git a/sys/kern/vfs_default.c b/sys/kern/vfs_default.c
index baa3888..68bc7aa 100644 (file)
--- a/sys/kern/vfs_default.c
+++ b/sys/kern/vfs_default.c
@@ -292,10 +292,11 @@ vop_compat_nlookupdotdot(struct vop_nlookupdotdot_args *ap)
        /*
         * vop_old_lookup() always returns vp locked.  dvp may or may not be
         * left locked depending on CNP_PDIRUNLOCK.
+        *
+        * (*vpp) will be returned locked if no error occured, which is the
+        * state we want.
         */
        error = vop_old_lookup(ap->a_head.a_ops, ap->a_dvp, ap->a_vpp, &cnp);
-       if (error == 0)
-               vn_unlock(*ap->a_vpp);
        if (cnp.cn_flags & CNP_PDIRUNLOCK)
                vrele(ap->a_dvp);
        else