From 76c0caa79a73aa9c086fbd05fde6d3a68c6be364 Mon Sep 17 00:00:00 2001
From: "Raphael S. Carvalho" <raphaelsc@cloudius-systems.com>
Date: Thu, 16 Jan 2014 19:58:23 -0200
Subject: [PATCH] zfs: Fix znode reference count leaks

The zfs_remove() function calls zfs_dirent_lock, which in turn calls
zfs_zget() which bumps up the underlying znode reference count once.

However, neither zfs_remove() or zfs_rmdir() release the reference count
after using it. This prevents zfs_zinactive() which is used to destroy
the znode object from working properly. Another consequence is that each
znode holds a reference to the underlying mount point, keeping it busy
for unmount.

Fix the znode refcnt by calling zfs_zinactive after znode usage.

Reviewed-by: Glauber Costa <glommer@cloudius-systems.com>
Signed-off-by: Raphael S. Carvalho <raphaelsc@cloudius-systems.com>
Signed-off-by: Pekka Enberg <penberg@cloudius-systems.com>
---
 .../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c    | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bsd/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c b/bsd/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
index dc9eebaf4..30439def3 100644
--- a/bsd/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
+++ b/bsd/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
@@ -1436,6 +1436,8 @@ top:
 		zfs_unlinked_add(zp, tx);
 	}
 
+	zfs_zinactive(zp);
+
 	txtype = TX_REMOVE;
 	zfs_log_remove(zilog, tx, txtype, dzp, name, obj);
 
@@ -1700,6 +1702,8 @@ top:
 out:
 	zfs_dirent_unlock(dl);
 
+	zfs_zinactive(zp);
+
 	if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
 		zil_commit(zilog, 0);
 
-- 
GitLab