Jaromir Dolecek wrote:
> enami tsugutomo wrote:
> > fd_getfile() in procfs_readdir() is suspicious.
> 
> Yeah, that's the bug. The call misses FILE_USE()/FILE_UNUSE()
> which are mandatory after recent descriptor simplelock changes.

Following patch should fix the problem:

Index: procfs_vnops.c
===================================================================
RCS file: /cvsroot/src/sys/miscfs/procfs/procfs_vnops.c,v
retrieving revision 1.110
diff -u -p -r1.110 procfs_vnops.c
--- procfs_vnops.c	30 Oct 2003 01:58:18 -0000	1.110
+++ procfs_vnops.c	15 Feb 2004 10:58:14 -0000
@@ -1091,6 +1091,7 @@ procfs_readdir(v)
 	case PFSfd: {
 		struct proc *p;
 		struct filedesc	*fdp;
+		struct file *fp;
 		int lim, nc = 0;
 
 		p = PFIND(pfs->pfs_pid);
@@ -1128,8 +1129,12 @@ procfs_readdir(v)
 			break;
 		}
 		for (; uio->uio_resid >= UIO_MX && i < fdp->fd_nfiles; i++) {
-			if (fd_getfile(fdp, i - 2) == NULL)
+			/* check the descriptor exists */
+			if ((fp = fd_getfile(fdp, i - 2)) == NULL)
 				continue;
+			FILE_USE(fp);
+			FILE_UNUSE(fp, p);
+			
 			d.d_fileno = PROCFS_FILENO(pfs->pfs_pid, PFSfd, i - 2);
 			d.d_namlen = snprintf(d.d_name, sizeof(d.d_name),
 			    "%lld", (long long)(i - 2));
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>            http://www.NetBSD.cz/
-=- We should be mindful of the potential goal, but as the Buddhist -=-
-=- masters say, ``You may notice during meditation that you        -=-
-=- sometimes levitate or glow.   Do not let this distract you.''   -=-