Comment 84 for bug 769927

I can't for the life of me. find where the extra reference is being
picked up.

I agree that the fsnotify system probably has a lot to do with this
problem but I can't see why. The most obvious way to take fsnotify
out of this is to not go through the vfsmount setup for a mount
that essentially already exists. That avoids mntput() calling
fsnotify_unmount_inodes(). Alternately, we need to consult someone
with in-depth knowledge of the fsnotify system. Any ideas who that
might be?

Anyway, this amounts to using a mutex in ->d_automount() to
serialize calls to it and then calling d_mountpoint() on the
incoming path dentry after aquiring it and returning NULL if
it is true. This should be all that's needed since the mount
would be complete by the time we exit ->d_automount().

I also believe that the CIFS d_automount patch suffers the same
fault.