CFR: fifo_open()/fifo_close() patch
Don Lewis
truckman at FreeBSD.org
Sat May 17 00:27:57 PDT 2003
On 16 May, Terry Lambert wrote:
>
>
> Don Lewis wrote:
>>
>> There are a few problems in the fifo_open() and fifo_close()
>> implementations.
>>
>> fifo_open() calls VOP_CLOSE() with the vnode locked, whereas
>> VOP_CLOSE() should be called with the vnode unlocked.
>
> This is actually pretty bogus. All VOP's, except those that
> return (locked) vnodes, or dispose (locked) vnodes that are
> managed by the FS itself, should have locked vnodes. There's
> a nasty race condition that occurs because of the VOP_CLOSE()
> being called without the vnode locked.
It does look like v_writecount is somewhat inconsistently locked. The
comment in <sys/vnode.h> indicates that it should be protected by the
vnode lock, but some of the INVARIANTS, DIAGNOSTIC, and KASSERT code
protects it with the vnode interlock, and vn_close() totally fails to
protect the manipulation of v_writecount.
I'd toss in calls to vn_lock() and VOP_UNLOCK(), but it looks like while
most callers of vn_close() call it with the vnode locked, not all do.
I'm not feeling ambitious enough to track them all down.
More information about the freebsd-current
mailing list