Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 4 Feb 1998 00:33:53 +0900 (JST)
From:      KATO Takenori <kato@migmatite.eps.nagoya-u.ac.jp>
To:        FreeBSD-gnats-submit@FreeBSD.ORG
Subject:   kern/5634: locking violation in umapfs
Message-ID:  <199802031533.AAA00403@marble.eps.nagoya-u.ac.jp>
next in thread | raw e-mail | index | archive | help 

>Number:         5634
>Category:       kern
>Synopsis:       locking violation in umapfs
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Feb  3 07:40:01 PST 1998
>Last-Modified:
>Originator:     KATO Takenori
>Organization:
Dept. Earth Planet. Sci, Nagoya Univ.
>Release:        FreeBSD 3.0-CURRENT i386
>Environment:

umapfs kernel

>Description:

The umap_node_find() calls vget at flags = 0.  This code assumes that
vget() does not lock vnode in it.  It is true in 4.4BSD-Lite2 but
vget() in FreeBSD may lock vnode in it.  Therefore, we should not
assume that vget() does not lock vnode.

>How-To-Repeat:

Using umapfs.

>Fix:
	
---------- BEGIN ----------
*** umap_subr.c.ORIG	Tue Feb  3 23:12:33 1998
--- umap_subr.c	Wed Feb  4 00:19:53 1998
***************
*** 143,148 ****
--- 143,150 ----
  	struct umap_node_hashhead *hd;
  	struct umap_node *a;
  	struct vnode *vp;
+ 	int	error;
+ 	int	vpunlocked;
  
  #ifdef UMAPFS_DIAGNOSTIC
  	printf("umap_node_find(mp = %x, target = %x)\n", mp, targetvp);
***************
*** 165,171 ****
  			 * stuff, but we don't want to lock
  			 * the lower node.
  			 */
! 			if (vget(vp, 0, p)) {
  #ifdef UMAPFS_DIAGNOSTIC
  				printf ("umap_node_find: vget failed.\n");
  #endif
--- 167,181 ----
  			 * stuff, but we don't want to lock
  			 * the lower node.
  			 */
! 			if (VOP_ISLOCKED(vp)) {
! 				VOP_UNLOCK(vp, 0, p);
! 				vpunlocked = 1;
! 			} else
! 				vpunlocked = 0;
! 			error = vget(vp, 0, p);
! 			if (vpunlocked)
! 				vn_lock(vp, LK_EXCLUSIVE|LK_RETRY, p);
! 			if (error) {
  #ifdef UMAPFS_DIAGNOSTIC
  				printf ("umap_node_find: vget failed.\n");
  #endif
---------- END ----------
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802031533.AAA00403>