Date: Sat, 13 Sep 2025 07:13:30 GMT From: Mateusz Guzik <mjg@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 63bd2416ccd9 - main - vfs: denote a bug when dooming vnodes with custom locking primitives Message-ID: <202509130713.58D7DUAJ091535@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by mjg: URL: https://cgit.FreeBSD.org/src/commit/?id=63bd2416ccd9c644b3dc557120bcccea6f7592af commit 63bd2416ccd9c644b3dc557120bcccea6f7592af Author: Mateusz Guzik <mjg@FreeBSD.org> AuthorDate: 2025-09-13 07:11:30 +0000 Commit: Mateusz Guzik <mjg@FreeBSD.org> CommitDate: 2025-09-13 07:11:30 +0000 vfs: denote a bug when dooming vnodes with custom locking primitives See the added comment. The entire notion of how vnodes are doomed needs to be reworked, but the bare minimum would be to have filesystems provide ops for doomed nodes and keep ->v_data around at least until they are done with it. --- sys/kern/vfs_subr.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index 57732ddab7d9..f86bda2aa6f0 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -4507,6 +4507,17 @@ vgonel(struct vnode *vp) /* * Done with purge, reset to the standard lock and invalidate * the vnode. + * + * FIXME: this is buggy for vnode ops with custom locking primitives. + * + * vget used to be gated with a special flag serializing it against vgone, + * which got lost in the process of SMP-ifying the VFS layer. + * + * Suppose a custom locking routine references ->v_data. + * + * Since now it is possible to start executing it as vgone is + * progressing, this very well may crash as ->v_data gets invalidated + * and memory used to back it is freed. */ vp->v_vnlock = &vp->v_lock; vp->v_op = &dead_vnodeops;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202509130713.58D7DUAJ091535>