Date: Thu, 20 Dec 2001 21:28:06 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: freebsd-stable@freebsd.org Cc: Kirk McKusick <mckusick@mckusick.com> Subject: Proposed FFS fix in filesystem syncing code Message-ID: <200112210528.fBL5S6J84860@apollo.backplane.com>
next in thread | raw e-mail | index | archive | help
Another program Jordan forwarded to me located another filesystem
bug. This one normally wouldn't occur too often. It happens when
the filesystem syncing code is updating a VCHR vnode/inode. The
vnode can get ripped out from under the ffs_update() code because
the sync code doesn't lock or reference the vnode while running
UFS_UPDATE() on it.
I believe the below is a reasonable fix. Comments?
(I've asked Jordan whether posting the source to this second
filesystem stress tester is ok).
-Matt
Index: ffs/ffs_vfsops.c
===================================================================
RCS file: /home/ncvs/src/sys/ufs/ffs/ffs_vfsops.c,v
retrieving revision 1.117.2.6
diff -u -r1.117.2.6 ffs_vfsops.c
--- ffs/ffs_vfsops.c 3 Nov 2001 19:59:28 -0000 1.117.2.6
+++ ffs/ffs_vfsops.c 21 Dec 2001 05:19:11 -0000
@@ -1002,9 +1002,17 @@
simple_lock(&mntvnode_slock);
}
} else {
+ /*
+ * We must reference the vp to prevent it from
+ * getting ripped out from under UFS_UPDATE, since
+ * we are not holding a vnode lock. XXX why aren't
+ * we holding a vnode lock?
+ */
+ VREF(vp);
simple_unlock(&mntvnode_slock);
/* UFS_UPDATE(vp, waitfor == MNT_WAIT); */
UFS_UPDATE(vp, 0);
+ vrele(vp);
simple_lock(&mntvnode_slock);
}
if (TAILQ_NEXT(vp, v_nmntvnodes) != nvp)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112210528.fBL5S6J84860>