Page MenuHomeFreeBSD
Differential D20304

NDFREE(): Fix unlocking for LOCKPARENT|LOCKLEAF and ndp->ni_dvp == ndp->ni_vp
ClosedPublic
Actions

Authored by kib on May 18 2019, 5:57 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Nov 8, 12:39 AM
Unknown Object (File)
Oct 14 2024, 2:51 PM
Unknown Object (File)
Oct 6 2024, 4:50 PM
Unknown Object (File)
Sep 19 2024, 6:01 AM
Unknown Object (File)
Sep 7 2024, 2:05 PM
Unknown Object (File)
Sep 7 2024, 4:32 AM
Unknown Object (File)
Sep 1 2024, 10:35 PM
Unknown Object (File)
Aug 18 2024, 9:25 AM
View All 21 Files
Subscribers
imp
pho

Details

Reviewers
markj
mckusick
Commits
rS348052: NDFREE(): Fix unlocking for LOCKPARENT|LOCKLEAF and ndp->ni_dvp == ndp->ni_vp.
Summary

NDFREE() calculates unlock_dvp after ndp->ni_vp is unlocked and zeroed out. This makes the comparision of ni_dvp with ni_vp always fail.

Move the calculation of unlock_dvp right after unlock_vp, so that the code sees correct ni_vp value.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib created this revision.May 18 2019, 5:57 PM
Herald added a subscriber: imp. · View Herald TranscriptMay 18 2019, 5:57 PM
Harbormaster completed remote builds in B24301: Diff 57532.May 18 2019, 5:57 PM
markj added a comment.May 18 2019, 6:04 PM

So if ni_dvp == ni_vp, does the caller hold two references on vp or one? It was not clear to me from some quick reading of the code.

kib added a reviewer: mckusick.May 18 2019, 6:04 PM
kib added a comment.May 18 2019, 6:15 PM
In D20304#437658, @markj wrote:

So if ni_dvp == ni_vp, does the caller hold two references on vp or one? It was not clear to me from some quick reading of the code.

dvp == vp means that this was either dot lookup, or dotdot with vp == rootvp. For dotdot case, lookup() itself does the following:

				ndp->ni_dvp = dp;
				ndp->ni_vp = dp;
				VREF(dp);

for the root directory case (also chroot, jail pseudo-roots).

For UFS, ufs_lookup() takes a reference on the dvp directly in case of dot, see ufs_lookup().

So vp holds two references, but In either case, the code does not recurse on lock.

markj accepted this revision.May 18 2019, 9:51 PM
This revision is now accepted and ready to land.May 18 2019, 9:51 PM
mckusick accepted this revision.May 20 2019, 9:44 PM

This change looks correct to me.

pho added a comment.May 21 2019, 11:54 AM

I reproduced the problem and verified that the patch fixes it.
I ran all of the stress2 tests on both amd64 and i386.
No problems seen.

Closed by commit rS348052: NDFREE(): Fix unlocking for LOCKPARENT|LOCKLEAF and ndp->ni_dvp == ndp->ni_vp. (authored by kib). · Explain WhyMay 21 2019, 3:12 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
8 lines

Diff 57634

View Options

head/sys/kern/vfs_lookup.c

Loading...