Page MenuHomeFreeBSD
Differential D51685

inotify: Avoid calling vrele() with a namecache mutex held
ClosedPublic
Actions

Authored by markj on Aug 1 2025, 6:23 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jan 30, 7:04 PM
Unknown Object (File)
Fri, Jan 30, 12:45 AM
Unknown Object (File)
Dec 27 2025, 7:30 AM
Unknown Object (File)
Dec 16 2025, 4:20 AM
Unknown Object (File)
Dec 16 2025, 4:20 AM
Unknown Object (File)
Dec 13 2025, 10:02 PM
Unknown Object (File)
Nov 15 2025, 9:24 PM
Unknown Object (File)
Nov 4 2025, 5:01 PM
View All 43 Files
Subscribers
imp
olce

Details

Reviewers
kib
Commits
rGc2230ad3b121: inotify: Avoid calling vrele() with a namecache mutex held
Summary

In cache_vop_inotify(), we call inotify_log() with a namecache hash lock
held. inotify_log() looks at all watches registered with the vnode to
see if any of them are interested in the event. In some cases, we have
to detach and free the watch after logging the event. This means we
must vrele() the watched vnode, and this must not be done while a
non-sleepable lock held.

Previously, I deferred the vrele() to until the inotify softc and vnode
pollinfo locks were dropped. However, this is not enough since we may
still be holding the aforementioned namecache lock. Go further and use
a taskqueue thread to release vnode references. Introduce a set of
detached watches, and queue a threaded task which releases the vnode
reference.

Reported by: syzbot+c128f121cb22df95559b@syzkaller.appspotmail.com
Fixes: f1f230439fa4 ("vfs: Initial revision of inotify")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj created this revision.Aug 1 2025, 6:23 PM
Herald added subscribers: olce, imp. · View Herald TranscriptAug 1 2025, 6:23 PM
markj requested review of this revision.Aug 1 2025, 6:23 PM
Harbormaster completed remote builds in B65903: Diff 159591.Aug 1 2025, 6:23 PM
kib added inline comments.Aug 1 2025, 7:20 PM
sys/kern/vfs_inotify.c
172

Why this needs to be tree and not e.g. just a list?

markj updated this revision to Diff 159594.Aug 1 2025, 8:01 PM
markj marked an inline comment as done.

Use tailq linkage instead.

Harbormaster completed remote builds in B65904: Diff 159594.Aug 1 2025, 8:01 PM
kib accepted this revision.Aug 1 2025, 8:04 PM
This revision is now accepted and ready to land.Aug 1 2025, 8:04 PM
Closed by commit rGc2230ad3b121: inotify: Avoid calling vrele() with a namecache mutex held (authored by markj). · Explain WhyAug 1 2025, 9:57 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rGc2230ad3b121: inotify: Avoid calling vrele() with a namecache mutex held.

Revision Contents
Changeset List

PathSize
sys/
kern/
71 lines

Diff 159604

View Options

sys/kern/vfs_inotify.c

Loading...