On 16 May, Terry Lambert wrote: > > > Don Lewis wrote: >> >> There are a few problems in the fifo_open() and fifo_close() >> implementations. >> >> fifo_open() calls VOP_CLOSE() with the vnode locked, whereas >> VOP_CLOSE() should be called with the vnode unlocked. > > This is actually pretty bogus. All VOP's, except those that > return (locked) vnodes, or dispose (locked) vnodes that are > managed by the FS itself, should have locked vnodes. There's > a nasty race condition that occurs because of the VOP_CLOSE() > being called without the vnode locked. It does look like v_writecount is somewhat inconsistently locked. The comment in <sys/vnode.h> indicates that it should be protected by the vnode lock, but some of the INVARIANTS, DIAGNOSTIC, and KASSERT code protects it with the vnode interlock, and vn_close() totally fails to protect the manipulation of v_writecount. I'd toss in calls to vn_lock() and VOP_UNLOCK(), but it looks like while most callers of vn_close() call it with the vnode locked, not all do. I'm not feeling ambitious enough to track them all down.Received on Fri May 16 2003 - 22:27:57 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:08 UTC