Date: Wed, 25 Oct 2017 01:07:45 +0000 (UTC) From: Mark Johnston <markj@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r324967 - stable/11/sys/kern Message-ID: <201710250107.v9P17jWq059175@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: markj Date: Wed Oct 25 01:07:45 2017 New Revision: 324967 URL: https://svnweb.freebsd.org/changeset/base/324967 Log: MFC r324704: Fix a racy VI_DOOMED check in MNT_VNODE_FOREACH_ALL(). Modified: stable/11/sys/kern/vfs_subr.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/kern/vfs_subr.c ============================================================================== --- stable/11/sys/kern/vfs_subr.c Wed Oct 25 01:07:12 2017 (r324966) +++ stable/11/sys/kern/vfs_subr.c Wed Oct 25 01:07:45 2017 (r324967) @@ -5201,12 +5201,18 @@ __mnt_vnode_next_all(struct vnode **mvp, struct mount kern_yield(PRI_USER); MNT_ILOCK(mp); KASSERT((*mvp)->v_mount == mp, ("marker vnode mount list mismatch")); - vp = TAILQ_NEXT(*mvp, v_nmntvnodes); - while (vp != NULL && (vp->v_type == VMARKER || - (vp->v_iflag & VI_DOOMED) != 0)) - vp = TAILQ_NEXT(vp, v_nmntvnodes); - - /* Check if we are done */ + for (vp = TAILQ_NEXT(*mvp, v_nmntvnodes); vp != NULL; + vp = TAILQ_NEXT(vp, v_nmntvnodes)) { + /* Allow a racy peek at VI_DOOMED to save a lock acquisition. */ + if (vp->v_type == VMARKER || (vp->v_iflag & VI_DOOMED) != 0) + continue; + VI_LOCK(vp); + if ((vp->v_iflag & VI_DOOMED) != 0) { + VI_UNLOCK(vp); + continue; + } + break; + } if (vp == NULL) { __mnt_vnode_markerfree_all(mvp, mp); /* MNT_IUNLOCK(mp); -- done in above function */ @@ -5215,7 +5221,6 @@ __mnt_vnode_next_all(struct vnode **mvp, struct mount } TAILQ_REMOVE(&mp->mnt_nvnodelist, *mvp, v_nmntvnodes); TAILQ_INSERT_AFTER(&mp->mnt_nvnodelist, vp, *mvp, v_nmntvnodes); - VI_LOCK(vp); MNT_IUNLOCK(mp); return (vp); } @@ -5228,14 +5233,20 @@ __mnt_vnode_first_all(struct vnode **mvp, struct mount *mvp = malloc(sizeof(struct vnode), M_VNODE_MARKER, M_WAITOK | M_ZERO); MNT_ILOCK(mp); MNT_REF(mp); + (*mvp)->v_mount = mp; (*mvp)->v_type = VMARKER; - vp = TAILQ_FIRST(&mp->mnt_nvnodelist); - while (vp != NULL && (vp->v_type == VMARKER || - (vp->v_iflag & VI_DOOMED) != 0)) - vp = TAILQ_NEXT(vp, v_nmntvnodes); - - /* Check if we are done */ + TAILQ_FOREACH(vp, &mp->mnt_nvnodelist, v_nmntvnodes) { + /* Allow a racy peek at VI_DOOMED to save a lock acquisition. */ + if (vp->v_type == VMARKER || (vp->v_iflag & VI_DOOMED) != 0) + continue; + VI_LOCK(vp); + if ((vp->v_iflag & VI_DOOMED) != 0) { + VI_UNLOCK(vp); + continue; + } + break; + } if (vp == NULL) { MNT_REL(mp); MNT_IUNLOCK(mp); @@ -5243,13 +5254,10 @@ __mnt_vnode_first_all(struct vnode **mvp, struct mount *mvp = NULL; return (NULL); } - (*mvp)->v_mount = mp; TAILQ_INSERT_AFTER(&mp->mnt_nvnodelist, vp, *mvp, v_nmntvnodes); - VI_LOCK(vp); MNT_IUNLOCK(mp); return (vp); } - void __mnt_vnode_markerfree_all(struct vnode **mvp, struct mount *mp)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201710250107.v9P17jWq059175>