Module Name: src
Committed By: riastradh
Date: Thu Aug 11 12:52:24 UTC 2022
Modified Files:
src/sys/miscfs/specfs: spec_vnops.c
Log Message:
specfs: Sprinkle opencnt/opened/closing assertions.
There seems to be a bug here but I'm not sure what it is yet:
https://mail-index.netbsd.org/current-users/2022/08/09/msg042800.html
https://syzkaller.appspot.com/bug?id=47c67ab6d3a87514d0707882a9ad6671beaa8642
The decision to actually invoke d_close is serialized under
device_lock, so it should not be possible for more than one process
to close at the same time, but syzbot and kre found a way for
sd_closing to be false later in spec_close. Let's make sure it's
false when we're making what should be the exclusive decision to
close.
We can't assert !sd_opened before cancel and spec_io_drain, because
those are necessary to interrupt and wait for pending opens that
might later set sd_opened, but we can assert !sd_opened afterward
because once sd_closing is true nothing should set sd_opened.
To generate a diff of this commit:
cvs rdiff -u -r1.210 -r1.211 src/sys/miscfs/specfs/spec_vnops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
