From nobody Fri Aug 27 13:48:38 2021
X-Original-To: freebsd-fs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 314A41775608
	for <freebsd-fs@mlmmj.nyi.freebsd.org>; Fri, 27 Aug 2021 13:48:48 +0000 (UTC)
	(envelope-from alexander.lochmann@tu-dortmund.de)
Received: from unimail.uni-dortmund.de (mx1.hrz.uni-dortmund.de [129.217.128.51])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "unimail.tu-dortmund.de", Issuer "DFN-Verein Global Issuing CA" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Gx1Jv0s48z4b91
	for <freebsd-fs@freebsd.org>; Fri, 27 Aug 2021 13:48:46 +0000 (UTC)
	(envelope-from alexander.lochmann@tu-dortmund.de)
Received: from [192.168.111.102] (p4fd978e7.dip0.t-ipconnect.de [79.217.120.231])
	(authenticated bits=0)
	by unimail.uni-dortmund.de (8.17.1/8.17.1) with ESMTPSA id 17RDmdTT004507
	(version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NOT);
	Fri, 27 Aug 2021 15:48:39 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tu-dortmund.de;
	s=unimail; t=1630072119;
	bh=75DaACqcNNYaVnvlddk0zWV6VzVRUrzyaIdBx1kvTyc=;
	h=From:To:Cc:Subject:Date;
	b=igLWZHJW9C8mzoPcSfmt2gSrV66Zi3KM/0rn7soZqjc4C4yxYiGo02F3WiLWS4uj5
	 WIRpMGM83HxttcyfmDKSoyv3eBnq9e3p6/bHfmraqqlevwV5DJpEkIP3yCXNkWDypo
	 QZoBq55J5mY+6NSVa1zITWm+Vy5SGB/OarPOYUE4=
From: Alexander Lochmann <alexander.lochmann@tu-dortmund.de>
To: freebsd-fs <freebsd-fs@freebsd.org>,
        Konstantin Belousov <kostikbel@gmail.com>
Cc: Horst Schirmeier <horst@schirmeier.de>
Subject: Various unprotected accesses to buf and vnode
Message-ID: <55f3661e-2173-793e-4834-bbcd79d3d99e@tu-dortmund.de>
Date: Fri, 27 Aug 2021 15:48:38 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.13.0
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-fs
List-Help: <mailto:freebsd-fs+help@freebsd.org>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Subscribe: <mailto:freebsd-fs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-fs+unsubscribe@freebsd.org>
Sender: owner-freebsd-fs@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 4Gx1Jv0s48z4b91
X-Spamd-Bar: -----
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=tu-dortmund.de header.s=unimail header.b=igLWZHJW;
	dmarc=none;
	spf=pass (mx1.freebsd.org: domain of alexander.lochmann@tu-dortmund.de designates 129.217.128.51 as permitted sender) smtp.mailfrom=alexander.lochmann@tu-dortmund.de
X-Spamd-Result: default: False [-5.20 / 15.00];
	 RCVD_VIA_SMTP_AUTH(0.00)[];
	 RWL_MAILSPIKE_GOOD(0.00)[129.217.128.51:from];
	 R_SPF_ALLOW(-0.20)[+ip4:129.217.128.0/24];
	 RCVD_DKIM_ARC_DNSWL_MED(-0.50)[];
	 TO_DN_ALL(0.00)[];
	 RCVD_IN_DNSWL_MED(-0.20)[129.217.128.51:from];
	 DKIM_TRACE(0.00)[tu-dortmund.de:+];
	 NEURAL_HAM_SHORT(-1.00)[-1.000];
	 FREEMAIL_TO(0.00)[freebsd.org,gmail.com];
	 FROM_EQ_ENVFROM(0.00)[];
	 MIME_TRACE(0.00)[0:+];
	 ASN(0.00)[asn:680, ipnet:129.217.0.0/16, country:DE];
	 MID_RHS_MATCH_FROM(0.00)[];
	 RECEIVED_SPAMHAUS_PBL(0.00)[79.217.120.231:received];
	 ARC_NA(0.00)[];
	 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	 R_DKIM_ALLOW(-0.20)[tu-dortmund.de:s=unimail];
	 FROM_HAS_DN(0.00)[];
	 RCPT_COUNT_THREE(0.00)[3];
	 NEURAL_HAM_LONG(-1.00)[-1.000];
	 MIME_GOOD(-0.10)[text/plain];
	 DMARC_NA(0.00)[tu-dortmund.de];
	 DWL_DNSWL_LOW(-1.00)[tu-dortmund.de:dkim];
	 TO_MATCH_ENVRCPT_SOME(0.00)[];
	 RCVD_COUNT_TWO(0.00)[2];
	 RCVD_TLS_ALL(0.00)[]
X-ThisMailContainsUnwantedMimeParts: N

Hi folks,

I'm still analyzing our LockDoc (lock analysis) data for FreeBSD. I came 
across accesses that do not adhere to the locking documentation. I 
cannot tell whether these accesses are made deliberately without locks 
or not.
I listed them below.

Can you please shed some light on those cases?

Thx and regards,
Alex

- Write to buf.b_error without buf.b_lock:
https://github.com/freebsd/freebsd-src/blob/main/sys/kern/vfs_vnops.c#L2846

- Read of buf.b_blkno in cluster_write():
According to the documentation b_lock is needed.
Is b_blkno maybe a read-only element of struct buf?

- Read of buf.b_flags, buf.b_xflags and buf.b_vp:
https://github.com/freebsd/freebsd-src/blob/main/sys/kern/vfs_subr.c#L2351
Are those reads innocent races?
According to our data, buf.b_lock is not acquired.

- Write to vnode.v_bufobj.bo_object:
https://github.com/freebsd/freebsd-src/blob/main/sys/vm/vnode_pager.c#L291
According to the documentation, '[...] the vnode lock which embeds the 
bufobj' is needed. However, interlock is taken in line 276.
Is the interlock equivalent to the vnode lock?
(I assume 'the vnode lock' refers to vnode.v_lock.)

- Is buf.b_bufobj a read-only element?

-- 
Technische Universität Dortmund
Alexander Lochmann                PGP key: 0xBC3EF6FD
Otto-Hahn-Str. 16                 phone:  +49.231.7556141
D-44227 Dortmund                  fax:    +49.231.7556116
http://ess.cs.tu-dortmund.de/Staff/al