kern/117716: Remount can corrupt filesystems and lock them mounted

Matthew D. Fuller fullermd at over-yonder.net
Wed Oct 31 05:40:04 PDT 2007 

>Number:         117716
>Category:       kern
>Synopsis:       Remount can corrupt filesystems and lock them mounted
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 31 12:40:03 UTC 2007
>Closed-Date:
>Last-Modified:
>Originator:     Matthew D. Fuller
>Release:        FreeBSD 8.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD mortis.sighup.org 8.0-CURRENT FreeBSD 8.0-CURRENT #0: Sat Oct 27 12:13:10 CDT 2007 root at mortis.sighup.org:/usr/ports/KERNELOBJ/sys/MORTIS i386


	
>Description:
	Attempting to remount a filesystem fails to flush its outstanding
	buffers, and spews out errors like
		 softdep_waitidle: Failed to flush worklist for 0xc3b60d0c

	Once this occurs the filesystem can't be re-mounted, can't be
	umount'd, and can't be umount -f'd.  Any attempt to do so will elicit
	a repeat of the softdep_waitidle message.  Reboot won't cleanly
	unmount it either.  Post-reboot fscking turns up a lot of errors.

	Using umount instead of mount -u doesn't provoke it (or at least,
	does so MUCH less often; mount -u does it reliably).  If filesystem
	is made without softupdates, it also doesn't occur.

	This has been going on for at least a year in -CURRENT, and so it's
	probably in RELENG_7 too.  See previous reports like
	<http://lists.freebsd.org/pipermail/freebsd-current/2007-February/069178.html>

>How-To-Repeat:

	NOTE: Running this script will produce a mounted filesystem on /mnt
	that can't be gotten rid of without rebooting.  No additional
	instability has ever been observed from this, but be warned.

#!/bin/sh -ex

# Make file
rm -f /tmp/fs
dd if=/dev/zero of=/tmp/fs bs=1m count=20

# Make vnode
mdconfig -a -t vnode -f /tmp/fs -u 10

# Make the filesystem
newfs -U /dev/md10

# Mount
mount /dev/md10 /mnt

# Make the big tree
mtree -deU -f /etc/mtree/BSD.usr.dist -p /mnt/ >> /dev/null

# Sync up
sync ; sync ; sync

# Now blow it away
rm -rf /mnt/*

# This works...
#umount /mnt

# But this doesn't
mount -u -o ro /mnt
# BOOM.

>Fix:

	


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list