nullfs: vop_rename: fdvp is locked but should not be
Kostik Belousov
kostikbel at gmail.com
Tue Jun 1 14:07:27 UTC 2010
On Tue, Jun 01, 2010 at 04:57:57PM +0300, Mikolaj Golub wrote:
> Hi,
>
> Having a kernel compiled with DEBUG_VFS_LOCKS and doing something like below:
>
> mount -t nullfs /tmp/1 /tmp/2
> mv /tmp/1/test.file /tmp/2/
cp /tmp/1/test.file /tmp/2/test.file is even more spectacular, but is
the different story.
>
> I have a panic (checked on 8-STABLE and CURRENT):
>
> vop_rename: fdvp locked: 0xc70c82b0 is locked but should not be
> KDB: enter: lock violation
>
> (kgdb) bt
> #0 doadump () at pcpu.h:246
> #1 0xc04ed519 in db_fncall (dummy1=1, dummy2=0, dummy3=-1056863104, dummy4=0xe858a8d4 "")
> at /usr/src/sys/ddb/db_command.c:548
> #2 0xc04ed911 in db_command (last_cmdp=0xc0e195dc, cmd_table=0x0, dopager=1)
> at /usr/src/sys/ddb/db_command.c:445
> #3 0xc04eda6a in db_command_loop () at /usr/src/sys/ddb/db_command.c:498
> #4 0xc04ef90d in db_trap (type=3, code=0) at /usr/src/sys/ddb/db_main.c:229
> #5 0xc08e9f66 in kdb_trap (type=3, code=0, tf=0xe858aa7c) at /usr/src/sys/kern/subr_kdb.c:535
> #6 0xc0bfcc3b in trap (frame=0xe858aa7c) at /usr/src/sys/i386/i386/trap.c:690
> #7 0xc0bddffb in calltrap () at /usr/src/sys/i386/i386/exception.s:165
> #8 0xc08ea0ea in kdb_enter (why=0xc0ce2dbf "vfslock", msg=0xc0ce2db0 "lock violation") at cpufunc.h:71
> #9 0xc094a881 in vfs_badlock (msg=0xc0ce2ddc "is locked but should not be",
> str=0xc0ce38b9 "vop_rename: fdvp locked", vp=0xc70c82b0) at /usr/src/sys/kern/vfs_subr.c:3701
> #10 0xc094e4f5 in assert_vop_unlocked (vp=0xc70c82b0, str=0xc0ce38b9 "vop_rename: fdvp locked")
> at /usr/src/sys/kern/vfs_subr.c:3733
> #11 0xc094e7d7 in vop_rename_pre (ap=0xe858ac1c) at /usr/src/sys/kern/vfs_subr.c:3792
> #12 0xc0c16a46 in VOP_RENAME_APV (vop=0xc0df8960, a=0xe858ac1c) at vnode_if.c:1472
> #13 0xc0956d47 in kern_renameat (td=0xc6596a00, oldfd=-100,
> old=0xbfbfe953 <Address 0xbfbfe953 out of bounds>, newfd=-100,
> new=0xbfbfe968 <Address 0xbfbfe968 out of bounds>, pathseg=UIO_USERSPACE) at vnode_if.h:636
> #14 0xc0956ef6 in kern_rename (td=0xc6596a00, from=0xbfbfe953 <Address 0xbfbfe953 out of bounds>,
> to=0xbfbfe968 <Address 0xbfbfe968 out of bounds>, pathseg=UIO_USERSPACE)
> at /usr/src/sys/kern/vfs_syscalls.c:3569
> #15 0xc0956f29 in rename (td=0xc6596a00, uap=0xe858acf8) at /usr/src/sys/kern/vfs_syscalls.c:3546
> #16 0xc0bfc370 in syscall (frame=0xe858ad38) at /usr/src/sys/i386/i386/trap.c:1111
> #17 0xc0bde090 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:261
> #18 0x00000033 in ?? ()
> Previous frame inner to this frame (corrupt stack?)
> (kgdb) fr 11
> #11 0xc094e7d7 in vop_rename_pre (ap=0xe858ac1c) at /usr/src/sys/kern/vfs_subr.c:3792
> 3792 ASSERT_VOP_UNLOCKED(a->a_fdvp, "vop_rename: fdvp locked");
> (kgdb) list
> 3787 ASSERT_VI_UNLOCKED(a->a_fvp, "VOP_RENAME");
> 3788 ASSERT_VI_UNLOCKED(a->a_fdvp, "VOP_RENAME");
> 3789
> 3790 /* Check the source (from). */
> 3791 if (a->a_tdvp != a->a_fdvp && a->a_tvp != a->a_fdvp)
> 3792 ASSERT_VOP_UNLOCKED(a->a_fdvp, "vop_rename: fdvp locked");
> 3793 if (a->a_tvp != a->a_fvp)
> 3794 ASSERT_VOP_UNLOCKED(a->a_fvp, "vop_rename: fvp locked");
> 3795
> 3796 /* Check the target. */
>
> On kernels without DEBUG_VFS_LOCKS it looks like mv does not cause any
> problems, although the behavior differs from moving the file to itself on ufs:
> on ufs the file remains unchanged, while when moving like in the example above
> the file disappears.
>
> So, do we have false ASSERT here and additional check should be performed
> before calling ASSERT_VOP_UNLOCKED(), e.g. checking that
>
> ((struct null_node*)(a->a_fdvp->v_data))->null_lowervp != a->a_fdvp?
>
> Is this worth adding such check?
I am curious to look at the final patch. Note that you proposing to add
fs-specific check to vfs_subr.c. Checking that the the vnode locks are
different instead of that vnodes itself are different might be better
approach for vop_rename_pre.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-fs/attachments/20100601/650408bb/attachment.pgp
More information about the freebsd-fs
mailing list