From owner-freebsd-current@FreeBSD.ORG Wed Aug 6 18:15:23 2014 Return-Path: Delivered-To: current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 20724447; Wed, 6 Aug 2014 18:15:23 +0000 (UTC) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B6CB22162; Wed, 6 Aug 2014 18:15:22 +0000 (UTC) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.14.9/8.14.9) with ESMTP id s76IFD8b099801 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 6 Aug 2014 21:15:13 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.9.2 kib.kiev.ua s76IFD8b099801 Received: (from kostik@localhost) by tom.home (8.14.9/8.14.9/Submit) id s76IFDMi099800; Wed, 6 Aug 2014 21:15:13 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Wed, 6 Aug 2014 21:15:12 +0300 From: Konstantin Belousov To: Bryan Drewery Subject: Re: r269147: NULL mp in getnewvnode() via kern_proc_filedesc_out() Message-ID: <20140806181512.GK93733@kib.kiev.ua> References: <53E1975D.4010703@FreeBSD.org> <20140806031932.GE93733@kib.kiev.ua> <53E1A76A.1070400@FreeBSD.org> <53E26A6C.4000806@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="AhgEPFSZK1ORRBO1" Content-Disposition: inline In-Reply-To: <53E26A6C.4000806@FreeBSD.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on tom.home Cc: current@FreeBSD.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Aug 2014 18:15:23 -0000 --AhgEPFSZK1ORRBO1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Aug 06, 2014 at 12:48:28PM -0500, Bryan Drewery wrote: > On 8/5/2014 10:56 PM, Bryan Drewery wrote: > > On 8/5/2014 10:19 PM, Konstantin Belousov wrote: > >> On Tue, Aug 05, 2014 at 09:47:57PM -0500, Bryan Drewery wrote: > >>> Has anyone else encountered this? Got it while running poudriere. > >>> > >>>> NULL mp in getnewvnode() > >>>> [...] > >>>> vn_fullpath1() at vn_fullpath1+0x19d/frame 0xfffffe1247d8e540 > >>>> vn_fullpath() at vn_fullpath+0xc1/frame 0xfffffe1247d8e590 > >>>> export_fd_to_sb() at export_fd_to_sb+0x489/frame 0xfffffe1247d8e7c0 > >>>> kern_proc_filedesc_out() at kern_proc_filedesc_out+0x234/frame > >>>> 0xfffffe1247d8e840 > >>>> sysctl_kern_proc_filedesc() at sysctl_kern_proc_filedesc+0x84/frame > >>>> 0xfffffe1247d8e900 > >>>> sysctl_root_handler_locked() at > >>>> sysctl_root_handler_locked+0x68/frame 0xfffffe1247d8e940 > >>>> sysctl_root() at sysctl_root+0x18e/frame 0xfffffe1247d8e990 > >>>> userland_sysctl() at userland_sysctl+0x192/frame 0xfffffe1247d8ea30 > >>>> sys___sysctl() at sys___sysctl+0x74/frame 0xfffffe1247d8eae0 > >>>> amd64_syscall() at amd64_syscall+0x25a/frame 0xfffffe1247d8ebf0 > >>>> Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe1247d8ebf0 > >>> > >>> Unfortunately I have no dump as the kmem was too large compared to my > >>> swap, and I didn't get to the console before some of the text was > >>> overwritten. Perhaps it will hit it again soon after reboot and I'll = get > >>> a core. > >> > >> "NULL mp in getnewvnode()" is only the printf(), it is not a panic or > >> KASSERT. The event does not stop the machine, nor it prints the > >> backtrace. > >> > >> You mentioned that you was unable to dump, so did the system paniced ? > >> Without full log of the panic messages and backtrace, it is impossible > >> to start guessing what the problem is. > >> > >> That said, the printf seemingly outlived its usefulness. > >> > >=20 > > Got it. I've set debug.debugger_on_panic=3D1 to not auto reboot on panic > > next time this happens. I had it at 0 which was causing the lack of > > information in these. >=20 > Here is the full trace: >=20 >=20 > > NULL mp in getnewvnode() > > VNASSERT failed > > 0xfffff806071dc760: tag null, type VDIR > > usecount 1, writecount 0, refcount 1 mountedhere 0 > > flags () > > lock type zfs: EXCL by thread 0xfffff8009a53f490 (pid 1028, tmux, t= id 100881) > > vp=3D0xfffff806071dc760, lowervp=3D0xfffff8013157f588 > > panic: Don't call insmntque(foo, NULL) > > cpuid =3D 5 > > KDB: stack backtrace: > > db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe124= 7e76b50 > > kdb_backtrace() at kdb_backtrace+0x39/frame 0xfffffe1247e76c00 > > vpanic() at vpanic+0x126/frame 0xfffffe1247e76c40 > > kassert_panic() at kassert_panic+0x139/frame 0xfffffe1247e76cb0 > > insmntque1() at insmntque1+0x230/frame 0xfffffe1247e76cf0 > > null_nodeget() at null_nodeget+0x158/frame 0xfffffe1247e76d60 > > null_lookup() at null_lookup+0xeb/frame 0xfffffe1247e76dd0 > > VOP_LOOKUP_APV() at VOP_LOOKUP_APV+0xf1/frame 0xfffffe1247e76e00 > > lookup() at lookup+0x5ad/frame 0xfffffe1247e76e90 > > namei() at namei+0x4e4/frame 0xfffffe1247e76f50 > > vn_open_cred() at vn_open_cred+0x27a/frame 0xfffffe1247e770a0 > > vop_stdvptocnp() at vop_stdvptocnp+0x161/frame 0xfffffe1247e773e0 > > null_vptocnp() at null_vptocnp+0x2b/frame 0xfffffe1247e77440 > > VOP_VPTOCNP_APV() at VOP_VPTOCNP_APV+0xf7/frame 0xfffffe1247e77470 > > vn_vptocnp_locked() at vn_vptocnp_locked+0x118/frame 0xfffffe1247e774e0 > > vn_fullpath1() at vn_fullpath1+0x19d/frame 0xfffffe1247e77540 > > vn_fullpath() at vn_fullpath+0xc1/frame 0xfffffe1247e77590 > > export_fd_to_sb() at export_fd_to_sb+0x489/frame 0xfffffe1247e777c0 > > kern_proc_filedesc_out() at kern_proc_filedesc_out+0x234/frame 0xfffffe= 1247e77840 > > sysctl_kern_proc_filedesc() at sysctl_kern_proc_filedesc+0x84/frame 0xf= ffffe1247e77900 > > sysctl_root_handler_locked() at sysctl_root_handler_locked+0x68/frame 0= xfffffe1247e77940 > > sysctl_root() at sysctl_root+0x18e/frame 0xfffffe1247e77990 > > userland_sysctl() at userland_sysctl+0x192/frame 0xfffffe1247e77a30 > > sys___sysctl() at sys___sysctl+0x74/frame 0xfffffe1247e77ae0 > > amd64_syscall() at amd64_syscall+0x25a/frame 0xfffffe1247e77bf0 > > Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe1247e77bf0 > > --- syscall (202, FreeBSD ELF64, sys___sysctl), rip =3D 0x801041fca, rs= p =3D 0x7fffffffd878, rbp =3D 0x7fffffffd8b0 --- > > KDB: enter: panic > > [ thread pid 1028 tid 100881 ] > > Stopped at kdb_enter+0x3e: movq $0,kdb_why > > db> call doadump() > >=20 > > Dump failed. Partition too small. > > =3D 0 >=20 Try this. diff --git a/sys/fs/nullfs/null_vnops.c b/sys/fs/nullfs/null_vnops.c index 481644c..e803c24 100644 --- a/sys/fs/nullfs/null_vnops.c +++ b/sys/fs/nullfs/null_vnops.c @@ -361,9 +361,11 @@ null_lookup(struct vop_lookup_args *ap) struct vnode *dvp =3D ap->a_dvp; int flags =3D cnp->cn_flags; struct vnode *vp, *ldvp, *lvp; + struct mount *mp; int error; =20 - if ((flags & ISLASTCN) && (dvp->v_mount->mnt_flag & MNT_RDONLY) && + mp =3D dvp->v_mount; + if ((flags & ISLASTCN) !=3D 0 && (mp->mnt_flag & MNT_RDONLY) !=3D 0 && (cnp->cn_nameiop =3D=3D DELETE || cnp->cn_nameiop =3D=3D RENAME)) return (EROFS); /* @@ -377,18 +379,27 @@ null_lookup(struct vop_lookup_args *ap) ("ldvp %p fl %#x dvp %p fl %#x flags %#x", ldvp, ldvp->v_vflag, dvp, dvp->v_vflag, flags)); error =3D VOP_LOOKUP(ldvp, &lvp, cnp); - if (error =3D=3D EJUSTRETURN && (flags & ISLASTCN) && - (dvp->v_mount->mnt_flag & MNT_RDONLY) && + if (error =3D=3D EJUSTRETURN && (flags & ISLASTCN) !=3D 0 && + (mp->mnt_flag & MNT_RDONLY) !=3D 0 && (cnp->cn_nameiop =3D=3D CREATE || cnp->cn_nameiop =3D=3D RENAME)) error =3D EROFS; =20 + /* + * VOP_LOOKUP() on lower vnode may unlock ldvp, which allows + * dvp to be reclaimed due to shared v_vnlock. Check for the + * doomed state and return error. + */ + if ((error =3D=3D 0 || error =3D=3D EJUSTRETURN) && + (dvp->v_iflag & VI_DOOMED) !=3D 0) + error =3D ENOENT; + if ((error =3D=3D 0 || error =3D=3D EJUSTRETURN) && lvp !=3D NULL) { if (ldvp =3D=3D lvp) { *ap->a_vpp =3D dvp; VREF(dvp); vrele(lvp); } else { - error =3D null_nodeget(dvp->v_mount, lvp, &vp); + error =3D null_nodeget(mp, lvp, &vp); if (error =3D=3D 0) *ap->a_vpp =3D vp; } --AhgEPFSZK1ORRBO1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJT4nCwAAoJEJDCuSvBvK1B9GAP/38QJI4t+mLgIe9ygMUNjSNx WvP+VHTk/7lfSf3jRQmuIYSOn7Ru8aMhIvtkXYZTQsejREiIm3CSyIEPcz2O0+jS gcMD1ic1jLPZQwSQC/OOZFnkJgYwprL/8iRLuBhogmHopvS61LV5c+unGTj1q+LU 6Gc8QQNexFpyxhDj8EZAbXQm4FWaPYmlFJUQo3PwCaSOsYOH537/VudnjilNuxL0 HRrm8TRaA+G4oFk8SRY5N5qNNkHpC/pYwnn1I4HmeRkJ5oxr4L+CszGsR3NDSTgV w2538/xokkDJ8TUEfFr/jjbwdP25oHZaIyEDhM3rjQmX/jVf6qByqbpJDxCZOfTO LOhDe5yhm0TeAetnZwM0/+awN7XxzN6Owrl3Wn+jyrnm2IcKYGo0gAFOpp6Rnv9a Lrdqi7wzaTJ4gcgI77MW1enB19UiufZf37YJ4e/ZK3CR93BmIgSJG2qcXqE2PuxM 576zyjYiSMtIOejIKJxnYYBw6e3OVsHwkw7USKmJvmC0VKTNx7Bhqe4gFigTaMqr DkdgceEN2YvEYhmavmF0WoJ8F6V83yq7Znvb41yCoHzs/agaYYS6La2+++X0BGO9 PpIfZ/Z2uODnzs0JLx32OLOXIWVwJzqJGZPjtAAbVlVMfYQTFiOtNdbPf1wy2bTZ 03vSWVFrd7B49Z8Y/Wl5 =HiHa -----END PGP SIGNATURE----- --AhgEPFSZK1ORRBO1--