Date: Wed, 30 May 2001 10:41:46 -0700 (PDT) From: Jean-Luc.Richier@imag.fr To: freebsd-gnats-submit@FreeBSD.org Subject: kern/27776: rpc.lockd panic with FreeBSD-5.0 Message-ID: <200105301741.f4UHfk704230@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 27776
>Category: kern
>Synopsis: rpc.lockd panic with FreeBSD-5.0
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed May 30 10:50:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Jean-Luc Richier
>Release: FreeBSD 5.0
>Organization:
IMAG
>Environment:
FreeBSD lagavulin.imag.fr 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Wed May 30 12:53:26 MEST 2001
>Description:
On a FreeBSD 5-0, source dated may 2001, kernel compiled with witness
option, activating rpc.lockd causes a panic (witness violation on
holding locks when syscall returns)
>How-To-Repeat:
make a kernel with WITNESS option, current file nfs/nfs_lock.c
(I checked with files dated 18 may 2001 or 26 may), start rpc.statd and
rpc.lockd, and make some locks on nfs shared files
The system will panic with witness error:
system call nfssvc returning with mutex(s) held
>Fix:
The problem is in nfslockdans in nfs/nfs_lock.c
This function call pfind which return a pointer to a locked proc.
But ther is no calls to PROC_UNLOCK done.
A patch is:
*** /usr/src/P50/sys/nfs/nfs_lock.c.DIST Sat May 26 01:36:46 2001
--- /usr/src/P50/sys/nfs/nfs_lock.c Wed May 30 11:58:06 2001
***************
*** 128,134 ****
/*
* XXX -- I think this is wrong for anything other AF_INET.
*/
! msg.lm_addr = *(VFSTONFS(vp->v_mount)->nm_nam);
msg.lm_fh_len = NFS_ISV3(vp) ? VTONFS(vp)->n_fhsize : NFSX_V2FH;
bcopy(VTONFS(vp)->n_fhp, msg.lm_fh, msg.lm_fh_len);
msg.lm_nfsv3 = NFS_ISV3(vp);
--- 128,135 ----
/*
* XXX -- I think this is wrong for anything other AF_INET.
*/
! bcopy(VFSTONFS(vp->v_mount)->nm_nam, &msg.lm_addr,
! min(sizeof msg.lm_addr, VFSTONFS(vp->v_mount)->nm_nam->sa_len)); msg.lm_fh_len = NFS_ISV3(vp) ? VTONFS(vp)->n_fhsize : NFSX_V2FH;
bcopy(VTONFS(vp)->n_fhp, msg.lm_fh, msg.lm_fh_len);
msg.lm_nfsv3 = NFS_ISV3(vp);
***************
*** 260,267 ****
((ansp->la_msg_ident.msg_seq != -1) &&
(timevalcmp(&p->p_nlminfo->pid_start,
&ansp->la_msg_ident.pid_start, !=) ||
! p->p_nlminfo->msg_seq != ansp->la_msg_ident.msg_seq)))
return (EPIPE);
p->p_nlminfo->retcode = ansp->la_errno;
p->p_nlminfo->set_getlk_pid = ansp->la_set_getlk_pid;
--- 261,270 ----
((ansp->la_msg_ident.msg_seq != -1) &&
(timevalcmp(&p->p_nlminfo->pid_start,
&ansp->la_msg_ident.pid_start, !=) ||
! p->p_nlminfo->msg_seq != ansp->la_msg_ident.msg_seq))) {
return (EPIPE);
+ PROC_UNLOCK(p);
+ }
p->p_nlminfo->retcode = ansp->la_errno;
p->p_nlminfo->set_getlk_pid = ansp->la_set_getlk_pid;
***************
*** 269,273 ****
--- 272,277 ----
(void)wakeup((void *)p->p_nlminfo);
+ PROC_UNLOCK(p);
return (0);
}
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105301741.f4UHfk704230>