From owner-freebsd-fs@FreeBSD.ORG Mon Feb 19 14:01:19 2007 Return-Path: X-Original-To: fs@freebsd.org Delivered-To: freebsd-fs@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B526016A402; Mon, 19 Feb 2007 14:01:19 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id 8189313C4B4; Mon, 19 Feb 2007 14:01:19 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 1F8DE4959D; Mon, 19 Feb 2007 09:01:19 -0500 (EST) Date: Mon, 19 Feb 2007 14:01:19 +0000 (GMT) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Josef Karthauser In-Reply-To: <20070218224158.GA1297@genius.tao.org.uk> Message-ID: <20070219135921.E80197@fledge.watson.org> References: <20070204023711.GA3393@genius.tao.org.uk> <20070215135750.GR64768@obiwan.tataz.chchile.org> <20070215152259.GA2950@genius.tao.org.uk> <20070215153135.GI39168@deviant.kiev.zoral.com.ua> <20070216125007.D38234@fledge.watson.org> <20070216143656.GM39168@deviant.kiev.zoral.com.ua> <20070218224158.GA1297@genius.tao.org.uk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: hackers@freebsd.org, Jeremie Le Hen , fs@freebsd.org Subject: Re: nullfs and named pipes. X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2007 14:01:19 -0000 On Sun, 18 Feb 2007, Josef Karthauser wrote: > On Fri, Feb 16, 2007 at 04:36:56PM +0200, Kostik Belousov wrote: >>>>> cvs diff: Diffing . >>>>> Index: null_subr.c >>>>> =================================================================== >>>>> RCS file: /home/ncvs/src/sys/fs/nullfs/null_subr.c,v >>>>> retrieving revision 1.48.2.1 >>>>> diff -u -r1.48.2.1 null_subr.c >>>>> --- null_subr.c 13 Mar 2006 03:05:17 -0000 1.48.2.1 >>>>> +++ null_subr.c 14 Feb 2007 00:02:28 -0000 >>>>> @@ -235,6 +235,8 @@ >>>>> xp->null_vnode = vp; >>>>> xp->null_lowervp = lowervp; >>>>> vp->v_type = lowervp->v_type; >>>>> + if (vp->v_type == VSOCK || vp->v_type == VFIFO) >>>>> + vp->v_un = lowervp->v_un; >>>> >>>> I'm wondering is some reference counting needed there ? >>> >>> Yes, I find this a bit worrying also, but I don't know enough about how >>> nullfs works to reason about it. What happens when a vnode in the bottom >>> layer has its on-disk reference count drop to zero -- is the vnode in the >>> top layer invalidated somehow? >> >> Vnode reclamation from lower layer cannot do anithing for corresponding >> nullfs vnode, but that vnode has reference from nullfs vnode. On the other >> hand, can forced unmount proceed for lower layer ? > > Does know of any reason why I can't commit this as it is, at least for now. > It doesn't appear that it would break anything that works currently, and in > its current form it at least fixes named pipe functionality for the kinds of > cases that people would want to use it. Well, the worry would be that you would be replacing a clean error on failure with an occasional panic, the normal symptom of a race condition. I think I'm alright with the VFIFO case above, but I'm quite uncomfortable with the VSOCK case. In particular, I suspect that if the socket is closed, v_un will be reset in the lower layer, but continue to be a stale pointer in the upper layer, leading to accessing free'd or re-allocated kernel memory resulting in much badness. I've noticed tested this, but you might give it a try and see what happens. Robert N M Watson Computer Laboratory University of Cambridge