Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 25 Oct 2013 10:47:16 +0300
From:      Andriy Gapon <avg@FreeBSD.org>
To:        Will Andrews <will@FreeBSD.org>, src-committers@FreeBSD.org, svn-src-all@FreeBSD.org, svn-src-head@FreeBSD.org
Subject:   Re: svn commit: r248653 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Message-ID:  <526A2204.3000902@FreeBSD.org>
In-Reply-To: <201303231634.r2NGYvoj099629@svn.freebsd.org>
References:  <201303231634.r2NGYvoj099629@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
on 23/03/2013 18:34 Will Andrews said the following:
> Author: will
> Date: Sat Mar 23 16:34:56 2013
> New Revision: 248653
> URL: http://svnweb.freebsd.org/changeset/base/248653
> 
> Log:
>   ZFS: Fix a panic while unmounting a busy filesystem.
>   
>   This particular scenario was easily reproduced using a NFS export.  When the
>   first 'zfs unmount' occurred, it returned EBUSY via this path, while
>   vflush() had flushed references on the filesystem's root vnode, which in
>   turn caused its v_interlock to be destroyed.  The next time 'zfs unmount'
>   was called, vflush() tried to obtain this lock, which caused this panic.
>   
>   Since vflush() on FreeBSD is a definitive call, there is no need to check
>   vfsp->vfs_count after it completes.  Simply #ifdef sun this check.
>   
>   Submitted by:	avg
>   Reviewed by:	avg
>   Approved by:	ken (mentor)
>   MFC after:	1 month

MFC timer expired half a year ago.  Could you please MFC this change?
I believe that we've just run into the same or similar panic on stable/9 (no NFS
was involved though):

#2  0xffffffff808f9d07 in panic (fmt=0x1 <Address 0x1 out of bounds>) at
/usr/src/sys/kern/kern_shutdown.c:637
#3  0xffffffff80cecac0 in trap_fatal (frame=0xc, eva=<value optimized out>) at
/usr/src/sys/amd64/amd64/trap.c:879
#4  0xffffffff80cece21 in trap_pfault (frame=0xffffff911d7e85b0, usermode=0) at
/usr/src/sys/amd64/amd64/trap.c:795
#5  0xffffffff80ced3d4 in trap (frame=0xffffff911d7e85b0) at
/usr/src/sys/amd64/amd64/trap.c:463
#6  0xffffffff80cd61e3 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:232
#7  0xffffffff808e5d1d in _mtx_lock_sleep (m=0xfffffe01ec9a50c8,
tid=18446741917998455072, opts=<value optimized out>, file=<value optimized
out>, line=0) at /usr/src/sys/kern/kern_mutex.c:394
#8  0xffffffff8099f38d in vflush (mp=<value optimized out>, rootrefs=1,
flags=<value optimized out>, td=0xfffffe0a159b1920) at
/usr/src/sys/kern/vfs_subr.c:2705
#9  0xffffffff817ed852 in zfs_umount (vfsp=0xfffffe02aa9ad9a8, fflag=<value
optimized out>) at
/usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c:1982

(kgdb) p *rootvp
$1 = {v_type = VBAD, v_tag = 0xffffffff80f7fd7c "none", v_op =
0xffffffff812eb6a0, v_data = 0x0, v_mount = 0x0, v_nmntvnodes = {tqe_next =
0xfffffe0fc06a3800, tqe_prev = 0xfffffe02aa9ada08}, v_un = {vu_mount = 0x0,
    vu_socket = 0x0, vu_cdev = 0x0, vu_fifoinfo = 0x0}, v_hashlist = {le_next =
0x0, le_prev = 0x0}, v_hash = 2155554452, v_cache_src = {lh_first = 0x0},
v_cache_dst = {tqh_first = 0x0, tqh_last = 0xfffffe01ec9a5060},
  v_cache_dd = 0x0, v_cstart = 0, v_lasta = 0, v_lastw = 0, v_clen = 0, v_lock =
{lock_object = {lo_name = 0xffffffff8185f1ac "zfs", lo_flags = 108658688,
lo_data = 0, lo_witness = 0x0}, lk_lock = 1, lk_exslpfail = 0,
    lk_timo = 51, lk_pri = 96}, v_interlock = {lock_object = {lo_name =
0xffffffff80f9ae39 "vnode interlock", lo_flags = 16908288, lo_data = 0,
lo_witness = 0x0}, mtx_lock = 6}, v_vnlock = 0xfffffe01ec9a5098, v_holdcnt = 0,
  v_usecount = 0, v_iflag = 128, v_vflag = 1, v_writecount = 0, v_actfreelist =
{tqe_next = 0x0, tqe_prev = 0xfffffe02aa9ada20}, v_bufobj = {bo_mtx =
{lock_object = {lo_name = 0xffffffff80f9ae49 "bufobj interlock",
        lo_flags = 16908288, lo_data = 0, lo_witness = 0x0}, mtx_lock = 6},
bo_clean = {bv_hd = {tqh_first = 0x0, tqh_last = 0xfffffe01ec9a5140}, bv_root =
0x0, bv_cnt = 0}, bo_dirty = {bv_hd = {tqh_first = 0x0,
        tqh_last = 0xfffffe01ec9a5160}, bv_root = 0x0, bv_cnt = 0}, bo_numoutput
= 0, bo_flag = 0, bo_ops = 0xffffffff81316f20, bo_bsize = 131072, bo_object =
0x0, bo_synclist = {le_next = 0x0, le_prev = 0x0},
    bo_private = 0xfffffe01ec9a5000, __bo_vnode = 0xfffffe01ec9a5000},
v_pollinfo = 0x0, v_label = 0x0, v_lockf = 0x0, v_rl = {rl_waiters = {tqh_first
= 0x0, tqh_last = 0xfffffe01ec9a51e0}, rl_currdep = 0x0},
  v_fullpath = '\0' <repeats 1023 times>}

> Modified:
>   head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c
> 
> Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c
> ==============================================================================
> --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c	Sat Mar 23 16:06:20 2013	(r248652)
> +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c	Sat Mar 23 16:34:56 2013	(r248653)
> @@ -1968,6 +1968,7 @@ zfs_umount(vfs_t *vfsp, int fflag)
>  		return (ret);
>  	}
>  
> +#ifdef sun
>  	if (!(fflag & MS_FORCE)) {
>  		/*
>  		 * Check the number of active vnodes in the file system.
> @@ -1988,6 +1989,7 @@ zfs_umount(vfs_t *vfsp, int fflag)
>  				return (EBUSY);
>  		}
>  	}
> +#endif
>  
>  	VERIFY(zfsvfs_teardown(zfsvfs, B_TRUE) == 0);
>  	os = zfsvfs->z_os;
> 


-- 
Andriy Gapon



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?526A2204.3000902>