Re: Possible error in nfs_nfsdserv.c?

From: Rick Macklem <rmacklem_at_uoguelph.ca>
Date: Sat, 27 Mar 2010 09:49:23 -0400 (EDT)
On Fri, 26 Mar 2010, Petr Lampa wrote:

>
> I've got several "panic: nfsrelpath", see attached photo. I've found
> one place where it could probably happen, please, can you look at this?
>
> First name buffer is initialized in nfsrvd_link() with:
>       	NFSNAMEICNDSET(&named.ni_cnd, nd->nd_cred, CREATE, LOCKPARENT);
>
> Then:
> 	nd->nd_repstat = nfsvno_namei(nd, &named, dp, 0, &tnes,
> 	                             p, &dirp);
>
> and
> 	nd->nd_repstat = nfsvno_link(&named, vp, nd->nd_cred, p, exp);
>
> is called. The nfsvno_link() calls nfsvno_relpathbuf() unconditionally,
> this is the place where the panic happened. The only place where buffer can
> be released in no error case is in the nfsvno_namei(). There is a call
>
> 	  if ((cnp->cn_flags & (SAVENAME | SAVESTART)) == 0)
>                                  nfsvno_relpathbuf(ndp);
>
> there and no SAVENAME|SAVESTART is set in NFSNAMEICNDSET(). But if
> buffer is alwyas released at this place, then link would be panicing also
> always (and it isn't). So probably I'm missing something here. Other

For ufs, ufs_lookup() sets SAVENAME for the CREATE case, which is why
I don't see such a panic. I had thought that all file systems would do
this for VOP_LOOKUP() for CREATE. It sounds like you've found a case
where that isn't happening. Could you please tell us what file system
type is being accessed when this panic occurs?

I've cc'd freebsd-current, so that anyone conversant with the FreeBSD
VFS can jump in here. Am I right to assume that VOP_LOOKUP() for CREATE
will set SAVENAME when returning error == 0?

> functions where nfsvno_namei() is called without SAVENAME|SAVESTART flags
> also don't call nfsvno_relpathbuf(). Perhaps buffer should be initialized
> with
>
> NFSNAMEICNDSET(&named.ni_cnd, nd->nd_cred, CREATE, LOCKPARENT | SAVENAME);
>

Yes, please try this. I think it will fix the problem, since my server
code assumes that VOP_LOOKUP() will have set SAVENAME for the non-error
case. (I don't think setting it is harmful and it will help isolate the
problem further.)

Please let us know how things go with SAVENAME set, as above.

rick
Received on Sat Mar 27 2010 - 12:36:18 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:02 UTC