From nobody@FreeBSD.org  Wed Apr 18 09:23:51 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 323591065673
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 18 Apr 2012 09:23:51 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 1D2CF8FC0A
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 18 Apr 2012 09:23:51 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q3I9NoYu070903
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 18 Apr 2012 09:23:50 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id q3I9NogK070902;
	Wed, 18 Apr 2012 09:23:50 GMT
	(envelope-from nobody)
Message-Id: <201204180923.q3I9NogK070902@red.freebsd.org>
Date: Wed, 18 Apr 2012 09:23:50 GMT
From: Marcelo Araujo <araujo@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org
Subject: RELEASE-9 crash when using ZFS+NULLFS+NFS
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         167048
>Category:       kern
>Synopsis:       [nfs] [patch] RELEASE-9 crash when using ZFS+NULLFS+NFS
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    rmacklem
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Apr 18 09:30:05 UTC 2012
>Closed-Date:    Mon May 19 16:46:14 UTC 2014
>Last-Modified:  Mon May 19 16:46:14 UTC 2014
>Originator:     Marcelo Araujo
>Release:        RELEASE-9 crash when using ZFS+NULLFS+NFS
>Organization:
FreeBSD
>Environment:
System: FreeBSD vibration.freebsd.org 9.0-RELEASE FreeBSD 9.0-RELEASE #13: Wed Apr
18 04:38:26 BRT 2012 araujo@vibration.freebsd.org:/usr/obj/usr/src/sys/NFS i386
>Description:
If we create a pool with ZFS, mount it using nullfs in another path and export it using NFS, when the user mount the NFS in another machine and try to perform a ls -a inside /mnt/.zfs we have the crash.

More information about it could be found at: http://people.freebsd.org/~araujo/dump_nfs/
>How-To-Repeat:
root# zpool create tank raidz /dev/ada1 /dev/ada2
root# mount nullfs /tank /mnt
root# echo "/mnt -alldirs" >>/etc/exports
root# /etc/rc.d/mountd restart

1) Mount the NFS share in another machine.
2) cd /mnt/.zfs/
3) ls -la
>Fix:
On FreeBSD-HEAD the problem doesn&#146;t happens anymore, but investigate it, the patch attached that was obtained from HEAD, solved this issue.


Patch attached with submission follows:

--- /home/araujo/nfsd/freebsd9_src/sys/fs/nfsserver/nfs_nfsdport.c	2012-04-16 04:02:30.000000000 -0300
+++ nfs_nfsdport.c	2012-04-18 03:38:16.000000000 -0300
@@ -2624,7 +2624,7 @@
 	if (VFS_NEEDSGIANT(mp))
 		error = ESTALE;
 	else
-		error = VFS_FHTOVP(mp, &fhp->fh_fid, LK_EXCLUSIVE, vpp);
+		error = VFS_FHTOVP(mp, &fhp->fh_fid, lktype, vpp);
 	if (error != 0)
 		/* Make sure the server replies ESTALE to the client. */
 		error = ESTALE;
@@ -2645,13 +2645,6 @@
 				exp->nes_secflavors[i] = secflavors[i];
 		}
 	}
-	if (error == 0 && lktype == LK_SHARED)
-		/*
-		 * It would be much better to pass lktype to VFS_FHTOVP(),
-		 * but this will have to do until VFS_FHTOVP() has a lock
-		 * type argument like VFS_VGET().
-		 */
-		NFSVOPLOCK(*vpp, LK_DOWNGRADE | LK_RETRY);
 
 	NFSEXITCODE(error);
 	return (error);


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-fs 
Responsible-Changed-By: araujo 
Responsible-Changed-When: Wed Apr 18 09:43:07 UTC 2012 
Responsible-Changed-Why:  
Over to maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=167048 
Responsible-Changed-From-To: freebsd-fs->rmacklem 
Responsible-Changed-By: araujo 
Responsible-Changed-When: Fri May 16 02:55:25 UTC 2014 
Responsible-Changed-Why:  
That is rmacklem@ area. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=167048 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/167048: commit references a PR
Date: Mon, 19 May 2014 16:15:34 +0000 (UTC)

 Author: rmacklem
 Date: Mon May 19 16:15:27 2014
 New Revision: 266447
 URL: http://svnweb.freebsd.org/changeset/base/266447
 
 Log:
   MFC: r227809
   This patch enables the new/default NFS server's use of shared
   vnode locking for read, readdir, readlink, getattr and access.
   It is hoped that this will improve server performance for these
   operations, since they will no longer be serialized for a given
   file/vnode.
   
   PR:		167048
 
 Modified:
   stable/9/sys/fs/nfsserver/nfs_nfsdport.c
 Directory Properties:
   stable/9/sys/   (props changed)
   stable/9/sys/fs/   (props changed)
 
 Modified: stable/9/sys/fs/nfsserver/nfs_nfsdport.c
 ==============================================================================
 --- stable/9/sys/fs/nfsserver/nfs_nfsdport.c	Mon May 19 16:13:40 2014	(r266446)
 +++ stable/9/sys/fs/nfsserver/nfs_nfsdport.c	Mon May 19 16:15:27 2014	(r266447)
 @@ -2693,7 +2693,7 @@ nfsvno_fhtovp(struct mount *mp, fhandle_
  	if (VFS_NEEDSGIANT(mp))
  		error = ESTALE;
  	else
 -		error = VFS_FHTOVP(mp, &fhp->fh_fid, LK_EXCLUSIVE, vpp);
 +		error = VFS_FHTOVP(mp, &fhp->fh_fid, lktype, vpp);
  	if (error != 0)
  		/* Make sure the server replies ESTALE to the client. */
  		error = ESTALE;
 @@ -2714,14 +2714,6 @@ nfsvno_fhtovp(struct mount *mp, fhandle_
  				exp->nes_secflavors[i] = secflavors[i];
  		}
  	}
 -	if (error == 0 && lktype == LK_SHARED)
 -		/*
 -		 * It would be much better to pass lktype to VFS_FHTOVP(),
 -		 * but this will have to do until VFS_FHTOVP() has a lock
 -		 * type argument like VFS_VGET().
 -		 */
 -		NFSVOPLOCK(*vpp, LK_DOWNGRADE | LK_RETRY);
 -
  	NFSEXITCODE(error);
  	return (error);
  }
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->closed 
State-Changed-By: rmacklem 
State-Changed-When: Mon May 19 16:44:48 UTC 2014 
State-Changed-Why:  

The patch in the PR (which is r227809 in head) has been MFC'd 
to stable/9. It is already in stable/10 and probably should 
have been MFC'd long ago. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=167048 
>Unformatted:
