05 Jan, 2011
4 commits
-
Trivial, but confusing when you're trying to grep through this
code....Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
On Tue, 2010-12-14 at 16:58 +0800, Mi Jinlong wrote:
> Hi,
>
> When testing NFSv4 at RHEL6 with kernel 2.6.32, I got a kernel panic
> at NFS client's __rpc_create_common function.
>
> The panic place is:
> rpc_mkpipe
> __rpc_lookup_create() __rpc_mkpipe() __rpc_create_common()
> ****** BUG_ON(!d_unhashed(dentry)); ****** *panic*
>
> It means that the dentry's d_flags have be set DCACHE_UNHASHED,
> but it should not be set here.
>
> Is someone known this bug? or give me some idea?
>
> A reproduce program is append, but it can't reproduce the bug every time.
> the export is: "/nfsroot *(rw,no_root_squash,fsid=0,insecure)"
>
> And the panic message is append.
>
> ============================================================================
> #!/bin/sh
>
> LOOPTOTAL=768
> LOOPCOUNT=0
> ret=0
>
> while [ $LOOPCOUNT -ne $LOOPTOTAL ]
> do
> ((LOOPCOUNT += 1))
> service nfs restart
> /usr/sbin/rpc.idmapd
> mount -t nfs4 127.0.0.1:/ /mnt|| return 1;
> ls -l /var/lib/nfs/rpc_pipefs/nfs/*/
> umount /mnt
> echo $LOOPCOUNT
> done
>
> ===============================================================================
> Code: af 60 01 00 00 89 fa 89 f0 e8 64 cf 89 f0 e8 5c 7c 64 cf 31 c0 8b 5c 24 10 8b
> 74 24 14 8b 7c 24 18 8b 6c 24 1c 83 c4 20 c3 0b eb fc 8b 46 28 c7 44 24 08 20
> de ee f0 c7 44 24 04 56 ea
> EIP:[] __rpc_create_common+0x8a/0xc0 [sunrpc] SS:ESP 0068:eccb5d28
> ---[ end trace 8f5606cd08928ed2]---
> Kernel panic - not syncing: Fatal exception
> Pid:7131, comm: mount.nfs4 Tainted: G D -------------------2.6.32 #1
> Call Trace:
> [] ? panic+0x42/0xed
> [] ? oops_end+0xbc/0xd0
> [] ? do_invalid_op+0x0/0x90
> [] ? do_invalid_op+0x7f/0x90
> [] ? __rpc_create_common+0x8a/0xc0[sunrpc]
> [] ? rpc_free_task+0x33/0x70[sunrpc]
> [] ? prc_call_sync+0x48/0x60[sunrpc]
> [] ? rpc_ping+0x4e/0x60[sunrpc]
> [] ? rpc_create+0x38f/0x4f0[sunrpc]
> [] ? error_code+0x73/0x78
> [] ? __rpc_create_common+0x8a/0xc0[sunrpc]
> [] ? d_lookup+0x2a/0x40
> [] ? rpc_mkpipe+0x111/0x1b0[sunrpc]
> [] ? nfs_create_rpc_client+0xb4/0xf0[nfs]
> [] ? nfs_fscache_get_client_cookie+0x1d/0x50[nfs]
> [] ? nfs_idmap_new+0x7b/0x140[nfs]
> [] ? strlcpy+0x3a/0x60
> [] ? nfs4_set_client+0xea/0x2b0[nfs]
> [] ? nfs4_create_server+0xac/0x1b0[nfs]
> [] ? krealloc+0x40/0x50
> [] ? nfs4_remote_get_sb+0x6b/0x250[nfs]
> [] ? kstrdup+0x3c/0x60
> [] ? vfs_kern_mount+0x69/0x170
> [] ? nfs_do_root_mount+0x6c/0xa0[nfs]
> [] ? nfs4_try_mount+0x37/0xa0[nfs]
> [] ? nfs4_validate_text_mount_data+-x7d/0xf0[nfs]
> [] ? nfs4_get_sb+0x92/0x2f0
> [] ? vfs_kern_mount+0x69/0x170
> [] ? get_fs_type+0x32/0xb0
> [] ? do_kern_mount+0x3f/0xe0
> [] ? do_mount+0x2ef/0x740
> [] ? copy_mount_options+0xb0/0x120
> [] ? sys_mount+0x6e/0xa0Hi,
Does the following patch fix the problem?
Cheers
Trond--------------------------
SUNRPC: Fix a BUG in __rpc_create_commonFrom: Trond Myklebust
Mi Jinlong reports:
When testing NFSv4 at RHEL6 with kernel 2.6.32, I got a kernel panic
at NFS client's __rpc_create_common function.The panic place is:
rpc_mkpipe
__rpc_lookup_create()
Signed-off-by: Trond Myklebust -
We unlock again after we goto out.
Signed-off-by: Dan Carpenter
Signed-off-by: Trond Myklebust -
Hi,
In fs/nfs/proc.c::nfs_proc_symlink() we will leak memory if either
nfs_alloc_fhandle() or nfs_alloc_fattr() returns NULL but the other one
doesn't.
This patch ensures memory allocated by one when the other fails is always
released (this is safe since nfs_free_fattr() and nfs_free_fhandle() both
call kfree which deals gracefully with NULL pointers).Signed-off-by: Jesper Juhl
Signed-off-by: Trond Myklebust
22 Dec, 2010
6 commits
-
Signed-off-by: Trond Myklebust
-
Signed-off-by: Joe Perches
Signed-off-by: Trond Myklebust -
Update: added check for zero value as it was before (note: can't simply check
mountd_port for positive value because it's typeof unsigned short)Default value for mount server port is set to NFS_UNSPEC_PORT (-1) and will not
be changed during parsing mount options for mound data version 6. This default
value will be showed for mountport in /proc/mounts always since current default
check is for zero value. This small mistake leads to big problem, because
during umount.nfs execution from old user-space utils (at least nfs-utils
1.0.9) this value will be used as the server port to connect to. This request
will be rejected (since port is 65535) and thus nfs mount point can't be
unmounted.Note from Chuck Lever (chuck.lever@oracle.com): this is only possible if
/etc/mtab is a link to /proc/mounts. Not all systems have this configuration.Signed-off-by: Stanislav Kinsbursky
Signed-off-by: Trond Myklebust -
Note that cl_lease_time is in jiffies. This can cause a very long wait
in the NFS4ERR_CLID_INUSE case.Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Take advantage of kmem_cache_zalloc() in nfs_page_alloc(). Save a call to
memset() and a few bytes.Before:
[jj@dragon linux-2.6]$ size fs/nfs/pagelist.o
text data bss dec hex filename
1765 0 8 1773 6ed fs/nfs/pagelist.o
After:
[jj@dragon linux-2.6]$ size fs/nfs/pagelist.o
text data bss dec hex filename
1749 0 8 1757 6dd fs/nfs/pagelist.oSigned-off-by: Jesper Juhl
Signed-off-by: Trond Myklebust -
IS_ERR() already implies unlikely(), so it can be omitted here.
Signed-off-by: Tobias Klauser
Signed-off-by: Trond Myklebust
17 Dec, 2010
30 commits
-
Clean up.
The contents of the src_sap field is not used in nlm_alloc_host().
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up.
Remove the now unused helper nlm_lookup_host().
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up.
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up.
nlm_hosts now contains only server-side entries. Rename it to match
convention of client side cache.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up.
Change nlmsvc_lookup_host() to be purpose-built for server-side
nlm_host management. This replaces the generic nlm_lookup_host()
helper function, just like on the client side. The lookup logic is
specialized for server host lookups.The server side cache also gets its own specialized equivalent of the
nlm_release_host() function.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
NFS clients don't need the garbage collection processing that is
performed on nlm_host structures. The client picks up an nlm_host at
mount time and holds a reference to it until the file system is
unmounted.Servers, on the other hand, don't have a precise way to tell when an
nlm_host is no longer being used, so zero refcount nlm_host entries
are left to expire in the cache after a time.Basically there's nothing holding a reference to an nlm_host between
individual server-side NLM requests, but we can't afford the expense
of recreating them for every new NLM request from a client. The
nlm_host cache adds some lifetime hysteresis to entries in the cache
so the next time a particular nlm_host is needed, it's likely to be
discovered by a lookup rather than created from whole cloth.With the new implementation, client nlm_host cache items are no longer
garbage collected, and are destroyed directly by a new release
function specialized for client entries, nlmclnt_release_host(). They
are cached in their own data structure, and have their own lookup
logic, simplified and specialized for client nlm_host entries.However, the client nlm_host cache still shares reboot recovery logic
with the server nlm_host cache. The NSM "peer rebooted" downcall for
clients and servers still come through the same RPC call. This is a
legacy formal API that would be difficult to alter, and besides, the
user space NSM implementation can't tell the difference between peers
that are clients or servers.For this reason, the client cache continues to share the
nlm_host_mutex (and reboot recovery logic) with the server cache.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
The nlm_release_call() function is invoked from both the server and
the client side. We're about to introduce a distinct server- and
client-side nlm_release_host(), so nlm_release_call() must first be
split into a client-side and a server-side version.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Refactor the tail of nlm_gc_hosts() into nlm_destroy_host() so that
this logic can be used separately from garbage collection.Rename it _locked() to document that it must be called with the hosts
cache mutex held.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Refactor nlm_host allocation and initialization into a separate
function. This will be the common piece of server and client nlm_host
lookup logic after the nlm_host cache is split.Small change: use kmalloc() instead of kzalloc(), as we're overwriting
almost all fields in the new nlm_host struct with non-zero values
immediately after it is allocated. An added benefit is we now have an
explicit reference to each field name where it is initialized (for all
you cscope fans out there).Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Minor reorganization; no change in behavior. This will save some
duplicated code after we split the client and server host caches.Signed-off-by: J. Bruce Fields
[ cel: Forward-ported to 2.6.37 ]
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
We've got a lot of loops like this, and I find them a little easier to
read with the macros. More such loops are coming.Signed-off-by: J. Bruce Fields
[ cel: Forward-ported to 2.6.37 ]
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Now that all client-side XDR decoder routines use xdr_streams, there
should be no need to support the legacy calling sequence [rpc_rqst *,
__be32 *, RPC res *] anywhere. We can construct an xdr_stream in the
generic RPC code, instead of in each decoder function.This is a refactoring change. It should not cause different behavior.
Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Now that all client-side XDR encoder routines use xdr_streams, there
should be no need to support the legacy calling sequence [rpc_rqst *,
__be32 *, RPC arg *] anywhere. We can construct an xdr_stream in the
generic RPC code, instead of in each encoder function.Also, all the client-side encoder functions return 0 now, making a
return value superfluous. Take this opportunity to convert them to
return void instead.This is a refactoring change. It should not cause different behavior.
Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
Just fixed a panic where the nrprocs field in a different upper layer
client was set by hand incorrectly. Use the compiler-generated method
used by the other upper layer protocols.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up.
The trend in the other XDR encoder functions is to BUG() when encoding
problems occur, since a problem here is always due to a local coding
error. Then, instead of a status, zero is unconditionally returned.Update the rpcbind XDR encoders to behave this way.
To finish the update, use the new-style be32_to_cpup() and
cpu_to_be32() macros, and compute the buffer sizes using raw integers
instead of sizeof(). This matches the conventions used in other XDR
functions.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
The UMNT request has a NULL response. There's no need to set up a
mountres structure for it.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up.
The trend in the other XDR encoder functions is to BUG() when encoding
problems occur, since a problem here is always due to a local coding
error. Then, instead of a status, zero is unconditionally returned.Update the mount client XDR encoders to behave this way.
To finish the update, use the new-style be32_to_cpup() and
cpu_to_be32() macros, and compute the buffer sizes using raw integers
instead of sizeof(). This matches the conventions used in other XDR
functions.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
The trend in the other XDR encoder functions is to BUG() when encoding
problems occur, since a problem here is always due to a local coding
error. Then, instead of a status, zero is unconditionally returned.Update the NSM XDR encoders to behave this way.
To finish the update, use the new-style be32_to_cpup() and
cpu_to_be32() macros, and compute the buffer sizes using raw integers
instead of sizeof(). This matches the conventions used in other XDR
functionsSigned-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
.../linux/nfs-2.6/fs/nfs/nfs4xdr.c: In function ‘decode_getdeviceinfo’:
.../linux/nfs-2.6/fs/nfs/nfs4xdr.c:5008: warning: comparison between signed and unsigned integer expressionsSigned-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
The pointer returned by ->decode_dirent() is no longer used as a
pointer. The only call site (xdr_decode() in fs/nfs/dir.c) simply
extracts the errno value encoded in the pointer. Replace the
returned pointer with a standard integer errno return value.Also, pass the "server" argument as part of the nfs_entry instead of
as a separate parameter. It's faster to derive "server" in
nfs_readdir_xdr_to_array() since we already have the directory's inode
handy. "server" ought to be invariant for a set of entries in the
same directory, right?The legacy versions of decode_dirent() don't use "server" anyway, so
it's wasted work for them to derive and pass "server" for each entry.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
When computing the length of the header, be sure to include the
four octets consumed by "count".Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up. nlmdbg_cookie2a() is used only in svclock.c.
Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
When I was making other changes in this area, checkscript.pl
complained about the use of leading blanks in the PROC macros in the
xdr files.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
Remove old-style NFSv4 XDR macros in favor of the style now used in
fs/nfs/nfs4xdr.c. These were forgotten during the recent nfs4xdr.c
rewrite.Additional whitespace cleanup adds to the size of this patch.
Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
Remove old-style NFSv4 XDR macros in favor of the style now used in
fs/nfs/nfs4xdr.c. These were forgotten during the recent nfs4xdr.c
rewrite.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
We'd like to prevent local buffer overflows caused by malicious or
broken servers. New xdr_stream style decoders can do that.For efficiency, we also want to be able to pass xdr_streams from
call_encode() to all XDR encoding functions, rather than building
an xdr_stream in every XDR encoding function in the kernel.Same idea as the NLM v3 XDR overhaul.
Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up.
Move the timestamp decoder to match the placement and naming
conventions of the other helpers. Fold xdr_decode_fattr() into
decode_fattr3(), which is now it's only user. Fold
xdr_decode_wcc_attr() into decode_wcc_attr(), which is now it's only
user.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
Clean up. Remove unused legacy result decoder functions, and any
now unused decoder helper functions.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
The naming scheme of the new decoder functions, which follows the
NFSv4 XDR decoder functions, is slightly different than the scheme
used for the old functions. Rename the functions as a separate
step to keep the patches clean.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
We'd like to prevent local buffer overflows caused by malicious or
broken servers. New xdr_stream style decoders can do that.For efficiency, we also eventually want to be able to pass xdr_streams
from call_decode() to all XDR decoding functions, rather than building
an xdr_stream in every XDR decoding function in the kernel.Static helper functions are left without the "inline" directive. This
allows the compiler to choose automatically how to optimize these for
size or speed.Signed-off-by: Chuck Lever
Tested-by: J. Bruce Fields
Signed-off-by: Trond Myklebust
