Bug 164261

Summary: [nullfs] [patch] fix panic with NFS served from NULLFS
Product: Base System Reporter: Eygene Ryabinkin <rea>
Component: kernAssignee: freebsd-bugs (Nobody) <bugs>
Status: Open ---    
Severity: Affects Only Me    
Priority: Normal    
Version: 10.0-CURRENT   
Hardware: Any   
OS: Any   

Description Eygene Ryabinkin freebsd_committer 2012-01-17 20:40:14 UTC
When one exports NULLFS filesystems via NFS, he can face kernel
panics if external clients use readdir+ feature and are accessing
same directories simultaneously.

The example of the backtrace can be obtained at
This backtrace is from 9.x as of December 2011.

The real problem is that the thread that loses the race in
null_nodeget (/sys/fs/nullfs/null_subr.c) will put the native lock
(vp->v_vnlock = &vp->v_lock) to the nullfs vnode that should be
destroyed (because the thread lost the race).  And null_reclaim
(/sys/fs/nullfs/null_vnops.c) will try to lock vnode's v_lock in the
exclusive mode.  This will lead to panic, because v_vnlock is already
locked at the time of VOP_RECLAIM processing and we have v_vnlock that
points to v_lock.  Bingo!


will fix the problem (in reality, the first patch is just some

I had tested this patch on my 10-CURRENT machine; tomorrow I intend
to test in on the 9.x production NFS server with 300-400 clients.
See http://codelabs.ru/fbsd/prs/2012-jan-nullfs-LK_SHARED/README.txt
section "How to reproduce".
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2012-01-17 22:13:29 UTC
Responsible Changed
From-To: freebsd-bugs->freebsd-fs

Over to maintainer(s).
Comment 2 Eygene Ryabinkin freebsd_committer 2012-01-18 10:36:04 UTC
For the record, there is a discussion about this PR in freebsd-fs@,
Eygene Ryabinkin                                        ,,,^..^,,,
[ Life's unfair - but root password helps!           | codelabs.ru ]
[ 82FE 06BC D497 C0DE 49EC  4FF0 16AF 9EAE 8152 ECFB | freebsd.org ]
Comment 3 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 07:59:22 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped