[patch] GIANT and fchdir

Kostik Belousov kostikbel at gmail.com
Fri Feb 3 04:48:14 PST 2006


I have a system where root is on MP-safe UFS, and have (MP-unsafe)
fdescfs mounted at /dev/fd. Doing "find /" causes panic in line 2029
of the sys/kern/vfs_subr.c, namely, in vrele() assertion
VFS_ASSERT_GIANT(vp->v_mount);

Trace shows that the guilty process (find) did the fchdir syscall. Reason
for the panic is call vrele(vpold) in kern/vfs_syscalls.c, line 718 without
calling VFS_LOCK_GIANT for vpold.

Problem is quite similar to what was fixed several days ago for chroot
and chdir.

The following small patch fixes the panic:

Index: sys/kern/vfs_syscalls.c
===================================================================
RCS file: /usr/local/arch/ncvs/src/sys/kern/vfs_syscalls.c,v
retrieving revision 1.402
diff -u -r1.402 vfs_syscalls.c
--- sys/kern/vfs_syscalls.c     1 Feb 2006 09:30:44 -0000       1.402
+++ sys/kern/vfs_syscalls.c     3 Feb 2006 12:47:13 -0000
@@ -715,6 +715,8 @@
        vpold = fdp->fd_cdir;
        fdp->fd_cdir = vp;
        FILEDESC_UNLOCK_FAST(fdp);
+       VFS_UNLOCK_GIANT(vfslocked);
+       vfslocked = VFS_LOCK_GIANT(vpold->v_mount);
        vrele(vpold);
        VFS_UNLOCK_GIANT(vfslocked);
        return (0);


It seems that the issue is present in 6-STABLE too.

Best regards,
Kostik Belousov.

P.S. Also, I got a bunch of the lockmgr messages about thread unlocking
unheld locks with traces pointed at kern_lstat. It seems related to the
fact that / dir appears as one of the fd's in /dev/fd. I'm currently
looking in the
problem.


More information about the freebsd-hackers mailing list