unionfs bugs, a partial patch and some comments [Was: Re: 1-BETA3 Panic: __lockmgr_args: downgrade a recursed lockmgr nfs @ /usr/local/share/deploy-tools/RELENG_11/src/sys/fs/unionfs/union_vnops.c:1905]

Fri Aug 12 12:39:58 UTC 2016

On Thu, Aug 11, 2016 at 10:53:03PM +0000, Rick Macklem wrote:
> Harry Schmalzbauer wrote:
> Bez??glich Mark Johnston's Nachricht vom 09.08.2016 08:02 (localtime):
> ???
> >>
> >> Just for anybody else needing unionfs:
> >> https://people.freebsd.org/~attilio/unionfs_missing_insmntque_lock.patch
> >>
> >> This patch still applies and I'm successfully using this (unmodified) up
> >> to FreeBSD-10.3 and never had any panic in all these years.
> >
> > Having spent some time looking at unionfs, I'm a bit skeptical that this
> > patch will address the panic you reported earlier, though I'd be
> > interested to know if it does.
> [stuff snipped for brevity]
> I took a look at this. (I know nothing about unionfs, but a little w.r.t. the VFS).
> I can confirm that this function (unionfs_nodeget()) is weird and appears to
> be broken to me.
> 
> The function calls insmntque() before it initializes the vnode, which seems
> racey, especially if it isn't LK_EXCLUSIVE locked.
> Also, line#s 278-281:
>     if (uppervp != NULLVP)
>          vp->v_vnlock = uppervp->v_vnlock;
>     else
>          vp->v_vnlock = lowervp->v_vnlock;
> so your patch isn't locking the vnode lock that it actually uses.
> I think the vp argument to insmntque() is required to be LK_EXCLUSIVE
> locked mostly so other threads won't fiddle with the vnode until this
> function is done with it, but I am not sure?
> 
> I think a more correct version of this (not saying it would be correct[????],
> would call insmntque() later in the function, after it has been initialized.
> (This means that the cleanup if it fails is more involved, but...)
Yes.

> 
> I've attached a patch (untested) that does this. Maybe you could try it?
> 
> rick
> ps: I've cc'd Kostik, in case he has some insight w.r.t. how this should be handled?
> 
insmnque() performs the cleanup on its own, and that default cleanup is
not suitable for the situation.  I think that insmntque1() would better
fit your requirements, your need to move the common code into a helper.
It seems that unionfs_ins_cached_vnode() cleanup could reuse it.