On Tue May 25 2010 at 15:55:35 +0200, Alan Barrett wrote: > On Tue, 25 May 2010, Antti Kantee wrote: > > Modified Files: > > src/sys/ufs/ufs: ufs_wapbl.c > > > > Log Message: > > Add a comment describing an observed boom-crash-burn problem in > > the code. Fixing it will require a full tank of gas, half a pack > > of cigarettes, sunglasses, darkness, and most importantly: > > someone else. > > What would I have to do from userland to tickle this bug?
You need to unlink and create a file after the first namei in sys_rename but before VOP_RENAME runs, i.e. trigger a race condition. Running tests/fs/ffs/t_renamerace a few times should suffice. It uses rump, so your host is safe. If you have a uniprocessor host, set RUMP_NCPU to 2 to have both threads run in the rump kernel in parallel (well, they run "virtually parallel" on a uniprocessor system, but YKWIM). This makes the race more likely to trigger.