yes, that's what I was thinking when looking at it. just never got a
chance to test if it would fix it. I can try on tuesday :)
On Tue, 2005-10-11 at 22:53 -0400, Charles P. Wright wrote:
> It looks like we need to do a lock_super around those sections to
> prevent the race (the branchman functions already use it, but obviously
> it seems that revalidation and the putmap checking code need to as
> well).
>
> Charles
>
> On Mon, 2005-10-10 at 22:34 -0400, Shaya Potter wrote:
> > On Mon, 2005-10-10 at 17:44 -0400, Shaya Potter wrote:
> > > it seems that branch manipulation and unionfs_file_revalidate can race
> > >
> > > from unionfs_file_revalidate
> > > -----------
> > > if (!unionfs_d_revalidate(dentry, 0) && !d_deleted(dentry)) {
> > > err = -ESTALE;
> > > goto out;
> > > }
> > > fist_print_dentry("file revalidate in", dentry);
> > >
> > > sb = dentry->d_sb;
> > > PASSERT(sb);
> > > sbgen = atomic_read(&stopd(sb)->usi_generation);
> > > dgen = atomic_read(&dtopd(dentry)->udi_generation);
> > > fgen = atomic_read(&ftopd(file)->ufi_generation);
> > > if (sbgen > dgen) {
> > > FISTBUG("The dentry is not up to date!\n");
> > > }
> > > ------------
> > >
> > > if the branch structure would change somewhere between udi_generation
> > > being set and usi_generation being read, one would hit this FISTBUG
> > > (which I just did).
> >
> > another possible race resulting in oops? (this is my modified unionfs,
> > but I doubt my changes would have caused this, though its possible). It
> > seemed to occur right when a branching operation was happening.
> >
> > ASSERTION FAILED: putmap (null) at /root/unionfs-sparse/commonfops.c:41
> > (branchput_gen)
> > Unable to handle kernel NULL pointer dereference at virtual address
> > 00000000
> > printing eip:
> > f96c78ff
> > *pde = 00000000
> > Oops: 0002 [#1]
> > PREEMPT
> > Modules linked in: unionfs ocfs2 nfsd exportfs lockd sunrpc ocfs2_dlmfs
> > ocfs2_dlm ocfs2_nodemanager configfs sctp ipv6 af_packet i2c_piix4
> > i2c_core lock_dlm dlm cman gfs lock_harness dm_mod qla2300 qla2xxx
> > scsi_transport_fc sg sr_mod sd_mod scsi_mod ide_cd cdrom tg3 psmouse rtc
> > ext3 jbd mbcache ide_disk ide_generic serverworks piix ide_core unix
> > CPU: 0
> > EIP: 0060:[<f96c78ff>] Tainted: GF VLI
> > EFLAGS: 00010282 (2.6.11.12)
> > EIP is at unionfs_file_revalidate+0x13e7f/0x14cf0 [unionfs]
> > eax: 0000005b ebx: f96fbb20 ecx: 00000000 edx: 10000000
> > esi: 00000000 edi: de926e00 ebp: d09c7b7c esp: d7793ecc
> > ds: 007b es: 007b ss: 0068
> > Process as (pid: 5018, threadinfo=d7792000 task=d26a6020)
> > Stack: f96fbf00 f96f68c6 f96f66f2 f96fbb20 00000029 f96f3dbe f96f3d8c
> > f96fbb20
> > 000000ad d2953980 d0b3e348 00000000 00000000 ce11f300 ce3883e4
> > 00000000
> > 00000000 00000000 00000000 0000000f 00000011 de926e00 0000004c
> > 000005e8
> > Call Trace:
> > [<f956916d>] unionfs_read+0x6d/0x280 [unionfs]
> > [<c0151be5>] vfs_read+0xe5/0x160
> > [<c0151f01>] sys_read+0x51/0x80
> > [<c010272f>] syscall_call+0x7/0xb
> > Code: c6 68 6f f9 89 4c 24 04 b8 29 00 00 00 bb 20 bb 6f f9 89 44 24 10
> > b8 f2 66 6f f9 0f 45 d0 89 5c 24 0c 89 54 24 08 e8 01 c4 a4 c6 <c6> 05
> > 00 00 00 00 00 e9 42 2e ff ff c7 04 24 c0 bf 6f f9 b8 25
> >
> >
> > _______________________________________________
> > unionfs mailing list
> > [email protected]
> > http://www.fsl.cs.sunysb.edu/mailman/listinfo/unionfs
_______________________________________________
unionfs mailing list
[email protected]
http://www.fsl.cs.sunysb.edu/mailman/listinfo/unionfs
