kern/41006: lock error with mknod(2) & S_IFMT on tmpfs

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/41006: lock error with mknod(2) & S_IFMT on tmpfs
From: njoly%pasteur.fr@localhost
Date: Fri, 13 Mar 2009 16:25:00 +0000 (UTC)

>Number:         41006
>Category:       kern
>Synopsis:       lock error with mknod(2) & S_IFMT on tmpfs
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Mar 13 16:25:00 +0000 2009
>Originator:     Nicolas Joly
>Release:        NetBSD 5.99.8
>Organization:
Institut Pasteur
>Environment:
System: NetBSD lanfeust.sis.pasteur.fr 5.99.8 NetBSD 5.99.8 (LANFEUST) #5: Fri 
Mar 13 14:30:02 CET 2009 
njoly%lanfeust.sis.pasteur.fr@localhost:/local/src/NetBSD/obj.amd64/sys/arch/amd64/compile/LANFEUST
 amd64
Architecture: x86_64
Machine: amd64
>Description:
When running twice a mknod(2) & S_IFMT call on a tmpfs filesystem, the kernel
panics with `lock error'.

root@lanfeust [/tmp]# df -h .
Filesystem        Size       Used      Avail %Cap Mounted on
tmpfs              12G        40K        12G   0% /tmp
root@lanfeust [/tmp]# cat mknod.c
#include <sys/stat.h>
#include <sys/types.h>
#include <err.h>

#define TEST_FILE "mknod.test"

int main() {
  int res;
  dev_t nul;

  nul = makedev(2, 2);

  res = mknod(TEST_FILE, S_IFMT|0666, nul);
  if (res == -1)
    err(1, "mknod failed");

  return 0; }
root@lanfeust [/tmp]# make mknod
cc -O2   -o mknod mknod.c
root@lanfeust [/tmp]# ./mknod
mknod: mknod failed: Invalid argument
root@lanfeust [/tmp]# ./mknod
[...PANIC...]

panic: lock error
fatal breakpoint trap in supervisor mode
trap type 1 code 0 rip ffffffff80238775 cs 8 rflags 246 cr2  7f7ffce00440 cpl 0
rsp ffff800049b434a0
Stopped in pid 526.1 (zsh) at   netbsd:breakpoint+0x5:  leave
db{1}> mach cpu 0
using CPU 0
db{1}> bt
x86_stihlt() at netbsd:x86_stihlt+0x6
idle_loop() at netbsd:idle_loop+0x18e
db{1}> mach cpu 1
using CPU 1
db{1}> bt
breakpoint() at netbsd:breakpoint+0x5
panic() at netbsd:panic+0x289
lockdebug_abort() at netbsd:lockdebug_abort+0x42
rw_vector_enter() at netbsd:rw_vector_enter+0x2ea
vlockmgr() at netbsd:vlockmgr+0xf6
VOP_LOCK() at netbsd:VOP_LOCK+0x64
vn_lock() at netbsd:vn_lock+0xd9
namei() at netbsd:namei+0x174
check_exec() at netbsd:check_exec+0x40
execve1() at netbsd:execve1+0x2e5
syscall() at netbsd:syscall+0xb6

A quick look into this, show that S_IFMT is not supported on tmpfs, and thus
returning EINVAL. But it seems that the parent vnode remains locked in this
case ...
>How-To-Repeat:
Compile and run the provided testcase twice on a tmpfs filesystem with
appropriate privileges.
>Fix:
n/a

Prev by Date: kern/41005: kernel failed to select correct outgoing address for Multicast packets
Next by Date: re: port-sparc/40629: kernel panic under high network load using pf (and ipv6)
Previous by Thread: kern/41005: kernel failed to select correct outgoing address for Multicast packets
Next by Thread: kern/41008: possible simple mistake of field check in video(9)
Indexes:

Home | Main Index | Thread Index | Old Index