Subject: Re: NFSv3 bug
To: None <tech-kern@netbsd.org>
From: Christos Zoulas <christos@zoulas.com>
List: tech-kern
Date: 09/26/2002 13:02:14
In article <20020926132933.A14147@antioche.lip6.fr>,
Manuel Bouyer <bouyer@antioche.lip6.fr> wrote:
>-=-=-=-=-=-
>
>Hi,
>I've found a bug in our NFSv3 server code, triggered by linux clients.
>On occasions Linux will issue commit RPC with a 0 bytes len (mayotte is linux
>client, borneo NetBSD 1.6 server):
>13:05:14.665859 borneo.nfs > mayotte.2001150512: reply ok 160 write [|nfs]
>13:05:14.832899 mayotte.2957451824 > borneo.nfs: 1472 write fh
>0,12/1931 24064 bytes @ 720896 (frag 57996:1480@0+)
>13:05:14.832937 mayotte.2974229040 > borneo.nfs: 148 commit fh
>0,12/1931 720896 bytes @ 0 (DF)
>13:05:14.832951 borneo.nfs > mayotte.2957451824: reply ok 160 write [|nfs]
>13:05:14.834230 borneo.nfs > mayotte.2974229040: reply ok 152 commit [|nfs]
>13:05:15.331788 mayotte.2991006256 > borneo.nfs: 148 commit fh
>0,12/1931 0 bytes @ 741376 (DF)
>Here a DIAGNOSTIC kernel will panic with:
>panic: kernel diagnostic assertion "startoff < endoff || endoff == 0"
>failed: file
>"/home/NetBSD-1.6/src/sys/arch/i386/compile/GENERIC_DIAGNOSTIC/../../../../miscfs/genfs/genfs_vnops.c", line 1041
>
>This is because nfsrv_commit() will call VOP_FSYNC() with start == end, so
>we end up with startoff == endoff in genfs_vnops.c.
>
>I fixed it by not calling VOP_FSYNC() in nfsrv_commit() when cnt == 0.
>Is this the correct fix ?
Probably... Unless linux means to sync the whole file in that case.
christos