NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kern/41006: lock error with mknod(2) & S_IFMT on tmpfs

>Number:         41006
>Category:       kern
>Synopsis:       lock error with mknod(2) & S_IFMT on tmpfs
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Mar 13 16:25:00 +0000 2009
>Originator:     Nicolas Joly
>Release:        NetBSD 5.99.8
Institut Pasteur
System: NetBSD 5.99.8 NetBSD 5.99.8 (LANFEUST) #5: Fri 
Mar 13 14:30:02 CET 2009
Architecture: x86_64
Machine: amd64
When running twice a mknod(2) & S_IFMT call on a tmpfs filesystem, the kernel
panics with `lock error'.

root@lanfeust [/tmp]# df -h .
Filesystem        Size       Used      Avail %Cap Mounted on
tmpfs              12G        40K        12G   0% /tmp
root@lanfeust [/tmp]# cat mknod.c
#include <sys/stat.h>
#include <sys/types.h>
#include <err.h>

#define TEST_FILE "mknod.test"

int main() {
  int res;
  dev_t nul;

  nul = makedev(2, 2);

  res = mknod(TEST_FILE, S_IFMT|0666, nul);
  if (res == -1)
    err(1, "mknod failed");

  return 0; }
root@lanfeust [/tmp]# make mknod
cc -O2   -o mknod mknod.c
root@lanfeust [/tmp]# ./mknod
mknod: mknod failed: Invalid argument
root@lanfeust [/tmp]# ./mknod

panic: lock error
fatal breakpoint trap in supervisor mode
trap type 1 code 0 rip ffffffff80238775 cs 8 rflags 246 cr2  7f7ffce00440 cpl 0
rsp ffff800049b434a0
Stopped in pid 526.1 (zsh) at   netbsd:breakpoint+0x5:  leave
db{1}> mach cpu 0
using CPU 0
db{1}> bt
x86_stihlt() at netbsd:x86_stihlt+0x6
idle_loop() at netbsd:idle_loop+0x18e
db{1}> mach cpu 1
using CPU 1
db{1}> bt
breakpoint() at netbsd:breakpoint+0x5
panic() at netbsd:panic+0x289
lockdebug_abort() at netbsd:lockdebug_abort+0x42
rw_vector_enter() at netbsd:rw_vector_enter+0x2ea
vlockmgr() at netbsd:vlockmgr+0xf6
VOP_LOCK() at netbsd:VOP_LOCK+0x64
vn_lock() at netbsd:vn_lock+0xd9
namei() at netbsd:namei+0x174
check_exec() at netbsd:check_exec+0x40
execve1() at netbsd:execve1+0x2e5
syscall() at netbsd:syscall+0xb6

A quick look into this, show that S_IFMT is not supported on tmpfs, and thus
returning EINVAL. But it seems that the parent vnode remains locked in this
case ...
Compile and run the provided testcase twice on a tmpfs filesystem with
appropriate privileges.

Home | Main Index | Thread Index | Old Index