Re: 6.1/amd64 NFS/UFS-related panic

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Thu, Dec 15, 2016 at 11:04:19AM +0100, Edgar Fuß wrote:
> On a 6.1_STABLE/amd NFS server, we got the following panic during some atypic
> NFS requests:
> 
> uvm_fault(0xfffffe8419c47d58, 0x0, 1) -> e
> fatal page fault in supervisor mode
> trap type 6 code 0 rip ffffffff804226c1 cs 8 rflags 10246 cr2 c8 cpl rsp ffffe811da3e660
> kernel: page fault trap, code=0
> Stopped in pid 408.4 (nfsd) at netbsd:ufs_fhtovp+0x2e: cmpw $0,c8(%rdx)
> 
> ufs_fhtovp() at netbsd:ufs_fhtovp+0x2e
> ffs_fhtovp() at netbsd:ffs_fhtovp+0x55
> VFS-FHTOVP() at netbsd:VFS_FHTOVP+0x1c
> nfsrv_fhtovp() at netbsd:nfsrv_fhtovp+0x9a
> nfsrv_write() at netbsd:nfsrv_write+0x502
> nfssvc_nfsd() at netbsd:nfssvc_nfsd+0x1d7
> sys_nfssvc() at netbsd:sys_nfssvc+0x22c
> syscall() at netbsd:syscall+0xc4

This is usually because of a race in the vnode cache, causing
ufs_fhtovp to get a clean vnode.

I'm running with the attached patch for years, without apparent problems,
but I'm not conviced it's the right way to fix this (and I didn't find
why VFS_VGET would return a clean vnode here, which is the real issue).

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

Index: ufs/ufs_vfsops.c
===================================================================
RCS file: /cvsroot/src/sys/ufs/ufs/ufs_vfsops.c,v
retrieving revision 1.50
diff -u -r1.50 ufs_vfsops.c
--- ufs/ufs_vfsops.c	1 Feb 2012 05:34:43 -0000	1.50
+++ ufs/ufs_vfsops.c	15 Dec 2016 21:56:32 -0000
@@ -223,7 +223,7 @@
 		return (error);
 	}
 	ip = VTOI(nvp);
-	if (ip->i_mode == 0 || ip->i_gen != ufhp->ufid_gen) {
+	if (ip == NULL || ip->i_mode == 0 || ip->i_gen != ufhp->ufid_gen) {
 		vput(nvp);
 		*vpp = NULLVP;
 		return (ESTALE);