Project

General

Profile

Actions
Copy link

Bug #4584

closed

assertion failed: hostp->nh_refs == 0, file: ../../common/klm/nlm_impl.c, line: 1135

Added by Marcel Telka over 9 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Marcel Telka
Category:
nfs - NFS server and client
Start date:
2014-02-07
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:

Description

> ::status
debugging crash dump vmcore.1 (64-bit) from alm
operating system: 5.11 NexentaOS_4:0df3e01f4e (i86pc)
image uuid: ded946ea-304f-e04e-a260-a6f796e39a4c
panic message: assertion failed: hostp->nh_refs == 0, file: ../../common/klm/nlm_impl.c, line: 1135
dump content: kernel pages and pages from PID -1
> ::stack
vpanic()
0xfffffffffbe0c088()
nlm_host_dtor+0x2f(ffffff998e780e80, 0)
kmem_cache_free_debug+0x214(ffffff23a7465888, ffffff998e780e80, fffffffff84266a9)
kmem_cache_free+0x153(ffffff23a7465888, ffffff998e780e80)
nlm_host_destroy+0xe9(ffffff998e780e80)
nlm_host_findcreate+0x10f(ffffff232fa1aa00, ffffffaae3e92d98, ffffff23a79908e0, ffffff8cd10686e8)
nlm_do_lock+0xcf(ffffff00f5e64ae0, ffffff00f5e64a70, ffffff00f5e64c80, 0, fffffffff842f090, fffffffff842eff0)
nlm4_lock_msg_4_svc+0x53(ffffff00f5e64ae0, ffffff00f5e64b40, ffffff00f5e64c80)
nlm_dispatch+0xe6(ffffff00f5e64c80, ffffff8cd10686c0, fffffffff8431d38)
nlm_prog_4+0x3b(ffffff00f5e64c80, ffffff8cd10686c0)
svc_getreq+0x230(ffffff8cd10686c0, ffffff2329f97ee0)
svc_run+0x180(ffffff232e96a550)
svc_do_run+0x8e(2)
nfssys+0xf1(e, fecf0fbc)
_sys_sysenter_post_swapgs+0x237()
>

The problem is in nlm_host_findcreate() function. In a case the new nlm_host is needed, it is created (allocated) using nlm_host_create() here:

1643    newhost = nlm_host_create(name, netid, &knc, addr);
1644    newhost->nh_sysid = nlm_sysid_alloc();
1645    if (newhost->nh_sysid == LM_NOSYSID)
1646        goto out;

In the nlm_host_create(), the nh_refs reference counter is set to 1 (to note this thread is using the newly allocated nlm_host).

Later, in the nlm_host_findcreate(), it might be decided that this newly allocated nlm_host is not needed, so it is destroyed (at line 1673):

1648    mutex_enter(&g->lock);
1649    host = nlm_host_find_locked(g, netid, addr, &where);
1650    if (host == NULL) {
1651        host = newhost;
1652        newhost = NULL;

...

1667    }
1668
1669    mutex_exit(&g->lock);
1670
1671out:
1672    if (newhost != NULL)
1673        nlm_host_destroy(newhost);

But nh_refs is left to 1. (Un)fortunately, in the debug build, the nlm_host destructor is making sure the nh_refs is really zero (as it usually should be when nlm_host is destroyed via all other code flows):

1131static void
1132nlm_host_dtor(void *datap, void *cdrarg)
1133{
1134    struct nlm_host *hostp = (struct nlm_host *)datap;
1135    ASSERT(hostp->nh_refs == 0);
1136}
Actions
Copy link
 #1

Updated by Marcel Telka over 9 years ago

  • Status changed from In Progress to Pending RTI
Actions
Copy link
 #2

Updated by Robert Mustacchi over 9 years ago

  • Status changed from Pending RTI to Resolved
  • % Done changed from 0 to 100
  • Tags deleted (needs-triage)
Actions
Copy link
 #3

Updated by Electric Monk over 9 years ago

git commit 6ab697caaefb599dda8c2839feec7322d7cf45bb

Author: Marcel Telka <marcel.telka@nexenta.com>

4584 assertion failed: hostp->nh_refs == 0, file: ../../common/klm/nlm_impl.c, line: 1135
Reviewed by: Alek Pinchuk <alek.pinchuk@nexenta.com>
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Gary Mills <gary_mills@fastmail.fm>
Approved by: Robert Mustacchi <rm@joyent.com>

Actions
Copy link

Also available in: Atom PDF