Commit Graph

230031 Commits

Author SHA1 Message Date
Andriy Gapon
113ce413ba MFV r329313: 8857 zio_remove_child() panic due to already destroyed parent zio
illumos/illumos-gate@d6e1c446d7
d6e1c446d7

https://www.illumos.org/issues/8857
  I had an OS panic on one of our servers:

  ffffff01809128c0 vpanic()
  ffffff01809128e0 mutex_panic+0x58(fffffffffb94c904, ffffff597dde7f80)
  ffffff0180912950 mutex_vector_enter+0x347(ffffff597dde7f80)
  ffffff01809129b0 zio_remove_child+0x50(ffffff597dde7c58, ffffff32bd901ac0,
  ffffff3373370908)
  ffffff0180912a40 zio_done+0x390(ffffff32bd901ac0)
  ffffff0180912a70 zio_execute+0x78(ffffff32bd901ac0)
  ffffff0180912b30 taskq_thread+0x2d0(ffffff33bae44140)
  ffffff0180912b40 thread_start+8()

  It panicked here:
  http://src.illumos.org/source/xref/illumos-gate/usr/src/uts/common/fs/zfs/
  zio.c#430

  pio->io_lock is DEAD, thus a panic. Further analysis shows the "pio"
  (parent zio of "cio") has already been destroyed.

Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Andriy Gapon <avg@FreeBSD.org>
Reviewed by: Youzhong Yang <youzhong@gmail.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Author: George Wilson <george.wilson@delphix.com>

PR:		223803
Tested by:	shiva.bhanujan@quorum.com
MFC after:	2 weeks
2018-02-15 14:46:29 +00:00
Andriy Gapon
6fd4145b31 8857 zio_remove_child() panic due to already destroyed parent zio
illumos/illumos-gate@d6e1c446d7
d6e1c446d7

https://www.illumos.org/issues/8857
  I had an OS panic on one of our servers:

  ffffff01809128c0 vpanic()
  ffffff01809128e0 mutex_panic+0x58(fffffffffb94c904, ffffff597dde7f80)
  ffffff0180912950 mutex_vector_enter+0x347(ffffff597dde7f80)
  ffffff01809129b0 zio_remove_child+0x50(ffffff597dde7c58, ffffff32bd901ac0,
  ffffff3373370908)
  ffffff0180912a40 zio_done+0x390(ffffff32bd901ac0)
  ffffff0180912a70 zio_execute+0x78(ffffff32bd901ac0)
  ffffff0180912b30 taskq_thread+0x2d0(ffffff33bae44140)
  ffffff0180912b40 thread_start+8()

  It panicked here:
  http://src.illumos.org/source/xref/illumos-gate/usr/src/uts/common/fs/zfs/
  zio.c#430

  pio->io_lock is DEAD, thus a panic. Further analysis shows the "pio"
  (parent zio of "cio") has already been destroyed.

Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Andriy Gapon <avg@FreeBSD.org>
Reviewed by: Youzhong Yang <youzhong@gmail.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Author: George Wilson <george.wilson@delphix.com>
2018-02-15 14:34:18 +00:00
Eitan Adler
bc43eb228d etc: clean up trailing whitespace in autofs
Obtained from:	DragonFlyBSD (48a93f514f93ff671b7b6c9bbed54d45b3f65180)
2018-02-15 11:41:38 +00:00
Eitan Adler
dc1a49a695 share: update pci_vendors to 2018.02.15
MFC After:	1 week
2018-02-15 11:13:21 +00:00
Mateusz Guzik
b345111b2b xen: fix smp boot after r328157
mce_stack was left unset leading to early crashes
2018-02-15 07:23:41 +00:00
Eitan Adler
dacbef689d devd: don't pass &fds in useless parameters to select(2)
select(2) should be declared as restrict. In addition the only fd in
the fdset is open O_RDONLY, and it's not a socket that can provide OOB
notifications,

Reviewed by:	ian, imp, vangyzen
2018-02-15 03:22:53 +00:00
Ravi Pokala
c756fb6ebb mxge(4) should pass unhandled ioctls to ether_ioctl()
Panasas discovered that ioctl(SIOCGLAGGPORT) returns ENOTTY for mxge(4) when
the NIC is not a member of a lagg. This came as a surprise, because the
SIOCGLAGGPORT handler in if_lagg.c only returns ENOENT (if run against the
laggX interface, rather than a physical port) or EINVAL (if run against a
non-member physical port). This behavior was not seen with other drivers,
such as bge(4), igb(4), and cxl(4). When I compared their respective ioctl
handlers, I found that they all called ether_ioctl() for the default (i.e.
unhandled) case; by contrast, mxge(4) only calls ether_ioctl() for two
specific cases, and returns ENOTTY for the default case.

Remove the two cases which explicitly call ether_ioctl(), and let the
default case call it instead. This matches what the vast majority of the NIC
drivers do.

Reviewed by:	kmacy
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D14381
2018-02-15 03:22:04 +00:00
Alan Somers
a07d59d1da zfsd: Allow zfsd to work on any type of GEOM provider
cddl/usr.sbin/zfsd/zfsd_event.cc
	Remove the check for da and ada devices.  This way zfsd can work on md,
	geli, glabel, gstripe, etc devices.  geli in particular is useful
	combined with ZFS.  gnop is also useful for simulating drive pulls in
	the ZFSD test suite.

	Also, eliminate the DevfsEvent class entirely.  Move its
	responsibilities into GeomEvent.  We can get everything we need to know
	just from listening to GEOM events.

lib/libdevdctl/event.cc
	Fix GeomEvent::DevName for CREATE events.  Oddly, the relevant field is
	named "cdev" for CREATE events but "devname" for disk events.

MFC after:	3 weeks
Relnotes:	Yes (probably worth mentioning the geli part)
Sponsored by:	Spectra Logic Corp
2018-02-14 23:52:39 +00:00
Conrad Meyer
27f6bdd04f pmap_qenter.9: Document API NX mapping
A follow-up to r329281.

Sponsored by:	Dell EMC Isilon
2018-02-14 23:47:04 +00:00
Conrad Meyer
5bd0149714 x86 pmap: Make memory mapped via pmap_qenter() non-executable
The idea is, the pmap_qenter() API is now defined to not produce executable
mappings.  If you need executable mappings, use another API.

Add pg_nx flag in pmap_qenter on x86 to make kernel pages non-executable.

Other architectures that support execute-specific permissons on page table
entries should subsequently be updated to match.

Submitted by:	Darrick Lew <darrick.freebsd AT gmail.com>
Reviewed by:	markj
Discussed with:	alc, jhb, kib
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14062
2018-02-14 23:35:47 +00:00
Eugene Grosbein
8be8c75688 ng_pppoe(8): add support for user-supplied Host-Uniq tag.
A few ISP filter PADI requests based on such tag,
to force the use of their own routers.
The custom Host-Uniq tag is passed in the NGM_PPPOE_CONNECT
control message, so it can be used with FreeBSD ppp(8)
and mpd without any other change.

Add support to send and receive PADM messages,
HURL and MOTM, often used by service providers to provide
ACS information and other configuration settings
to the user CPE.

Submitted by:	ale
Approved by:	mav (mentor)
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D9270
2018-02-14 21:17:44 +00:00
Alan Somers
ea9c2614cf Add mtree entry for 329275
MFC after:	3 weeks
X-MFC-With:	329275
Sponsored by:	Spectra Logic Corp
2018-02-14 21:02:38 +00:00
Mateusz Guzik
f795032b47 rwlock: diff-reduction of runlock compared to sx sunlock 2018-02-14 20:37:33 +00:00
Alan Somers
834063202a gpart: append partition name to the underlying provider's physical path
If the underlying provider's physical path is null, then the gpart device's
physical path will be, too. Otherwise, it will append the partition name,
such as "/p1" or "/s1/a". This will make gpart work better with zfsd(8).

PR:		224965
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D14010
2018-02-14 20:26:09 +00:00
Kyle Evans
abc4f7e735 stand/lua: Exit sub-menus on backspace 2018-02-14 20:18:23 +00:00
Alan Somers
0bab7fa8a7 geli: append "/eli" to the underlying provider's physical path
If the underlying provider's physical path is null, then the geli device's
physical path will be, too. Otherwise, it will append "/eli".  This will make
geli work better with zfsd(8).

PR:		224962
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D13979
2018-02-14 20:15:32 +00:00
Bryan Drewery
70c144dc78 nanosleep(2): Fix bogus incrementing of rmtp by tc_tick_sbt on [EINTR].
sbt is the time in the future that the tsleep_sbt() is expected to be completed
at.  sbtt is the current time.  Depending on the precision with sysctl
kern.timecounter.alloweddeviation the start time may be incremented by
tc_tick_sbt.  The same increment is needed for the current time of sbtt before
calculating the difference.  The impact of missing this increment is that rmtp
may increase by one tc_tick_sbt on every early [EINTR] return.  If the same
struct is passed in for rqtp as rmtp this can result in rqtp effectively
incrementing by tc_tick_sbt and sleeping longer than originally intended.

This problem was introduced in r247797.

Reviewed by:	kib, markj, vangyzen (all on an older version of the test)
MFC after:	2 weeks
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D14362
2018-02-14 18:43:50 +00:00
Warner Losh
f52add1296 Simple script to image a small test area from a built tree. Build with
'cd stand; make MK_FORTH=no MK_LOADER_LUA=yes' then run this script.
You can then test with lua-test.sh with the same parameter.
2018-02-14 18:21:54 +00:00
Benno Rice
3283c08f3e Reformat to come significantly closer to style(9).
Reviewed by:		imp, jhibbits
Differential Revision:	https://reviews.freebsd.org/D14366
2018-02-14 18:07:27 +00:00
Emmanuel Vadot
8b75269237 efi: Only scan the BLKIO MEDIA once
Scan only the BLOCK IO MEDIA once instead of each time for each type of
device (fd, cd and hdd).
Leave the mechanism to free and reprobe all devices if one day we want
to implement a "dev rescan" thing.

Reviewed by:	imp, tsoome
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D14334
2018-02-14 18:05:37 +00:00
Warner Losh
ca72e2e288 A quick test script that we can run to use userboot's test mode to
excersize the load loader. Assumes that we already have a suitable
root area that you pass in with the first arg.
2018-02-14 17:51:51 +00:00
Alan Somers
d64bae1f1a Implement .vop_pathconf and .vop_getacl for the .zfs ctldir
zfsctl_common_pathconf will report all the same variables that regular ZFS
volumes report. zfsctl_common_getacl will report an ACL equivalent to 555,
except that you can't read xattrs or edit attributes.

Fixes a bug where "ls .zfs" will occasionally print something like:
ls: .zfs/.: Operation not supported

PR:		225793
Reviewed by:	avg
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D14365
2018-02-14 15:49:31 +00:00
Kyle Evans
502b7cf99b libsa: Fix IP recv timeout
readip() doesn't, at the moment, properly indicate to callers that it has
timed out. One can tell that it's timed out if errno == EAGAIN when it
returns, but this is not ideal. Restructure it a little bit to explicitly
set errno to ETIMEDOUT if we've exhausted tleft.

I found two places that care about where it timed out or not: sendrecv in
net.c and sendrecv_tftp. Both are structured to pass smaller timeout values
to readip while tracking a larger timeout. Neither of them were able to do
this properly with readip not indicating ETIMEDOUT, so fix it.

While here, straighten out the time (t/t1) usage in sendrecv_tftp.

This would have manifested itself in periodic failures to NFS/TFTP boot for
no apparent reason because MINTMO/MAXTMO were not actually being respected
properly. Problems were not reported with NFS, only TFTP.

Reported by:	sbruno
Reviewed by:	sbruno, tsoome
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D14350
2018-02-14 15:40:13 +00:00
Justin Hibbits
d793587fe2 Fix a panic introduced in r329225
Some GEOM partition tables may be destroyed with incomplete partition
entries.  Guard against this with NULL checks.

Reported by:	pholm,others
Reviewed by:	markj
Tested by:	pholm
2018-02-14 15:12:09 +00:00
Eitan Adler
f5ce166436 msun: signed overflow in atan2
As a component of atan2(y, x), the case of x == 1.0 is farmed out to
atan(y). The current implementation of this comparison is vulnerable
to signed integer underflow (that is, undefined behavior), and it's
performed in a somewhat more complicated way than it need be. Change
it to not be quite so cute, rather directly comparing the high/low
bits of x to the specific IEEE-754 bit pattern that encodes 1.0.

Note that while there are three different e_atan* files in the
relevant directory, only this one needs fixing. e_atan2f.c already
compares against the full bit pattern encoding 1.0f, while
e_atan2l.cuses bitwise-ands/ors/nots and so doesn't require a change.

Closes #130

Submitted by:	Jeff Walden (@jswalden github PR #130)
Reviewed by:	bde
MFC After:	1 month
2018-02-14 07:59:30 +00:00
Justin Hibbits
a00ce4e854 PPC64: Get the timestap from the proper OF field
Summary:
After revision rS328534('PPC64: use hwref instead of cpuid'), FreeBSD on
powerpc64 virtual machine panics since it is unable to read the
timebase, showing the following error:

     get-property for timebase-frequency on zero phandle

     panic: Unable to determine timebase frequency!

With the change above,  cpuref->cr_hwref does not contain the phandle
anymore, thus, it never reads the proper CPU entry in OF.

Submitted by:	Breno Leitao
Differential Revision:	https://reviews.freebsd.org/D14204
2018-02-14 02:51:28 +00:00
Justin Hibbits
26e251b55c powerpc64/pseries: Define new hcalls
Summary:
Define new hcalls as in 'Linux on Power Architecture Platform Reference'
version 1.1 (24 March 2016) downloaded from:

        https://members.openpowerfoundation.org/document/dl/469

Submitted by:	Breno Leitao
Differential Revision:	https://reviews.freebsd.org/D14281
2018-02-14 02:48:27 +00:00
Konstantin Belousov
ada27a3bb8 Cleanup unused page argument for vm_reserv_break().
Reviewed by:	markj
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D14364
2018-02-14 00:34:02 +00:00
Konstantin Belousov
d929ad7f91 Ensure memory consistency on COW.
From the submitter description:
The process is forked transitioning a map entry to COW
Thread A writes to a page on the map entry, faults, updates the pmap to
  writable at a new phys addr, and starts TLB invalidations...
Thread B acquires a lock, writes to a location on the new phys addr, and
  releases the lock
Thread C acquires the lock, reads from the location on the old phys addr...
Thread A ...continues the TLB invalidations which are completed
Thread C ...reads from the location on the new phys addr, and releases
  the lock

In this example Thread B and C [lock, use and unlock] properly and
neither own the lock at the same time.  Thread A was writing somewhere
else on the page and so never had/needed the lock. Thread C sees a
location that is only ever read|modified under a lock change beneath
it while it is the lock owner.

To fix this, perform the two-stage update of the copied PTE.  First,
the PTE is updated with the address of the new physical page with
copied content, but in read-only mode.  The pmap locking and the page
busy state during PTE update and TLB invalidation IPIs ensure that any
writer to the page cannot upgrade the PTE to the writable state until
all CPUs updated their TLB to not cache old mapping.  Then, after the
busy state of the page is lifted, the faults for write can proceed and
do not violate the consistency of the reads.

The change is done in vm_fault because most architectures do need IPIs
to invalidate remote TLBs.  More, I think that hardware guarantees of
atomicity of the remote TLB invalidation are not enough to prevent the
inconsistent reads of non-atomic reads, like multi-word accesses
protected by a lock.  So instead of modifying each pmap invalidation
code, I did it there.

Discovered and analyzed by: Elliott.Rabe@dell.com
Reviewed by:	markj
PR:	225584 (appeared to have the same cause)
Tested by:	Elliott.Rabe@dell.com, emaste, Mike Tancsa <mike@sentex.net>, truckman
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D14347
2018-02-14 00:31:45 +00:00
Konstantin Belousov
607970bc8e Do not call pmap_enter() with invalid protection mode.
If the map entry elookup was performed due to the mapping changes, we
need to ensure that there is still some access permission bit
requested which is compatible with the current vm_map_entry mode.  If
not, restart the handler from scratch instead of trying to save the
current progress.

Also adjust fault_type to not include cleared permission bits.

Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D14347
2018-02-14 00:25:18 +00:00
Conrad Meyer
a4f2dfa6fa kgssapi: Remove trivial deadcode
CID:		1385956
Reported by:	Coverity
Sponsored by:	Dell EMC Isilon
2018-02-14 00:12:03 +00:00
Ed Maste
341458a0b6 Add DECLARE_MODULE_TIED mlink missed in r329244
Reported by:	imp
2018-02-13 21:33:40 +00:00
Ed Maste
920bdda857 Document DECLARE_MODULE_TIED
It was introduced in r213716.

Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
2018-02-13 21:22:09 +00:00
Landon J. Fuller
0f18e6f6d6 bwn(4): Conditionalize "RX decryption attempted" message on a new
BWN_DEBUG_HWCRYPTO debug flag.

The MAC will attempt decryption (and set BWN_RX_MAC_DEC) even if a key has
not been supplied to the hardware; this is expected behavior, and there's
no need to spam users' console with this debugging printf.
2018-02-13 20:07:40 +00:00
Mark Johnston
6026dcd7ca Add support for zstd-compressed user and kernel core dumps.
This works similarly to the existing gzip compression support, but
zstd is typically faster and gives better compression ratios.

Support for this functionality must be configured by adding ZSTDIO to
one's kernel configuration file. dumpon(8)'s new -Z option is used to
configure zstd compression for kernel dumps. savecore(8) now recognizes
and saves zstd-compressed kernel dumps with a .zst extension.

Submitted by:	cem (original version)
Relnotes:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D13101,
			https://reviews.freebsd.org/D13633
2018-02-13 19:28:02 +00:00
Ed Maste
83ab0f9f33 amd64/pmap: Move Foundation copyright to the 2-clause section
Sponsored by:	The FreeBSD Foundation
2018-02-13 19:19:26 +00:00
Mark Johnston
b9625b0d3b Move zstd malloc()/free()/calloc() macros to stdlib.h.
The definitions otherwise leak into anything that includes zstd.h,
which is not desirable for native FreeBSD code.

Reviewed by:	allanjude, cem, imp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D14352
2018-02-13 19:18:00 +00:00
Ed Maste
85b648927a libkern: use nul for terminating char rather than 0
Akin to the change made in r188080 for lib/libc/string/.

Reported by:	bde
Sponsored by:	The FreeBSD Foundation
2018-02-13 19:17:48 +00:00
Alan Somers
fa82818f1d Fix Coverity CIDs in the sys/kern/sysv_test tests
CID 979810: strcpy => strlcpy
CID 1193367: don't leak a file descriptor
CID 1299856: Check the return value of read(2)

Reported by:	Coverity
Coverity CID:	978910 1193367 1299856
MFC after:	3 weeks
X-MFC-With:	328896
Sponsored by:	Spectra Logic Corp
2018-02-13 19:17:33 +00:00
Bryan Drewery
501608626d ports modules: Don't leak AUTO_OBJ changes into the port builds.
This came about when r328489 made ports modules builds no longer use the
in-tree share/mk files, but didn't cleanup MAKEOBJDIR from the
environment.

This fixes "Variable OBJTOP is recursive".

Sponsored by:	Dell EMC
2018-02-13 17:51:16 +00:00
Landon J. Fuller
ded5af888d bwn(4): txpid2g/txpid5g[lh] are not defined after sromrev 7; the default
indices into the TX power gain table should be used instead.

This enables use of bwn(4) with later BCM4321 revisions.

Reported by:	Trev Roydhouse
2018-02-13 17:43:54 +00:00
Warner Losh
b11df8a4a3 Add /boot/lua. 2018-02-13 17:42:10 +00:00
Justin Hibbits
08a3b42fdb Narrow a race, and fix a leak, in g_part_wither
A race in g_part_wither() can lead to I/O being performed with a freed GEOM
when the device disappears.  Close the race as best as we can for now,
following the code patterns from g_part_ctl_destroy() and g_part_ctl_undo().
This also fixes a leak, as g_wither_geom() does not wither providers, it
only orphans them, so the partition entries would never get destroyed in
g_wither_washer().

Note, this is not a complete fix, it can still race with g_part_start(), the
race has merely been narrowed.

Reviewed by:	markj
Sponsored by:	Dell EMC Isilon
2018-02-13 17:40:09 +00:00
Ian Lepore
157f3d7649 Fix bad indentation. Whitespace only, no functional changes.
Reported by:	bde@
2018-02-13 17:38:08 +00:00
Dimitry Andric
fc9687ba64 Pull in r323998 from upstream clang trunk (by Richard Smith):
PR36157: When injecting an implicit function declaration in C89, find
  the right DeclContext rather than injecting it wherever we happen to
  be.

  This avoids creating functions whose DeclContext is a struct or
  similar.

This fixes assertion failures when parsing certain not-completely-valid
struct declarations.

Reported by:	ae
PR:		225862
MFC after:	3 months
X-MFC-With:	r327952
2018-02-13 17:05:50 +00:00
Hans Petter Selasky
33ec1ccbae Import the mthca kernel side infiniband driver from Linux 4.9 and fix
compilation under FreeBSD. The mthca driver was temporarily removed as
part of the Linux 4.9 RoCE/infinband upgrade.

Top commit in Linux source tree:
69973b830859bc6529a7a0468ba0d80ee5117826

Sponsored by:	Mellanox Technologies
2018-02-13 17:04:34 +00:00
Bryan Drewery
3cdd74bb3c Allow overriding VTABSIZE at compile-time.
Reviewed by:	jilles
Differential Revision:	https://reviews.freebsd.org/D14339
2018-02-13 16:48:57 +00:00
Li-Wen Hsu
92ddc7b86d Fix non-64-bit platform build by printing bus_addr_t values using %#jx
Reviewed by:	slm
Differential Revision:	https://reviews.freebsd.org/D14344
2018-02-13 16:26:06 +00:00
Roger Pau Monné
96ec8b8f35 list myself in the MAINTAINERS file for Xen bits 2018-02-13 16:25:43 +00:00
Brad Davis
4126c2e199 Fix resolv to run when it should and not when it should not..
Approved by:	manu
Reported by:	manu
Pointy hat to:	brd
2018-02-13 16:07:39 +00:00