From owner-freebsd-bugs Wed Sep 27 07:30:04 1995 Return-Path: owner-bugs Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id HAA02107 for bugs-outgoing; Wed, 27 Sep 1995 07:30:04 -0700 Received: (from gnats@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id HAA02100 ; Wed, 27 Sep 1995 07:30:02 -0700 Resent-Date: Wed, 27 Sep 1995 07:30:02 -0700 Resent-Message-Id: <199509271430.HAA02100@freefall.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, stark@UG.CS.SUNYSB.EDU Received: from bfs2.ug.cs.sunysb.edu (bfs2.ug.cs.sunysb.edu [129.49.15.4]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id HAA01815 for ; Wed, 27 Sep 1995 07:24:20 -0700 Received: from ws24.ug.cs.sunysb.edu (ws24.ug.cs.sunysb.edu [129.49.15.44]) by bfs2.ug.cs.sunysb.edu (8.6.11/8.6.9) with ESMTP id KAA00885 for ; Wed, 27 Sep 1995 10:24:18 -0400 Received: (from stark@localhost) by ws24.ug.cs.sunysb.edu (8.6.11/8.6.9) id KAA10038; Wed, 27 Sep 1995 10:24:17 -0400 Message-Id: <199509271424.KAA10038@ws24.ug.cs.sunysb.edu> Date: Wed, 27 Sep 1995 10:24:17 -0400 From: Eugene Stark Reply-To: stark@UG.CS.SUNYSB.EDU To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: kern/744: Page fault in fchmod() with Sep 20 -stable kernel Sender: owner-bugs@freebsd.org Precedence: bulk >Number: 744 >Category: kern >Synopsis: Page fault in fchmod() with Sep 20 -stable kernel >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Sep 27 07:30:01 PDT 1995 >Last-Modified: >Originator: Eugene Stark >Organization: SUNY at Stony Brook CS Dept. >Release: FreeBSD 2.1-STABLE supped on Sep 20, 1995 >Environment: 486DX4/100, 32MB RAM, IDE, BusLogic SCSI. FreeBSD 2.1-STABLE supped on Sep 20, 1995. >Description: System crashed due to attempt to follow NULL vp->v_mount pointer in fchmod() in kern/vfs_syscalls.c. There has been one revision to vnode code in -STABLE since that date, but I'm not sure if it is relevant to this problem. I'll retain this core dump for a little while, in case anybody wants more information. gdb -k kernel vmcore.7 GDB is free software and you are welcome to distribute copies of it under certain conditions; type "show copying" to see the conditions. There is absolutely no warranty for GDB; type "show warranty" for details. GDB 4.13 (i386-unknown-freebsd), Copyright 1994 Free Software Foundation, Inc... IdlePTD 1c3000 current pcb at 1b6140 panic: page fault #0 boot (howto=256) at ../../i386/i386/machdep.c:873 873 dumppcb.pcb_ptd = rcr3(); (kgdb) bt #0 boot (howto=256) at ../../i386/i386/machdep.c:873 #1 0xf010f893 in panic (fmt=0xf018c9fc "page fault") at ../../kern/subr_prf.c:124 #2 0xf018d4be in trap_fatal (frame=0xefbffe80) at ../../i386/i386/trap.c:718 #3 0xf018d030 in trap_pfault (frame=0xefbffe80, usermode=0) at ../../i386/i386/trap.c:640 #4 0xf018cce7 in trap (frame={tf_es = -266665968, tf_ds = -227672048, tf_edi = -255635968, tf_esi = 0, tf_ebp = -272629940, tf_isp = -267232531, tf_ebx = -257021696, tf_edx = -258090496, tf_ecx = 29, tf_eax = 0, tf_trapno = 12, tf_err = -257032192, tf_eip = -267232531, tf_cs = -267255800, tf_eflags = 66178, tf_esp = -272629868, tf_ss = -255635968}) at ../../i386/i386/trap.c:299 #5 0xf0185e7d in calltrap () #6 0xf0125aed in fchmod (p=0xf0c34e00, uap=0xefbfff94, retval=0xefbfff8c) at ../../kern/vfs_syscalls.c:1503 #7 0xf018d703 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 136768, tf_esi = 0, tf_ebp = -272640484, tf_isp = -272629788, tf_ebx = 147456, tf_edx = 147524, tf_ecx = 0, tf_eax = 124, tf_trapno = 514, tf_err = 514, tf_eip = 134525525, tf_cs = 31, tf_eflags = 514, tf_esp = -272640504, tf_ss = 39}) at ../../i386/i386/trap.c:853 #8 0xf0185ecb in Xsyscall () #9 0xde0a in ?? () #10 0xcf51 in ?? () #11 0x10d3 in ?? () (kgdb) frame 6 #6 0xf0125aed in fchmod (p=0xf0c34e00, uap=0xefbfff94, retval=0xefbfff8c) at ../../kern/vfs_syscalls.c:1503 1503 if (vp->v_mount->mnt_flag & MNT_RDONLY) (kgdb) print *vp $1 = {v_flag = 0, v_usecount = 1, v_writecount = 1, v_holdcnt = 0, v_lastr = 0, v_id = 2194101, v_mount = 0x0, v_op = 0xf09dda00, v_freelist = { tqe_next = 0x0, tqe_prev = 0xf0ae209c}, v_mntvnodes = { le_next = 0xf0b37a80, le_prev = 0xf0b1b424}, v_cleanblkhd = { lh_first = 0x0}, v_dirtyblkhd = {lh_first = 0x0}, v_numoutput = 0, v_type = VBAD, v_un = {vu_mountedhere = 0x0, vu_socket = 0x0, vu_specinfo = 0x0, vu_fifoinfo = 0x0}, v_lease = 0x0, v_lastw = 0, v_cstart = 0, v_lasta = 0, v_clen = 0, v_ralen = 0, v_maxra = 0, v_vmdata = 0x0, v_tag = VT_NON, v_data = 0x0} (kgdb) print *p $2 = {p_forw = 0xf0bf8200, p_back = 0x0, p_next = 0xf0c41a00, p_prev = 0xf0a4fd08, p_cred = 0xf0bd1f40, p_fd = 0xf0c63700, p_stats = 0xf4610288, p_limit = 0xf01bc74c, p_vmspace = 0xf0ad4000, p_sigacts = 0xf461015c, p_flag = 16390, p_stat = 2 '\002', p_pad1 = "\000\000", p_pid = 15224, p_hash = 0x0, p_pgrpnxt = 0x0, p_pptr = 0xf09e7e00, p_osptr = 0xf0a83300, p_ysptr = 0x0, p_cptr = 0x0, p_oppid = 0, p_dupfd = 0, p_estcpu = 71, p_cpticks = 70, p_pctcpu = 34, p_wchan = 0x0, p_wmesg = 0xf01112b4 "select", p_swtime = 660, p_slptime = 0, p_realtimer = {it_interval = {tv_sec = 0, tv_usec = 0}, it_value = { tv_sec = 0, tv_usec = 0}}, p_rtime = {tv_sec = 2, tv_usec = 682432}, p_uticks = 53, p_sticks = 376, p_iticks = 12, p_traceflag = 0, p_tracep = 0x0, p_siglist = 0, p_textvp = 0xf0af4300, p_lock = 0 '\000', p_pad2 = "\000\000", p_spare = {0, 0}, p_sigmask = 0, p_sigignore = 406884353, p_sigcatch = 548870, p_priority = 67 'C', p_usrpri = 67 'C', p_nice = 0 '\000', p_comm = "slirp\000d\000\000\000\000\000\000\000\000\000", p_pgrp = 0xf0bee600, p_sysent = 0xf01ac020, p_rtprio = {type = 1, prio = 0}, p_thread = 6, p_addr = 0xf4610000, p_md = {md_flags = 0, md_regs = 0xefbfffbc}, p_xstat = 0, p_acflag = 0, p_ru = 0x0} (kgdb) >How-To-Repeat: Unknown. >Fix: Unknown. >Audit-Trail: >Unformatted: