Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Oct 1998 15:22:59 -0500 (EST)
From:      Andrew Gallatin <gallatin@cs.duke.edu>
To:        freebsd-current@FreeBSD.ORG
Subject:   panic mounting MFS filesystems
Message-ID:  <13876.55104.517860.916965@grasshopper.cs.duke.edu>
next in thread | raw e-mail | index | archive | help 

I just started seeing the following panic when mounting MFS
filesystems:

#0  boot (howto=256) at ../../kern/kern_shutdown.c:268
../../kern/kern_shutdown.c:268: No such file or directory.
(kgdb) bt
#0  boot (howto=256) at ../../kern/kern_shutdown.c:268
#1  0xf0129d16 in db_fncall (dummy1=-153441480, dummy2=0, dummy3=-265935856, 
    dummy4=0xf6daaaf4 "\n") at ../../ddb/db_command.c:531
#2  0xf0129b41 in db_command (last_cmdp=0xf0238d50, cmd_table=0xf0238bb0, 
    aux_cmd_tablep=0xf0260fd0) at ../../ddb/db_command.c:332
#3  0xf0129c06 in db_command_loop () at ../../ddb/db_command.c:454
#4  0xf012bf67 in db_trap (type=12, code=0) at ../../ddb/db_trap.c:71
#5  0xf01e6945 in kdb_trap (type=12, code=0, regs=0xf6daac34)
    at ../../i386/i386/db_interface.c:157
#6  0xf01f01ef in trap_fatal (frame=0xf6daac34) at ../../i386/i386/trap.c:874
#7  0xf01efee0 in trap_pfault (frame=0xf6daac34, usermode=0)
    at ../../i386/i386/trap.c:772
#8  0xf01efb33 in trap (frame={tf_es = -153485296, tf_ds = -266993648, 
      tf_edi = -256442880, tf_esi = -153403552, tf_ebp = -153441036, 
      tf_isp = -153441188, tf_ebx = 0, tf_edx = 255, tf_ecx = 32, tf_eax = 0, 
      tf_trapno = 12, tf_err = 2, tf_eip = -266961014, tf_cs = 8, 
      tf_eflags = 66199, tf_esp = -266070304, tf_ss = -256399296})
    at ../../i386/i386/trap.c:396
#9  0xf0167f8a in vfs_object_create (vp=0xf6db3f60, p=0xf6d28940, 
    cred=0xf0b5c200, waslocked=0) at ../../kern/vfs_subr.c:2535
#10 0xf01cc973 in ffs_mountfs (devvp=0xf6db3f60, mp=0xf0b6fe00, p=0xf6d28940, 
    malloctype=0xf02416e0) at ../../ufs/ffs/ffs_vfsops.c:619
#11 0xf01cf187 in mfs_mount (mp=0xf0b6fe00, path=0xefbfddd0 "/tmp", 
    data=0xefbfd688 "", ndp=0xf6daaeb8, p=0xf6d28940)
    at ../../ufs/mfs/mfs_vfsops.c:342
#12 0xf016883a in mount (p=0xf6d28940, uap=0xf6daaf94)
    at ../../kern/vfs_syscalls.c:285
#13 0xf01f0473 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 8192, 
      tf_esi = 134647648, tf_ebp = -272638808, tf_isp = -153440284, 
      tf_ebx = 0, tf_edx = -272638744, tf_ecx = 0, tf_eax = 21, 
      tf_trapno = 12, tf_err = 2, tf_eip = 134539072, tf_cs = 31, 
      tf_eflags = 598, tf_esp = -272640436, tf_ss = 39})
    at ../../i386/i386/trap.c:1031
#14 0xf01e729c in Xint0x80_syscall ()
#15 0x80480c9 in ?? ()


Line 312 of mfs_vfsops.c,v 1.51 is assigning a major number of 255 to the mfs 
devvp.  This vp is then falling through the cracks in the check around
line 2553 of vfs_subr.c,v 1.169 because nblkdev == 128.
vnode_pager_alloc() never gets called & object remains null.  The
access done by object->ref_count causes--  the panic.

The appended kludge allows me to again use MFS, but I'd appreciate it 
if somebody who knows the code better could look into this..

Thanks,

Drew

------------------------------------------------------------------------------
Andrew Gallatin, Sr Systems Programmer	http://www.cs.duke.edu/~gallatin
Duke University				Email: gallatin@cs.duke.edu
Department of Computer Science		Phone: (919) 660-6590


Index: vfs_subr.c
===================================================================
RCS file: /scratch/freebsd-cvs/src/sys/kern/vfs_subr.c,v
retrieving revision 1.169
diff -c -r1.169 vfs_subr.c
*** vfs_subr.c	1998/10/26 08:07:00	1.169
--- vfs_subr.c	1998/10/26 20:06:04
***************
*** 2524,2531 ****
  			if ((error = VOP_GETATTR(vp, &vat, cred, p)) != 0)
  				goto retn;
  			object = vnode_pager_alloc(vp, vat.va_size, 0, 0);
! 		} else if (major(vp->v_rdev) < nblkdev &&
! 		    bdevsw[major(vp->v_rdev)] != NULL) {
  			/*
  			 * This simply allocates the biggest object possible
  			 * for a VBLK vnode.  This should be fixed, but doesn't
--- 2524,2532 ----
  			if ((error = VOP_GETATTR(vp, &vat, cred, p)) != 0)
  				goto retn;
  			object = vnode_pager_alloc(vp, vat.va_size, 0, 0);
! 		} else if ((vp->v_tag == VT_MFS) 
! 			   || ( major(vp->v_rdev) < nblkdev 
! 				&& bdevsw[major(vp->v_rdev)] != NULL)) {
  			/*
  			 * This simply allocates the biggest object possible
  			 * for a VBLK vnode.  This should be fixed, but doesn't

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13876.55104.517860.916965>