Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 Mar 1997 18:54:03 -0800 (PST)
From:      hannibal@cyberstation.net
To:        freebsd-gnats-submit@freebsd.org
Subject:   kern/3104: Cannot execute files on a nullfs filesystem.
Message-ID:  <199703260254.SAA07959@freefall.freebsd.org>
Resent-Message-ID: <199703260300.TAA08358@freefall.freebsd.org>
index | next in thread | raw e-mail 


>Number:         3104
>Category:       kern
>Synopsis:       Cannot execute files on a nullfs filesystem.
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 25 19:00:01 PST 1997
>Last-Modified:
>Originator:     Dan Walters
>Organization:
Cyberstation, Inc.
>Release:        FreeBSD 3.0-CURRENT (post-Lite/2 merge)
>Environment:
FreeBSD hell.hia.org 3.0-CURRENT FreeBSD 3.0-CURRENT #0: Tue Mar 25 03:58:42 CST 1997     hannibal@hell.hia.org:/usr/src/sys/compile/HELL  i386

P133 with AHA2940
>Description:
Executing binaries on a nullfs (or nullfs-based) filesystem results in
a trap - looks like the image header is supposed to be loaded in with
vm_mmap(), but the address is invalid by the time exec_aout_imgact()
tries to examine it.  (I assume mmap() doesn't work either, but havn't
checked.)

(kgdb) info stack
...
#7  0xf018f11f in trap_fatal (frame=0xefbffaf0) at ../../i386/i386/trap.c:738
#8  0xf018ec18 in trap_pfault (frame=0xefbffaf0, usermode=0) at ../../i386/i386/trap.c:653
#9  0xf018e8b7 in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -272630788, tf_esi = 0, 
      tf_ebp = -272630844, tf_isp = -272631016, tf_ebx = 1, tf_edx = 12, tf_ecx = -272630660, 
      tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -165861213, tf_cs = 8, tf_eflags = 66118, 
      tf_esp = 0, tf_ss = 2}) at ../../i386/i386/trap.c:311
#10 0xf61d28a3 in ?? ()
#11 0xf018022a in vnode_pager_haspage (object=0xf21bbb00, pindex=0, before=0xefbffc80, 
    after=0xefbffc7c) at vnode_if.h:879
#12 0xf017f6af in vm_pager_has_page (object=0xf21bbb00, offset=0, before=0xefbffc80, 
    after=0xefbffc7c) at ../../vm/vm_pager.c:209
#13 0xf0175b41 in vm_fault_additional_pages (m=0xf097a7d8, rbehind=3, rahead=4, marray=0xefbffd18, 
    reqpage=0xefbffcec) at ../../vm/vm_fault.c:1102
#14 0xf0174f0a in vm_fault (map=0xf1eecd00, vaddr=4126949376, fault_type=1 '\001', change_wiring=0)
    at ../../vm/vm_fault.c:418
#15 0xf018ebc8 in trap_pfault (frame=0xefbffd98, usermode=0) at ../../i386/i386/trap.c:642
#16 0xf018e8b7 in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -272630120, tf_esi = -168017920, 
      tf_ebp = -272630272, tf_isp = -272630336, tf_ebx = 0, tf_edx = -233398528, 
      tf_ecx = -272630120, tf_eax = -267369760, tf_trapno = 12, tf_err = 0, tf_eip = -267369737, 
      tf_cs = 8, tf_eflags = 66178, tf_esp = 0, tf_ss = 0}) at ../../i386/i386/trap.c:311
#17 0xf01042f7 in exec_aout_imgact (imgp=0xefbffe98) at ../../kern/imgact_aout.c:58
#18 0xf010a6bf in execve (p=0xf21bac00, uap=0xefbfff94, retval=0xefbfff84)
    at ../../kern/kern_exec.c:197
#19 0xf018f3d7 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 410632, tf_esi = 499848, 
      tf_ebp = -272650580, tf_isp = -272629788, tf_ebx = 135147616, tf_edx = 499880, 
      tf_ecx = 410632, tf_eax = 59, tf_trapno = 12, tf_err = 7, tf_eip = 134868577, tf_cs = 31, 
      tf_eflags = 658, tf_esp = -272650600, tf_ss = 39}) at ../../i386/i386/trap.c:890
...
(kgdb) frame 17
#17 0xf01042f7 in exec_aout_imgact (imgp=0xefbffe98) at ../../kern/imgact_aout.c:58
58              struct vmspace *vmspace = imgp->proc->p_vmspace;
(kgdb) p *imgp
$1 = {proc = 0xf21bac00, uap = 0xefbfff94, vp = 0xf2195a80, attr = 0xefbffe38, 
  image_header = 0xf5fc4000 <Address 0xf5fc4000 out of bounds>, 
  stringbase = 0xf5ec4000 <Address 0xf5ec4000 out of bounds>, 
  stringp = 0xf5ec4000 <Address 0xf5ec4000 out of bounds>, stringspace = 65536, argc = 0, envc = 0, 
  entry_addr = 0, vmspace_destroyed = 0 '\000', interpreted = 0 '\000', 
  interpreter_name = "\000\0000\016\b\000\237\026\000/\027\002+\000\000\003\000\000\000\000K\000\000\005\000 \004\177\000\e\0004\r\000\000\000\000\001\000\000\0004\225\223\000\000\000\000\003\e\000", auxargs = 0x0}

>How-To-Repeat:
mount -t null /usr/bin /mnt
cd /mnt
./id
>Fix:

>Audit-Trail:
>Unformatted:
help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703260254.SAA07959>