Date: Tue, 18 Feb 2003 09:40:06 -0800 (PST) From: "Sergey A. Osokin" <osa@freebsd.org.ru> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/48381: using mv(1) on smbfs crashes 5.0 kernel Message-ID: <200302181740.h1IHe6bW022945@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/48381; it has been noted by GNATS.
From: "Sergey A. Osokin" <osa@freebsd.org.ru>
To: "Thomas E. Zander" <riggs@rrr.de>
Cc: FreeBSD-gnats-submit@FreeBSD.org, current@FreeBSD.org
Subject: Re: kern/48381: using mv(1) on smbfs crashes 5.0 kernel
Date: Tue, 18 Feb 2003 20:32:07 +0300
On Mon, Feb 17, 2003 at 10:45:32PM +0800, Thomas E. Zander wrote:
I can reproduce it on my system.
FreeBSD 5.0-CURRENT #0: Tue Feb 18 18:43:57 MSK 2003
> >Description:
> On a mounted network-filesystem using mount_smbfs, using of the command
> mv /file/on/the/smbfs /file/on/a/local/fs
> freezes the system for about 10 seconds, then immidiate reboot.
> No kernel panic is shown, no dump, also no chance to backtrace the problem.
> Instead using of cp && rm is flawless.
> >How-To-Repeat:
> Just take a 5.0-R and use mv(1) on a smbfs
> >Fix:
>
> Since I wasn't able to do a trace or gdb -k after the crash, it is difficult to give an idea of how to fix it.
> Sorry.
> >Release-Note:
> >Audit-Trail:
%gdb -k kernel.debug /usr/crash/vmcore.0
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-undermydesk-freebsd"...
panic: bwrite: buffer is not busy???
panic messages:
---
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0xe0
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc027b9f4
stack pointer = 0x10:0xcdcb5774
frame pointer = 0x10:0xcdcb57e4
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 616 (mv)
trap number = 12
panic: page fault
syncing disks, buffers remaining... panic: bwrite: buffer is not busy???
Uptime: 2m7s
Dumping 255 MB
ata0: resetting devices ..
ata0: mask=03 ostat0=50 ostat2=00
ad0: ATAPI 00 00
ata0-slave: ATAPI 00 00
ata0: mask=03 stat0=50 stat1=00
ad0: ATA 01 a5
ata0: devices=01
ad0: success setting PIO4 on generic chip
done
16 32 48 64 80 96 112 128 144 160 176 192 208 224 240
---
#0 doadump () at ../../../kern/kern_shutdown.c:239
239 dumping++;
(kgdb) bt
#0 doadump () at ../../../kern/kern_shutdown.c:239
#1 0xc01dc5d9 in boot (howto=260) at ../../../kern/kern_shutdown.c:371
#2 0xc01dc843 in panic () at ../../../kern/kern_shutdown.c:542
#3 0xc02204d2 in bwrite (bp=0xc7729880) at ../../../kern/vfs_bio.c:842
#4 0xc0221c91 in vfs_bio_awrite (bp=0xc7729880) at ../../../kern/vfs_bio.c:1724
#5 0xc0229627 in vop_stdfsync (ap=0xcdcb556c) at ../../../kern/vfs_default.c:755
#6 0xc01a56e0 in spec_fsync (ap=0xcdcb556c) at ../../../fs/specfs/spec_vnops.c:422
#7 0xc01a4bb8 in spec_vnoperate (ap=0x0) at ../../../fs/specfs/spec_vnops.c:123
#8 0xc0293ee7 in ffs_sync (mp=0xc25ac200, waitfor=2, cred=0xc0eb2f00, td=0xc03563c0)
at vnode_if.h:612
#9 0xc0236e4b in sync (td=0xc03563c0, uap=0x0) at ../../../kern/vfs_syscalls.c:138
#10 0xc01dc1bc in boot (howto=256) at ../../../kern/kern_shutdown.c:280
#11 0xc01dc843 in panic () at ../../../kern/kern_shutdown.c:542
#12 0xc02f1152 in trap_fatal (frame=0xcdcb5734, eva=0) at ../../../i386/i386/trap.c:844
#13 0xc02f0e32 in trap_pfault (frame=0xcdcb5734, usermode=0, eva=224)
at ../../../i386/i386/trap.c:758
#14 0xc02f0920 in trap (frame=
{tf_fs = -1070596072, tf_es = 327696, tf_ds = 16, tf_edi = 0, tf_esi = 24, tf_ebp = -842311708, tf_isp = -842311840, tf_ebx = -934060032, tf_edx = -1029007968, tf_ecx = -934059330, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -1071138316, tf_cs = 8, tf_eflags = 66118, tf_esp = 255, tf_ss = 2765}) at ../../../i386/i386/trap.c:445
#15 0xc02e0ad8 in calltrap () at {standard input}:96
#16 0xc027a86a in ffs_hashalloc (ip=0xc2aa95a0, cg=-934060032, pref=0, size=32768,
allocator=0xc027b720 <ffs_nodealloccg>) at ../../../ufs/ffs/ffs_alloc.c:1154
#17 0xc0279f9e in ffs_valloc (pvp=0xc2aab000, mode=32768, cred=0xc2b9d400, vpp=0xcdcb5878)
at ../../../ufs/ffs/ffs_alloc.c:856
#18 0xc02a1f6c in ufs_makeinode (mode=32768, dvp=0xc2aab000, vpp=0xcdcb5be0, cnp=0xcdcb5bf4)
at ../../../ufs/ufs/ufs_vnops.c:2356
#19 0xc029ec09 in ufs_create (ap=0xcdcb5a10) at ../../../ufs/ufs/ufs_vnops.c:197
#20 0xc02a24e8 in ufs_vnoperate (ap=0x0) at ../../../ufs/ufs/ufs_vnops.c:2787
#21 0xc023e60f in vn_open_cred (ndp=0xcdcb5bcc, flagp=0xcdcb5ccc, cmode=0, cred=0xc2b9d400)
at vnode_if.h:114
#22 0xc023e469 in vn_open (ndp=0x0, flagp=0x0, cmode=0) at ../../../kern/vfs_vnops.c:86
#23 0xc0237c98 in kern_open (td=0xc25a94b0, path=0x0, pathseg=UIO_USERSPACE, flags=3586, mode=0)
at ../../../kern/vfs_syscalls.c:663
#24 0xc0237b30 in open (td=0x0, uap=0x0) at ../../../kern/vfs_syscalls.c:628
#25 0xc02f147a in syscall (frame=
{tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = -1077938544, tf_esi = -1077938544, tf_ebp = -1077940040, tf_isp = -842310284, tf_ebx = -1077940000, tf_edx = -1077938704, tf_ecx = 0, tf_eax = 5, tf_trapno = 12, tf_err = 2, tf_eip = 134520703, tf_cs = 31, tf_eflags = 518, tf_esp = -1077940116, tf_ss = 47}) at ../../../i386/i386/trap.c:1033
#26 0xc02e0b2d in Xint0x80_syscall () at {standard input}:138
---Can't read userspace from dump, or kernel process---
(kgdb) up 16
#16 0xc027a86a in ffs_hashalloc (ip=0xc2aa95a0, cg=-934060032, pref=0, size=32768,
allocator=0xc027b720 <ffs_nodealloccg>) at ../../../ufs/ffs/ffs_alloc.c:1154
1154 result = (*allocator)(ip, cg, pref, size);
(kgdb) p *allocator
$1 = {ufs2_daddr_t (struct inode *, int, ufs2_daddr_t, int)} 0xc027b720 <ffs_nodealloccg>
(kgdb) up 1
#17 0xc0279f9e in ffs_valloc (pvp=0xc2aab000, mode=32768, cred=0xc2b9d400, vpp=0xcdcb5878)
at ../../../ufs/ffs/ffs_alloc.c:856
856 ino = (ino_t)ffs_hashalloc(pip, cg, ipref, mode,
(kgdb) p cg
$2 = 16
Any idea?
--
Rgdz, /"\ ASCII RIBBON CAMPAIGN
Sergey Osokin aka oZZ, \ / AGAINST HTML MAIL
http://ozz.pp.ru/ X AND NEWS
/ \
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302181740.h1IHe6bW022945>