Date: Sun, 7 Jun 2009 15:34:52 +0400 From: georg@dts.su To: freebsd-questions@freebsd.org, freebsd-fs@freebsd.org Subject: Re[8]: fatal trap 12 Message-ID: <49009886.20090607153452@dts.su> In-Reply-To: <20090606175033.GJ1927@deviant.kiev.zoral.com.ua> References: <20090606161600.GB61928@dchagin.static.corbina.ru> <20090606175033.GJ1927@deviant.kiev.zoral.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello.
After patch, whan make kernel I have this:
/usr/src/sys/kern/vfs_vnops.c:750:37: error: macro "vn_lock" requires 3 arg=
uments, but only 2 given
/usr/src/sys/kern/vfs_vnops.c: In function 'vn_ioctl':
/usr/src/sys/kern/vfs_vnops.c:750: error: 'vn_lock' undeclared (first use i=
n this function)
/usr/src/sys/kern/vfs_vnops.c:750: error: (Each undeclared identifier is re=
ported only once
/usr/src/sys/kern/vfs_vnops.c:750: error: for each function it appears in.)
/usr/src/sys/kern/vfs_vnops.c:769: error: too few arguments to function 'VO=
P_UNLOCK'
*** Error code 1
This problem with crashes I have after cPanel update perl to version
5.10.0...
Can some body tell me - is this global problem of FreeBSD or it only
with my installation?
> [Please, remove the questions@ on the reply, this is the topic for
> fs@].
> On Sat, Jun 06, 2009 at 08:16:00PM +0400, Chagin Dmitry wrote:
>> ----- Forwarded message from georg@dts.su -----
>>=20
>> Date: Sat, 6 Jun 2009 10:58:11 +0400
>> From: georg@dts.su
>> To: freebsd-questions@freebsd.org
>> Subject: Re[2]: fatal trap 12
>>=20
>> Hello, Freebsd-questions.
>>=20
>> After one of new crash I have this:
>>=20
>> GNU gdb 6.1.1 [FreeBSD]
>> Copyright 2004 Free Software Foundation, Inc.
>> GDB is free software, covered by the GNU General Public License, and you=
are
>> welcome to change it and/or distribute copies of it under certain condit=
ions.
>> Type "show copying" to see the conditions.
>> There is absolutely no warranty for GDB. Type "show warranty" for detai=
ls.
>> This GDB was configured as "amd64-marcel-freebsd"...
>>=20
>> Unread portion of the kernel message buffer:
>>=20
>>=20
>> Fatal trap 12: page fault while in kernel mode
>> cpuid =3D 2; apic id =3D 02
>> fault virtual address =3D 0x0
>> fault code =3D supervisor read data, page not present
>> instruction pointer =3D 0x8:0xffffffff804c4eb8
>> stack pointer =3D 0x10:0xffffff807a0478f0
>> frame pointer =3D 0x10:0xffffff807a047930
>> code segment =3D base 0x0, limit 0xfffff, type 0x1b
>> =3D DPL 0, pres 1, long 1, def32 0, gran 1
>> processor eflags =3D interrupt enabled, resume, IOPL =3D 0
>> current process =3D 32668 (perl5.10.0)
>> Physical memory: 4082 MB
>> Dumping 1647 MB: 1632 1616 1600 1584 1568 1552 1536 1520 1504 1488 1472 =
1456 1440 1424 1408 1392 1376 1360 1344 1328 1312 1296 1280 1264 1248 1232 =
1216 1200 1184 1168 1152 1136 1120 1104 1088 1072 1056 1040 1024 1008 992 9=
76 960 944 928 912 896 880 864 848 832 816 800 784 768 752 736 720 704 688 =
672 656 640 624 608 592 576 560 544 528 512 496 480 464 448 432 416 400 384=
368 352 336 320 304 288 272 256 240 224 208 192 176 160 144 128 112 96 80 =
64 48 32 16
>>=20
>> Reading symbols from /boot/kernel/accf_http.ko...Reading symbols from /b=
oot/kernel/accf_http.ko.symbols...done.
>> done.
>> Loaded symbols for /boot/kernel/accf_http.ko
>> #0 doadump () at pcpu.h:195
>> 195 __asm __volatile("movq %%gs:0,%0" : "=3Dr" (td));
>> (kgdb) list *0xffffffff804c4eb8
>> 0xffffffff804c4eb8 is in pfs_ioctl (/usr/src/sys/fs/pseudofs/pseudofs_vn=
ops.c:265).
>> 260 static int
>> 261 pfs_ioctl(struct vop_ioctl_args *va)
>> 262 {
>> 263 struct vnode *vn =3D va->a_vp;
>> 264 struct pfs_vdata *pvd =3D vn->v_data;
>> 265 struct pfs_node *pn =3D pvd->pvd_pn;
>> 266 struct proc *proc;
>> 267 int error;
>> 268
>> 269 PFS_TRACE(("%s: %lx", pn->pn_name, va->a_command));
>> (kgdb) backtrace
>> #0 doadump () at pcpu.h:195
>> #1 0xffffffff801c8dac in db_fncall (dummy1=3DVariable "dummy1" is not a=
vailable.
>> ) at /usr/src/sys/ddb/db_command.c:516
>> #2 0xffffffff801c92df in db_command (last_cmdp=3D0xffffffff80b30c88, cm=
d_table=3D0x0, dopager=3D1) at /usr/src/sys/ddb/db_command.c:413
>> #3 0xffffffff801c94f0 in db_command_loop () at /usr/src/sys/ddb/db_comm=
and.c:466
>> #4 0xffffffff801cb0d9 in db_trap (type=3DVariable "type" is not availab=
le.
>> ) at /usr/src/sys/ddb/db_main.c:228
>> #5 0xffffffff80554e55 in kdb_trap (type=3D12, code=3D0, tf=3D0xffffff80=
7a047840) at /usr/src/sys/kern/subr_kdb.c:524
>> #6 0xffffffff807fae80 in trap_fatal (frame=3D0xffffff807a047840, eva=3D=
Variable "eva" is not available.
>> ) at /usr/src/sys/amd64/amd64/trap.c:752
>> #7 0xffffffff807fb254 in trap_pfault (frame=3D0xffffff807a047840, userm=
ode=3D0) at /usr/src/sys/amd64/amd64/trap.c:673
>> #8 0xffffffff807fbc02 in trap (frame=3D0xffffff807a047840) at /usr/src/=
sys/amd64/amd64/trap.c:444
>> #9 0xffffffff807df35e in calltrap () at /usr/src/sys/amd64/amd64/except=
ion.S:209
>> #10 0xffffffff804c4eb8 in pfs_ioctl (va=3D0xffffff807a047a10) at /usr/sr=
c/sys/fs/pseudofs/pseudofs_vnops.c:264
>> #11 0xffffffff805bb1d3 in vn_ioctl (fp=3DVariable "fp" is not available.
>> ) at vnode_if.h:437
>> #12 0xffffffff80562d02 in kern_ioctl (td=3D0xffffff0006682000, fd=3D3, c=
om=3D1076655123, data=3D0xffffff00ad2b7d40 "") at file.h:269
>> #13 0xffffffff80563029 in ioctl (td=3D0xffffff0006682000, uap=3D0xffffff=
807a047bf0) at /usr/src/sys/kern/sys_generic.c:571
>> #14 0xffffffff807fb4d6 in syscall (frame=3D0xffffff807a047c80) at /usr/s=
rc/sys/amd64/amd64/trap.c:900
>> #15 0xffffffff807df56b in Xfast_syscall () at /usr/src/sys/amd64/amd64/e=
xception.S:330
>> #16 0x0000000800c9c0ec in ?? ()
>> Previous frame inner to this frame (corrupt stack?)
>> (kgdb)
>>=20
>>=20
>> Can You help me? What can I do? Server crash periodicaly...
> The issue is that VOP_IOCTL interface takes unlocked vnode, which
> may be reclaimed at any moment. The right thing to do is to fix
> this before 8.0 freezed KPI. Please, try the patch below.
> diff --git
> a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
> b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
> index a7f47b2..018e6bd 100644
> --- a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
> +++ b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
> @@ -258,7 +258,7 @@ zfs_ioctl(vnode_t *vp, u_long com, intptr_t data, int=
flag, cred_t *cred,
> int *rvalp, caller_context_t *ct)
> {
> offset_t off;
> - int error;
> + int error, locked;
> zfsvfs_t *zfsvfs;
> znode_t *zp;
> =20
> @@ -276,6 +276,8 @@ zfs_ioctl(vnode_t *vp, u_long com, intptr_t data, int=
flag, cred_t *cred,
> =20
> case _FIO_SEEK_DATA:
> case _FIO_SEEK_HOLE:
> + locked =3D VOP_ISLOCKED(vp);
> + VOP_UNLOCK(vp, 0);
> if (ddi_copyin((void *)data, &off, sizeof (off), flag))
> return (EFAULT);
> =20
> @@ -287,10 +289,15 @@ zfs_ioctl(vnode_t *vp, u_long com, intptr_t data, i=
nt flag, cred_t *cred,
> /* offset parameter is in/out */
> error =3D zfs_holey(vp, com, &off);
> ZFS_EXIT(zfsvfs);
> - if (error)
> + if (error) {
> + vn_lock(vp, locked | LK_RETRY);
> return (error);
> - if (ddi_copyout(&off, (void *)data, sizeof (off), flag))
> + }
> + if (ddi_copyout(&off, (void *)data, sizeof (off), flag)) {
> + vn_lock(vp, locked | LK_RETRY);
> return (EFAULT);
> + }
> + vn_lock(vp, locked | LK_RETRY);
> return (0);
> }
> return (ENOTTY);
> diff --git a/sys/fs/coda/coda_vnops.c b/sys/fs/coda/coda_vnops.c
> index c5c6cb1..0bf84c4 100644
> --- a/sys/fs/coda/coda_vnops.c
> +++ b/sys/fs/coda/coda_vnops.c
> @@ -420,7 +420,7 @@ coda_ioctl(struct vop_ioctl_args *ap)
> struct ucred *cred =3D ap->a_cred;
> struct thread *td =3D ap->a_td;
> /* locals */
> - int error;
> + int error, locked;
> struct vnode *tvp;
> struct nameidata ndp;
> struct PioctlData *iap =3D (struct PioctlData *)data;
> @@ -440,6 +440,8 @@ coda_ioctl(struct vop_ioctl_args *ap)
> "ctlvp")););
> return (EOPNOTSUPP);
> }
> + locked =3D VOP_ISLOCKED(vp);
> + VOP_UNLOCK(vp, 0);
> =20
> /*
> * Look up the pathname.
> @@ -455,7 +457,7 @@ coda_ioctl(struct vop_ioctl_args *ap)
> MARK_INT_FAIL(CODA_IOCTL_STATS);
> CODADEBUG(CODA_IOCTL, myprintf(("coda_ioctl error: lookup=
"
> "returns %d\n", error)););
> - return (error);
> + goto out;
> }
> =20
> /*
> @@ -469,11 +471,13 @@ coda_ioctl(struct vop_ioctl_args *ap)
> CODADEBUG(CODA_IOCTL,
> myprintf(("coda_ioctl error: %s not a coda object\n",
> iap->path)););
> - return (EINVAL);
> + error =3D EINVAL;
> + goto out;
> }
> if (iap->vi.in_size > VC_MAXDATASIZE) {
> NDFREE(&ndp, 0);
> - return (EINVAL);
> + error =3D EINVAL;
> + goto out;
> }
> error =3D venus_ioctl(vtomi(tvp), &((VTOC(tvp))->c_fid), com, fla=
g,
> data, cred, td->td_proc);
> @@ -484,6 +488,8 @@ coda_ioctl(struct vop_ioctl_args *ap)
> error)););
> vrele(tvp);
> NDFREE(&ndp, NDF_ONLY_PNBUF);
> + out:
> + vn_lock(vp, locked | LK_RETRY);
> return (error);
> }
> =20
> diff --git a/sys/fs/deadfs/dead_vnops.c b/sys/fs/deadfs/dead_vnops.c
> index 7a07b38..22029a7 100644
> --- a/sys/fs/deadfs/dead_vnops.c
> +++ b/sys/fs/deadfs/dead_vnops.c
> @@ -180,8 +180,8 @@ dead_ioctl(ap)
> struct proc *a_p;
> } */ *ap;
> {
> - /* XXX: Doesn't this just recurse back here ? */
> - return (VOP_IOCTL_AP(ap));
> +
> + return (EIO);
> }
> =20
> /*
> diff --git a/sys/fs/fifofs/fifo_vnops.c b/sys/fs/fifofs/fifo_vnops.c
> index 66963bc..8d20297 100644
> --- a/sys/fs/fifofs/fifo_vnops.c
> +++ b/sys/fs/fifofs/fifo_vnops.c
> @@ -89,8 +89,6 @@ struct fifoinfo {
> static vop_print_t fifo_print;
> static vop_open_t fifo_open;
> static vop_close_t fifo_close;
> -static vop_ioctl_t fifo_ioctl;
> -static vop_kqfilter_t fifo_kqfilter;
> static vop_pathconf_t fifo_pathconf;
> static vop_advlock_t fifo_advlock;
> =20
> @@ -116,8 +114,8 @@ struct vop_vector fifo_specops =3D {
> .vop_close =3D fifo_close,
> .vop_create =3D VOP_PANIC,
> .vop_getattr =3D VOP_EBADF,
> - .vop_ioctl =3D fifo_ioctl,
> - .vop_kqfilter =3D fifo_kqfilter,
> + .vop_ioctl =3D VOP_PANIC,
> + .vop_kqfilter =3D VOP_PANIC,
> .vop_link =3D VOP_PANIC,
> .vop_mkdir =3D VOP_PANIC,
> .vop_mknod =3D VOP_PANIC,
> @@ -300,42 +298,6 @@ fail1:
> return (0);
> }
> =20
> -/*
> - * Now unused vnode ioctl routine.
> - */
> -/* ARGSUSED */
> -static int
> -fifo_ioctl(ap)
> - struct vop_ioctl_args /* {
> - struct vnode *a_vp;
> - u_long a_command;
> - caddr_t a_data;
> - int a_fflag;
> - struct ucred *a_cred;
> - struct thread *a_td;
> - } */ *ap;
> -{
> -
> - printf("WARNING: fifo_ioctl called unexpectedly\n");
> - return (ENOTTY);
> -}
> -
> -/*
> - * Now unused vnode kqfilter routine.
> - */
> -/* ARGSUSED */
> -static int
> -fifo_kqfilter(ap)
> - struct vop_kqfilter_args /* {
> - struct vnode *a_vp;
> - struct knote *a_kn;
> - } */ *ap;
> -{
> -
> - printf("WARNING: fifo_kqfilter called unexpectedly\n");
> - return (EINVAL);
> -}
> -
> static void
> filt_fifordetach(struct knote *kn)
> {
> diff --git a/sys/fs/unionfs/union_vnops.c b/sys/fs/unionfs/union_vnops.c
> index 8505cac..6f5d555 100644
> --- a/sys/fs/unionfs/union_vnops.c
> +++ b/sys/fs/unionfs/union_vnops.c
> @@ -913,12 +913,10 @@ unionfs_ioctl(struct vop_ioctl_args *ap)
> =20
> KASSERT_UNIONFS_VNODE(ap->a_vp);
> =20
- vn_lock(ap->>a_vp, LK_EXCLUSIVE | LK_RETRY);
> unp =3D VTOUNIONFS(ap->a_vp);
> unionfs_get_node_status(unp, ap->a_td, &unsp);
> ovp =3D (unsp->uns_upper_opencnt ? unp->un_uppervp : unp->un_lowe=
rvp);
> unionfs_tryrem_node_status(unp, unsp);
> - VOP_UNLOCK(ap->a_vp, 0);
> =20
> if (ovp =3D=3D NULLVP)
> return (EBADF);
> diff --git a/sys/gnu/fs/xfs/FreeBSD/xfs_vnops.c
> b/sys/gnu/fs/xfs/FreeBSD/xfs_vnops.c
> index 6d8d4eb..9b2c4b0 100644
> --- a/sys/gnu/fs/xfs/FreeBSD/xfs_vnops.c
> +++ b/sys/gnu/fs/xfs/FreeBSD/xfs_vnops.c
> @@ -1163,17 +1163,20 @@ _xfs_ioctl(
> struct thread *a_td;
> } */ *ap)
> {
> -/* struct vnode *vp =3D ap->a_vp; */
> + struct vnode *vp =3D ap->a_vp;
> /* struct thread *p =3D ap->a_td; */
> /* struct file *fp; */
> - int error;
> + int error, locked;
> =20
> - xfs_vnode_t *xvp =3D VPTOXFSVP(ap->a_vp);
> + xfs_vnode_t *xvp =3D VPTOXFSVP(vp);
> =20
> printf("_xfs_ioctl cmd 0x%lx data %p\n",ap->a_command,ap->a_data);
> =20
> + locked =3D VOP_ISLOCKED(vp);
> + VOP_UNLOCK(vp, 0);
> // XVOP_IOCTL(xvp,(void *)NULL,(void
> *)NULL,ap->a_fflag,ap->a_command,ap->a_data,error);
> error =3D
> xfs_ioctl(xvp->v_bh.bh_first,NULL,NULL,ap->a_fflag,ap->a_command,ap->a_da=
ta);
> + vn_lock(vp, locked | LK_RETRY);
> =20
> return error;
> }
> diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c
> index 702faae..e48f81f 100644
> --- a/sys/kern/vfs_vnops.c
> +++ b/sys/kern/vfs_vnops.c
> @@ -817,13 +817,12 @@ vn_ioctl(fp, com, data, active_cred, td)
> =20
> vfslocked =3D VFS_LOCK_GIANT(vp->v_mount);
> error =3D ENOTTY;
> + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
> switch (vp->v_type) {
> case VREG:
> case VDIR:
> if (com =3D=3D FIONREAD) {
> - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
> error =3D VOP_GETATTR(vp, &vattr, active_cred);
> - VOP_UNLOCK(vp, 0);
> if (!error)
> *(int *)data =3D vattr.va_size - fp->f_of=
fset;
> }
> @@ -837,6 +836,7 @@ vn_ioctl(fp, com, data, active_cred, td)
> default:
> break;
> }
> + VOP_UNLOCK(vp, 0);
> VFS_UNLOCK_GIANT(vfslocked);
> return (error);
> }
> diff --git a/sys/kern/vnode_if.src b/sys/kern/vnode_if.src
> index 81c0dff..81ef11c 100644
> --- a/sys/kern/vnode_if.src
> +++ b/sys/kern/vnode_if.src
> @@ -209,7 +209,7 @@ vop_write {
> };
> =20
> =20
> -%% ioctl vp U U U
> +%% ioctl vp L L L
> =20
> vop_ioctl {
> IN struct vnode *vp;
--=20
Regards
Yura mailto:georg@dts.su
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49009886.20090607153452>