From owner-freebsd-stable@FreeBSD.ORG Sat Dec 5 23:21:29 2009 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9124B106566B for ; Sat, 5 Dec 2009 23:21:29 +0000 (UTC) (envelope-from to.my.trociny@gmail.com) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.158]) by mx1.freebsd.org (Postfix) with ESMTP id 1C23C8FC0A for ; Sat, 5 Dec 2009 23:21:28 +0000 (UTC) Received: by fg-out-1718.google.com with SMTP id 16so295899fgg.13 for ; Sat, 05 Dec 2009 15:21:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:to:subject:organization:from :date:message-id:user-agent:mime-version:content-type; bh=Q28hG5RQb1KA38UDPNNqnUTw1k83qTbYNTR2vP9buDk=; b=P0LHHHebtHM5/hU+6CF8u1SdcxZxylDbY+MvmDEBUoLHsrg6Wm1hEXOqHI73DDbavp MTZfWe4hTzgBap6J6oaTvFoZ6xFEL8ZsuRqneWk5hvxNlSZegI+Zvw+jm3mxmkiEstrs A6vLqoSt4pegPAKwgqLLe+2++Ka5JWstx1raE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=to:subject:organization:from:date:message-id:user-agent :mime-version:content-type; b=FeD89YoVOf4vWCjjLhogezDycAa4yHjTwFmUvkmuBgtDhJp9na887VwqGDryP4NCYR CURB5FMkBtyxD5dockCL6B1zgmlgUgUCM3dau42iHkbDHkCNXKV25LJTKNNCgWXyURLE IoIo3zq/WjQxtutJwwa7f1WnScOeGkkHQXeLc= Received: by 10.102.17.2 with SMTP id 2mr387385muq.73.1260055287867; Sat, 05 Dec 2009 15:21:27 -0800 (PST) Received: from localhost ([95.69.161.66]) by mx.google.com with ESMTPS id s11sm6200303mue.49.2009.12.05.15.21.26 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sat, 05 Dec 2009 15:21:27 -0800 (PST) To: FreeBSD Stable Organization: TOA Ukraine From: Mikolaj Golub Date: Sun, 06 Dec 2009 01:21:24 +0200 Message-ID: <86ws1180sr.fsf@kopusha.onet> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: FreeBSD 7.1: QUOTA: kernel panics in jailed() X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Dec 2009 23:21:29 -0000 Hi, Today we have observed the panic on our FreeBSD7.1 box build with QUOTA support. According to backtrace ffs_truncate() called chkdq() with NOCRED but later jailed() was called and the system crashed dereferencing cred->cr_prison. GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd"... Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid = 7; apic id = 07 fault virtual address = 0x64 fault code = supervisor read, page not present instruction pointer = 0x20:0xc07a1d26 stack pointer = 0x28:0xedb2d8b8 frame pointer = 0x28:0xedb2d8b8 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 9742 (icoms_agent_cox476) trap number = 12 panic: page fault cpuid = 7 Uptime: 19h54m4s Physical memory: 3315 MB Dumping 326 MB: 311 295 279 263 247 231 215 199 183 167 151 135 119 103 87 71 55 39 23 7 Reading symbols from /boot/kernel/if_lagg.ko...Reading symbols from /boot/kernel/if_lagg.ko.symbols...done. done. Loaded symbols for /boot/kernel/if_lagg.ko Reading symbols from /boot/kernel/acpi.ko...Reading symbols from /boot/kernel/acpi.ko.symbols...done. done. Loaded symbols for /boot/kernel/acpi.ko #0 doadump () at pcpu.h:196 196 pcpu.h: No such file or directory. in pcpu.h (kgdb) bt #0 doadump () at pcpu.h:196 #1 0xc07c2b27 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418 #2 0xc07c2df9 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:574 #3 0xc0ada1ec in trap_fatal (frame=0xedb2d878, eva=100) at /usr/src/sys/i386/i386/trap.c:939 #4 0xc0ada470 in trap_pfault (frame=0xedb2d878, usermode=0, eva=100) at /usr/src/sys/i386/i386/trap.c:852 #5 0xc0adae2c in trap (frame=0xedb2d878) at /usr/src/sys/i386/i386/trap.c:530 #6 0xc0ac0c9b in calltrap () at /usr/src/sys/i386/i386/exception.s:159 #7 0xc07a1d26 in jailed (cred=0x0) at /usr/src/sys/kern/kern_jail.c:465 #8 0xc07a1da5 in prison_priv_check (cred=0x0, priv=320) at /usr/src/sys/kern/kern_jail.c:581 #9 0xc07b62ce in priv_check_cred (cred=0x0, priv=320, flags=0) at /usr/src/sys/kern/kern_priv.c:86 #10 0xc09e742d in chkdq (ip=0xcb55c980, change=28, cred=0x0, flags=Variable "flags" is not available. ) at /usr/src/sys/ufs/ufs/ufs_quota.c:188 #11 0xc09c24f7 in ffs_truncate (vp=0xcac04cf0, length=0, flags=2048, cred=0xc9871d00, td=0xc95d28c0) at /usr/src/sys/ufs/ffs/ffs_inode.c:276 #12 0xc09ed372 in ufs_setattr (ap=0xedb2db64) at /usr/src/sys/ufs/ufs/ufs_vnops.c:600 #13 0xc0af0582 in VOP_SETATTR_APV (vop=0xc0c2ff80, a=0xedb2db64) at vnode_if.c:583 #14 0xc084c446 in kern_open (td=0xc95d28c0, path=0x4890e68c
, pathseg=UIO_USERSPACE, flags=Variable "flags" is not available. ) at vnode_if.h:315 #15 0xc084c5b0 in open (td=0xc95d28c0, uap=0xedb2dcfc) at /usr/src/sys/kern/vfs_syscalls.c:999 #16 0xc0ada7c5 in syscall (frame=0xedb2dd38) at /usr/src/sys/i386/i386/trap.c:1090 #17 0xc0ac0d00 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:255 #18 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) (kgdb) fr 11 #11 0xc09c24f7 in ffs_truncate (vp=0xcac04cf0, length=0, flags=2048, cred=0xc9871d00, td=0xc95d28c0) at /usr/src/sys/ufs/ffs/ffs_inode.c:276 276 (void) chkdq(ip, -datablocks, NOCRED, 0); (kgdb) list 271 if (ip->i_flag & IN_SPACECOUNTED) 272 fs->fs_pendingblocks -= datablocks; 273 UFS_UNLOCK(ump); 274 } else { 275 #ifdef QUOTA 276 (void) chkdq(ip, -datablocks, NOCRED, 0); 277 #endif 278 softdep_setup_freeblocks(ip, length, needextclean ? 279 IO_EXT | IO_NORMAL : IO_NORMAL); 280 ASSERT_VOP_LOCKED(vp, "ffs_truncate1"); (kgdb) fr 7 #7 0xc07a1d26 in jailed (cred=0x0) at /usr/src/sys/kern/kern_jail.c:465 465 { (kgdb) list 460 /* 461 * Return 1 if the passed credential is in a jail, otherwise 0. 462 */ 463 int 464 jailed(struct ucred *cred) 465 { 466 467 return (cred->cr_prison != NULL); 468 } 469 -- Mikolaj Golub