From owner-freebsd-bugs  Thu Mar  8 12:40: 9 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 981CB37B718
	for <freebsd-bugs@hub.freebsd.org>; Thu,  8 Mar 2001 12:40:03 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f28Ke1i53098;
	Thu, 8 Mar 2001 12:40:01 -0800 (PST)
	(envelope-from gnats)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 78E3337B71B
	for <freebsd-gnats-submit@FreeBSD.org>; Thu,  8 Mar 2001 12:35:21 -0800 (PST)
	(envelope-from nobody@FreeBSD.org)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f28KZLi52527;
	Thu, 8 Mar 2001 12:35:21 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200103082035.f28KZLi52527@freefall.freebsd.org>
Date: Thu, 8 Mar 2001 12:35:21 -0800 (PST)
From: albowicz@cs.ucr.edu
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-1.0
Subject: kern/25617: aio_read crashes system.
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         25617
>Category:       kern
>Synopsis:       aio_read crashes system.
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Mar 08 12:40:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Joe Albowicz
>Release:        4.2-STABLE
>Organization:
>Environment:
FreeBSD cd8.corp124.com 4.2-STABLE FreeBSD 4.2-STABLE #2: Wed Feb  7 19:13:39 PST 2001     nigelc@cd14.corp124.com:/usr/src/sys/compile/CDs-BSD-STABLE  i386
>Description:

Issuing two aio_reads for 131K blocks on a raw scsi device crashes the system.  Other block sizes do not crash the system.  Also using a normal file (e.g. "/tmp/foo.txt") does not crash the system.
>How-To-Repeat:
Run this program. as "a.out /dev/rda2"

#include <aio.h>
#include <errno.h>
#include <fcntl.h>
#include <stdlib.h>
#include <stdio.h>
#include <assert.h>
#include <unistd.h>
#include <string.h>


void do_aio_stuff(char * fname, int sector_size, int num_aiocbs)
{
  char buffs[num_aiocbs * sector_size];

  int fh = open(fname, O_RDONLY);
  assert(fh >= 0);
  
  aiocb iocbs[num_aiocbs];
  int cb_index;

  memset(iocbs, '\0', sizeof(aiocb) * num_aiocbs);

  for(cb_index = 0; cb_index < 2; cb_index++)
  {
      off_t pos = (long long) cb_index * sector_size +16384;
      
      iocbs[cb_index].aio_fildes = fh;
      iocbs[cb_index].aio_offset = pos;
      iocbs[cb_index].aio_buf = &buffs[cb_index*sector_size];
      iocbs[cb_index].aio_nbytes = sector_size;

      int ret_val = aio_read(&iocbs[cb_index]);
      if(ret_val == -1)
      {
          printf("aio_read error == %s\n", strerror(errno));
          exit(0);
      }
  }


  printf("Going to sleep\n");
  sleep(5);
  
  close(fh);
}


int main(int argc, char * argv[])
{
  char partition_name[1000];
  strcpy(partition_name, argv[1]);
  
  //int ss = 16384; // WORKS!!
  int ss = 131072;
  //int ss = 262144; // WORKS!!
  
  do_aio_stuff(partition_name, ss, 10);
  
  return 0;

}



>Fix:

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message