Date: Thu, 05 Dec 2002 16:43:32 -0800 From: Kirk McKusick <mckusick@beastie.mckusick.com> To: Kris Kennaway <kris@obsecurity.org> Cc: Robert Watson <rwatson@tislabs.com>, fs@FreeBSD.ORG Subject: Re:panic: ffs_vfree: range: dev = ad4s1c, ino = -1690809896, fs = /mnt2 Message-ID: <200212060043.gB60hW59091888@beastie.mckusick.com> In-Reply-To: Your message of "Thu, 05 Dec 2002 13:42:19 PST." <20021205214219.GA1190@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Do you still have this crash dump available? The back trace looks "impossible". The call to ffs_vfree at line #16 below shows pvp=0 and ino=0. Inspection of the code shows this to be impossible as three lines above the call to ffs_vfree is a check for ino == 0 which takes a different path. The call to softdep_freefile at #15 uses the passed in value of ino, yet shows ino=2604157400. So I have no idea what is really going on here. I am guessing that gdb must be lying about the values. Alternatively you kernel stack is somehow getting trashed. At any rate, if you still have the dump available, it would be useful to send me the output from the following gdb commands: frame 17 print error print ino print ipref print cg print pvp print *pvp print pip print *pip print fs print *fs Thanks, Kirk McKusick =-=-=-=-=-= Date: Thu, 5 Dec 2002 13:42:19 -0800 From: Kris Kennaway <kris@obsecurity.org> To: current@FreeBSD.ORG, fs@FreeBSD.ORG Cc: kirk@mckusick.com Subject: panic: ffs_vfree: range: dev = ad4s1c, ino = -1690809896, fs = /mnt2 I got this on a recent -current (kernel built Dec 1). The filesystem was under heavy disk load at the time (cvsup of CVS repo, make installworld, and cvs update of the src tree from a sparc64 NFS client). When it rebooted there was minor FS corruption (a few files lost/truncated). Kris panic: bremfree: bp 0xce65cf00 not locked panic messages: --- panic: ffs_vfree: range: dev = ad4s1c, ino = -1690809896, fs = /mnt2 syncing disks, buffers remaining... panic: bremfree: bp 0xce65cf00 not locked Uptime: 3d12h58m21s Dumping 511 MB ata0: resetting devices .. done 16 32[CTRL-C to abort] [CTRL-C to abort] [CTRL-C to abort] [CTRL-C to abort] 48 64[CTRL-C to abort] [CTRL-C to abort] [CTRL-C to abort] [CTRL-C to abort] 80 96 112 128 144 160 176 192 208 224 240 256 272 288 304 320 336 352 368 384 400 416 432 448 464 480 496 --- #0 doadump () at ../../../kern/kern_shutdown.c:232 232 dumping++; (kgdb) bt #0 doadump () at ../../../kern/kern_shutdown.c:232 #1 0xc01e10d5 in boot (howto=260) at ../../../kern/kern_shutdown.c:364 #2 0xc01e1323 in panic () at ../../../kern/kern_shutdown.c:517 #3 0xc0221ad7 in bremfree (bp=0xce65cf00) at ../../../kern/vfs_bio.c:632 #4 0xc02244d0 in getblk (vp=0xc4156000, blkno=352, size=16384, slpflag=0, slptimeo=0) at ../../../kern/vfs_bio.c:2344 #5 0xc0221c0a in breadn (vp=0xc4156000, blkno=0, size=0, rablkno=0x0, rabsize=0x0, cnt=0, cred=0x0, bpp=0x0) at ../../../kern/vfs_bio.c:690 #6 0xc0221bbc in bread (vp=0x0, blkno=0, size=0, cred=0x0, bpp=0x0) at ../../../kern/vfs_bio.c:672 #7 0xc02b0878 in ffs_update (vp=0xc44fa5dc, waitfor=0) at ../../../ufs/ffs/ffs_inode.c:102 #8 0xc02c49df in ffs_fsync (ap=0xdc06a864) at ../../../ufs/ffs/ffs_vnops.c:315 #9 0xc02c3b4e in ffs_sync (mp=0xc4032600, waitfor=2, cred=0xc150af00, td=0xc038ac80) at vnode_if.h:612 #10 0xc0235a78 in sync (td=0xc038ac80, uap=0x0) at ../../../kern/vfs_syscalls.c:138 #11 0xc01e0d1c in boot (howto=256) at ../../../kern/kern_shutdown.c:273 #12 0xc01e1323 in panic () at ../../../kern/kern_shutdown.c:517 #13 0xc02acc0b in ffs_freefile (fs=0xc4304800, devvp=0xc44fbce4, ino=2604157400, mode=16832) at ../../../ufs/ffs/ffs_alloc.c:1899 #14 0xc02bd124 in handle_workitem_freefile (freefile=0xc7e53120) at ../../../ufs/ffs/ffs_softdep.c:3389 #15 0xc02bb48b in softdep_freefile (pvp=0x0, ino=2604157400, mode=0) at ../../../ufs/ffs/ffs_softdep.c:2338 #16 0xc02aca3e in ffs_vfree (pvp=0x0, ino=0, mode=16832) at ../../../ufs/ffs/ffs_alloc.c:1864 #17 0xc02aa604 in ffs_valloc (pvp=0xc7b0ea8c, mode=16832, cred=0xc710fe80, vpp=0xdc06aa54) at ../../../ufs/ffs/ffs_alloc.c:864 #18 0xc02d0028 in ufs_mkdir (ap=0xdc06abbc) at ../../../ufs/ufs/ufs_vnops.c:1375 #19 0xc02d18e8 in ufs_vnoperate (ap=0x0) at ../../../ufs/ufs/ufs_vnops.c:2796 #20 0xc023a866 in kern_mkdir (td=0xc7b9fd20, path=---Can't read userspace from dump, or kernel process--- ) at vnode_if.h:757 #21 0xc023a629 in mkdir (td=0x0, uap=0x0) at ../../../kern/vfs_syscalls.c:2882 #22 0xc0325dee in syscall (frame= {tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = 0, tf_esi = 134594432, tf_ebp = -1077939272, tf_isp = -603542156, tf_ebx = 134539156, tf_edx = 134536583, tf_ecx = -1077939536, tf_eax = 136, tf_trapno = 0, tf_err = 2, tf_eip = 671871219, tf_cs = 31, tf_eflags = 514, tf_esp = -1077939412, tf_ss = 47}) at ../../../i386/i386/trap.c:1033 #23 0xc031602d in Xint0x80_syscall () at {standard input}:140 ---Can't read userspace from dump, or kernel process--- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212060043.gB60hW59091888>