NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/37799: Writing a large file to an NFS partition panics the kernel
>Number: 37799
>Category: kern
>Synopsis: Writing a large file to an NFS partition panics the kernel
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Jan 18 13:50:00 +0000 2008
>Originator: Reinoud Zandijk
>Release: NetBSD 4.99.49
>Organization:
NetBSD
>Environment:
System: NetBSD heethoofdje.13thmonkey.org 4.99.49 NetBSD 4.99.49 (GENERIC) #2:
Fri Jan 18 12:53:37 CET 2008
root%heethoofdje.13thmonkey.org@localhost:/usr/sources/cvs.netbsd.org/src/sys/arch/i386/compile/GENERIC
i386
Architecture: i386
Machine: i386
>Description:
The setup is a discless i386 machine with 128 Mb of memory (with no swap)
mounting its root on an NetBSD server.
luiaard# mount
192.168.1.2:/usr/exports/luiaard on / type nfs
heethoofdje.13thmonkey.org:/usr/sources on /usr/sources type nfs
aardappel.13thmonkey.org:/home on /home type nfs
aardappel.13thmonkey.org:/var/mail on /var/mail type nfs
Copying a 1.7 Gb file from CD or from a userland program to the root mount
reproducably panics the kernel at the same place every time.
Program received signal SIGSEGV, Segmentation fault.
0xc02c98aa in uvm_pagefree (pg=0xc07da5dc) at ../../../../uvm/uvm_page.c:258
258 TAILQ_REMOVE(buck, pg, hashq);
(gdb) where
#0 0xc02c98aa in uvm_pagefree (pg=0xc07da5dc) at ../../../../uvm/uvm_page.c:258
#1 0xc0383b46 in genfs_do_putpages (vp=0xcaf23718, startoff=0,
endoff=9223372036854771712, flags=<value optimized out>, busypg=0x0)
at ../../../../miscfs/genfs/genfs_io.c:1066
#2 0xc0383ced in genfs_putpages (v=0xcaed6a9c) at
../../../../miscfs/genfs/genfs_io.c:744
#3 0xc037f8ad in VOP_PUTPAGES (vp=0xcaf23718, offlo=0, offhi=0, flags=8219) at
../../../../kern/vnode_if.c:1798
#4 0xc03755cb in vinvalbuf (vp=0xcaf23718, flags=1, cred=0xc9c24b40,
l=0xcacc9060,
catch=false, slptimeo=0) at ../../../../kern/vfs_subr2.c:299
#5 0xc0224df7 in nfs_vinvalbuf (vp=0xcaf23718, flags=1, cred=0xc9c24b40,
l=0xcacc9060,
intrflg=0) at ../../../../nfs/nfs_bio.c:657
#6 0xc0256b59 in nfs_setattr (v=0xcaed6b98) at ../../../../nfs/nfs_vnops.c:679
#7 0xc0380be8 in VOP_SETATTR (vp=0xcaf23718, vap=0xcaed6bc8, cred=0xc9c24b40)
at
../../../../kern/vnode_if.c:431
#8 0xc03776da in do_sys_utimes (l=0xcacc9060, vp=0xcaf23718, path=0x0, flag=0,
tptr=0xbfbfad60, seg=UIO_USERSPACE) at ../../../../kern/vfs_syscalls.c:3029
#9 0xc0377833 in sys_futimes (l=0xcacc9060, uap=0xcaed6d00, retval=0xcaed6d28)
at
../../../../kern/vfs_syscalls.c:2967
#10 0xc03e2209 in syscall (frame=0xcaed6d48) at
../../../../arch/i386/i386/syscall.c:114
#11 0xc010054c in syscall1 ()
(gdb) list
253
254 hash = uvm_pagehash(uobj, pg->offset);
255 buck = &uvm.page_hash[hash];
256 lock = uvm_hashlock(hash);
257 mutex_spin_enter(lock);
258 TAILQ_REMOVE(buck, pg, hashq);
259 mutex_spin_exit(lock);
260
261 if (UVM_OBJ_IS_VNODE(uobj)) {
262 if (uobj->uo_npages == 1) {
(gdb) print *buck
No symbol "buck" in current context.
(gdb) print *pg
$1 = {pageq = {tqe_next = 0xc07da510, tqe_prev = 0xc08d2580}, hashq = {tqe_next
= 0x40, tqe_prev = 0xc9bf0750}, listq = {tqe_next = 0xc07da510, tqe_prev =
0xcaf23720}, uanon = 0x0, uobject = 0xcaf23718, offset = 39657472, flags = 12,
loan_count = 0, wire_count = 0, pqflags = 512, phys_addr = 67080192, mdpage =
{mp_pvhead = {pvh_lock = { u = {mtxa_owner = 1281}}, pvh_root = {sph_root =
0x0}}, mp_link = 0x0, mp_attrs = 0}}
(gdb) print *hashq
No symbol "hashq" in current context.
(gdb) print lock
No symbol "lock" in current context.
(gdb)
Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
2006, 2007, 2008
The NetBSD Foundation, Inc. All rights reserved.
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
NetBSD 4.99.49 (DISKLESS.luiaard) #1: Fri Jan 18 13:38:10 CET 2008
reinoud%heethoofdje.13thmonkey.org@localhost:/usr/sources/cvs.netbsd.org/src/sys/arch/i386/compile/DISKLESS.luiaard
total memory = 127 MB
avail memory = 120 MB
timecounter: Timecounters tick every 10.000 msec
timecounter: Timecounter "i8254" frequency 1193182 Hz
quality 100
BIOS32 rev. 0 found at 0xf0400
Generic PC
mainbus0 (root)
cpu0 at mainbus0: (uniprocessor)
cpu0: AMD K6-2 (586-class), 232.68 MHz, id 0x580
cpu0: features 8001bf<FPU,VME,DE,PSE,TSC,MSR,MCE,CX8>
cpu0: features 8001bf<MMX>
cpu0: "AMD-K6(tm) 3D processor"
cpu0: I-cache 32 KB 32B/line 2-way, D-cache 32 KB 32B/line 2-way
cpu0: ITLB 64 4 KB entries direct-mapped
cpu0: DTLB 128 4 KB entries 2-way
cpu0: Initial APIC ID 0
cpu0: 4 page colors
pci0 at mainbus0 bus 0: configuration mode 1
pci0: i/o space, memory space enabled, rd/line, rd/mult, wr/inv ok
pchb0 at pci0 dev 0 function 0
pchb0: vendor 0x8086 product 0x1250 (rev. 0x03)
pcib0 at pci0 dev 7 function 0
pcib0: vendor 0x8086 product 0x7000 (rev. 0x01)
piixide0 at pci0 dev 7 function 1
piixide0: Intel 82371SB IDE Interface (PIIX3) (rev. 0x00)
piixide0: bus-master DMA support present
piixide0: primary channel wired to compatibility mode
piixide0: primary channel interrupting at irq 14
atabus0 at piixide0 channel 0
piixide0: secondary channel wired to compatibility mode
piixide0: secondary channel interrupting at irq 15
atabus1 at piixide0 channel 1
uhci0 at pci0 dev 7 function 2: vendor 0x8086 product 0x7020 (rev. 0x01)
uhci0: interrupting at irq 9
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: vendor 0x8086 UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
rtk0 at pci0 dev 10 function 0: Realtek 8139 10/100BaseTX (rev. 0x10)
rtk0: interrupting at irq 10
rtk0: Ethernet address 00:10:a7:0a:de:e7
rlphy0 at rtk0 phy 7: Realtek internal PHY
rlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
vga0 at pci0 dev 12 function 0: vendor 0x12d2 product 0x0018 (rev. 0x10)
wsdisplay0 at vga0 kbdmux 1
wsmux1: connecting to wsdisplay0
direct rendering for vga0 unsupported
isa0 at pcib0
lpt0 at isa0 port 0x378-0x37b irq 7
com0 at isa0 port 0x3f8-0x3ff irq 4: ns16550a, working fifo
com0: kgdb
com1 at isa0 port 0x2f8-0x2ff irq 3: ns16550a, working fifo
com1: console
pckbc0 at isa0 port 0x60-0x64
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0 mux 1
wskbd0: connecting to wsdisplay0
attimer0 at isa0 port 0x40-0x43: AT Timer
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker (CPU-intensive output)
sysbeep0 at pcppi0
isapnp0 at isa0 port 0x279: ISA Plug 'n Play device support
npx0 at isa0 port 0xf0-0xff
npx0: reported by CPUID; using exception 16
pcppi0: attached to attimer0
isapnp0: no ISA Plug 'n Play devices found
timecounter: Timecounter "clockinterrupt" frequency 100 Hz quality 0
raidattach: Asked for 8 units
Kernelized RAIDframe activated
atapibus0 at atabus0: 2 targets
cd0 at atapibus0 drive 0: <_NEC DVD_RW ND-3500AG, , 2.16> cdrom removable
cd0: 32-bit data port
cd0: drive supports PIO mode 4, DMA mode 2, Ultra-DMA mode 2 (Ultra/33)
cd0(piixide0:0:0): using PIO mode 4, DMA mode 2 (using DMA)
wd0 at atabus1 drive 0: <LEXAR ATA FLASH>
wd0: drive supports 1-sector PIO transfers, LBA addressing
wd0: 15616 KB, 244 cyl, 4 head, 32 sec, 512 bytes/sect x 31232 sectors
wd0: 32-bit data port
wd0: drive supports PIO mode 4
wd0(piixide0:1:0): using PIO mode 4
Searching for RAID components...
boot device: wd0
root on rtk0
nfs_boot: trying DHCP/BOOTP
nfs_boot: DHCP next-server: 192.168.1.2
nfs_boot: my_domain=13thmonkey.org
nfs_boot: my_addr=192.168.1.3
nfs_boot: my_mask=255.255.255.0
nfs_boot: gateway=192.168.1.254
root on 192.168.1.2:/usr/exports/luiaard
root time: 0x4790aa67
init: copying out path `/sbin/init' 11
wsdisplay0: screen 1 added (80x25, vt100 emulation)
wsdisplay0: screen 2 added (80x25, vt100 emulation)
wsdisplay0: screen 3 added (80x25, vt100 emulation)
wsdisplay0: screen 4 added (80x25, vt100 emulation)
>How-To-Repeat:
Just copy a 1.7 Gb file to the NFS partition.
>Fix:
Home |
Main Index |
Thread Index |
Old Index