netbsd-bugs: kern/14042: NFS/lookup crash

Subject: kern/14042: NFS/lookup crash
To: None <gnats-bugs@gnats.netbsd.org>
From: Witold J. Wnuk <witek@pd37.warszawa.sdi.tpnet.pl>
List: netbsd-bugs
Date: 09/22/2001 10:27:01
>Number:         14042
>Category:       kern
>Synopsis:       crash in cache_lookup (called from nfs_lookup)
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Sep 22 01:28:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Witold J. Wnuk
>Release:        1.5Y
>Organization:
>Environment:
System: NetBSD tamjee.wnuk.eu.org 1.5Y NetBSD 1.5Y (TAMJEE) #16: Fri Sep 21 13:31:55 CEST 2001 witek@grzyb.wnuk.eu.org:/usr/src/sys/arch/i386/compile/TAMJEE i386
Architecture: i386
Machine: i386
>Description:
Under heavy load NFS client will crash. I've got to db only once
because previously it had crashed while I was using X. I have no
dump and there may be some typos in the following because the
client machine has no disk and GRUB (used to boot) does not
allow to enable serial console.


Following is transfered from piece of paper - may contain typos:

uvm_fault(0xcf1e2764, 0, 0, 3) -> e
kernel page fault trap, code = 0
Stopped in pid 2778 (cpp) at 0xc015175b: movl %edx, 0(%eax)
db> t
(null)(cf124e0c, cf266ff1c, cf124e0c, 0) at 0xc015175b (in the second half of cache_lookup)
(null)(cf26fdb0, cf26fef8, c027fe00, cf124ec, cf26ff08) at 0xc01c41ac (in nfs_lookup)
...	at 0xc015ae52 (VOP_LOOKUP)
...	at 0xc01536e8 (lookup)
...	at 0xc0153409 (namei)
...	at 0xc015a468 (vn_open)
...	at 0xc015778d (sys_open)
(null)(1f, 1f, 1f, 1f, 0)	at 0xc01fee24

edx 0xcef0b364
eax 0
ebx 0xcef0b3ac

c015174a:       85 d2           testl  %edx,%edx
c015174c:       74 0a           je     c0151758 <cache_lookup+0x2c8>
c015174e:       8b 43 04        movl   0x4(%ebx),%eax
c0151751:       89 42 04        movl   %eax,0x4(%edx)
c0151754:       8b 13           movl   (%ebx),%edx
c0151756:       89 f6           movl   %esi,%esi
c0151758:       8b 43 04        movl   0x4(%ebx),%eax
c015175b:       89 10           movl   %edx,(%eax)
c015175d:       c7 43 04 00 00  movl   $0x0,0x4(%ebx)
c0151762:       00 00 
c0151764:       8b 53 14        movl   0x14(%ebx),%edx
c0151767:       85 d2           testl  %edx,%edx
c0151769:       74 1a           je     c0151785 <cache_lookup+0x2f5>

I would be happy to provide more information. The kernel
is at http://pd37.warszawa.sdi.tpnet.pl/dumps/netbsd.nfs_lookup_crash

>How-To-Repeat:
	Crash is pretty hard to trigger, however kernel make -j64 should do.
>Fix:
	
>Release-Note:
>Audit-Trail:
>Unformatted: