Subject: kern/22725: kernel crash while attempting mkfifo on NFS volume
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <der.eremit@email.de>
List: netbsd-bugs
Date: 09/09/2003 01:09:28
>Number: 22725
>Category: kern
>Synopsis: kernel crash while attempting mkfifo on NFS volume
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Sep 09 01:10:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator: Pascal Schmidt
>Release: 1.6.1
>Organization:
>Environment:
NetBSD neptune.local 1.6.1 NetBSD 1.6.1 (GENERIC) #0: Tue Apr 8 12:05:52 UTC 2003 autobuild@tgm.daemon.org:/autobuild/netbsd-1-6/i386/OBJ/autobuild/netbsd-1-6/src/sys/arch/i386/compile/GENERIC i386
>Description:
When attempting to run mkfifo on an NFS volume exported from a user-space NFS server on localhost, I get a protection fault inside the kernel.
output on the console (copied by hand) is:
kernel: protection fault trap, code=0
Stopped in pid 2075 (mkfifo) at memcpy+0x1a: repe movsl (%esi),%esi(%edi)
attempting to sync from the debugger does not work then:
db>sync
syncing disks... 7 done
panic: lockmgr: locking against myself
Stopped in pid 2075 (mkfifo) at cpu_Debugger+0x4: leave
Even if this is due to a bug in the NFS server, it should probably
not hang the kernel.
>How-To-Repeat:
1. make sure rpcbind is running, but in-kernel NFS server not
2. download http://www.tzi.de/~pharao90/crashme.tar.gz
3. zcat crashme.tar.gz | tar xf -
4. cd crashme
5. ./configure
6. make .depend
7. make
8. mkdir /tmp/test
9. mkdir /tmp/mnt
10. ./unfsd
now as root:
11. mount_nfs -3 127.0.0.1:/tmp/test /tmp/mnt
12. mkfifo /tmp/mnt/fifo
kernel trap immediately follows
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted: