Date: Fri, 25 Jan 2013 09:50:28 GMT From: Wen <senoutouya@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/175557: kernel panic in smbfs.ko while accessing windows share Message-ID: <201301250950.r0P9oSLM095536@red.freebsd.org> Resent-Message-ID: <201301251000.r0PA00ko052984@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 175557
>Category: ports
>Synopsis: kernel panic in smbfs.ko while accessing windows share
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Jan 25 10:00:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Wen
>Release: 8.2 and 9.1 RELEASE
>Organization:
>Environment:
FreeBSD freebsd8 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Feb 18 02:24:46 UTC 2011 root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
FreeBSD h7bsd 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243826: Tue Dec 4 06:55:39 UTC 2012 root@obrian.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
FreeBSD is running in a virtual machine, Host:
Windows 7 Ultimate, 64-bit 6.1.7601, Service Pack 1 + VMWare Workstation 9.0.1 build-894247
samba version: unknown, comes with FreeBSD
Host Hardware:
Intel i5230 4-core 3.2Ghz, 4GB RAM
VM Hardware:
1*4-core 3.2Ghz CPU, 1GB RAM
>Description:
root@h7bsd:/root # kgdb
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...
#0 sched_switch (td=0xc117b5d0, newtd=0xc4d9d5c0, flags=260) at /usr/src/sys/kern/sched_ule.c:1927
1927 cpuid = PCPU_GET(cpuid);
(kgdb) core /var/crash/vmcore.1
Unread portion of the kernel message buffer:
kernel trap 12 with interrupts disabled
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address = 0x14
fault code = supervisor read, page not present
instruction pointer = 0x20:0xc0b024bf
stack pointer = 0x28:0xd9784b30
frame pointer = 0x28:0xd9784b4c
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = resume, IOPL = 0
current process = 1032 (smbiod0)
trap number = 12
panic: page fault
cpuid = 1
KDB: stack backtrace:
#0 0xc0af3aff at kdb_backtrace+0x4f
#1 0xc0ac052f at panic+0x16f
#2 0xc0e25013 at trap_fatal+0x323
#3 0xc0e25087 at trap_pfault+0x67
#4 0xc0e2608a at trap+0x44a
#5 0xc0e0f66c at calltrap+0x6
#6 0xc0aae309 at _mtx_unlock_sleep+0x59
#7 0xc0aaea73 at _mtx_unlock_flags+0x53
#8 0xc7ae8b63 at smb_iod_invrq+0xd3
#9 0xc7ae9d27 at smb_iod_addrq+0x237
#10 0xc7ae61e5 at smb_rq_enqueue+0xf5
#11 0xc7ae6625 at smb_rq_simple+0x25
#12 0xc7ae4cf5 at smb_smb_ssnsetup+0x1c5
#13 0xc7ae8cc4 at smb_iod_connect+0x114
#14 0xc7ae9781 at smb_iod_thread+0x1e1
#15 0xc0a90526 at fork_exit+0x96
#16 0xc0e0f6e4 at fork_trampoline+0x8
Uptime: 3m24s
Physical memory: 1007 MB
Dumping 99 MB: 84 68 52 36 20 4
Reading symbols from /boot/kernel/smbfs.ko...Reading symbols from /boot/kernel/smbfs.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/smbfs.ko
Reading symbols from /boot/kernel/libiconv.ko...Reading symbols from /boot/kernel/libiconv.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/libiconv.ko
Reading symbols from /boot/kernel/libmchain.ko...Reading symbols from /boot/kernel/libmchain.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/libmchain.ko
#0 doadump (textdump=1) at pcpu.h:244
244 pcpu.h: No such file or directory.
in pcpu.h
(kgdb) bt
#0 doadump (textdump=1) at pcpu.h:244
#1 0xc0ac027f in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:448
#2 0xc0ac0572 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:636
#3 0xc0e25013 in trap_fatal (frame=0xd9784af0, eva=20) at /usr/src/sys/i386/i386/trap.c:1018
#4 0xc0e25087 in trap_pfault (frame=0xd9784af0, usermode=0, eva=20) at /usr/src/sys/i386/i386/trap.c:833
#5 0xc0e2608a in trap (frame=0xd9784af0) at /usr/src/sys/i386/i386/trap.c:545
#6 0xc0e0f66c in calltrap () at /usr/src/sys/i386/i386/exception.s:169
#7 0xc0b024bf in turnstile_broadcast (ts=0x0, queue=0) at /usr/src/sys/kern/subr_turnstile.c:838
#8 0xc0aae309 in _mtx_unlock_sleep (m=0xc79dd294, opts=0, file=0xc7af58d6 "/usr/src/sys/modules/smbfs/../../netsmb/smb_iod.c", line=91) at /usr/src/sys/kern/kern_mutex.c:715
#9 0xc0aaea73 in _mtx_unlock_flags (m=0xc79dd294, opts=0, file=0xc7af58d6 "/usr/src/sys/modules/smbfs/../../netsmb/smb_iod.c", line=91) at /usr/src/sys/kern/kern_mutex.c:238
#10 0xc7ae8b63 in smb_iod_invrq (iod=Variable "iod" is not available.
) at /usr/src/sys/modules/smbfs/../../netsmb/smb_iod.c:91
#11 0xc7ae9d27 in smb_iod_addrq (rqp=0xc79dd200) at /usr/src/sys/modules/smbfs/../../netsmb/smb_iod.c:418
#12 0xc7ae61e5 in smb_rq_enqueue (rqp=0xc79dd200) at /usr/src/sys/modules/smbfs/../../netsmb/smb_rq.c:187
#13 0xc7ae6625 in smb_rq_simple (rqp=0xc79dd200) at /usr/src/sys/modules/smbfs/../../netsmb/smb_rq.c:168
#14 0xc7ae4cf5 in smb_smb_ssnsetup (vcp=0xc75ddc00, scred=0xc7579ac0) at /usr/src/sys/modules/smbfs/../../netsmb/smb_smb.c:423
#15 0xc7ae8cc4 in smb_iod_connect (iod=0xc7579a80) at /usr/src/sys/modules/smbfs/../../netsmb/smb_iod.c:160
#16 0xc7ae9781 in smb_iod_thread (arg=0xc7579a80) at /usr/src/sys/modules/smbfs/../../netsmb/smb_iod.c:609
#17 0xc0a90526 in fork_exit (callout=0xc7ae95a0 <smb_iod_thread>, arg=0xc7579a80, frame=0xd9784d08) at /usr/src/sys/kern/kern_fork.c:992
#18 0xc0e0f6e4 in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:276
--------------------------------------------------------------------------------
kernel panic happens after i do concurrent file operation (gmake -j4) in the mounted dir.
however, it doesn't crash when accessing windows shares on machines other than the VM host.
>How-To-Repeat:
1. setup a virtual machine in vmware.
2. install freebsd 8.2/9.1 on the vm.
3. share a folder on the windows host
4. mount -t smbfs //USER@WINDOWSHOST/SHARE /mnt
5. cd /mnt/
6. make some concurrent file operations (eg: gmake -j4)
7. first it will complain 'Bad file descriptor' 'No space left on device' or 'Operation Timed Out'
8. repeat step 6 several times then it crashes.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201301250950.r0P9oSLM095536>