Date: Wed, 4 Jun 2003 17:09:18 +0400 (MSD) From: DoubleF <doublef@tele-kom.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/52936: Huge writes to nfs exported FAT filesystems cause server reboots Message-ID: <20030604134737.41681.qmail@mx.tele-kom.ru> Resent-Message-ID: <200306041350.h54DoCr8093236@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 52936
>Category: kern
>Synopsis: Huge writes to nfs exported FAT filesystems cause server reboots
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jun 04 06:50:11 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: DoubleF
>Release: FreeBSD 4.8-RELEASE i386
>Organization:
Volgograd state technical university
>Environment:
System: FreeBSD Shark.localdomain 4.8-RELEASE FreeBSD 4.8-RELEASE #8: Fri May 9 11:42:57 MSD 2003 df@Hal.localdomain:/usr/obj/usr/src/sys/SHARK i386
Reproduced on 2 machines, both 4.8-RELEASE with FAT and NFS support
compiled into kernel:
Shark: P54C-150, 32M RAM, 2G HDD (FAT is FAT16)
Hal: AMD Duron-1300, 128M RAM, 80G HDD (FAT is FAT32)
Reproduced on the same machines with the GENERIC kernel
>Description:
During a large (client) write to the exported filesystem the kernel
page faults as follows:
-------------------------
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x1
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc015d36f
stack pointer = 0x10:0xccf70d80
frame pointer = 0x10:0xccf70d9c
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 102 (nfsd)
interrupt mask = net tty bio cam
trap number = 12
panic: page fault
syncing disks... panic: lockmgr: non-zero exclusive count
Uptime: 3m0s
-------------------------
The backtrace shows:
-------------------------
#0 0xc0161c9a in dumpsys ()
#1 0xc0161a6b in boot ()
#2 0xc0161e90 in poweroff_wait ()
#3 0xc015c3c9 in lockmgr ()
#4 0xc018c934 in vop_stdlock ()
#5 0xc0217f65 in ufs_vnoperate ()
#6 0xc0196a89 in vn_lock ()
#7 0xc018f85b in vget ()
#8 0xc021016f in ffs_sync ()
#9 0xc0191887 in sync ()
#10 0xc0161806 in boot ()
#11 0xc0161e90 in poweroff_wait ()
#12 0xc028500a in trap_fatal ()
#13 0xc0284cdd in trap_pfault ()
#14 0xc02848c7 in trap ()
#15 0xc015d36f in malloc ()
#16 0xc01dd6aa in nfsrv_dorec ()
#17 0xc01e1bd0 in nfssvc_nfsd ()
#18 0xc01e1863 in nfssvc ()
#19 0xc028522e in syscall2 ()
#20 0xc0278da5 in Xint0x80_syscall ()
#21 0x0804813e in ?? ()
-------------------------
This does not happen when data is copied otherwise (f.e.
through netcat).
>How-To-Repeat:
On the server:
The FAT filesystem is mounted read-write to, say, /DOS.
The /etc/exports file contains the line
/DOS <client-name>
On the client:
# mount_nfs <server-name>:/DOS /mnt
# cd /mnt
# cat /dev/zero >aLargeFile
>Fix:
None at the moment except for not exporting FAT filesystems by
NFS.
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030604134737.41681.qmail>