Date: Fri, 26 Aug 2005 15:44:44 -0400 From: "Mike Hurst " <mshurst@schooner.uwaterloo.ca> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/85326: [panic] saving a file via samba to an overquota account crashes systeM Message-ID: <200508261944.j7QJir5B087647@engmail.uwaterloo.ca> Resent-Message-ID: <200508261950.j7QJoCul032906@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 85326 >Category: kern >Synopsis: [panic] saving a file via samba to an overquota account crashes systeM >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Aug 26 19:50:11 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Mike Hurst >Release: FreeBSD 5.4-RELEASE-p6 i386 >Organization: University of Waterloo >Environment: System: FreeBSD bookworm.uwaterloo.ca 5.4-RELEASE-p6 FreeBSD 5.4-RELEASE-p6 #0: Mon Aug 15 17:09:49 EDT 2005 root@bookworm.uwaterloo.ca:/usr/src/sys/i386/compile/bookworm.debug i386 Machine is a SuperMicro X5DPR-8G2+ Dual Xeon 3GHz with 1GB RAM. Adaptec 2015S Zero-Channel RAID card with 2x 35GB SCSI disks (RAID-1) Machine is configured as a web server using Apache, Samba, PHP, Mysql (listing of /var/db/pkg attached). User files are NFS mounted from a "4.8-RELEASE" file server (File server was recently upgraded to "5.4-RELEASE-p6" and the problem still persists). dmesg.boot and enabled kernel options are attached. >Description: Server panics periodically (even under no load). "current process" usually indicates "smbd" but has also indicated "syncer" and "perl" (all report the same "instruction pointer"). Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x1c fault code = supervisor write, page not present instruction pointer = 0x8:0xc056079f stack pointer = 0x10:0xe8025a20 frame pointer = 0x10:0xe8025a2c code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 5891 (smbd) trap number = 12 panic: page fault cpuid = 0 boot() called on cpu#0 Uptime: 21h44m32s Dumping 1023 MB [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". #0 doadump () at pcpu.h:159 159 pcpu.h: No such file or directory. in pcpu.h (kgdb) where #0 doadump () at pcpu.h:159 #1 0xc051c2f7 in boot (howto=260) at ../../../kern/kern_shutdown.c:410 #2 0xc051c64d in panic (fmt=0xc067af2f "%s") at ../../../kern/kern_shutdown.c:566 #3 0xc0653914 in trap_fatal (frame=0xe4b609e0, eva=28) at ../../../i386/i386/trap.c:817 #4 0xc0653647 in trap_pfault (frame=0xe4b609e0, usermode=0, eva=28) at ../../../i386/i386/trap.c:735 #5 0xc065325d in trap (frame= {tf_fs = -1068433384, tf_es = -702545904, tf_ds = 1048592, tf_edi = -702487532, tf_esi = -702487532, tf_ebp = -457831892, tf_isp = -457831924, tf_ebx = -702487532, tf_edx = 0, tf_ecx = -1040861696, tf_eax = 4, tf_trapno = 12, tf_err = 2, tf_eip = -1068103777, tf_cs = 8, tf_eflags = 66050, tf_esp = -702487532, tf_ss = -702487532}) at ../../../i386/i386/trap.c:425 #6 0xc064188a in calltrap () at ../../../i386/i386/exception.s:140 #7 0xc0510018 in linker_hints_lookup (path=0xd620e414 "\002", pathlen=1, modname=0x0, modnamelen=-1036481044, verinfo=0x1) at ../../../kern/kern_linker.c:1510 #8 0xc0560ff6 in getnewbuf (slpflag=256, slptimeo=0, size=7202, maxsize=8192) at ../../../kern/vfs_bio.c:1885 #9 0xc056247d in getblk (vp=0xc259e738, blkno=0, size=7202, slpflag=256, slptimeo=0, flags=0) at ../../../kern/vfs_bio.c:2585 #10 0xc05abb95 in nfs_getcacheblk (vp=0xc259e738, bn=0, size=7202, td=0xc1f5b600) at ../../../nfsclient/nfs_bio.c:1073 #11 0xc05ab80a in nfs_write (ap=0x0) at ../../../nfsclient/nfs_bio.c:886 #12 0xc057bc28 in vn_write (fp=0xc22770cc, uio=0xe4b60c88, active_cred=0xc259fb00, flags=1, td=0xc1f5b600) at vnode_if.h:432 #13 0xc053c480 in dofilewrite (td=0xc1f5b600, fp=0xc22770cc, fd=28, buf=0x0, nbyte=1, offset=Unhandled dwarf expression opcode 0x93 ) at file.h:245 #14 0xc053c3b5 in pwrite (td=0xc1f5b600, uap=0xe4b60d14) at ../../../kern/sys_generic.c:320 #15 0xc0653c57 in syscall (frame= {tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = 0, tf_esi = 7201, tf_ebp = -1077941944, tf_isp = -457831052, tf_ebx = 677546764, tf_edx = 0, tf_ecx = 137695232, tf_eax = 198, tf_trapno = 22, tf_err = 2, tf_eip = 677050651, tf_cs = 31, tf_eflags = 518, tf_esp = -1077941988, tf_ss = 47}) at ../../../i386/i386/trap.c:1009 #16 0xc06418df in Xint0x80_syscall () at ../../../i386/i386/exception.s:201 #17 0x0000002f in ?? () #18 0x0000002f in ?? () #19 0x0000002f in ?? () #20 0x00000000 in ?? () #21 0x00001c21 in ?? () #22 0xbfbfe948 in ?? () #23 0xe4b60d74 in ?? () #24 0x28628b0c in ?? () #25 0x00000000 in ?? () #26 0x08351000 in ?? () #27 0x000000c6 in ?? () #28 0x00000016 in ?? () #29 0x00000002 in ?? () #30 0x285af91b in ?? () #31 0x0000001f in ?? () #32 0x00000206 in ?? () #33 0xbfbfe91c in ?? () #34 0x0000002f in ?? () #35 0x00000000 in ?? () #36 0x00000000 in ?? () #37 0x00000000 in ?? () #38 0x00000000 in ?? () #39 0x2e620000 in ?? () #40 0xc235e1c4 in ?? () #41 0xc1f5b600 in ?? () #42 0xe4b60740 in ?? () #43 0xe4b60728 in ?? () #44 0xc1e98900 in ?? () #45 0xc052c8ef in sched_switch (td=0x1c21, newtd=0x28628b0c, flags=Cannot access memory at address 0xbfbfe958 ) at ../../../kern/sched_4bsd.c:881 Previous frame inner to this frame (corrupt stack?) (kgdb) list *0xc056079f 0xc056079f is in vfs_vmio_release (atomic.h:154). 149 atomic.h: No such file or directory. in atomic.h (kgdb) up 8 #8 0xc0560ff6 in getnewbuf (slpflag=256, slptimeo=0, size=7202, maxsize=8192) at ../../../kern/vfs_bio.c:1885 1885 vfs_vmio_release(bp); (kgdb) print *bp $1 = {b_io = {bio_cmd = 2 '\002', bio_flags = 0 '\0', bio_cflags = 0 '\0', bio_pflags = 0 '\0', bio_dev = 0x0, bio_disk = 0x0, bio_offset = 0, bio_bcount = 7202, bio_data = 0xdce6e000 "", bio_error = 69, bio_resid = 1, bio_done = 0xc05631e8 <bufdonebio>, bio_driver1 = 0x0, bio_driver2 = 0x0, bio_caller1 = 0x0, bio_caller2 = 0xd620e414, bio_queue = {tqe_next = 0x0, tqe_prev = 0x0}, bio_attribute = 0x0, bio_from = 0x0, bio_to = 0x0, bio_length = 0, bio_completed = 0, bio_children = 5, bio_inbed = 0, bio_parent = 0x0, bio_t0 = {sec = 0, frac = 0}, bio_task = 0, bio_task_arg = 0x0, bio_pblkno = 0}, b_op = 0xc06c5608, b_magic = 280038160, b_iodone = 0, b_blkno = 0, b_offset = 0, b_vnbufs = {tqe_next = 0x0, tqe_prev = 0xc259e770}, b_left = 0x0, b_right = 0x0, b_vflags = 0, b_freelist = {tqe_next = 0xd60c0a7c, tqe_prev = 0xc06ec828}, b_qindex = 0, b_flags = 536879648, b_xflags = 0 '\0', b_lock = {lk_interlock = 0xc06e5394, lk_flags = 1024, lk_sharecount = 0, lk_waitcount = 0, lk_exclusivecount = 1, lk_prio = 80, lk_wmesg = 0xc0693381 "bufwait", lk_timo = 0, lk_lockholder = 0xc1f5b600, lk_newlock = 0x0}, b_bufsize = 7680, b_runningbufspace = 0, b_kvabase = 0xdce6e000 "", b_kvasize = 16384, b_lblkno = 0, b_vp = 0x0, b_object = 0x0, b_dirtyoff = 0, b_dirtyend = 0, b_rcred = 0x0, b_wcred = 0xc23cfd80, b_saveaddr = 0xdce6e000, b_pager = {pg_reqpage = 0}, b_cluster = {cluster_head = {tqh_first = 0xd620e5c8, tqh_last = 0xd620c844}, cluster_entry = {tqe_next = 0xd620e5c8, tqe_prev = 0xd620c844}}, b_pages = {0xc1394010, 0xc1a2dc58, 0x0 <repeats 30 times>}, b_npages = 2, b_dep = { lh_first = 0x0}} >How-To-Repeat: I can only reproduce the panic which indicates "current process = smbd". >From a WindowsXP workstation connect via SMB to a users "homes" share. Open a MS Word document from the network share and make a change (then save the file). If the users is over quota and their grace period has expired the server crashes. If the user is over quota, but their grace period is NOT expired, the server is ok (reports disk space full). I have a non-production server available for testing, etc. I hope I've included enough info. ANY help would be greatly appreciated. Thanks Contents of smb.conf [global] workgroup = NEXUS server string = Engineering Web Server load printers = no log file = /var/log/smb.log max log size = 2000 log level = 1 security = server encrypt passwords = yes password server = server1,server2,server3,server4 socket options = TCP_NODELAY dns proxy = no dont descend = /bin, /cdrom, /dev, /etc, /mnt, /proc, /usr, /var include = /usr/local/etc/samba/debug.%m guest account = pcguest [homes] path = %H/public_html force user = %S public = no writeable = yes printable = no browseable = no inherit permissions = yes valid users = %S >Fix: Temporary fix is to monitor samba connections and adjust quotas for users who have expired their quota's grace period. --- dmesg.boot begins here --- Copyright (c) 1992-2005 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.4-RELEASE-p6 #1: Mon Aug 15 17:01:14 EDT 2005 root@schooner.uwaterloo.ca:/usr/src/sys/i386/compile/bookworm.debug WARNING: MPSAFE network stack disabled, expect reduced performance. Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Xeon(TM) CPU 3.06GHz (3065.80-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf27 Stepping = 7 Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> Hyperthreading: 2 logical CPUs real memory = 2146959360 (2047 MB) avail memory = 2099650560 (2002 MB) ACPI APIC Table: <PTLTD APIC > FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs cpu0 (BSP): APIC ID: 0 cpu1 (AP): APIC ID: 1 cpu2 (AP): APIC ID: 6 cpu3 (AP): APIC ID: 7 ioapic0 <Version 2.0> irqs 0-23 on motherboard ioapic1 <Version 2.0> irqs 24-47 on motherboard ioapic2 <Version 2.0> irqs 48-71 on motherboard npx0: <math processor> on motherboard npx0: INT 16 interface acpi0: <PTLTD RSDT> on motherboard acpi0: Power Button (fixed) Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0 cpu0: <ACPI CPU (2 Cx states)> on acpi0 cpu1: <ACPI CPU (2 Cx states)> on acpi0 cpu2: <ACPI CPU (2 Cx states)> on acpi0 cpu3: <ACPI CPU (2 Cx states)> on acpi0 pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0 pci0: <ACPI PCI bus> on pcib0 pci0: <unknown> at device 0.1 (no driver attached) pcib1: <ACPI PCI-PCI bridge> at device 2.0 on pci0 pci1: <ACPI PCI bus> on pcib1 pci1: <base peripheral, interrupt controller> at device 28.0 (no driver attached) pcib2: <ACPI PCI-PCI bridge> at device 29.0 on pci1 pci2: <ACPI PCI bus> on pcib2 em0: <Intel(R) PRO/1000 Network Connection, Version - 1.7.35> port 0x3000-0x303f mem 0xf8200000-0xf821ffff irq 54 at device 3.0 on pci2 em0: Ethernet address: 00:30:48:29:c5:a8 em0: Speed:N/A Duplex:N/A em1: <Intel(R) PRO/1000 Network Connection, Version - 1.7.35> port 0x3040-0x307f mem 0xf8220000-0xf823ffff irq 55 at device 3.1 on pci2 em1: Ethernet address: 00:30:48:29:c5:a9 em1: Speed:N/A Duplex:N/A pci1: <base peripheral, interrupt controller> at device 30.0 (no driver attached) pcib3: <ACPI PCI-PCI bridge> at device 31.0 on pci1 pci3: <ACPI PCI bus> on pcib3 asr0: <Adaptec Caching SCSI RAID> mem 0xfc000000-0xfdffffff,0xfb000000-0xfbffffff,0xf8300000-0xf83fffff irq 30 at device 3.0 on pci3 asr0: ADAPTEC 2015S FW Rev. 3B05, 2 channel, 256 CCBs, Protocol I2O uhci0: <Intel 82801CA/CAM (ICH3) USB controller USB-A> port 0x2000-0x201f irq 16 at device 29.0 on pci0 usb0: <Intel 82801CA/CAM (ICH3) USB controller USB-A> on uhci0 usb0: USB revision 1.0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1: <Intel 82801CA/CAM (ICH3) USB controller USB-B> port 0x2020-0x203f irq 19 at device 29.1 on pci0 usb1: <Intel 82801CA/CAM (ICH3) USB controller USB-B> on uhci1 usb1: USB revision 1.0 uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2: <Intel 82801CA/CAM (ICH3) USB controller USB-C> port 0x2040-0x205f irq 18 at device 29.2 on pci0 usb2: <Intel 82801CA/CAM (ICH3) USB controller USB-C> on uhci2 usb2: USB revision 1.0 uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered pcib4: <ACPI PCI-PCI bridge> at device 30.0 on pci0 pci4: <ACPI PCI bus> on pcib4 pci4: <display, VGA> at device 1.0 (no driver attached) isab0: <PCI-ISA bridge> at device 31.0 on pci0 isa0: <ISA bus> on isab0 atapci0: <Intel ICH3 UDMA100 controller> port 0x2060-0x206f,0x376,0x170-0x177,0x3f6,0x1f0-0x1f7 at device 31.1 on pci0 ata0: channel #0 on atapci0 ata1: channel #1 on atapci0 pci0: <serial bus, SMBus> at device 31.3 (no driver attached) acpi_button0: <Power Button> on acpi0 atkbdc0: <Keyboard controller (i8042)> port 0x64,0x60 irq 1 on acpi0 atkbd0: <AT Keyboard> irq 1 on atkbdc0 kbd0 at atkbd0 psm0: <PS/2 Mouse> irq 12 on atkbdc0 psm0: model IntelliMouse, device ID 3 sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0 sio1: type 16550A fdc0: <floppy drive controller> port 0x3f7,0x3f0-0x3f5 irq 6 drq 2 on acpi0 fd0: <1440-KB 3.5" drive> on fdc0 drive 0 pmtimer0 on isa0 orm0: <ISA Option ROMs> at iomem 0xe0000-0xe3fff,0xc9000-0xcefff,0xc8000-0xc8fff,0xc0000-0xc7fff on isa0 sc0: <System console> at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 ppc0: parallel port not found. Timecounters tick every 10.000 msec acd0: CDROM <CD-232E/1.0A> at ata1-master PIO4 ses0 at asr0 bus 0 target 6 lun 0 ses0: <SUPER GEM318 0> Fixed Processor SCSI-2 device ses0: SAF-TE Compliant Device da0 at asr0 bus 0 target 0 lun 0 da0: <ADAPTEC RAID-1 3B05> Fixed Direct Access SCSI-2 device da0: Tagged Queueing Enabled da0: 35003MB (71686144 512 byte sectors: 255H 63S/T 4462C) SMP: AP CPU #1 Launched! SMP: AP CPU #2 Launched! SMP: AP CPU #3 Launched! Mounting root from ufs:/dev/da0s1a WARNING: / was not properly dismounted WARNING: /tmp was not properly dismounted WARNING: /usr was not properly dismounted WARNING: /var was not properly dismounted ipfw2 initialized, divert disabled, rule-based forwarding disabled, default to deny, logging disabled em0: Link is up 1000 Mbps Full Duplex --- dmesg.boot ends here --- --- var_db_pkg.txt begins here --- apache-2.0.53_1 autoconf-2.53_3 autoconf-2.59_2 automake-1.5_2,1 bison-1.75_2 bitstream-vera-1.10_1 cclient-2004c1_1,1 cgiwrap-3.9_2 cvsup-16.1h_2 eruby-1.0.5 expat-1.95.8 fontconfig-2.2.3,1 freetype2-2.1.9 gd-2.0.33_1,1 gettext-0.14.1 gmake-3.80_2 help2man-1.35.1 imake-6.8.2 jpeg-6b_3 libXft-2.1.6_1 libiconv-1.9.2_1 libltdl-1.5.10 libmcrypt-2.5.7_1 libtool-1.3.5_2 libtool-1.5.10_1 libxml2-2.6.18 m4-1.4.1 mod_fcgid-0.80 mod_ruby-1.2.4 mysql-client-4.1.10a mysql-server-4.1.10a openldap-client-2.2.23 p5-gettext-1.03 pdflib-6.0.1_1 pecl-pdflib-2.0.4 perl-5.8.6_2 php5-5.0.3_2 php5-bz2-5.0.3_2 php5-ctype-5.0.3_2 php5-dom-5.0.3_2 php5-extensions-1.0 php5-ftp-5.0.3_2 php5-gd-5.0.3_2 php5-gettext-5.0.3_2 php5-iconv-5.0.3_2 php5-imap-5.0.3_2 php5-ldap-5.0.3_2 php5-mbstring-5.0.3_2 php5-mcrypt-5.0.3_2 php5-mysql-5.0.3_2 php5-openssl-5.0.3_2 php5-pcre-5.0.3_2 php5-posix-5.0.3_2 php5-session-5.0.3_2 php5-simplexml-5.0.3_2 php5-sqlite-5.0.3_2 php5-tokenizer-5.0.3_2 php5-xml-5.0.3_2 php5-zlib-5.0.3_2 phpMyAdmin-2.6.1.3 pkgconfig-0.15.0_1 png-1.2.8_1 popt-1.7 rsync-2.6.5 ruby-1.8.2_3 samba-3.0.12_1,1 ssmtp-2.61 t1lib-5.0.1,1 twiki-20040902 unzip-5.52_1 xorg-clients-6.8.2 xorg-documents-6.8.2 xorg-fonts-100dpi-6.8.2 xorg-fonts-75dpi-6.8.2 xorg-fonts-encodings-6.8.2 xorg-fonts-miscbitmaps-6.8.2 xorg-fonts-truetype-6.8.2 xorg-libraries-6.8.2 xorg-manpages-6.8.2 xorg-nestserver-6.8.2 xorg-printserver-6.8.2 xorg-server-6.8.2 xorg-vfbserver-6.8.2 xterm-200_2 --- var_db_pkg.txt ends here --- --- kernel_options.txt begins here --- machine i386 cpu I686_CPU ident bookworm options SMP options KDB, KDB_TRACE, KDB_UNATTENDED makeoptions DEBUG=-g options SCHED_4BSD options INET options FFS options SOFTUPDATES options UFS_ACL options UFS_DIRHASH options MD_ROOT options NFSCLIENT options NFSSERVER options NFS_ROOT options MSDOSFS options CD9660 options PROCFS options PSEUDOFS options GEOM_GPT options COMPAT_43 options COMPAT_FREEBSD4 options SCSI_DELAY=15000 options KTRACE options SYSVSHM options SYSVMSG options SYSVSEM options _KPOSIX_PRIORITY_SCHEDULING options KBD_INSTALL_CDEV options AHC_REG_PRETTY_PRINT options AHD_REG_PRETTY_PRINT options ADAPTIVE_GIANT device apic device isa device pci device fdc device ata device atadisk device atapicd device atapifd options ATA_STATIC_ID device ahc device ahd device scbus device ch device da device sa device cd device pass device ses device asr device aac device aacp device atkbdc device atkbd device psm device vga device splash device sc device agp device npx device pmtimer device sio device ppc device ppbus device ppi device em device loop device mem device io device random device ether device tun device pty device md device bpf device uhci device ohci device usb device ugen device uhid device ukbd device ulpt device umass device ums device urio device uscanner --- kernel_options.txt ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508261944.j7QJir5B087647>