i386/91242: [msdosfs] panic: rofs mod

Ricardo A. Reis ricardo.areis at gmail.com
Mon Jan 2 15:30:23 PST 2006


>Number:         91242
>Category:       i386
>Synopsis:       [msdosfs] panic: rofs mod
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-i386
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 02 23:30:03 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Ricardo A. Reis
>Release:        7.0-CURRENT-SNAP010
>Organization:
UNIFESP
>Environment:
FreeBSD myfreebsd.homeunix.org 7.0-CURRENT-SNAP010 FreeBSD 7.0-CURRENT-SNAP010 #0: Tue Dec 13 11:25:44 UTC 2005     root at harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
 
>Description:
       After boot system, a msdosfs partition is mounted in read-only, attempt remount in rw, system crash with rofs mod.
--------------------------------------------------------
cat /usr/crash/info.11
Dump header from device /dev/ad2s1b
  Architecture: i386
  Architecture Version: 2
  Dump Length: 200867840B (191 MB)
  Blocksize: 512
  Dumptime: Mon Jan  2 20:49:59 2006
  Hostname: myfreebsd.homeunix.org
  Magic: FreeBSD Kernel Dump
  Version String: FreeBSD 7.0-CURRENT-SNAP010 #0: Tue Dec 13 11:25:44 UTC 2005
    root at harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
  Panic String: msdosfs_sync: rofs mod
  Dump Parity: 548930347
  Bounds: 11
  Dump Status: good

 kgdb kernel.symbols /usr/crash/vmcore.11
Password:
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:
panic: msdosfs_sync: rofs mod
cpuid = 0
KDB: enter: panic
panic: from debugger
cpuid = 0
Uptime: 2m57s
Dumping 191 MB (2 chunks)
  chunk 0: 1MB (159 pages) ... ok
  chunk 1: 191MB (48880 pages) 175 159 143 127 111 95 79 63 47 31 15

#0  doadump () at pcpu.h:165
165     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) bt full
#0  doadump () at pcpu.h:165
No locals.
#1  0xc064f09c in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399
        first_buf_printf = 1
#2  0xc064f3b1 in panic (fmt=0xc0842e0b "from debugger") at /usr/src/sys/kern/kern_shutdown.c:555
        td = (struct thread *) 0xc1d71780
        bootopt = 260
        newpanic = 0
        ap = 0xc9ed39f4 "¨:íÉø¤FÀ\027\222fÀ"
        buf = "msdosfs_sync: rofs mod", '\0' <repeats 233 times>
#3  0xc046a561 in db_panic (addr=-1067019753, have_addr=0, count=-1, modif=0xc9ed3a1c "") at /usr/src/sys/ddb/db_command.c:435
No locals.
#4  0xc046a4f8 in db_command (last_cmdp=0xc092bfc4, cmd_table=0x0, aux_cmd_tablep=0xc08a6214, aux_cmd_tablep_end=0xc08a6230) at /usr/src/sys/ddb/db_command.c:404
        cmd = (struct command *) 0xc0823be0
        t = 0
        modif = "\000:íÉèó~À4:íÉ8:íÉ\211\a\000\000\211\a\000\000Ï\a\000\000\000\000\000\000 Ð\233À\r\000\000\000 Ð\233À Ð\233À\r\000\000\000\001\000\000\000t:íÉ\033í~Àt:íÉ4í~À\200ý\231À`\034\231Àx\000\000\000ÀÈ\222À\200\027×Á\224:íÉ\224ÅFÀѧ\207ÀlÂFÀ\200\027×ÁÀÈ\222À\036ºFÀ"
        addr = -1067019753
        count = -1
        have_addr = 0
        result = 0
#5  0xc046a5c0 in db_command_loop () at /usr/src/sys/ddb/db_command.c:455
No locals.
#6  0xc046c1d9 in db_trap (type=3, code=0) at /usr/src/sys/ddb/db_main.c:221
        jb = {{_jb = {-907199788, -907199808, -907199736, 1, -1042868352, -1069104782, -1067011683, 10, -907199536, -907199564, 1, -1042868352}}}
        prev_jb = (void *) 0x0
        bkpt = 0
#7  0xc0669510 in kdb_trap (type=3, code=0, tf=0xc9ed3bb4) at /usr/src/sys/kern/subr_kdb.c:485
        did_stop_cpus = 1
        handled = -907199564
#8  0xc080d624 in trap (frame=
      {tf_fs = 8, tf_es = 40, tf_ds = 40, tf_edi = -1064881991, tf_esi = 1, tf_ebp = -907199500, tf_isp = -907199520, tf_ebx = -907199456, tf_edx = 0, tf_ecx = -1056755712, tf_eax = 18, tf_trapno = 3, tf_err = 0, tf_eip = -1067019753, tf_cs = 32, tf_eflags = 524946, tf_esp = -907199468, tf_ss = -1067125917}) at /usr/src/sys/i386/i386/trap.c:614
        td = (struct thread *) 0xc1d71780
        p = (struct proc *) 0xc1ef4adc
        sticks = 10
        i = 0
        ucode = 0
        type = 3
        code = 0
        addr = 0
        eva = 0
     ksi = {ksi_link = {tqe_next = 0xc087a688, tqe_prev = 0xc9ed3b6c}, ksi_info = {si_signo = -1064703823, si_errno = -907199644, si_code = 1, si_pid = -1041223680, si_uid = 3258073852, si_status = -907199608, 
    si_addr = 0xc06557ef, si_value = {sival_int = -1064030304, sival_ptr = 0xc0942fa0}, _reason = {_fault = {_trapno = 0}, _timer = {_timerid = 0, _overrun = -1}, _mesgq = {_mqd = 0}, _poll = {_band = 0}, __spare__ = {
        __spare1__ = 0, __spare2__ = {-1, -1064030304, -1036893548, -1042868352, -1038757764, 9, -907199568}}}}, ksi_flags = -1067047645, ksi_sigq = 0xc0944cb0}
#9  0xc07fa4da in calltrap () at /usr/src/sys/i386/i386/exception.s:137
No locals.
#10 0xc0669217 in kdb_enter (msg=0x12 <Address 0x12 out of bounds>) at cpufunc.h:60
No locals.
#11 0xc064f363 in panic (fmt=0xc08730b9 "msdosfs_sync: rofs mod") at /usr/src/sys/kern/kern_shutdown.c:539
        td = (struct thread *) 0xc1d71780
        bootopt = 256
        newpanic = 1
        ap = 0xc9ed3c20 ""
        buf = "msdosfs_sync: rofs mod", '\0' <repeats 233 times>
#12 0xc060d5bd in msdosfs_sync (mp=0xc1e61800, waitfor=3, td=0xc1d71780) at /usr/src/sys/fs/msdosfs/msdosfs_vfsops.c:863
        vp = (struct vnode *) 0x0
        nvp = (struct vnode *) 0xc9ed3c68
        dep = (struct denode *) 0x12
        pmp = (struct msdosfsmount *) 0xc20c0d00
        error = -1042868352
        allerror = 0
#13 0xc06a7f64 in sync_fsync (ap=0x0) at /usr/src/sys/kern/vfs_subr.c:3063
        syncvp = (struct vnode *) 0xc1033000
        mp = (struct mount *) 0xc1e61800
        td = (struct thread *) 0xc1d71780
        error = -1042868352
        asyncflag = 0
        bo = (struct bufobj *) 0x0
#14 0xc081ef56 in VOP_FSYNC_APV (vop=0x12, a=0xc9ed3cbc) at vnode_if.c:1020
        rc = 18
#15 0xc06a5e00 in sync_vnode (bo=0xc2346a00, td=0xc1d71780) at vnode_if.h:537
        vp = (struct vnode *) 0xc2346948
        mp = (struct mount *) 0x0
#16 0xc06a6079 in sched_sync () at /usr/src/sys/kern/vfs_subr.c:1666
        next = (struct synclist *) 0xc1e7e0c4
        slp = (struct synclist *) 0xc1e7e0c0
        bo = (struct bufobj *) 0xc2346a00
        starttime = 177
        td = (struct thread *) 0xc1d71780
        dummychan = 0
        last_work_seen = 17
        net_worklist_len = 6
        syncer_final_iter = 0
        first_printf = 1
        error = 18
#17 0xc063b624 in fork_exit (callout=0xc06a5e88 <sched_sync>, arg=0x0, frame=0xc9ed3d38) at /usr/src/sys/kern/kern_fork.c:790
        p = (struct proc *) 0xc1ef4adc
        td = (struct thread *) 0x0
#18 0xc07fa53c in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:198
No locals.
(kgdb) list *0xc07fa53c
0xc07fa53c is at /usr/src/sys/i386/i386/exception.s:199.
194     ENTRY(fork_trampoline)
195             pushl   %esp                    /* trapframe pointer */
196             pushl   %ebx                    /* arg1 */
197             pushl   %esi                    /* function */
198             call    fork_exit
199             addl    $12,%esp
200             /* cut from syscall */
201
202             /*
203              * Return via doreti to handle ASTs.


---------------------
 mount |grep msdos
/dev/ad1s1 on /mnt/win (msdosfs, local)


dmesg
-------------------------

g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
fsync: giving up on dirty
0xc1f58e70: tag devfs, type VCHR
    usecount 1, writecount 0, refcount 3 mountedhere 0xc1e91a00
    flags ()
    v_object 0xc10446c8 ref 0 pages 2
     lock type devfs: EXCL (count 1) by thread 0xc1f37000 (pid 857)
        dev ad1s1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1
g_vfs_done():ad1s1[WRITE(offset=10489856, length=8192)]error = 1


>How-To-Repeat:
              
>Fix:
              
>Release-Note:
>Audit-Trail:
>Unformatted:


More information about the freebsd-i386 mailing list