kern/94703: panic: "oof, we didn't get our fd" when faxgetty starts
Steve Watt
steve at Watt.COM
Sun Mar 19 20:40:42 UTC 2006
>Number: 94703
>Category: kern
>Synopsis: panic: "oof, we didn't get our fd" when faxgetty starts
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Mar 19 20:40:16 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Steve Watt
>Release: FreeBSD 6.1-PRERELEASE i386
>Organization:
Watt Consultants
>Environment:
System: FreeBSD wattres.Watt.COM 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #0: Fri Mar 17 23:50:45 PST 2006 root at wattres.Watt.COM:/usr/obj/usr/src/sys/WATTRES i386
Freshly upgraded (source upgrade and an hour in mergemaster) from 5.5-PRE.
Extra settings relative to GENERIC:
--- GENERIC Mon Jan 23 06:19:36 2006
+++ WATTRES Fri Mar 17 22:28:58 2006
@@ -19,7 +19,7 @@
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.429.2.5 2006/01/23 14:19:36 marius Exp $
machine i386
-cpu I486_CPU
+## cpu I486_CPU
cpu I586_CPU
cpu I686_CPU
ident GENERIC
@@ -29,11 +29,27 @@
makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
+options KDB
+options DDB
+
+options KDB_TRACE
+options KDB_UNATTENDED
+
+options INVARIANTS
+options INVARIANT_SUPPORT
+options DEBUG_LOCKS
+options DEBUG_VFS_LOCKS
+
(Yes, I'm planning on chasing a VFS locking issue, see PR kern/94261.)
>Description:
When faxgetty is started, the system panics with "oof, we didn't get our fd".
The traceback isn't very interesting:
Unread portion of the kernel message buffer:
panic: oof, we didn't get our fd
KDB: stack backtrace:
kdb_backtrace(c091d4a3,c09e53c0,c0919fcf,d01e6a84,100) at kdb_backtrace+0x2f
panic(c0919fcf,d01e6aa4,d01e6aa8,c0936707,d01e6ab4) at panic+0xb8
fdcheckstd(c25f3780,0,c091a5b9,24d,0) at fdcheckstd+0x9b
do_execve(c25f3780,d01e6cac,0,c,0) at do_execve+0x70c
kern_execve(c25f3780,d01e6cac,0,80df480,bfbfed28) at kern_execve+0xb5
execve(c25f3780,d01e6d04,c,41d,3) at execve+0x50
syscall(3b,3b,3b,2,80df440) at syscall+0x295
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (59, FreeBSD ELF32, execve), eip = 0x80541d7, esp = 0xbfbfed0c, ebp = 0xbfbfed88 ---
Uptime: 40s
Dumping 223 MB (2 chunks)
chunk 0: 1MB (159 pages) ... ok
chunk 1: 223MB (57072 pages) 207 191 175 159 143 127 111 95 79 63 47 31 15
#0 doadump () at pcpu.h:165
165 __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) up
#1 0xc0697e28 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:402
u402 doadump();
(kgdb) up
#2 0xc0698146 in panic (fmt=0xc0919fcf "oof, we didn't get our fd")
at /usr/src/sys/kern/kern_shutdown.c:558
558 boot(bootopt);
(kgdb) up
#3 0xc0673b93 in fdcheckstd (td=0xc25f3780) at /usr/src/sys/kern/kern_descrip.c:1820
1820 KASSERT(fd == i, ("oof, we didn't get our fd"));
(kgdb) list
1815 int vfslocked;
1816 error = falloc(td, &fp, &fd);
1817 if (error != 0)
1818 break;
1819 /* Note extra ref on `fp' held for us by falloc(). */
1820 KASSERT(fd == i, ("oof, we didn't get our fd"));
1821 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE, UIO_SYSSPACE,
1822 "/dev/null", td);
1823 flags = FREAD | FWRITE;
1824 error = vn_open(&nd, &flags, 0, fd);
>How-To-Repeat:
Install HylaFax, and add
ttyd0 "/usr/local/sbin/faxgetty" dialup on secure
to your /etc/ttys
>Fix:
I'm not 100% certain this assert is valid; more code inspection is
probably needed, but it smells to me like this is a race condition.
Removing the setuid uucp from faxgetty makes the problem go away,
but could result (haven't checked yet) in permissions problems
on lockfiles.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list