kern/98064: Crash with FIFOs (named pipes) and truncate()
Kirk Russell
kirk at ba23.org
Sun May 28 13:36:59 PDT 2006
>Number: 98064
>Category: kern
>Synopsis: Crash with FIFOs (named pipes) and truncate()
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun May 28 20:30:16 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Kirk Russell
>Release: 6.1-RELEASE alpha
>Organization:
http://www.ba23.org/
>Environment:
FreeBSD as2100.on.kr 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Sun May 7 18:29:20 UTC 2006 root at ds10.freebie.xs4all.nl:/usr/obj/usr/src/sys/GENERIC alpha
>Description:
I am guessing you can reproduce this issue on i386, so it should be
a generic kernel issue and not specific to the alpha.
When you call truncate() on a fifo, the kernel will crash.
>How-To-Repeat:
$ cat bstg0001.c
#include <unistd.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <string.h>
#include <sys/stat.h>
int main()
{
unlink("afifo");
if (mkfifo("afifo", 0666) == -1) {
errx(1, "%s: %s", "mkfifo", strerror(errno));
}
truncate("afifo", 16000);
return 0;
}
$ cc -Wall bstg0001.c
$ ./a.out
No strategy for buffer at 0xfffffe000dbe8e28
vnode
0xfffffc0027a001f0: tag ufs, type VFIFO
usecount 1, writecount 0, refcount 2 mountedhere 0
flags ()
lock type ufs: EXCL (count 1) by thread 0xfffffc002aaaafc0 (pid 516)
ino 306188, on dev da0f
fatal kernel trap:
trap entry = 0x2 (memory management fault)
cpuid = 1
faulting va = 0x10
type = access violation
cause = load instructon
pc = 0xfffffc00004b6af8
ra = 0xfffffc00007241cc
sp = 0xfffffe00188e95d0
usp = 0x11ffec20
curthread = 0xfffffc002aaaafc0
pid = 516, comm = a.out
panic: trap
cpuid = 1
Uptime: 4m47s
Cannot dump. No dump device defined.
Automatic reboot in 15 seconds - press a key on the console to abort
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list