msdosfs kernel panic

sa8o1age gexlie at gmail.com
Thu Sep 13 01:14:12 PDT 2007 

i have:
FreeBSD cthulhu.ru 6.2-RELEASE-p7 FreeBSD 6.2-RELEASE-p7 #4: Thu Aug
30 23:29:11 MSD 2007     root at cthulhu.ru:/usr/obj/usr/src/sys/fhtagn
i386


and i have usb mp3 player with msdofs fs.
after umounting it everything is fine unless i shutdown pc.
on shutdown kernel panics:

Sep 12 18:43:08 cthulhu sudo:   sb : TTY=ttyp2 ;
PWD=/usr/home/sb/music ; USER=root ; COMMAND=/sbin/umount /mnt/floppy/
Sep 12 18:43:19 cthulhu kernel: umass0: at uhub1 port 2 (addr 2) disconnected
Sep 12 18:43:19 cthulhu kernel: (da0:umass-sim0:0:0:0): lost device
Sep 12 18:43:19 cthulhu kernel: (da0:umass-sim0:0:0:0): removing device entry
Sep 12 18:43:19 cthulhu kernel: umass0: detached
Sep 13 10:12:56 cthulhu kernel: umass0: <USB MF> <USB PRODUCT>, rev
2.00/10.01, addr 2
Sep 13 10:12:57 cthulhu kernel: da0 at umass-sim0 bus 0 target 0 lun 0
Sep 13 10:12:57 cthulhu kernel: da0: <Digital Live750 0100> Removable
Direct Access SCSI-4 device
Sep 13 10:12:57 cthulhu kernel: da0: 40.000MB/s transfers
Sep 13 10:12:57 cthulhu kernel: da0: 992MB (2033408 512 byte sectors:
64H 32S/T 992C)





root at cthulhu:/usr/obj/usr/src/sys/fhtagn# kgdb kernel.debug /var/crash/vmcore.1
kgdb: kvm_nlist(_stopped_cpus):
kgdb: kvm_nlist(_stoppcbs):
[GDB will not be able to debug user-mode threads:
/usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:
<118>Sep 13 11:58:33 cthulhu syslogd: exiting on signal 15
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...3 3 3 3 0 0 done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
All buffers synced.
g_vfs_done():da0s1[READ(offset=18432, length=4096)]error = 6
(da0:dead_sim0:0:0:0): Synchronize cache failed, status == 0x8, scsi
status == 0x0
(da0:dead_sim0:0:0:0): removing device entry


Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x78
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc04dab6f
stack pointer           = 0x28:0xd79a3b9c
frame pointer           = 0x28:0xd79a3bec
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 6185 (reboot)
trap number             = 12
panic: page fault
Uptime: 22h37m41s
Dumping 511 MB (2 chunks)
  chunk 0: 1MB (159 pages) ... ok
  chunk 1: 511MB (130800 pages) 495 479 463 447 431 415 399 383 367
351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79
63 47 31 15

#0  doadump () at pcpu.h:165
165             __asm __volatile("movl %%fs:0,%0" : "=r" (td));

(kgdb) list *0xc04dab6f
0xc04dab6f is in deget (/usr/src/sys/fs/msdosfs/msdosfs_denode.c:119).
114
115             /*
116              * On FAT32 filesystems, root is a (more or less) normal
117              * directory
118              */
119             if (FAT32(pmp) && dirclust == MSDOSFSROOT)
120                     dirclust = pmp->pm_rootdirblk;
121
122             /*
123              * See if the denode is in the denode cache. Use the location of

(kgdb) bt
#0  doadump () at pcpu.h:165
#1  0xc053c62c in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2  0xc053cc9f in panic (fmt=0xc0726137 "%s") at
/usr/src/sys/kern/kern_shutdown.c:565
#3  0xc06fb55a in trap_fatal (frame=0xd79a3b5c, eva=120) at
/usr/src/sys/i386/i386/trap.c:837
#4  0xc06fb81b in trap_pfault (frame=0xd79a3b5c, usermode=0, eva=120)
at /usr/src/sys/i386/i386/trap.c:745
#5  0xc06fbc25 in trap (frame=
      {tf_fs = 8, tf_es = 40, tf_ds = 40, tf_edi = 0, tf_esi = 6,
tf_ebp = -677757972, tf_isp = -677758072, tf_ebx = -1017377600, tf_edx
= 0, tf_ecx = -1066020384, tf_eax = 0, tf_trapno = 12, tf_err = 0,
tf_eip = -1068651665, tf_cs = 32, tf_eflags = 590486, tf_esp =
-1066020288, tf_ss = -1056609312})
    at /usr/src/sys/i386/i386/trap.c:435
#6  0xc06e4b8a in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#7  0xc04dab6f in deget (pmp=0x0, dirclust=0, diroffset=536870911,
depp=0xd79a3c04) at /usr/src/sys/fs/msdosfs/msdosfs_denode.c:101
#8  0xc04dfc3e in msdosfs_root (mp=0x0, flags=2, vpp=0x0,
td=0xc3dbb7d0) at /usr/src/sys/fs/msdosfs/msdosfs_vfsops.c:821
#9  0xc05abb9f in dounmount (mp=0xc35847c8, flags=524288,
td=0xc3dbb7d0) at /usr/src/sys/kern/vfs_mount.c:1200
#10 0xc05b3c2b in vfs_unmountall () at /usr/src/sys/kern/vfs_subr.c:2838
#11 0xc053c83c in boot (howto=0) at /usr/src/sys/kern/kern_shutdown.c:391
#12 0xc053c9cb in reboot (td=0x0, uap=0x0) at
/usr/src/sys/kern/kern_shutdown.c:169
#13 0xc06fc090 in syscall (frame=
      {tf_fs = 59, tf_es = 59, tf_ds = 59, tf_edi = 0, tf_esi = 32677,
tf_ebp = -1077940504, tf_isp = -677757596, tf_ebx = 1, tf_edx = -1,
tf_ecx = 672576480, tf_eax = 55, tf_trapno = 12, tf_err = 2, tf_eip =
671820547, tf_cs = 51, tf_eflags = 582, tf_esp = -1077940580, tf_ss =
59})
    at /usr/src/sys/i386/i386/trap.c:983
#14 0xc06e4bdf in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:200
#15 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)

More information about the freebsd-bugs mailing list