kern/122961: write operation on msdosfs file system causes panic

Dominic Fandrey kamikaze at bsdforen.de
Mon Apr 21 11:30:02 UTC 2008


>Number:         122961
>Category:       kern
>Synopsis:       write operation on msdosfs file system causes panic
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 21 11:30:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Dominic Fandrey
>Release:        RELENG_7
>Organization:
private
>Environment:
FreeBSD mobileKamikaze.norad 7.0-STABLE FreeBSD 7.0-STABLE #0: Sat Apr 19 01:05:43 CEST 2008     root at mobileKamikaze.norad:/usr/obj/HP6510b/amd64/usr/src/sys/HP6510b  amd64

>Description:
Trying to copy files to an msdosfs file system on a USB stick causes the system to panic. This is reproducible, the backtrace always looks the same.

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address	= 0xe
fault code		= supervisor write data, page not present
instruction pointer	= 0x8:0xffffff00705ba1f0
stack pointer	        = 0x10:0xffffffffaf0fe2e0
frame pointer	        = 0x10:0xffffffffaf0fe390
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 2047 (cp)
trap number		= 12
panic: page fault
cpuid = 0
Uptime: 13m32s
Physical memory: 2030 MB
Dumping 209 MB: 194 178 162 146 130 114 98 82 66 50 34 18 2

#0  doadump () at pcpu.h:194
194	pcpu.h: No such file or directory.
	in pcpu.h
(kgdb) bt
#0  doadump () at pcpu.h:194
#1  0x0000000000000004 in ?? ()
#2  0xffffffff801ff9c1 in boot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:418
#3  0xffffffff801ffdf2 in panic (fmt=0x104 <Address 0x104 out of bounds>)
    at /usr/src/sys/kern/kern_shutdown.c:572
#4  0xffffffff803dbe8a in trap_fatal (frame=0xffffff0001ff46a0, 
    eva=18446742974281863168) at /usr/src/sys/amd64/amd64/trap.c:724
#5  0xffffffff803dc231 in trap_pfault (frame=0xffffffffaf0fe230, usermode=0)
    at /usr/src/sys/amd64/amd64/trap.c:641
#6  0xffffffff803dcaef in trap (frame=0xffffffffaf0fe230)
    at /usr/src/sys/amd64/amd64/trap.c:410
#7  0xffffffff803c392e in calltrap ()
    at /usr/src/sys/amd64/amd64/exception.S:169
#8  0xffffff00705ba1f0 in ?? ()
#9  0x00000009802813e4 in ?? ()
#10 0xffffff00705ba1f0 in ?? ()
#11 0xffffff0001ff46a0 in ?? ()
#12 0xffffff0005659700 in ?? ()
#13 0xffffffffaf0fe4e0 in ?? ()
#14 0x0000000000003041 in ?? ()
#15 0xffffff0001ff46a0 in ?? ()
#16 0xffffffff80416924 in cdrom_rootdevnames ()
---Type <return> to continue, or q <return> to quit---
#17 0x000000000000080e in ?? ()
#18 0x0000000000000000 in ?? ()
#19 0xffffff00705ba1f0 in ?? ()
#20 0x0000000000000000 in ?? ()
#21 0xffffff007cf86ec8 in ?? ()
#22 0xffffff0001ff46a0 in ?? ()
#23 0xffffff0005d5a820 in ?? ()
#24 0x0000000000009000 in ?? ()
#25 0xffffff00705ba1f0 in ?? ()
#26 0xffffffffaf0fe4e0 in ?? ()
#27 0x0000000000000000 in ?? ()
#28 0x0000000000000004 in ?? ()
#29 0xffffffff803bceba in vnode_pager_getpages (object=0xffffff0001ff46a0, 
    m=0x0, count=Variable "count" is not available.
) at vnode_if.h:1129
#30 0xffffffff803a87d0 in vm_fault (map=0xffffff0005b9f000, vaddr=34368442368, 
    fault_type=1 '\001', fault_flags=0) at vm_pager.h:130
#31 0xffffffff803dc0ae in trap_pfault (frame=0xffffffffaf0fe740, usermode=0)
    at /usr/src/sys/amd64/amd64/trap.c:618
#32 0xffffffff803dcaef in trap (frame=0xffffffffaf0fe740)
    at /usr/src/sys/amd64/amd64/trap.c:410
#33 0xffffffff803c392e in calltrap ()
    at /usr/src/sys/amd64/amd64/exception.S:169
#34 0xffffffff803db4ed in copyin () at /usr/src/sys/amd64/amd64/support.S:303
---Type <return> to continue, or q <return> to quit---
#35 0xffffffff802063f7 in uiomove (cp=0xffffffff9bc99000, n=4096, 
    uio=0xffffffffaf0feb10) at /usr/src/sys/kern/kern_subr.c:170
#36 0xffffffff801a5fb2 in msdosfs_write (ap=Variable "ap" is not available.
)
    at /usr/src/sys/fs/msdosfs/msdosfs_vnops.c:812
#37 0xffffffff803f89ae in VOP_WRITE_APV (vop=0xffffffff805421a0, 
    a=0xffffffffaf0fea20) at vnode_if.c:691
#38 0xffffffff80282797 in vn_write (fp=0xffffff0070379000, 
    uio=0xffffffffaf0feb10, active_cred=Variable "active_cred" is not available.
) at vnode_if.h:373
#39 0xffffffff80233a0f in dofilewrite (td=0xffffff0001ff46a0, fd=4, 
    fp=0xffffff0070379000, auio=0xffffffffaf0feb10, offset=Variable "offset" is not available.
) at file.h:254
#40 0xffffffff80233cbb in kern_writev (td=0xffffff0001ff46a0, fd=4, 
    auio=0xffffffffaf0feb10) at /usr/src/sys/kern/sys_generic.c:401
#41 0xffffffff80233d28 in write (td=Variable "td" is not available.
) at /usr/src/sys/kern/sys_generic.c:317
#42 0xffffffff803dc49c in syscall (frame=0xffffffffaf0fec70)
    at /usr/src/sys/amd64/amd64/trap.c:852
#43 0xffffffff803c3b3b in Xfast_syscall ()
    at /usr/src/sys/amd64/amd64/exception.S:290
#44 0x000000080070c5bc in ?? ()
Previous frame inner to this frame (corrupt stack?)
(kgdb) 

>How-To-Repeat:
Just write a file on an msdosfs mount.
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:


More information about the freebsd-bugs mailing list