[Bug 206820] [ext2fs] Panic when writing to ext3fs mounted as ext2fs

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Mon Feb 1 15:10:14 UTC 2016 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206820

--- Comment #3 from Arrigo Marchiori <ardovm at yahoo.it> ---
The panic is also reproducible when writing to a md(4) instead of a USB drive.
The stack trace is analogous.

(kgdb) bt
#0  doadump (textdump=1) at pcpu.h:250
#1  0xc0aed3ae in kern_reboot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:454
#2  0xc0aed6a5 in panic (fmt=<value optimized out>)
    at /usr/src/sys/kern/kern_shutdown.c:642
#3  0xc0d70ede in vm_fault_hold (map=0xc1b8d000, vaddr=3799322624, 
    fault_type=2 '\002', fault_flags=0, m_hold=0x0)
    at /usr/src/sys/vm/vm_fault.c:289
#4  0xc0d7355b in vm_fault (map=0xc1b8d000, vaddr=3799322624, 
    fault_type=<value optimized out>, fault_flags=0)
    at /usr/src/sys/vm/vm_fault.c:229
#5  0xc0fb619f in trap_pfault (frame=0xf0a8c964, usermode=0, eva=3799322628)
    at /usr/src/sys/i386/i386/trap.c:932
#6  0xc0fb744b in trap (frame=0xf0a8c964) at /usr/src/sys/i386/i386/trap.c:553
#7  0xc0f9fee7 in calltrap () at /usr/src/sys/i386/i386/exception.s:173
#8  0xcc966759 in ext2_i2ei (ip=0xc7ba8300, ei=0xe2750f80)
    at /usr/src/sys/modules/ext2fs/../../fs/ext2fs/ext2_inode_cnv.c:152
#9  0xcc965a56 in ext2_update (vp=0xc99c5470, waitfor=1)
    at /usr/src/sys/modules/ext2fs/../../fs/ext2fs/ext2_inode.c:91
#10 0xcc96bd12 in ext2_makeinode (mode=8, dvp=0xc99c46a8, vpp=0xf0a8cb88, 
    cnp=0xf0a8cb9c)
    at /usr/src/sys/modules/ext2fs/../../fs/ext2fs/ext2_vnops.c:1586
#11 0xc0fdd612 in VOP_CREATE_APV (vop=0xcc96f3a0, a=0xf0a8cae8)
    at vnode_if.c:260
#12 0xc0b9d989 in vn_open_cred (ndp=0xf0a8cb5c, flagp=0xf0a8cc24, 
    cmode=<value optimized out>, vn_open_flags=0, cred=0xc8bcf600, 
    fp=0xc940bdc8) at vnode_if.h:109
#13 0xc0b9de6b in vn_open (ndp=0xf0a8cb5c, flagp=0xf0a8cc24, cmode=493, 
    fp=0xc940bdc8) at /usr/src/sys/kern/vfs_vnops.c:113
#14 0xc0b99460 in kern_openat (td=0xca383900, fd=-100, 
    path=0x284a61a0 <Address 0x284a61a0 out of bounds>, pathseg=UIO_USERSPACE, 
    flags=2562, mode=493) at /usr/src/sys/kern/vfs_syscalls.c:1128
#15 0xc0b998b5 in kern_open (td=0xca383900, 
    path=0x284a61a0 <Address 0x284a61a0 out of bounds>, pathseg=UIO_USERSPACE, 
    flags=2561, mode=493) at /usr/src/sys/kern/vfs_syscalls.c:1079
#16 0xc0b998f0 in sys_open (td=0xca383900, uap=0xf0a8cccc)
    at /usr/src/sys/kern/vfs_syscalls.c:1055
#17 0xc0fb6869 in syscall (frame=0xf0a8cd08) at subr_syscall.c:142
#18 0xc0f9ff8c in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:279

(kgdb) frame 8
#8  0xcc966759 in ext2_i2ei (ip=0xc7ba8300, ei=0xe2750f80)
    at /usr/src/sys/modules/ext2fs/../../fs/ext2fs/ext2_inode_cnv.c:152
152             ei->e2di_ctime_extra = NSEC_TO_XTIME(ip->i_ctimensec);
(kgdb) print *ip
$1 = {i_vnode = 0xc99c5470, i_ump = 0xc7b92380, i_flag = 0, i_number = 49160, 
  i_e2fs = 0xc7858c00, i_modrev = 18475684767084, i_count = 0, i_endoff = 0, 
  i_diroff = 0, i_offset = 0, i_block_group = 24, i_next_alloc_block = 0, 
  i_next_alloc_goal = 0, i_mode = 33261, i_nlink = 1, i_uid = 0, i_gid = 0, 
  i_size = 0, i_blocks = 0, i_atime = 1454338085, i_mtime = 1454338085, 
  i_ctime = 1454338085, i_birthtime = 1454338085, i_mtimensec = 522810000, 
  i_atimensec = 522810000, i_ctimensec = 522810000, i_birthnsec = 522809000, 
  i_gen = 679956546, i_flags = 0, i_db = {0 <repeats 12 times>}, i_ib = {0, 0, 
    0}, i_ext_cache = {ec_start = 0, ec_blk = 0, ec_len = 0, ec_type = 0}}
(kgdb) print *ei
Cannot access memory at address 0xe2750f80

(kgdb) frame 9
#9  0xcc965a56 in ext2_update (vp=0xc99c5470, waitfor=1)
    at /usr/src/sys/modules/ext2fs/../../fs/ext2fs/ext2_inode.c:91
91              ext2_i2ei(ip, (struct ext2fs_dinode *)((char *)bp->b_data +
(kgdb) print *vp
$2 = {v_type = VREG, v_tag = 0xcc96e830 "ext2fs", v_op = 0xcc96f3a0, 
  v_data = 0xc7ba8300, v_mount = 0xc7dc77ec, v_nmntvnodes = {tqe_next = 0x0, 
    tqe_prev = 0xc99c56bc}, v_un = {vu_mount = 0x0, vu_socket = 0x0, 
    vu_cdev = 0x0, vu_fifoinfo = 0x0}, v_hashlist = {le_next = 0x0, 
    le_prev = 0xc793f988}, v_hash = 49160, v_cache_src = {lh_first = 0x0}, 
  v_cache_dst = {tqh_first = 0x0, tqh_last = 0xc99c54a0}, v_cache_dd = 0x0, 
  v_cstart = 0, v_lasta = 0, v_lastw = 0, v_clen = 0, v_lock = {lock_object = {
      lo_name = 0xcc96e830 "ext2fs", lo_flags = 108199944, lo_data = 0, 
      lo_witness = 0x0}, lk_lock = 3392682240, lk_exslpfail = 0, lk_timo = 51, 
    lk_pri = 96}, v_interlock = {lock_object = {
      lo_name = 0xc11003e9 "vnode interlock", lo_flags = 16973824, 
      lo_data = 0, lo_witness = 0x0}, mtx_lock = 4}, v_vnlock = 0xc99c54c8, 
  v_holdcnt = 1, v_usecount = 1, v_iflag = 512, v_vflag = 0, v_writecount = 0, 
  v_actfreelist = {tqe_next = 0xc99c56a8, tqe_prev = 0xc7dc782c}, v_bufobj = {
    bo_mtx = {lock_object = {lo_name = 0xc11003f9 "bufobj interlock", 
        lo_flags = 16973824, lo_data = 0, lo_witness = 0x0}, mtx_lock = 4}, 
    bo_clean = {bv_hd = {tqh_first = 0x0, tqh_last = 0xc99c5530}, 
      bv_root = 0x0, bv_cnt = 0}, bo_dirty = {bv_hd = {tqh_first = 0x0, 
        tqh_last = 0xc99c5540}, bv_root = 0x0, bv_cnt = 0}, bo_numoutput = 0, 
    bo_flag = 0, bo_ops = 0xc1371e80, bo_bsize = 1024, bo_object = 0x0, 
    bo_synclist = {le_next = 0x0, le_prev = 0x0}, bo_private = 0xc99c5470, 
    __bo_vnode = 0xc99c5470}, v_pollinfo = 0x0, v_label = 0x0, v_lockf = 0x0, 
  v_rl = {rl_waiters = {tqh_first = 0x0, tqh_last = 0xc99c5580}, 
    rl_currdep = 0x0}}

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list