Reproducable Infiniband panic
Andriy Gapon
avg at FreeBSD.org
Thu Jun 6 13:54:45 UTC 2013
on 06/06/2013 14:48 Julian Stecklina said the following:
> #7 0xffffffff807a3d83 in linux_file_dtor (cdp=0xfffffe000aeabb80) at
> /usr/home/julian/src/freebsd/sys/ofed/include/linux/linux_compat.c:214
> filp = (struct linux_file *) 0xfffffe000aeabb80
> #8 0xffffffff80513c39 in devfs_destroy_cdevpriv (p=0xfffffe0005772980)
> at /usr/home/julian/src/freebsd/sys/fs/devfs/devfs_vnops.c:159
> No locals.
> #9 0xffffffff80513e47 in devfs_close_f (fp=0xfffffe000b0e9aa0,
> td=<value optimized out>)
> at /usr/home/julian/src/freebsd/sys/fs/devfs/devfs_vnops.c:619
> error = 0
> fpop = (struct file *) 0x0
The problem seems to be in incorrect interaction between devfs_close_f and
linux_file_dtor. The latter expects curthread->td_fpop to have a valid reasonable
value. But the former sets curthread->td_fpop to fp only around vnops.fo_close()
call and then restores it back to some (what?) previous value before calling
devfs_fpdrop->devfs_destroy_cdevpriv. In this case the previous value is NULL.
--
Andriy Gapon
More information about the freebsd-stable
mailing list