[Bug 276408] panic: Assertion error == EJUSTRETURN failed at msdosfs_vnops.c:1195
Date: Wed, 17 Jan 2024 18:22:24 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276408
Bug ID: 276408
Summary: panic: Assertion error == EJUSTRETURN failed at
msdosfs_vnops.c:1195
Product: Base System
Version: 13.2-STABLE
Hardware: Any
OS: Any
Status: New
Keywords: crash
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: bugs@FreeBSD.org
Reporter: jfc@mit.edu
I used rsync to copy data to a FAT32 filesystem. My system
crashed with an assertion failure in msdosfs_rename.
I think the problem is bad error recovery. The first three lines of
the core.txt below were in the message buffer but were not copied to
/var/log/messages. They must have all happened in quick succession.
So the kernel marked the filesystem read-only due to an error and
the rename failed in an impossible way as a result.
My kernel is 13.2-STABLE up through commit 4c4633fdffbe.
The filesystem was mounted with -L zh_CN.UTF-8. This probably does
not matter. The data is on ~10 year old USB drive that was mostly
used with Windows. I am trying to clone the disk to reproduce the
crash.
/mnt: Freeing unused sector 7185542 6 fffff001
/dev/da13s1: remounting read-only due to corruption
panic: Assertion error == EJUSTRETURN failed at
/usr/home/jfc/freebsd/src/sys/fs/msdosfs/msdosfs_vnops.c:1195
cpuid = 1
time = 1705507114
KDB: stack backtrace:
#0 0xffffffff80c1a1d5 at kdb_backtrace+0x65
#1 0xffffffff80bcf522 at vpanic+0x152
#2 0xffffffff80bcf323 at panic+0x43
#3 0xffffffff80a78775 at msdosfs_rename+0xc45
#4 0xffffffff8115c81d at VOP_RENAME_APV+0x3d
#5 0xffffffff80cc02de at kern_renameat+0x3ee
#6 0xffffffff8108aec0 at amd64_syscall+0x140
#7 0xffffffff810601eb at fast_syscall_common+0xf8
[...]
#4 0xffffffff80bcf323 in panic (fmt=<unavailable>)
at /usr/home/jfc/freebsd/src/sys/kern/kern_shutdown.c:845
ap = {{gp_offset = 32, fp_offset = 48,
overflow_arg_area = 0xfffffe05a6054a90,
reg_save_area = 0xfffffe05a6054a30}}
#5 0xffffffff80a78775 in msdosfs_rename (ap=<optimized out>)
at /usr/home/jfc/freebsd/src/sys/fs/msdosfs/msdosfs_vnops.c:1195
toname = "2014VA~1JPG"
oldname = "2014VA~1NRU"
tdvp = 0xfffff806c7001000
fdvp = 0xfffff806c7001000
fvp = 0xfffff806791725b8
tvp = 0x0
tcnp = 0xfffffe05a6054c48
fcnp = 0xfffffe05a6054d20
pmp = 0xfffff8123e23de00
error = <optimized out>
checkpath_locked = <optimized out>
newparent = <optimized out>
doingdirectory = <optimized out>
blkoff = 2720
scn = 146065
nip = <optimized out>
vp = <optimized out>
fdip = 0xfffff8144ffc0400
fip = 0xfffff825f2a81d00
tdip = 0xfffff8144ffc0400
tip = <optimized out>
to_diroffset = 2720
wait_scn = <optimized out>
cn = <optimized out>
bn = <optimized out>
bp = <optimized out>
dotdotp = <optimized out>
pcl = <optimized out>
#6 0xffffffff8115c81d in VOP_RENAME_APV (
vop=0xffffffff81aaf600 <msdosfs_vnodeops>, a=a@entry=0xfffffe05a6054d78)
at vnode_if.c:1672
rc = <optimized out>
#7 0xffffffff80cc02de in VOP_RENAME (fdvp=<unavailable>,
fvp=<optimized out>, tdvp=<optimized out>, tvp=<unavailable>,
fcnp=<optimized out>, tcnp=<optimized out>) at ./vnode_if.h:853
a = {a_gen = {a_desc = 0xffffffff81b4ed70 <vop_rename_desc>},
a_fdvp = 0xfffff806c7001000, a_fvp = 0xfffff806791725b8,
a_fcnp = 0xfffffe05a6054d20, a_tdvp = 0xfffff806c7001000,
a_tvp = 0xfffff806a87c9000, a_tcnp = 0xfffffe05a6054c48}
#8 kern_renameat (td=0xfffffe03b0400020, oldfd=-100,
old=0x820c39d00 <error: Cannot access memory at address 0x820c39d00>,
newfd=-100,
new=0x820c3a500 <error: Cannot access memory at address 0x820c3a500>,
pathseg=UIO_USERSPACE)
at /usr/home/jfc/freebsd/src/sys/kern/vfs_syscalls.c:3732
fromnd = {
ni_dirp = 0x820c39d00 <error: Cannot access memory at address
0x820c39d00>, ni_segflg = UIO_USERSPACE,
ni_rightsneeded = 0xffffffff81a016b8 <cap_renameat_source_rights>,
ni_startdir = 0xfffff806c7001000, ni_rootdir = 0xfffff801429aa1e8,
ni_topdir = 0x0, ni_dirfd = -100, ni_lcf = 0, ni_filecaps = {
fc_rights = {cr_rights = {0, 0}}, fc_ioctls = 0x0,
fc_nioctls = -1, fc_fcntls = 0}, ni_vp = 0xfffff806791725b8,
ni_dvp = 0xfffff806c7001000, ni_resflags = 0, ni_debugflags = 3,
ni_loopcnt = 0, ni_pathlen = 1, ni_next = 0xfffff80175e1441d "",
ni_cnd = {cn_origflags = 264208, cn_flags = 285476880,
cn_thread = 0xfffffe03b0400020, cn_cred = 0xfffff80d38c6cd00,
cn_nameiop = DELETE, cn_lkflags = 2097152,
cn_pnbuf = 0xfffff80175e14400 ".2014ValentineBack.JPG.NrU9fM",
cn_nameptr = 0xfffff80175e14400 ".2014ValentineBack.JPG.NrU9fM",
cn_namelen = 29}, ni_cap_tracker = {tqh_first = 0x0,
tqh_last = 0xfffffe05a6054d60}, ni_dvp_seqc = 1977697309,
ni_vp_seqc = 4294965249}
tond = {
ni_dirp = 0x820c3a500 <error: Cannot access memory at address
0x820c3a500>, ni_segflg = UIO_USERSPACE,
ni_rightsneeded = 0xffffffff81a016c8 <cap_renameat_target_rights>,
ni_startdir = 0xfffff806c7001000, ni_rootdir = 0xfffff801429aa1e8,
ni_topdir = 0x0, ni_dirfd = -100, ni_lcf = 0, ni_filecaps = {
fc_rights = {cr_rights = {0, 0}}, fc_ioctls = 0x0,
fc_nioctls = -1, fc_fcntls = 0}, ni_vp = 0xfffff806a87c9000,
ni_dvp = 0xfffff806c7001000, ni_resflags = 0, ni_debugflags = 3,
ni_loopcnt = 0, ni_pathlen = 1, ni_next = 0xfffff80142be0c15 "",
ni_cnd = {cn_origflags = 526349, cn_flags = 285740045,
cn_thread = 0xfffffe03b0400020, cn_cred = 0xfffff80d38c6cd00,
cn_nameiop = RENAME, cn_lkflags = 524288,
cn_pnbuf = 0xfffff80142be0c00 "2014ValentineBack.JPG",
cn_nameptr = 0xfffff80142be0c00 "2014ValentineBack.JPG",
cn_namelen = 21}, ni_cap_tracker = {tqh_first = 0x0,
tqh_last = 0xfffffe05a6054c88}, ni_dvp_seqc = 2160781574,
ni_vp_seqc = 4294967295}
mp = 0xfffffe05fd4d8040
error = 0
fvp = 0xfffff806791725b8
tondflags = <optimized out>
tvp = 0xfffff806a87c9000
tdvp = 0xfffff806c7001000
#9 0xffffffff8108aec0 in syscallenter (td=<optimized out>)
at /usr/home/jfc/freebsd/src/sys/amd64/amd64/../../kern/subr_syscall.c:188
p = 0xfffffe04e1dcf008
sa = 0xfffffe03b04003f8
error = <optimized out>
se = 0xffffffff81ac0670 <sysent+4096>
sy_thr_static = true
traced = <optimized out>
_audit_entered = <optimized out>
#10 amd64_syscall (td=0xfffffe03b0400020, traced=0)
at /usr/home/jfc/freebsd/src/sys/amd64/amd64/trap.c:1181
ksi = {ksi_link = {tqe_next = 0xfffffe05a6054f30,
tqe_prev = 0xffffffff8108a018 <trap+1944>}, ksi_info = {
si_signo = -1337982944, si_errno = -509, si_code = -1509601472,
si_pid = -507, si_uid = 2785365616, si_status = -507,
si_addr = 0x46, si_value = {sival_int = -1509601680,
sival_ptr = 0xfffffe05a6054e70, sigval_int = -1509601680,
sigval_ptr = 0xfffffe05a6054e70}, _reason = {_fault = {
_trapno = -2135248234}, _timer = {_timerid = -2135248234,
_overrun = -1}, _mesgq = {_mqd = -2135248234}, _poll = {
_band = -2135248234}, __spare__ = {__spare1__ = -2135248234,
__spare2__ = {-2114959976, -1, 70, 0, 0, 0, 1951529631}}}},
ksi_flags = -1509601616,
ksi_sigq = 0xffffffff80b5f282 <handleevents+578>}
--
You are receiving this mail because:
You are the assignee for the bug.