Bug 119280

Summary: [ntfs] Moving a file from ntfs-3g mounted partition results in page fault while in kernel mode
Product: Ports & Packages Reporter: Manolis Kiagias <sonicy>
Component: Individual Port(s)Assignee: Alejandro Pulver <alepulver>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Manolis Kiagias 2008-01-03 00:20:01 UTC 
Attempting to move (using mv) a file from a partition mounted with ntfs-3g results  in kernel panic. This is not from a USB mounted disk, just another partition on the same disk where FreeBSD is installed.


Script started on Thu Jan  3 02:01:33 2008
[root@aquarius:AQUARIUS]# kgdb kernel.debug /var/crash/vmcore.0


[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]

GNU gdb 6.1.1 [FreeBSD]

Copyright 2004 Free Software Foundation, Inc.

GDB is free software, covered by the GNU General Public License, and you are

welcome to change it and/or distribute copies of it under certain conditions.

Type "show copying" to see the conditions.

There is absolutely no warranty for GDB.  Type "show warranty" for details.

This GDB was configured as "i386-marcel-freebsd".



Unread portion of the kernel message buffer:





Fatal trap 12: page fault while in kernel mode

cpuid = 1; apic id = 01

fault virtual address	= 0x8c

fault code		= supervisor read, page not present

instruction pointer	= 0x20:0xc055af88

stack pointer	        = 0x28:0xe6ae0aa4

frame pointer	        = 0x28:0xe6ae0ab8

code segment		= base rx0, limit 0xfffff, type 0x1b

			= DPL 0, pres 1, def32 1, gran 1

processor eflags	= interrupt enabled, resume, IOPL = 0

current process		= 851 (mv)

trap number		= 12

panic: page fault

cpuid = 1

Uptime: 4m9s

Dumping 1023 MB (2 chunks)

  chunk 0: 1MB (159 pages) ... ok

  chunk 1: 1023MB (261872 pages) 1007 991 975 959 943 927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 383 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15



#0  doadump () at pcpu.h:195

195		__asm __volatile("movl %%fs:0,%0" : "=r" (td));

(kgdb) list *0xc055af88

0xc055af88 is in _sx_xunlock (/usr/src/sys/kern/kern_sx.c:315).

310		_sx_assert(sx, SA_XLOCKED, file, line);

311		curthread->td_locks--;

312		WITNESS_UNLOCK(&sx->lock_object, LOP_EXCLUSIVE, file, line);

313		LOCK_LOG_LOCK("XUNLOCK", &sx->lock_object, 0, sx->sx_recurse, file,

314		    line);

315		if (!sx_recursed(sx))

316			lock_profile_release_lock(&sx->lock_object);

317		__sx_xunlock(sx, curthread, file, line);

318	}

319	

(kgdb) backtrace

#0  doadump () at pcpu.h:195

#1  0xc05532a7 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409

#2  0xc0553569 in panic (fmt=Variable "fmt" is not available.

) at /usr/src/sys/kern/kern_shutdown.c:563

#3  0xc07bc4ac in trap_fatal (frame=0xe6ae0a64, eva=140)

    at /usr/src/sys/i386/i386/trap.c:899

#4  0xc07bc710 in trap_pfault (frame=0xe6ae0a64, usermode=0, eva=140)

    at /usr/src/sys/i386/i386/trap.c:812

#5  0xc07bd092 in trap (frame=0xe6ae0a64) at /usr/src/sys/i386/i386/trap.c:490

#6  0xc07a3a2b in calltrap () at /usr/src/sys/i386/i386/exception.s:139

#7  0xc055af88 in _sx_xunlock (sx=0x78, file=0xc106f564 "fuse_vnops.c", 

    line=2912) at /usr/src/sys/kern/kern_sx.c:311

#8  0xc106a9d7 in ?? ()

#9  0x00000078 in ?? ()

#10 0xc106f564 in ?? ()

#11 0x00000b60 in ?? ()

#12 0x00000000 in ?? ()

#13 0x00000000 in ?? ()

#14 0x00000000 in ?? ()

#15 0xc086d080 in vop_default_desc ()

#16 0x00000078 in ?? ()

#17 0xc4705880 in ?? ()

#18 0x00000000 in ?? ()

#19 0xc4a95cc0 in ?? ()

---Type <return> to continue, or q <return> to quit---

#20 0xe6ae0be8 in ?? ()

#21 0xe6ae0c34 in ?? ()

#22 0xe6ae0bc0 in ?? ()

#23 0x00000012 in ?? ()

#24 0xc4705880 in ?? ()

#25 0xe6ae0bc0 in ?? ()

#26 0xc47fdc00 in ?? ()

#27 0x00000000 in ?? ()

#28 0xe6ae0bdc in ?? ()

#29 0xc4705880 in ?? ()

#30 0x00000001 in ?? ()

#31 0xc470132c in ?? ()

#32 0x00000001 in ?? ()

#33 0xc4701300 in ?? ()

#34 0xc47fd400 in ?? ()

#35 0xc4705880 in ?? ()

#36 0x00000000 in ?? ()

#37 0xc4a72dd0 in ?? ()

#38 0xe6ae0b54 in ?? ()

#39 0xc05c9798 in vhold (vp=0x0) at /usr/src/sys/kern/vfs_subr.c:2238

#40 0xc07d2156 in VOP_RENAME_APV (vop=0x0, a=0x0) at vnode_if.c:1184

#41 0xc05d55a1 in kern_rename (td=0xc4705880, 

    from=0xbfbfedd3 <Address 0xbfbfedd3 out of bounds>, 

---Type <return> to continue, or q <return> to quit---

    to=0xbfbfe848 <Address 0xbfbfe848 out of bounds>, pathseg=UIO_USERSPACE)

    at vnode_if.h:625

#42 0xc05d5759 in rename (td=0xc4705880, uap=0xe6ae0cfc)

    at /usr/src/sys/kern/vfs_syscalls.c:3292

#43 0xc07bca65 in syscall (frame=0xe6ae0d38)

    at /usr/src/sys/i386/i386/trap.c:1035

#44 0xc07a3a90 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:196

#45 0x00000033 in ?? ()

Previous frame inner to this frame (corrupt stack?)

(kgdb) quit

[root@aquarius:AQUARIUS]# exit


exit


Script done on Thu Jan  3 02:02:58 2008

How-To-Repeat: Mount an NTFS partition using ntfs-3g 
Try to move a file from the NTFS partition to e.g. a user's home directory.

Copying, creating and deleting files in the NTFS create no problem.
Moving a file from ufs to NTFS, a message is shown:

mv foobar.zip set flags (00000000): Invalid argument

but the move completes successfully.
Comment 1 Kris Kennaway freebsd_committer freebsd_triage 2008-01-03 01:28:24 UTC 
Manolis Kiagias wrote:

> Attempting to move (using mv) a file from a partition mounted with ntfs-3g results  in kernel panic. This is not from a USB mounted disk, just another partition on the same disk where FreeBSD is installed.

The trace shows that this is a bug in the fuse kernel module, so please 
bring this up with the maintainer of the port instead.

Kris
Comment 2 Kris Kennaway freebsd_committer freebsd_triage 2008-01-10 21:56:23 UTC 
Responsible Changed
From-To: freebsd-bugs->alepulver

Assign to port maintainer
Comment 3 Csaba Henk 2008-01-14 03:28:40 UTC 
These changesets:

http://mercurial.creo.hu/repos/fuse4bsd-hg/?rev/6b7b01254c32
http://mercurial.creo.hu/repos/fuse4bsd-hg/?rev/f61c85872dfa

fix the fatal and the non-fatal errors reported in the PR.

Thanks for the report.

Csaba
Comment 4 Manolis Kiagias 2008-01-14 13:01:32 UTC 
Csaba Henk wrote:
> These changesets:
>
> http://mercurial.creo.hu/repos/fuse4bsd-hg/?rev/6b7b01254c32
> http://mercurial.creo.hu/repos/fuse4bsd-hg/?rev/f61c85872dfa
>
> fix the fatal and the non-fatal errors reported in the PR.
>
> Thanks for the report.
>
> Csaba
>
>
>   
I can confirm your patches working fine on my system.
Thanks for all the nice work!

Manolis
Comment 5 Alejandro Pulver freebsd_committer freebsd_triage 2008-01-15 15:34:17 UTC 
State Changed
From-To: open->closed

Problem fixed by author, thanks for the report.