Bug 119842

Summary:	[smbfs] [jail] "Bad address" with smbfs inside a jail
Product:	Base System	Reporter:	Kirk Strauser <kirk>
Component:	kern	Assignee:	freebsd-jail (Nobody) <jail>
Status:	Closed Overcome By Events
Severity:	Affects Only Me	CC:	jpaetzel
Priority:	Normal
Version:	7.0-PRERELEASE
Hardware:	Any
OS:	Any

Description Kirk Strauser 2008-01-20 21:20:03 UTC

I have a very new FreeBSD 7 build on a server:

-------------------------
$ uname -a
FreeBSD jail1.daycos.com 7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #0: Sat Jan 19 11:16:27 CST 2008     root@jail1.daycos.com:/usr/obj/usr/src/sys/JAIL1  i386
-------------------------

Its kernel is very close to GENERIC (and I've tried GENERIC with
/etc/make.conf:CPUTYPE unset just to rule it out):

-------------------------
$ cat /usr/src/sys/i386/conf/JAIL1
include                 GENERIC
ident                   JAIL1
options                 PMAP_SHPGPERPROC=301

nooption                SCHED_4BSD
option                  SCHED_ULE

# Don't let Mike accidentally reboot the server
option                  SC_DISABLE_REBOOT       # disable reboot key sequence
-------------------------

I have the same smbfs share mounted in two different places on the system:
once inside the "main" system and once inside a jail.  I'm having a problem
with the jailed version when copying new files:

-------------------------
$ cp /mnt/tiffsrv/vdrive/Scanned/2008/01/20/2008012014450000.tif /tmp/foo
cp: /tmp/foo: Bad address
-------------------------

This only affects new files; that is, ones that have been created since
the filesystem was mounted.  If I unmount/remount the filesystem, that copy
succeeds:

-------------------------
$ cp /mnt/tiffsrv/vdrive/Scanned/2008/01/20/2008012014450000.tif /tmp/foo
$
-------------------------

The fstab entries for those mounts are identical:

-------------------------
$ grep tiffsrv /etc/fstab
//web2@tiffsrv/vdrive /mnt/tiffsrv/vdrive smbfs rw,noexec 0 0
$ grep tiffsrv /etc/fstab.web2
//web2@tiffsrv/vdrive /var/jail/web2/mnt/tiffsrv/vdrive smbfs rw,noexec 0 0
-------------------------

Fix: 

unmount and remount the smbfs share.  This is suboptimal in production.
How-To-Repeat: Mount an smbfs somewhere that a jail can access it.
Inside the jail, create a file inside the smbfs mount.
Inside the same jail, try copy that file to, say, /tmp.
This will randomly, but often (maybe 50% of the time) fail with "Bad address".

Comment 1 Kirk Strauser 2008-01-22 19:10:36 UTC

Here's a minimal example that triggers the failure 100% of the time on both
i386 and amd64.

=46rom inside a jail:

=2D--------------
$ python
>>> import os
>>> outfile =3D os.open('/mnt/remote/foo', os.O_CREAT|os.O_EXCL|os.O_RDWR)
>>> os.write(outfile, 'this is a test')
14
>>> os.close(outfile)
>>> exit()
$ cp /mnt/remote/foo /tmp/foo
cp: /tmp/foo: Bad address
$
=2D--------------

=46rom the "host OS":

=2D--------------
$ python
>>> import os
>>> outfile =3D os.open('/jail/server1/mnt/remote/foo', os.O_CREAT|os.O_EXC=
L|os.O_RDWR)
>>> os.write(outfile, 'this is a test')
14
>>> os.close(outfile)
>>> exit()
$ cp /jail/server1/mnt/remote/foo /tmp/foo
$
=2D--------------

Note that "/mnt/remote/foo" and "/jail/server1/mnt/remote/foo" are the
exact same mountpoint.  The first is just the second as seen from inside
the jail rooted at /jail/server1.

Comment 2 Mark Linimon freebsd_committer

2008-01-25 22:04:44 UTC

Responsible Changed
From-To: freebsd-bugs->freebsd-jail

Reassign to appropriate mailing list.