Output of sftp ls command contains duplicate strings when runs on cd9660-mount. It looks like this: sftp> ls -l dr-xr-xr-x 13 root wheel 2048 Feb 25 02:28 7.0-RELEASE dr-xr-xr-x 13 root wheel 2048 Feb 25 02:28 7.0-RELEASE dr-xr-xr-x 13 root wheel 2048 Feb 25 02:28 7.0-RELEASE -r--r--r-- 1 root wheel 5114 Feb 25 02:28 ERRATA.HTM -r--r--r-- 1 root wheel 5114 Feb 25 02:28 ERRATA.HTM -r--r--r-- 1 root wheel 5114 Feb 25 02:28 ERRATA.HTM -r--r--r-- 1 root wheel 3671 Feb 25 02:28 ERRATA.TXT How-To-Repeat: $ mount_cd9660 /dev/acd0 /cdrom $ sftp localhost $ cd /cdrom sftp> ls (make 3-5 attempts for bug apperance)
On my amd64 laptop I see the file listing repetition, while on my i386 desktop system the listing appears correct but the message: g_vfs_done():md1[READ(offset=8102099357864646656, length=2048)]error = 5 appears on the console after every listing is done. A plain ssh or local listing doesn't produce the error. The 7.0-RELEASE-i386-disc1.iso file was mounted via md(4). -- Bruce
State Changed From-To: open->feedback Stas, please show us output of dmesg and your kernel config.
I have seen this since doing a fresh install of FreeBSD 7 Release on my pf/gateway server. I only use sftp to occasionally copy something. My other server machine (web development box) has Samba on it for sharing and does not show this behavior. Only reading the cdrom via sftp does this. Since my hardware is likely different from the OP, it may not be hardware related. server# uname -a FreeBSD server.test.zip 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Tue Apr 1 22:10:31 EDT 2008 testuser@server.test.zip:/usr/obj/usr/src/sys/kernel_altq i386 dmesg: Copyright (c) 1992-2008 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 7.0-RELEASE #0: Tue Apr 1 22:10:31 EDT 2008 testuser@server.test.zip:/usr/obj/usr/src/sys/kernel_altq Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel Pentium III (666.54-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x683 Stepping = 3 Features=0x383f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE> real memory = 134152192 (127 MB) avail memory = 125841408 (120 MB) acpi0: <PTLTD RSDT> on motherboard acpi0: [ITHREAD] acpi0: Power Button (fixed) acpi0: reservation of 0, a0000 (3) failed Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0 cpu0: <ACPI CPU> on acpi0 pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0 pci0: <ACPI PCI bus> on pcib0 agp0: <Intel 82820 host to AGP bridge> on hostb0 pcib1: <ACPI PCI-PCI bridge> at device 1.0 on pci0 pci1: <ACPI PCI bus> on pcib1 vgapci0: <VGA-compatible display> mem 0xf5000000-0xf5ffffff,0xf4800000-0xf4803fff,0xf4000000-0xf47fffff irq 11 at device 0.0 on pci1 pcib2: <ACPI PCI-PCI bridge> at device 30.0 on pci0 pci2: <ACPI PCI bus> on pcib2 skc0: <D-Link DGE-530T Gigabit Ethernet> port 0x4000-0x40ff mem 0xf4a04000-0xf4a07fff at device 9.0 on pci2 skc0: DGE-530T Gigabit Ethernet Adapter rev. (0x9) sk0: <Marvell Semiconductor, Inc. Yukon> on skc0 sk0: Ethernet address: 00:1b:11:c3:1f:92 miibus0: <MII bus> on sk0 e1000phy0: <Marvell 88E1011 Gigabit PHY> PHY 0 on miibus0 e1000phy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX-FDX, auto skc0: [ITHREAD] xl0: <3Com 3c905C-TX Fast Etherlink XL> port 0x4400-0x447f mem 0xf4a01000-0xf4a0107f irq 10 at device 13.0 on pci2 miibus1: <MII bus> on xl0 xlphy0: <3c905C 10/100 internal PHY> PHY 24 on miibus1 xlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto xl0: Ethernet address: 00:50:04:d3:17:e3 xl0: [ITHREAD] isab0: <PCI-ISA bridge> at device 31.0 on pci0 isa0: <ISA bus> on isab0 atapci0: <Intel ICH UDMA66 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1000-0x100f at device 31.1 on pci0 ata0: <ATA channel 0> on atapci0 ata0: [ITHREAD] ata1: <ATA channel 1> on atapci0 ata1: [ITHREAD] pci0: <serial bus, USB> at device 31.2 (no driver attached) acpi_button0: <Power Button> on acpi0 atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0 atkbd0: <AT Keyboard> irq 1 on atkbdc0 atkbd0: [GIANT-LOCKED] atkbd0: [ITHREAD] fdc0: <floppy drive controller> port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on acpi0 fdc0: [FILTER] sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A sio0: [FILTER] sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0 sio1: type 16550A sio1: [FILTER] orm0: <ISA Option ROMs> at iomem 0xc0000-0xc7fff,0xc8000-0xc87ff,0xe0000-0xeffff pnpid ORM0000 on isa0 sc0: <System console> at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 ppc0: <Parallel port> at port 0x378-0x37f irq 7 on isa0 ppc0: Generic chipset (ECP/PS2/NIBBLE) in COMPATIBLE mode ppc0: FIFO with 16/16/8 bytes threshold ppbus0: <Parallel port bus> on ppc0 ppbus0: [ITHREAD] lpt0: <Printer> on ppbus0 lpt0: Interrupt-driven port ppi0: <Parallel I/O> on ppbus0 ppc0: [GIANT-LOCKED] ppc0: [ITHREAD] Timecounter "TSC" frequency 666539794 Hz quality 800 Timecounters tick every 10.000 msec ad0: 9536MB <Maxtor 5T010H1 TAH71DP0> at ata0-master UDMA66 ad1: 14669MB <WDC WD153BA 16.13M16> at ata0-slave UDMA66 acd0: CDROM <ATAPI 48X CDROM/VER-3.30> at ata1-master UDMA33 Trying to mount root from ufs:/dev/ad0s1a kernel config: # # kernel_altq FreeBSD 7 RC1 test-1 cpu I686_CPU ident SERVER # To statically compile in device wiring instead of /boot/device.hints #hints "GENERIC.hints" # Default places to look for devices. #options SCHED_4BSD # 4BSD scheduler options SCHED_ULE # ULE scheduler options PREEMPTION # Enable kernel thread preemption options INET # InterNETworking #options INET6 # IPv6 communications protocols #options SCTP # Stream Control Transmission Protocol options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates support #options UFS_ACL # Support for access control lists options UFS_DIRHASH # Improve performance on big directories #options UFS_GJOURNAL # Enable gjournal-based UFS journaling #options MD_ROOT # MD is a potential root device #options NFSCLIENT # Network Filesystem Client #options NFSSERVER # Network Filesystem Server #options NFS_ROOT # NFS usable as /, requires NFSCLIENT #options MSDOSFS # MSDOS Filesystem options CD9660 # ISO 9660 Filesystem options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS # Pseudo-filesystem framework #options GEOM_PART_GPT # GUID Partition Tables. #options GEOM_LABEL # Provides labelization #options COMPAT_43TTY # BSD 4.3 TTY compat [KEEP THIS!] #options COMPAT_FREEBSD4 # Compatible with FreeBSD4 #options COMPAT_FREEBSD5 # Compatible with FreeBSD5 #options COMPAT_FREEBSD6 # Compatible with FreeBSD6 #options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI #options KTRACE # ktrace(1) support options SYSVSHM # SYSV-style shared memory options SYSVMSG # SYSV-style message queues options SYSVSEM # SYSV-style semaphores options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions #options KBD_INSTALL_CDEV # install a CDEV entry in /dev #options ADAPTIVE_GIANT # Giant mutex is adaptive. #options STOP_NMI # Stop CPUS using NMI instead of IPI #options AUDIT # Security event auditing nooption KSE device pf device pflog options ALTQ options ALTQ_PRIQ # Bus support. device pci # Floppy drives device fdc # ATA and ATAPI devices device ata device atadisk # ATA disk drives device atapicd # ATAPI CDROM drives options ATA_STATIC_ID # Static device numbering # atkbdc0 controls both the keyboard and the PS/2 mouse device atkbdc # AT keyboard controller device atkbd # AT keyboard #device psm # PS/2 mouse #device kbdmux # keyboard multiplexer device vga # VGA video card driver # syscons is the default console driver, resembling an SCO console device sc device agp # support several AGP chipsets # Serial (COM) ports device sio # 8250, 16[45]50 based serial ports device uart # Generic UART driver # Parallel port device ppc device ppbus # Parallel port bus (required) device lpt # Printer device ppi # Parallel port interface device # PCI Ethernet NICs that use the common MII bus controller code. # NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! device miibus # MII bus support device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet device xl # 3Com 3c905c # Pseudo devices. device loop # Network loopback device random # Entropy device device ether # Ethernet support #device sl # Kernel SLIP #device ppp # Kernel PPP device tun # Packet tunnel. device pty # Pseudo-ttys (telnet etc) #device md # Memory "disks" #device gif # IPv6 and IPv4 tunneling #device faith # IPv6-to-IPv4 relaying (translation) #device firmware # firmware assist module # The `bpf' device enables the Berkeley Packet Filter. # Be aware of the administrative consequences of enabling this! # Note that 'bpf' is required for DHCP. device bpf # Berkeley packet filter
This is occurring because sftp-server expects readdir(3) to return NULL for a given DIR* twice in a row after all the files have been retrieved. It seems that under certain conditions that isn't true. The client sends an FXP_READDIR command; the server loops calling readdir() until it gets a NULL back. At this point it sends the results back to the client, but doesn't appear to tell it it already has all the entries. Instead, the client sends another FXP_READDIR, at which point the server again calls readdir() with the existing DIR*, which has already once before returned NULL. Normally readdir() does return NULL for a second time and the client gets back SSH2_FX_EOF. Occasionally however, readdir will just start reading the directory contents all over again. The following program also shows the same behaviour, but less regularly. #include <stdio.h> #include <sys/types.h> #include <dirent.h> int main() { DIR *dp = opendir("/cdrom/"); if (dp == NULL) return (-1); struct dirent *d = NULL; do { d = readdir(dp); } while (d != NULL); d = readdir(dp); if (d != NULL) printf("readdir is starting again\n"); closedir(dp); return 0; }
State Changed From-To: feedback->analyzed Problem seems to be specific to readdir(3).
On 2008-05-18, Bruce Cran wrote: > This is occurring because sftp-server expects readdir(3) to return NULL > for a given DIR* twice in a row after all the files have been retrieved. > It seems that under certain conditions that isn't true. Thanks for the test case. The problem seems to lie in cd9660_readdir() (src/sys/fs/cd9660/cd9660_vnops.c). The problem is that if we have reached end of file (directory) and enter again to cd9660_readdir() the idp->uio_off variable is not initialized correctly. In the end of the function the file offset is set to idp->uio_off. So this basically means that the file offset changes to a random value. This causes effects such readdir(3) starting again at some position or g_vfs_done() errors when data is attempted to read from bogus offset. I believe that this patch fixes the problem: Index: cd9660_vnops.c =================================================================== RCS file: /home/ncvs/src/sys/fs/cd9660/cd9660_vnops.c,v retrieving revision 1.113 diff -p -u -r1.113 cd9660_vnops.c --- cd9660_vnops.c 15 Feb 2007 22:08:34 -0000 1.113 +++ cd9660_vnops.c 20 May 2008 06:45:20 -0000 @@ -495,6 +495,7 @@ cd9660_readdir(ap) } idp->eofflag = 1; idp->curroff = uio->uio_offset; + idp->uio_off = uio->uio_offset; if ((entryoffsetinblock = idp->curroff & bmask) && (error = cd9660_blkatoff(vdp, (off_t)idp->curroff, NULL, &bp))) { Could you please test the patch? -- Jaakko
> Could you please test the patch? Yes, i done this test. Everything looks good, thanks !
Patch seems to test OK here as well. Thanks!
Responsible Changed From-To: freebsd-bugs->kib Take.
kib 2008-06-11 12:46:09 UTC FreeBSD src repository Modified files: sys/fs/cd9660 cd9660_vnops.c Log: SVN rev 179722 on 2008-06-11 12:46:09Z by kib In cd9660_readdir vop, always initialize the idp->uio_off member. The while loop that is assumed to initialize the uio_off later, may be not entered at all, causing uninitialized value to be returned in uio->uio_offset. PR: 122925 Submitted by: Jaakko Heinonen <jh saunalahti fi> MFC after: 1 weeks Revision Changes Path 1.114 +1 -0 src/sys/fs/cd9660/cd9660_vnops.c _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
kib 2008-06-18 09:31:56 UTC FreeBSD src repository Modified files: (Branch: RELENG_7) sys/fs/cd9660 cd9660_vnops.c Log: SVN rev 179857 on 2008-06-18 09:31:56Z by kib MFC r179722: In cd9660_readdir vop, always initialize the idp->uio_off member. PR: 122925 Revision Changes Path 1.113.2.1 +1 -0 src/sys/fs/cd9660/cd9660_vnops.c _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: analyzed->patched Patched in current and RELENG_7
State Changed From-To: patched->closed Do not want to touch 6.