Context Navigation

#2727 closed bug (fixed)

[bfs]: PANIC when deleting a soft link to a long filename

Reported by:	emitrax	Owned by:	axeld
Priority:	critical	Milestone:	R1/alpha1
Component:	File Systems/BFS	Version:	R1/pre-alpha1
Keywords:		Cc:
Blocked By:		Blocking:
Platform:	All

Description

It happens while deleting a bounch of directories. hrev27472.

PANIC: get_writable_cached_block: invalid block number 53535436759393 (max 1048319)
Welcome to Kernel Debugging Land...
Thread 1463 "rm" running on CPU 0
kdebug> bt
stack trace for thread 1463 "rm"
    kernel stack: 0x920db000 to 0x920df000
      user stack: 0x7efe6000 to 0x7ffe6000
frame            caller     <image>:function + offset
 0 920de614 (+  48) 80057ce1   <kernel>:invoke_debugger_command + 0x00f5
 1 920de644 (+  64) 80057ad1   <kernel>:invoke_pipe_segment__FP21debugger_command_pipelPc + 0x0079
 2 920de684 (+  64) 80057e59   <kernel>:invoke_debugger_command_pipe + 0x009d
 3 920de6c4 (+  48) 80059394   <kernel>:_ParseCommandPipe__16ExpressionParserRi + 0x0234
 4 920de6f4 (+  64) 800587ce   <kernel>:EvaluateCommand__16ExpressionParserPCcRi + 0x02ba
 5 920de734 (+ 224) 8005a7bc   <kernel>:evaluate_debug_command + 0x0088
 6 920de814 (+  64) 800560e2   <kernel>:kernel_debugger_loop__Fv + 0x01ae
 7 920de854 (+  48) 80056cb5   <kernel>:kernel_debugger + 0x0121
 8 920de884 (+ 192) 80056b89   <kernel>:panic + 0x0029
 9 920de944 (+  64) 8002cb47   <kernel>:get_writable_cached_block__FP11block_cachexxxlb + 0x003f
10 920de984 (+  80) 8002f8c3   <kernel>:block_cache_get_writable_etc + 0x0073
11 920de9d4 (+ 128) 8059610f   <bfs>:_FreeStaticStreamArray__5InodeR11TransactionlG9block_runxxRx + 0x01f7
12 920dea54 (+ 144) 80596586   <bfs>:_ShrinkStream__5InodeR11Transactionx + 0x007a
13 920deae4 (+  48) 805968dd   <bfs>:SetFileSize__5InodeR11Transactionx + 0x0099
14 920deb14 (+ 352) 80596b0d   <bfs>:Free__5InodeR11Transaction + 0x0029
15 920dec74 (+  80) 8059f453   <bfs>:bfs_remove_vnode__FP9fs_volumeP8fs_vnodeb + 0x00b3
16 920decc4 (+  48) 8008c998   <kernel>:free_vnode__FP5vnodeb + 0x00ac
17 920decf4 (+  48) 8008cb93   <kernel>:dec_vnode_ref_count__FP5vnodebT1 + 0x013f
18 920ded24 (+  48) 80090791   <kernel>:put_vnode + 0x0069
19 920ded54 (+  48) 8059a46a   <bfs>:_UnlockInodes__11Transaction + 0x008e
20 920ded84 (+  80) 805a0970   <bfs>:bfs_unlink__FP9fs_volumeP8fs_vnodePCc + 0x0104
21 920dedd4 (+ 304) 800949a7   <kernel>:common_unlink__FiPcb + 0x0067
22 920def04 (+  64) 80099b4b   <kernel>:_user_unlink + 0x0093
23 920def44 (+ 100) 800c8842   <kernel>:pre_syscall_debug_done + 0x0002 (nearest)
user iframe at 0x920defa8 (end = 0x920df000)
 eax 0x6d           ebx 0x2bde5c        ecx 0x7ffe5a90   edx 0xffff0104
 esi 0x7ffe5f68     edi 0x0             ebp 0x7ffe5abc   esp 0x920defdc
 eip 0xffff0104  eflags 0x207      user esp 0x7ffe5a90
 vector: 0x63, error code: 0x0
24 920defa8 (+   0) ffff0104
25 7ffe5abc (+ 576) 00207254   <_APP_>:rpl_unlinkat + 0x0194
26 7ffe5cfc (+  64) 00204262   <_APP_>:main + 0x1a7e (nearest)
27 7ffe5d3c (+  80) 002045e1   <_APP_>:main + 0x1dfd (nearest)
28 7ffe5d8c (+ 224) 00204a8c   <_APP_>:main + 0x22a8 (nearest)
29 7ffe5e6c (+ 128) 00205049   <_APP_>:main + 0x2865 (nearest)
30 7ffe5eec (+  64) 002050fc   <_APP_>:rm + 0x0088
31 7ffe5f2c (+  80) 00202b8e   <_APP_>:main + 0x03aa
32 7ffe5f7c (+  48) 002024a3   <_APP_>:_start + 0x005b
33 7ffe5fac (+  48) 001008ea   33427:runtime_loader_seg0ro@0x00100000 + 0x8ea
34 7ffe5fdc (+   0) 7ffe5fec   33426:rm_main_stack@0x7efe6000 + 0xffffec

Change History (2)

comment:1 by emitrax, 16 years ago

Summary:	PANIC: get_writable_cached_block: invalid block number 53535436759393 (max 1048319 → [bfs]: PANIC when deleting a soft link to a long filename

100% reproducible.

D='a'; for i in `seq 1 125`; do D=$D'a'; done ; mkdir $D
ln -s `pwd`/aaa* b
rm b

comment:2 by axeld, 16 years ago

Resolution:	→ fixed
Status:	new → closed

Inode::Free() did not take short symlinks into account, possibly freeing invalid blocks. Fixed in hrev28311.

Note: See TracTickets for help on using tickets.

Download in other formats: