Re: fsevents causing panic
Re: fsevents causing panic
- Subject: Re: fsevents causing panic
- From: "Jernej Azarija" <email@hidden>
- Date: Thu, 7 Aug 2008 13:37:09 +0200
doh, I was rushing and left two unused definitions in the snippet. The
definitions of kfs_event_arg_t, kfs_event are obviously unnecessary.
sorry for the inconvenience.
On Thu, Aug 7, 2008 at 1:30 PM, Jernej Azarija <email@hidden> wrote:
> Hello,
>
> I've developed a small application using the fsevents mechanism. The
> application froze the machine within a few moments of usage.
>
> I've went on to inspect the problem and trim the whole source to ~70
> lines of code reproducing the panic. I apologize for pasting the code
> here :
>
> ==
> #include <sys/types.h>
> #include <sys/ioctl.h>
> #include <unistd.h>
> #include <fcntl.h>
> #include <stdio.h>
>
> #include "fsevents.h"
>
> static int fsevent_fd;
>
> typedef struct kfs_event_arg {
> u_int16_t type;
> u_int16_t len;
> union {
> struct vnode *vp;
> char *str;
> void *ptr;
> int32_t int32;
> dev_t dev;
> ino_t ino;
> int32_t mode;
> uid_t uid;
> gid_t gid;
> } data;
> } kfs_event_arg_t;
>
> typedef struct kfs_event {
> int32_t type;
> pid_t pid;
> kfs_event_arg_t args[FSE_MAX_ARGS];
> } kfs_event;
>
> static int8_t events[FSE_MAX_EVENTS];
>
> int main() {
>
> int fd,ret;
> struct fsevent_clone_args fca;
> int fsevent_fd;
>
> int i;
> for (i = 0; i < FSE_MAX_EVENTS; i++) /* BUG */
> events[i] = FSE_REPORT; /* BUG */
>
> fd = open("/dev/fsevents", O_RDONLY);
>
> if (fd == -1) {
> return 1;
> }
> fca.event_list = (int8_t *)events;
> fca.num_events = sizeof(events)/sizeof(int8_t);
> fca.fd = &fsevent_fd;
>
> ret = ioctl(fd, FSEVENTS_CLONE, (char *)&fca);
>
> if (ret == -1)
> close(fd);
> return 1;
> close(fd);
>
> puts("Sleeping a little");
> sleep(60*5);
>
> return 0;
> }
> ==
> For the code to compile, the "fsevents.h" header must be present and
> is therefore included as an attachment.
>
> The interesting part is, that removing the lines marked with /*BUG*/
> (ie, the for loop) fixes the problem!
> I'm clueless about what/why is causing the panic crash. I'm even more
> confused after looking at panic.log reporting
> division by zero as the cause of error.
>
> ===
> Thu Aug 7 13:12:57 2008
> panic(cpu 1 caller 0x001A49CB): Unresolved kernel trap (CPU 1, Type
> 0=divide error), registers:
> CR0: 0x80010033, CR2: 0xa001001c, CR3: 0x00dc9000, CR4: 0x000006e0
> EAX: 0x00000001, EBX: 0x03aa57c4, ECX: 0x00000000, EDX: 0x00000000
> CR2: 0x2536bb1c, EBP: 0x2536bc58, ESI: 0x00469d64, EDI: 0x00469d60
> EFL: 0x00010246, EIP: 0x001ef7ce, CS: 0x00000004, DS: 0x0172000c
>
> Backtrace, Format - Frame : Return Address (4 potential args on stack)
> 0x2536b988 : 0x128d0d (0x3cc65c 0x2536b9ac 0x131f95 0x0)
> 0x2536b9c8 : 0x1a49cb (0x3d2a94 0x1 0x0 0x3d21e8)
> 0x2536bad8 : 0x19b3a4 (0x2536bae8 0x2536bf48 0xe 0x48)
> 0x2536bc58 : 0x1e8627 (0x8 0x2536bf48 0x1 0x3c67528)
> 0x2536bca8 : 0x1da43b (0x3c67528 0x2536be30 0x2536bf48 0x2536bf48)
> 0x2536bf28 : 0x1da486 (0x1 0x423f7f0 0x2536bf58 0x199489)
> 0x2536bf58 : 0x37b300 (0x4293bb8 0x41b7a98 0x41b7adc 0x0)
> 0x2536bfc8 : 0x19b77e (0x423f7ec 0x0 0x19e0b5 0x423f9e0) No mapping
> exists for frame pointer
> Backtrace terminated-invalid frame pointer 0xbfffb5c8
>
> Kernel version:
> Darwin Kernel Version 8.11.1: Wed Oct 10 18:23:28 PDT 2007;
> root:xnu-792.25.20~1/RELEASE_I386
> ===
>
> Anyone clued about what is going on? If there is some other
> information I could provide you with, please tell.
>
> Thanks,
>
> Jernej
>
--
http://nd47.coderock.org/~azi
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden