(Illustration by Gaich Muramatsu)
FreeBSD 4.3-stable, coda from cvs around 17 July. masquerade=1 coda packets in IPsec 28.8 modem between client and server. volume is singly replicated; only 1 server in system (gdb) bt #0 0x281611ca in sftp_vfreadv (se=0x811b400, iovarray=0x450afc20, howMany=0) at sftp3.c:1469 #1 0x28160273 in sftp_ReadStrategy (sEntry=0x811b400) at sftp3.c:1074 #2 0x2815f606 in sftp_SendStrategy (sEntry=0x811b400) at sftp3.c:720 #3 0x2815c8a3 in PutFile (sEntry=0x811b400) at sftp1.c:860 #4 0x2815c0a7 in SFTP_SendResponse (ConnHandle=152677455, Reply=0x450afefc) at sftp1.c:608 #5 0x281394ca in RPC2_SendResponse (ConnHandle=152677455, Reply=0x8113a00) at rpc2a.c:188 #6 0x80c848e in cb_ExecuteRequest (_cid=152677455, _reqbuffer=0x0, _bd=0x0) at callback.server.c:194 #7 0x8086fb5 in callbackserver::main (this=0x812d400) at venuscb.cc:170 #8 0x80a3698 in VprocPreamble (init_lock=0x812d440) at vproc.cc:146 #9 0x28175ef3 in Create_Process_Part2 () at lwp.c:792 (gdb) i fr Stack level 0, frame at 0x450afbd0: eip = 0x281611ca in sftp_vfreadv (sftp3.c:1469); saved eip 0x28160273 called by frame at 0x450afe20 source language c. Arglist at 0x450afbd0, args: se=0x811b400, iovarray=0x450afc20, howMany=0 Locals at 0x450afbd0, Previous frame's sp is 0x0 Saved registers: ebx at 0x450afba8, ebp at 0x450afbd0, esi at 0x450afbac, edi at 0x450afbb0, eip at 0x450afbd4 1459 static int sftp_vfreadv(struct SFTP_Entry *se, struct iovec iovarray[], long howMany) 1460 /* Like Unix readv(). Returns total number of bytes read. 1461 Can deal with in-memory files */ 1462 { 1463 long i, rc, bytesleft; 1464 char *initp; 1465 struct FileInfoByAddr *x; 1466 int n; 1467 1468 /* Go to the disk if we must */ 1469 if (!MEMFILE(se->SDesc)) { 1470 if (BYFDFILE(se->SDesc)) 1471 (void)lseek(se->openfd, se->fd_offset, SEEK_SET); 1472 1473 n = readv(se->openfd, iovarray, howMany); (gdb) print *se $3 = {Magic = 135483392, WhoAmI = SFSERVER, LocalHandle = 0, PInfo = { RemoteHost = {Tag = 0, Value = {InetAddress = {s_addr = 0}, Name = '\000' <repeats 63 times>}}, RemotePort = {Tag = 0, Value = { InetPortNumber = 0, Name = '\000' <repeats 19 times>}}, RemoteSubsys = {Tag = 0, Value = {SubsysId = 0, Name = '\000' <repeats 19 times>}}, RemoteHandle = 0, SecurityLevel = 0, EncryptionType = 0, Uniquefier = 0, SessionKey = "\000\000\000\000\000\000\000"}, PeerPort = {Tag = 0, Value = {InetPortNumber = 0, Name = '\000' <repeats 19 times>}}, LastWord = {tv_sec = 0, tv_usec = 0}, HostInfo = 0x0, Uniquefier = 0, GotParms = 0, SentParms = 0, SDesc = 0x0, openfd = 0, fd_offset = 0, Sleeper = 0x0, PacketSize = 0, WindowSize = 0, SendAhead = 0, AckPoint = 0, DupThreshold = 0, RetryCount = 0, ReadAheadCount = 0, CtrlSeqNumber = 0, RInterval = {tv_sec = 0, tv_usec = 0}, Retransmitting = 1, BindTime = 0, LastSS = {tv_sec = 999263067, tv_usec = 999956}, PiggySDesc = 0x0, XferState = 0, UseMulticast = 0, RepliedSinceLastSS = 0, McastersStarted = 0, McastersFinished = 0, FirstSeqNo = 0, HitEOF = 0, SendLastContig = 0, SendMostRecent = 0, SendTheseBits = {0, 0}, SendAckLimit = 0, SendWorriedLimit = 0, RecvLastContig = 0, RecvMostRecent = 0, DupsSinceAck = 0, RecvSinceAck = 0, RequestTime = 0, RecvTheseBits = {0, 0}, ThesePackets = {0x0 <repeats 64 times>}} This doesn't look right. Plus, (gdb) print se->SDesc $4 = (SE_Descriptor *) 0x0 going up, it seems this was called with the last arg 0: Stack level 1, frame at 0x450afe20: eip = 0x28160273 in sftp_ReadStrategy (sftp3.c:1074); saved eip 0x2815f606 called by frame at 0x450afe50, caller of frame at 0x450afbd0 source language c. Arglist at 0x450afe20, args: sEntry=0x811b400 Locals at 0x450afe20, Previous frame's sp is 0x0 Saved registers: ebx at 0x450afbe8, ebp at 0x450afe20, esi at 0x450afbec, edi at 0x450afbf0, eip at 0x450afe24 1074 bytesread = sftp_vfreadv(sEntry, iovarray, sEntry->SendAhead); I think the problem might be the SE not getting turned off when a disconnect happens. sftp_ReadStrategy has a number of problems: bodylength = -60 sEntry->PacketSize = 0 in sftp1.c:PutFile I find 821 ce = rpc2_GetConn(sEntry->LocalHandle); which is not checked; for me it is null. I put in code to fail right away if there was no ce. ce = rpc2_GetConn(sEntry->LocalHandle); if ( ce == 0 ) { QUIT(sEntry, SE_FAILURE, RPC2_SEFAIL2); } Now I'm still timing out, but venus isn't crashing. 09:42:51 Getting Root Volume information... 09:42:55 Reintegrate u.gdt pending tokens for uid = 10853 09:42:56 Venus starting... 09:42:57 Reintegrate u.gdt pending tokens for uid = 10853 09:43:34 Reintegrate: u.gdt, 5/5 records, result = Operation timed out 09:44:35 Reintegrate: u.gdt, 5/5 records, result = Operation timed out This doesn't feel quite right, but I do not understand rpc2 well enough...Received on 2001-08-31 09:46:09