amd64/89202: Kernel crash when accessing filesystem

Ivo Janssen ivo at distributed.net
Thu Nov 17 09:20:24 PST 2005


>Number:         89202
>Category:       amd64
>Synopsis:       Kernel crash when accessing filesystem
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-amd64
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Nov 17 17:20:21 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Ivo Janssen
>Release:        FreeBSD 6.0-STABLE
>Organization:
DCTI
>Environment:
FreeBSD fritz.distributed.net 6.0-STABLE FreeBSD 6.0-STABLE #3: Thu Nov 17 16:13:18 UTC 2005     root at fritz.distributed.net:/usr/obj/usr/src/sys/GENERIC  amd64

>Description:
When copying larger trees to a newly created raid10 partition on a 3ware card, e.g: cp -Rp /usr/obj /usr/local/raid10
we get a consistent kernel panic. 

These are the options to create the filesystem.
# newfs -U -O2 -b 8192 -f 1024 -g 1073741824 /dev/twed1s1d 
and also a  tunefs -e 20480

fritz# tunefs -p /dev/twed1s1d
tunefs: ACLs: (-a)                                         disabled
tunefs: MAC multilabel: (-l)                               disabled
tunefs: soft updates: (-n)                                 enabled
tunefs: maximum blocks per file in a cylinder group: (-e)  20480
tunefs: average file size: (-f)                            1073741824
tunefs: average number of files in a directory: (-s)       64
tunefs: minimum percentage of free space: (-m)             8%
tunefs: optimization preference: (-o)                      time
tunefs: volume label: (-L)

This partition is our data partition. The system partitions, which was created with an  FBSD5 doesn't exhibit the bug:

fritz# tunefs -p /dev/twed0s1a
tunefs: ACLs: (-a)                                         disabled
tunefs: MAC multilabel: (-l)                               disabled
tunefs: soft updates: (-n)                                 disabled
tunefs: maximum blocks per file in a cylinder group: (-e)  2048
tunefs: average file size: (-f)                            16384
tunefs: average number of files in a directory: (-s)       64
tunefs: minimum percentage of free space: (-m)             8%
tunefs: optimization preference: (-o)                      time


Now follows the kernel dump. Note that we're running on amd64. We still have the vmcore, if you need more information, we can probably provide that.

ivo at fritz: / > sudo kgdb /usr/obj/usr/src/sys/GENERIC/kernel.debug /var/crash/vmcore.2
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd".

Unread portion of the kernel message buffer:


Fatal trap 18: integer divide fault while in kernel mode
instruction pointer     = 0x8:0xffffffff8051f9cf
stack pointer           = 0x10:0xffffffffacff66f0
frame pointer           = 0x10:0xffffff00c14e0400
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 786 (cp)
trap number             = 18
panic: integer divide fault
Uptime: 7m39s
Dumping 3999 MB (2 chunks)
  chunk 0: 1MB (159 pages) ... ok
  chunk 1: 3999MB (1023728 pages) 3983 3967 3951 3935 3919 3903 3887 3871 3855 3839 3823 3807 3791 3775 3759 3743 3727 3711 3695 3679 3663 3647 3631 3615 3599 3583 3567 3551 3535 3519 3503 3487 3471 3455 3439 3423 3407 3391 3375 3359 3343 3327 3311 3295 3279 3263 3247 3231 3215 3199 3183 3167 3151 3135 3119 3103 3087 3071 3055 3039 3023 3007 2991 2975 2959 2943 2927 2911 2895 2879 2863 2847 2831 2815 2799 2783 2767 2751 2735 2719 2703 2687 2671 2655 2639 2623 2607 2591 2575 2559 2543 2527 2511 2495 2479 2463 2447 2431 2415 2399 2383 2367 2351 2335 2319 2303 2287 2271 2255 2239 2223 2207 2191 2175 2159 2143 2127 2111 2095 2079 2063 2047 2031 2015 1999 1983 1967 1951 1935 1919 1903 1887 1871 1855 1839 1823 1807 1791 1775 1759 1743 1727 1711 1695 1679 1663 1647 1631 1615 1599 1583 1567 1551 1535 1519 1503 1487 1471 1455 1439 1423 1407 1391 1375 1359 1343 1327 1311 1295 1279 1263 1247 1231 1215 1199 1183 1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943 927 9
 11 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 383 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15

#0  doadump () at pcpu.h:172
172     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) bt
#0  doadump () at pcpu.h:172
#1  0x0000000000000004 in ?? ()
#2  0xffffffff803b7993 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399
#3  0xffffffff803b7f96 in panic (fmt=0xffffff00b9ada000 "ÀÙ\035¹")
    at /usr/src/sys/kern/kern_shutdown.c:555
#4  0xffffffff8058f53f in trap_fatal (frame=0xffffff00b9ada000, eva=18446742977303665088)
    at /usr/src/sys/amd64/amd64/trap.c:655
#5  0xffffffff8058f9e2 in trap (frame=
      {tf_rdi = 0, tf_rsi = 0, tf_rdx = 0, tf_rcx = 44228608, tf_r8 = 64, tf_r9 = 12682, tf_rax = 44228608, tf_rbx = -1096272840704, tf_rbp = -1096268512256, tf_r10 = 11584, tf_r11 = 8688, tf_r12 = -1096396636160, tf_r13 = 11583, tf_r14 = -1096272840704, tf_r15 = 255, tf_trapno = 18, tf_addr = 0, tf_flags = 2147483648012, tf_err = 0, tf_rip = -2142111281, tf_cs = 8, tf_rflags = 66118, tf_rsp = -1392548096, tf_ss = 16})
    at /usr/src/sys/amd64/amd64/trap.c:467
#6  0xffffffff8057f06b in calltrap () at /usr/src/sys/amd64/amd64/exception.S:168
#7  0xffffffff8051f9cf in ffs_valloc (pvp=0xffffff00b908e1f0, mode=16877, cred=0x0,
    vpp=0xffffffffacff6798) at libkern.h:56
#8  0xffffffff8054413e in ufs_mkdir (ap=0xffffffffacff69a0) at /usr/src/sys/ufs/ufs/ufs_vnops.c:1333
#9  0xffffffff805dfe55 in VOP_MKDIR_APV (vop=0x2a2e000, a=0xffffffffacff69a0) at vnode_if.c:1251
#10 0xffffffff80428bd6 in kern_mkdir (td=0xffffff00b908e1f0, path=0xffffff00c0335c00 "¨\\3À", segflg=4,
    mode=16877) at vnode_if.h:653
#11 0xffffffff80590351 in syscall (frame=
      {tf_rdi = 5256368, tf_rsi = 16877, tf_rdx = -1, tf_rcx = 2, tf_r8 = -2138905248, tf_r9 = 1, tf_rax = 136, tf_rbx = 5341440, tf_rbp = 1, tf_r10 = 0, tf_r11 = 0, tf_r12 = 0, tf_r13 = 5328896, tf_r14 = 0, tf_r15 = 1, tf_trapno = 12, tf_addr = 34366781936, tf_flags = 0, tf_err = 2, tf_rip = 34366970428, tf_cs = 43, tf_rflags = 514, tf_rsp = 140737488349640, tf_ss = 35}) at /usr/src/sys/amd64/amd64/trap.c:787
#12 0xffffffff8057f208 in Xfast_syscall () at /usr/src/sys/amd64/amd64/exception.S:270
#13 0x00000008006e5a3c in ?? ()
Previous frame inner to this frame (corrupt stack?)


>How-To-Repeat:
When copying larger trees to that partition, e.g:
cp -Rp /usr/obj /usr/local/raid10

we get a consistent kernel panic.
>Fix:
unknown fix
>Release-Note:
>Audit-Trail:
>Unformatted:


More information about the freebsd-amd64 mailing list