crash on writing usbstick

Hans Petter Selasky hps at selasky.org
Tue Mar 3 09:05:16 UTC 2015 

Hi,

On 03/03/15 03:43, Brett Wynkoop wrote:
> So do we think this is an ARM specific thing, or is it a UFS thing?
>
> I am thinking maybe I should format as ext or ntfs and see if we have
> the same issue.  If we do then we can rule out a UFS bug.

I just caught this issue with amd64 while building a kernel.

> Fatal trap 12: page fault while in kernel mode
> cpuid = 12; apic id = 20
> fault virtual address	= 0xffffffffffffffff
> fault code		= supervisor read data, page not present
> instruction pointer	= 0x20:0xffffffff80bba91d
> stack pointer	        = 0x28:0xfffffe0466e04120
> frame pointer	        = 0x28:0xfffffe0466e04150
> code segment		= base 0x0, limit 0xfffff, type 0x1b
> 			= DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags	= interrupt enabled, resume, IOPL = 0
> current process		= 83323 (objcopy)

> (kgdb) bt
> #0  doadump (textdump=Unhandled dwarf expression opcode 0x93
> ) at pcpu.h:219
> #1  0xffffffff803530ae in db_dump (dummy=<value optimized out>, dummy2=Unhandled dwarf expression opcode 0x93
> )
>     at /usr/img/freebsd/sys/ddb/db_command.c:533
> #2  0xffffffff80352b2c in db_command (cmd_table=0x0) at /usr/img/freebsd/sys/ddb/db_command.c:440
> #3  0xffffffff80352894 in db_command_loop () at /usr/img/freebsd/sys/ddb/db_command.c:493
> #4  0xffffffff803553f0 in db_trap (type=<value optimized out>, code=Unhandled dwarf expression opcode 0x93
> )
>     at /usr/img/freebsd/sys/ddb/db_main.c:251
> #5  0xffffffff80994e8e in kdb_trap (type=Unhandled dwarf expression opcode 0x93
> ) at /usr/img/freebsd/sys/kern/subr_kdb.c:654
> #6  0xffffffff80d79fe9 in trap_fatal (frame=0xfffffe0466e04070, eva=<value optimized out>)
>     at /usr/img/freebsd/sys/amd64/amd64/trap.c:856
> #7  0xffffffff80d7a281 in trap_pfault (frame=0xfffffe0466e04070, usermode=<value optimized out>)
>     at /usr/img/freebsd/sys/amd64/amd64/trap.c:678
> #8  0xffffffff80d79942 in trap (frame=0xfffffe0466e04070) at /usr/img/freebsd/sys/amd64/amd64/trap.c:426
> #9  0xffffffff80d57e72 in calltrap () at /usr/img/freebsd/sys/amd64/amd64/exception.S:235
> #10 0xffffffff80bba91d in add_to_worklist (wk=0xfffff801670d0680, flags=Unhandled dwarf expression opcode 0x93
> )
>     at /usr/img/freebsd/sys/ufs/ffs/ffs_softdep.c:1513
> #11 0xffffffff80bc1813 in free_newblk (newblk=0xfffff8006d6f3700)
>     at /usr/img/freebsd/sys/ufs/ffs/ffs_softdep.c:7414
> #12 0xffffffff80bb1a80 in softdep_setup_allocdirect (ip=0xfffff8024ffbadc8, off=<value optimized out>,
>     newblkno=<value optimized out>, oldblkno=<value optimized out>, newsize=32768, oldsize=32768,
>     bp=<value optimized out>) at /usr/img/freebsd/sys/ufs/ffs/ffs_softdep.c:5361
> #13 0xffffffff80b9a6e4 in ffs_reallocblks (ap=<value optimized out>)
>     at /usr/img/freebsd/sys/ufs/ffs/ffs_alloc.c:870
> #14 0xffffffff80eb0f67 in VOP_REALLOCBLKS_APV (vop=<value optimized out>, a=<value optimized out>)
>     at vnode_if.c:2727
> #15 0xffffffff809f7574 in cluster_write (vp=0xfffff802a44493b0, bp=0xfffffe03e1b3a590, filesize=393216,
>     seqcount=0, gbflags=<value optimized out>) at vnode_if.h:1122
> #16 0xffffffff80bca11e in ffs_write (ap=0xfffffe0466e04690) at /usr/img/freebsd/sys/ufs/ffs/ffs_vnops.c:810
> #17 0xffffffff80eaeac3 in VOP_WRITE_APV (vop=<value optimized out>, a=0xfffffe0466e04690) at vnode_if.c:997
> #18 0xffffffff80a1acce in vn_write (fp=0xfffff801675d0280, uio=0xfffffe0466e04970,
>     active_cred=<value optimized out>, flags=<value optimized out>, td=0xfffff8041cb8f980) at vnode_if.h:413
> #19 0xffffffff80a18805 in vn_io_fault1 () at /usr/img/freebsd/sys/kern/vfs_vnops.c:1053
> #20 0xffffffff80a16e03 in vn_io_fault (fp=0xfffff801675d0280, uio=0xfffffe0466e04970,
>     active_cred=<value optimized out>, flags=0, td=0xfffff8041cb8f980)
>     at /usr/img/freebsd/sys/kern/vfs_vnops.c:1158
> #21 0xffffffff809b654a in dofilewrite (td=0xfffff8041cb8f980, fd=4, fp=0xfffff801675d0280,
>     auio=0xfffffe0466e04970, offset=<value optimized out>, flags=Unhandled dwarf expression opcode 0x93
> ) at file.h:304
> #22 0xffffffff809b6258 in kern_writev (td=0xfffff8041cb8f980, fd=Unhandled dwarf expression opcode 0x93
> )
> ---Type <return> to continue, or q <return> to quit---
>     at /usr/img/freebsd/sys/kern/sys_generic.c:481
> #23 0xffffffff809b61e3 in sys_write (td=0xfffff80167997000, uap=<value optimized out>)
>     at /usr/img/freebsd/sys/kern/sys_generic.c:396
> #24 0xffffffff80d7a84f in amd64_syscall (td=0xfffff8041cb8f980, traced=0) at subr_syscall.c:133
> #25 0xffffffff80d5815b in Xfast_syscall () at /usr/img/freebsd/sys/amd64/amd64/exception.S:395
> #26 0x00000000004cae5a in ?? ()


> (kgdb) print wk
> $1 = (struct worklist *) 0xfffff801670d0680

> (kgdb) print /x *((struct ufsmount *)wk->wk_mp->mnt_data)
> $5 = {
>   um_mountp = 0xfffff80167201000,
>   um_dev = 0xfffff80167107600,
>   um_cp = 0xfffff80167214100,
>   um_bo = 0xfffff801671e4830,
>   um_devvp = 0xfffff801671e4760,
>   um_fstype = 0x2,
>   um_fs = 0xfffff8016722a000,
>   um_extattr = {
>     uepm_lock = {
>       lock_object = {
>         lo_name = 0x0,
>         lo_flags = 0x0,
>         lo_data = 0x0,
>         lo_witness = 0x0
>       },
>       sx_lock = 0x0
>     },
>     uepm_list = {
>       lh_first = 0x0
>     },
>     uepm_ucred = 0x0,
>     uepm_flags = 0x0
>   },
>   um_nindir = 0x1000,
>   um_bptrtodb = 0x3,
>   um_seqinc = 0x8,
>   um_lock = {
>     lock_object = {
>       lo_name = 0xffffffff81053eb2,
>       lo_flags = 0x1030000,
>       lo_data = 0x0,
>       lo_witness = 0xfffffe0000b1c900
>     },
>     mtx_lock = 0x4
>   },
>   um_fsckpid = 0x0,
>   um_softdep = 0xfffff80167997000,
> ---Type <return> to continue, or q <return> to quit---
>   um_quotas = {0x0, 0x0},
>   um_cred = {0x0, 0x0},
>   um_btime = {0x0, 0x0},
>   um_itime = {0x0, 0x0},
>   um_qflags = {0x0, 0x0},
>   um_savedmaxfilesize = 0x0,
>   um_candelete = 0x0,
>   um_writesuspended = 0x0,
>   um_balloc = 0xffffffff80b9ff30,
>   um_blkatoff = 0xffffffff80bc4950,
>   um_truncate = 0xffffffff80ba1fd0,
>   um_update = 0xffffffff80ba1c60,
>   um_valloc = 0xffffffff80b9ac70,
>   um_vfree = 0xffffffff80b9ba70,
>   um_ifree = 0xffffffff80bc9210,
>   um_rdonly = 0xffffffff80ba3bc0,
>   um_snapgone = 0xffffffff80ba7580
> }

> (kgdb) print /x ((struct ufsmount *)wk->wk_mp->mnt_data)[0].um_softdep[0]
> $6 = {
>   sd_fslock = {
>     lock_object = {
>       lo_name = 0xffffffff810502ea,
>       lo_flags = 0x5230000,
>       lo_data = 0x0,
>       lo_witness = 0xfffffe0000b1ca80
>     },
>     rw_lock = 0xfffff8041cb8f980
>   },
>   sd_workitem_pending = {
>     lh_first = 0xfffff801670f6a00
>   },
>   sd_worklist_tail = 0xffffffffffffffff,
>   sd_journal_pending = {
>     lh_first = 0x0
>   },
>   sd_journal_tail = 0x0,
>   sd_jblocks = 0x0,
>   sd_unlinked = {
>     tqh_first = 0x0,
>     tqh_last = 0xfffff80167997048
>   },
>   sd_dirtycg = {
>     lh_first = 0xfffff801672de900
>   },
>   sd_mkdirlisthd = {
>     lh_first = 0x0
>   },
>   sd_pdhash = 0xfffffe0002467000,
>   sd_pdhashsize = 0xffff,
>   sd_pdnextclean = 0x0,
>   sd_idhash = 0xfffffe00024e7000,
>   sd_idhashsize = 0x3ffff,
>   sd_idnextclean = 0x0,
>   sd_newblkhash = 0xfffffe00026e7000,
>   sd_newblkhashsize = 0x7ffff,
>   sd_bmhash = 0xfffffe0002207000,
> ---Type <return> to continue, or q <return> to quit---
>   sd_bmhashsize = 0x3ff,
>   sd_indirhash = 0xfffff801679a5070,
>   sd_indirhashsize = 0x0,
>   sd_on_journal = 0x0,
>   sd_on_worklist = 0x2,
>   sd_deps = 0x76e7,
>   sd_accdeps = 0xa1d66,
>   sd_req = 0x0,
>   sd_flags = 0x0,
>   sd_cleanups = 0x0,
>   sd_flushtd = 0xfffff801679264c0,
>   sd_next = {
>     tqe_next = 0x0,
>     tqe_prev = 0xffffffff817d8798
>   },
>   sd_ump = 0xfffff80167229200,
>   sd_curdeps = {0x1a3, 0x105f, 0x5, 0x1, 0x30e4, 0x172, 0x22c4, 0x1, 0x2f, 0x32, 0xf21, 0x0, 0x8, 0x0,
>     0x3a, 0x0 <repeats 13 times>}
> }

> (kgdb) frame 11
> #11 0xffffffff80bc1813 in free_newblk (newblk=0xfffff8006d6f3700)
>     at /usr/img/freebsd/sys/ufs/ffs/ffs_softdep.c:7414
> 7414			add_to_worklist(&freefrag->ff_list, 0);
> (kgdb) print *newblk
> $7 = {
>   nb_list = {
>     wk_list = {
>       le_next = 0xffffffffffffffff,
>       le_prev = 0xffffffffffffffff
>     },
>     wk_mp = 0xfffff80167201000,
>     wk_type = 4,
>     wk_state = 257
>   },
>   nb_hash = {
>     le_next = 0x0,
>     le_prev = 0xfffffe00029963c0
>   },
>   nb_deps = {
>     le_next = 0xffffffffffffffff,
>     le_prev = 0xffffffffffffffff
>   },
>   nb_jnewblk = 0x0,
>   nb_bmsafemap = 0xfffff801672de900,
>   nb_freefrag = 0x0,
>   nb_indirdeps = {
>     lh_first = 0x0
>   },
>   nb_newdirblk = {
>     lh_first = 0x0
>   },
>   nb_jwork = {
>     lh_first = 0x0
>   },
>   nb_newblkno = 66412152
> }

--HPS

More information about the freebsd-current mailing list