Date: Thu, 17 Nov 2005 15:30:50 -0600 (CST) From: Ivo Janssen <ivo@distributed.net> To: Bruce Evans <bde@zeta.org.au> Cc: freebsd-amd64@FreeBSD.org Subject: Re: amd64/89202: Kernel crash when accessing filesystem Message-ID: <20051117143605.N364@mentat.ivo.nu> In-Reply-To: <20051118071624.V96570@delplex.bde.org> References: <200511171820.jAHIKJef046199@freefall.freebsd.org> <20051118071624.V96570@delplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm sure you've thought about this, but I can see the following improvements to be made: - make dirsize 64bit - add checks to the multiplication operation to make sure it doesn't overflow at runtime - add logic tunefs and newfs so that user cannot set values that will lead to kernel panics - add at the very least huge warnings to the newfs and tunefs manpages, or mention why their usefulness is limited. This particular partition is used for a huge postgres database, which typically use files holding the actual tables. We assumed tuning the fs would gain us some improvements... -Ivo On Fri, 18 Nov 2005, Bruce Evans wrote: > On Thu, 17 Nov 2005, Ivo Janssen wrote: > >> I recreated the filesystem without the huge -f (avg filesize) option, >> which we had initially set to 1Gb: >> # newfs -U -O2 -b 8192 -f 1024 >> # tunefs -e 20480 (10x the default) >> >> With the defaults of avg filesize of 16384, we don't see a crash. I >> then started playing with tunefs. >> Increasing the avg filesize to -f 16777216 (16Mb), we don't see a crash. >> Increasing the avg filesize to -f 33554432 (32Mb), we repro the crash. > > I have had the following comment about this bug (but haven't fixed it) for > many years > > % Index: ffs_alloc.c > % =================================================================== > % RCS file: /home/ncvs/src/sys/ufs/ffs/ffs_alloc.c,v > % retrieving revision 1.121 > % diff -u -2 -r1.121 ffs_alloc.c > % --- ffs_alloc.c 16 Jun 2004 09:47:25 -0000 1.121 > % +++ ffs_alloc.c 28 Oct 2004 15:12:47 -0000 > % @@ -964,4 +991,11 @@ > % minbfree = 1; > % cgsize = fs->fs_fsize * fs->fs_fpg; > % + /* > % + * XXX the following multiplication can overflow, since newfs can > % + * be abused to set fs_avgfilesize and fs_avgfpdir to preposterous > % + * values. For the particular preposterous values of (64M, 16), > % + * the multiplication overflows to 0 and then dirsize = 0 sometimes > % + * causes division by 0. > % + */ > % dirsize = fs->fs_avgfilesize * fs->fs_avgfpdir; > % curdirsize = avgndir ? (cgsize - avgbfree * fs->fs_bsize) / avgndir : > 0; > > This bug is easy to work around by not changing fs->fs_avgfilesize or > fs->fs_avgfpdir. Tuning them has limited useful effects. > > Bruce > > Ivo -- +--------------------------------------------------------------------- | IVO JANSSEN - ivo at ivo.nu - http://ivo.nu/ | finger ivo at finger.ivo.nu for PGP and more info | Part of the world's largest computer: http://www.distributed.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051117143605.N364>