amd64/89202: Kernel crash when accessing filesystem
ivo at distributed.net
Thu Nov 17 13:31:05 PST 2005
I'm sure you've thought about this, but I can see the following
improvements to be made:
- make dirsize 64bit
- add checks to the multiplication operation to make sure it doesn't
overflow at runtime
- add logic tunefs and newfs so that user cannot set values
that will lead to kernel panics
- add at the very least huge warnings to the newfs and tunefs
manpages, or mention why their usefulness is limited.
This particular partition is used for a huge postgres database, which
typically use files holding the actual tables. We assumed tuning the
fs would gain us some improvements...
On Fri, 18 Nov 2005, Bruce Evans wrote:
> On Thu, 17 Nov 2005, Ivo Janssen wrote:
>> I recreated the filesystem without the huge -f (avg filesize) option,
>> which we had initially set to 1Gb:
>> # newfs -U -O2 -b 8192 -f 1024
>> # tunefs -e 20480 (10x the default)
>> With the defaults of avg filesize of 16384, we don't see a crash. I
>> then started playing with tunefs.
>> Increasing the avg filesize to -f 16777216 (16Mb), we don't see a crash.
>> Increasing the avg filesize to -f 33554432 (32Mb), we repro the crash.
> I have had the following comment about this bug (but haven't fixed it) for
> many years
> % Index: ffs_alloc.c
> % ===================================================================
> % RCS file: /home/ncvs/src/sys/ufs/ffs/ffs_alloc.c,v
> % retrieving revision 1.121
> % diff -u -2 -r1.121 ffs_alloc.c
> % --- ffs_alloc.c 16 Jun 2004 09:47:25 -0000 1.121
> % +++ ffs_alloc.c 28 Oct 2004 15:12:47 -0000
> % @@ -964,4 +991,11 @@
> % minbfree = 1;
> % cgsize = fs->fs_fsize * fs->fs_fpg;
> % + /*
> % + * XXX the following multiplication can overflow, since newfs can
> % + * be abused to set fs_avgfilesize and fs_avgfpdir to preposterous
> % + * values. For the particular preposterous values of (64M, 16),
> % + * the multiplication overflows to 0 and then dirsize = 0 sometimes
> % + * causes division by 0.
> % + */
> % dirsize = fs->fs_avgfilesize * fs->fs_avgfpdir;
> % curdirsize = avgndir ? (cgsize - avgbfree * fs->fs_bsize) / avgndir :
> This bug is easy to work around by not changing fs->fs_avgfilesize or
> fs->fs_avgfpdir. Tuning them has limited useful effects.
| IVO JANSSEN - ivo at ivo.nu - http://ivo.nu/
| finger ivo at finger.ivo.nu for PGP and more info
| Part of the world's largest computer: http://www.distributed.net/
More information about the freebsd-amd64