Date: Thu, 9 May 2002 18:25:45 +0200 From: Robert Lillack <rob@lillack.de> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/37889: kernel panic when writing to a FAT32 partition Message-ID: <20020509182545.2a12c5c4.rob@lillack.de>
next in thread | raw e-mail | index | archive | help
>Number: 37889
>Category: kern
>Synopsis: kernel panic when writing to a FAT32 partition
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu May 09 09:30:01 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Robert Lillack <rob@lillack.de>
>Release: FreeBSD 4.6-PRERELEASE i386
>Organization:
none
>Environment:
System: FreeBSD sickbox.partywg.home 4.6-PRERELEASE FreeBSD 4.6-PRERELEASE
#4: Thu May 9 15:55:13 CEST 2002 root@sickbox
the problematic FAT32 partition /dev/ad0s6:
start 4176900, size 20643525 (10079 Meg), flag 0
beg: cyl 584/ head 0/ sector 1;
end: cyl 1023/ head 254/ sector 63
it is mounted writable on /mnt/dose
>Description:
When trying to write (mkdir/rm/...) to that partition, the system crashes.
Reading works. Other operating systems work. fsck_msdosfs finds no errors.
Other (smaller) FAT32 partitions on the same hard disk work.
The gdb output after the system crashed when i tried to create a directory
"test" in the root directory of that partition looks like this:
[root@sickbox:/usr/src/sys/compile/SICKBOX] gdb -k kernel.debug
/var/crash/vmcore.0 GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are welcome to change it and/or distribute copies of it under certain
conditions. Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details. This GDB was configured as "i386-unknown-freebsd"...
IdlePTD at phsyical address 0x0041b000
initial pcb at physical address 0x00306f40
panicstr: page fault
panic messages:
---
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0xe1bd8ffc
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc01a58e7
stack pointer = 0x10:0xd5986cdc
frame pointer = 0x10:0xd5986cec
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 298 (mkdir)
interrupt mask = none
trap number = 12
panic: page fault
syncing disks... 15 9 6 4 3 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
giving up on 1 buffers
Uptime: 5m2s
dumping to dev #ad/0x20009, offset 7840
dump ata0: resetting devices .. ad0: DMA limited to UDMA33, non-ATA66
cable or device done
[CUT OUT: counting down]
---
#0 dumpsys () at ../../kern/kern_shutdown.c:487
487 if (dumping++) {
(kgdb) where
#0 dumpsys () at ../../kern/kern_shutdown.c:487
#1 0xc016a6f3 in boot (howto=256) at ../../kern/kern_shutdown.c:316
#2 0xc016ab18 in poweroff_wait (junk=0xc02c2d8c, howto=-1070847825)
at ../../kern/kern_shutdown.c:595
#3 0xc027d02a in trap_fatal (frame=0xd5986c9c, eva=3787296764)
at ../../i386/i386/trap.c:966
#4 0xc027ccfd in trap_pfault (frame=0xd5986c9c, usermode=0,
eva=3787296764) at ../../i386/i386/trap.c:859
#5 0xc027c8e7 in trap (frame={tf_fs = 16, tf_es = 16, tf_ds = 16,
tf_edi = 7792, tf_esi = -1044541440, tf_ebp = -711430932,
tf_isp = -711430968, tf_ebx = -1044545536, tf_edx = 134217727,
tf_ecx = 31, tf_eax = -2147483648, tf_trapno = 12, tf_err = 0,
tf_eip = -1072015129, tf_cs = 8, tf_eflags = 68246, tf_esp =
268435455, tf_ss = 268435455}) at ../../i386/i386/trap.c:458
#6 0xc01a58e7 in updatefats (pmp=0xc1bd8000, bp=0xcc18123c, fatbn=7792)
at ../../msdosfs/msdosfs_fat.c:353
#7 0xc01a5f46 in fatchain (pmp=0xc1bd8000, start=994187, count=0,
fillwith=4294967295) at ../../msdosfs/msdosfs_fat.c:674
#8 0xc01a6065 in chainalloc (pmp=0xc1bd8000, start=994186, count=1,
fillwith=4294967295, retcluster=0xd5986dc4, got=0x0)
at ../../msdosfs/msdosfs_fat.c:748
#9 0xc01a6262 in clusteralloc (pmp=0xc1bd8000, start=0, count=1,
fillwith=4294967295, retcluster=0xd5986dc4, got=0x0)
at ../../msdosfs/msdosfs_fat.c:842
#10 0xc01aa581 in msdosfs_mkdir (ap=0xd5986e6c)
at ../../msdosfs/msdosfs_vnops.c:1368
#11 0xc019d632 in mkdir (p=0xd5953ac0, uap=0xd5986f80) at vnode_if.h:674
#12 0xc027d2d9 in syscall2 (frame={tf_fs = 47, tf_es = 47, tf_ds = 47,
tf_edi = 511, tf_esi = 1, tf_ebp = -1077937264, tf_isp = -711430188,
tf_ebx = -1077937176, tf_edx = 0, tf_ecx = 0, tf_eax = 136,
tf_trapno = 12, tf_err = 2, tf_eip = 134516968, tf_cs = 31,
tf_eflags = 663, tf_esp = -1077937324, tf_ss = 47})
at ../../i386/i386/trap.c:1167
#13 0xc0271185 in Xint0x80_syscall ()
#14 0x8048135 in ?? ()
(kgdb) up 6
#6 0xc01a58e7 in updatefats (pmp=0xc1bd8000, bp=0xcc18123c, fatbn=7792)
at ../../msdosfs/msdosfs_fat.c:353
353 if (pmp->pm_freeclustercount
For more information, please mail me.
>How-To-Repeat:
On that machine particular machine, every try to write to the filesystem
crashes the system again.
cd /mnt/dose
mkdir test
*** BANG ****
After rebooting the directory "test" is not there.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020509182545.2a12c5c4.rob>