[Bug 253158] Panic: snapacct_ufs2: bad block - Non-suJ mksnap_ffs(8) crash

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sat Feb 13 00:38:05 UTC 2021 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253158

--- Comment #18 from Cy Schubert <cy at FreeBSD.org> ---
slippy# kgdb /alt/vm64/root/usr/lib/debug/boot/kernel/kernel.debug vmcore.0
GNU gdb (GDB) 10.1 [GDB v10.1 for FreeBSD]
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd14.0".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /alt/vm64/root/usr/lib/debug/boot/kernel/kernel.debug...

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x30
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff809feb04
stack pointer           = 0x28:0xfffffe0097a84580
frame pointer           = 0x28:0xfffffe0097a845c0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 1154 (fstyp)
trap number             = 12
panic: page fault
cpuid = 0
time = 1613173364
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe0097a84230
vpanic() at vpanic+0x181/frame 0xfffffe0097a84280
panic() at panic+0x43/frame 0xfffffe0097a842e0
trap_fatal() at trap_fatal+0x387/frame 0xfffffe0097a84340
trap_pfault() at trap_pfault+0x4f/frame 0xfffffe0097a843a0
trap() at trap+0x27d/frame 0xfffffe0097a844b0
calltrap() at calltrap+0x8/frame 0xfffffe0097a844b0
--- trap 0xc, rip = 0xffffffff809feb04, rsp = 0xfffffe0097a84580, rbp =
0xfffffe0097a845c0 ---
pmap_map_io_transient() at pmap_map_io_transient+0x44/frame 0xfffffe0097a845c0
pmap_copy_pages() at pmap_copy_pages+0xa7/frame 0xfffffe0097a84650
vn_io_fault_pgmove() at vn_io_fault_pgmove+0x99/frame 0xfffffe0097a84680
ffs_read() at ffs_read+0x2e7/frame 0xfffffe0097a84710
VOP_READ_APV() at VOP_READ_APV+0x1f/frame 0xfffffe0097a84730
vn_read() at vn_read+0x1ed/frame 0xfffffe0097a847b0
vn_io_fault_doio() at vn_io_fault_doio+0x43/frame 0xfffffe0097a84810
vn_io_fault1() at vn_io_fault1+0x2c4/frame 0xfffffe0097a84960
vn_io_fault() at vn_io_fault+0x1a4/frame 0xfffffe0097a849e0
dofileread() at dofileread+0x81/frame 0xfffffe0097a84a30
kern_preadv() at kern_preadv+0x62/frame 0xfffffe0097a84a70
sys_pread() at sys_pread+0x8a/frame 0xfffffe0097a84ac0
amd64_syscall() at amd64_syscall+0x10c/frame 0xfffffe0097a84bf0
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0097a84bf0
--- syscall (475, FreeBSD ELF64, sys_pread), rip = 0x2c0408fa, rsp =
0x7fffffffe258, rbp = 0x7fffffffe280 ---
Uptime: 2m31s
Dumping 163 out of 480 MB:..10%..20%..30%..40%..49%..59%..69%..79%..89%..98%

__curthread () at /opt/src/git-src/sys/amd64/include/pcpu_aux.h:55
55              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct
pcpu,
(kgdb) bt
#0  __curthread () at /opt/src/git-src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=textdump at entry=1) at
/opt/src/git-src/sys/kern/kern_shutdown.c:399
#2  0xffffffff806b7b4b in kern_reboot (howto=260) at
/opt/src/git-src/sys/kern/kern_shutdown.c:486
#3  0xffffffff806b7fd0 in vpanic (fmt=<optimized out>, ap=<optimized out>)
    at /opt/src/git-src/sys/kern/kern_shutdown.c:919
#4  0xffffffff806b7dd3 in panic (fmt=<unavailable>) at
/opt/src/git-src/sys/kern/kern_shutdown.c:843
#5  0xffffffff80a0f6d7 in trap_fatal (frame=0xfffffe0097a844c0, eva=48)
    at /opt/src/git-src/sys/amd64/amd64/trap.c:915
#6  0xffffffff80a0f72f in trap_pfault (frame=frame at entry=0xfffffe0097a844c0,
usermode=false, 
    signo=<optimized out>, signo at entry=0x0, ucode=<optimized out>,
ucode at entry=0x0)
    at /opt/src/git-src/sys/amd64/amd64/trap.c:732
#7  0xffffffff80a0ed8d in trap (frame=0xfffffe0097a844c0)
    at /opt/src/git-src/sys/amd64/amd64/trap.c:398
#8  <signal handler called>
#9  0xffffffff809feb04 in pmap_map_io_transient
(page=page at entry=0xfffffe0097a845d0, 
    vaddr=vaddr at entry=0xfffffe0097a84610, count=count at entry=2,
can_fault=can_fault at entry=0)
    at /opt/src/git-src/sys/amd64/amd64/pmap.c:9979
#10 0xffffffff809fea17 in pmap_copy_pages (ma=0xfffffe0001312f00, a_offset=0, 
    mb=0xfffffe0097a7ca60, b_offset=0, xfersize=xfersize at entry=32768)
    at /opt/src/git-src/sys/amd64/amd64/pmap.c:7825
#11 0xffffffff807b4109 in vn_io_fault_pgmove (ma=0x0, offset=<optimized out>,
offset at entry=0, 
    xfersize=xfersize at entry=32768, uio=uio at entry=0xfffffe0097a848b0)
    at /opt/src/git-src/sys/kern/vfs_vnops.c:1513
#12 0xffffffff80937497 in ffs_read (ap=<optimized out>)
    at /opt/src/git-src/sys/ufs/ffs/ffs_vnops.c:789
#13 0xffffffff80a5264f in VOP_READ_APV (vop=0xffffffff80ce8588 <ffs_vnodeops2>, 
    a=a at entry=0xfffffe0097a84760) at vnode_if.c:1050
#14 0xffffffff807b7c8d in VOP_READ (vp=0xfffff800065f65b8,
uio=0xfffffe0097a848b0, ioflag=0, 
    cred=<optimized out>) at ./vnode_if.h:542
#15 vn_read (fp=0xfffff8000004d000, uio=0xfffffe0097a848b0,
active_cred=0xfffff80007a66b00, 
    flags=<optimized out>, td=<optimized out>) at
/opt/src/git-src/sys/kern/vfs_vnops.c:1027
#16 0xffffffff807b79f3 in vn_io_fault_doio (args=args at entry=0xfffffe0097a84970, 
    uio=uio at entry=0xfffffe0097a848b0, td=0xfffffe009781b100)
    at /opt/src/git-src/sys/kern/vfs_vnops.c:1174
#17 0xffffffff807b3a54 in vn_io_fault1 (vp=<optimized out>,
uio=uio at entry=0xfffffe0097a84a80, 
    args=args at entry=0xfffffe0097a84970, td=td at entry=0xfffffe009781b100)
    at /opt/src/git-src/sys/kern/vfs_vnops.c:1342
#18 0xffffffff807b0fc4 in vn_io_fault (fp=<optimized out>,
uio=0xfffffe0097a84a80, 
    active_cred=<optimized out>, flags=<optimized out>, td=<optimized out>)
    at /opt/src/git-src/sys/kern/vfs_vnops.c:1414
#19 0xffffffff807281f1 in fo_read (fp=0xfffff8000004d000,
uio=0xfffffe0097a84a80, active_cred=0x2, 
    flags=-1750577984, td=0xfffffe009781b100) at
/opt/src/git-src/sys/sys/file.h:330
#20 dofileread (td=td at entry=0xfffffe009781b100, fd=fd at entry=3,
fp=0xfffff8000004d000, 
    auio=auio at entry=0xfffffe0097a84a80, offset=<optimized out>,
offset at entry=20676608, 
    flags=<optimized out>, flags at entry=1) at
/opt/src/git-src/sys/kern/sys_generic.c:369
#21 0xffffffff80727fc2 in kern_preadv (td=0xfffffe009781b100, fd=3, 
    auio=auio at entry=0xfffffe0097a84a80, offset=20676608)
    at /opt/src/git-src/sys/kern/sys_generic.c:335
#22 0xffffffff80727eca in kern_pread (td=<optimized out>, fd=-1750579696,
buf=<optimized out>, 
    nbyte=18446741877230685376, offset=0) at
/opt/src/git-src/sys/kern/sys_generic.c:244
#23 sys_pread (td=0xfffffe0097a845d0, uap=<optimized out>)
    at /opt/src/git-src/sys/kern/sys_generic.c:226
#24 0xffffffff80a0ffdc in syscallenter (td=0xfffffe009781b100)
    at /opt/src/git-src/sys/amd64/amd64/../../kern/subr_syscall.c:189
#25 amd64_syscall (td=0xfffffe009781b100, traced=0) at
/opt/src/git-src/sys/amd64/amd64/trap.c:1156
#26 <signal handler called>
#27 0x000000002c0408fa in ?? ()
Backtrace stopped: Cannot access memory at address 0x7fffffffe258
(kgdb) 
(kgdb) p page[i]
value has been optimized out
(kgdb) p i
$16 = <optimized out>
(kgdb) p count
$17 = 2
(kgdb) p page[0]
$18 = (vm_page_t) 0xfffffe00005807e8
(kgdb) p page[1]
$19 = (vm_page_t) 0x0
(kgdb) 
(kgdb) up
#10 0xffffffff809fea17 in pmap_copy_pages (ma=0xfffffe0001312f00, a_offset=0, 
    mb=0xfffffe0097a7ca60, b_offset=0, xfersize=xfersize at entry=32768)
    at /opt/src/git-src/sys/amd64/amd64/pmap.c:7825
7825                    mapped = pmap_map_io_transient(pages, vaddr, 2, FALSE);
(kgdb) p pages
$20 = {0xfffffe00005807e8, 0x0}
(kgdb) p vaddr
$21 = {18446735277843750912, 18446735277723444664}
(kgdb) 
(kgdb) up
#10 0xffffffff809fea17 in pmap_copy_pages (ma=0xfffffe0001312f00, a_offset=0, 
    mb=0xfffffe0097a7ca60, b_offset=0, xfersize=xfersize at entry=32768)
    at /opt/src/git-src/sys/amd64/amd64/pmap.c:7825
7825                    mapped = pmap_map_io_transient(pages, vaddr, 2, FALSE);
(kgdb) p pages
$20 = {0xfffffe00005807e8, 0x0}
(kgdb) p vaddr
$21 = {18446735277843750912, 18446735277723444664}
(kgdb) 
(kgdb) l
7820                    pages[0] = ma[a_offset >> PAGE_SHIFT];
7821                    b_pg_offset = b_offset & PAGE_MASK;
7822                    pages[1] = mb[b_offset >> PAGE_SHIFT];
7823                    cnt = min(xfersize, PAGE_SIZE - a_pg_offset);
7824                    cnt = min(cnt, PAGE_SIZE - b_pg_offset);
7825                    mapped = pmap_map_io_transient(pages, vaddr, 2, FALSE);
7826                    a_cp = (char *)vaddr[0] + a_pg_offset;
7827                    b_cp = (char *)vaddr[1] + b_pg_offset;
7828                    bcopy(a_cp, b_cp, cnt);
7829                    if (__predict_false(mapped))
(kgdb) p pages[0]
$22 = (vm_page_t) 0xfffffe00005807e8
(kgdb) p pages[1]
$23 = (vm_page_t) 0x0
(kgdb) p b_offset
$24 = 0
(kgdb) p a_offset
$25 = 0
(kgdb) p ma[0]
$26 = (vm_page_t) 0xfffffe00005807e8
(kgdb) p mb[0]
$27 = (vm_page_t) 0x0
(kgdb) 

Break time is over.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-fs mailing list