[Bug 219935] Kernel panic in getnewvnode (possibly ZFS related)

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219935

--- Comment #2 from Raimo Niskanen <raimo+freebsd at erix.ericsson.se> ---
Nope. I do not have that core file - it has wrapped away long ago...

But I have a fresher one (I get a new about every 3 days):

sasquatch.otp.ericsson.se dumped core - see /var/crash/vmcore.4

Sat Aug 12 04:18:54 CEST 2017

FreeBSD sasquatch.otp.ericsson.se 10.3-RELEASE-p20 FreeBSD 10.3-RELEASE-p20 #0:
Wed Jul 12 03:13:07 UTC 2017    
root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64

panic: page fault

GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...

Unread portion of the kernel message buffer:
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 92526 (find)
trap number             = 12
panic: page fault
cpuid = 1
KDB: stack backtrace:
#0 0xffffffff8098e810 at kdb_backtrace+0x60
#1 0xffffffff809514e6 at vpanic+0x126
#2 0xffffffff809513b3 at panic+0x43
#3 0xffffffff80d5649b at trap_fatal+0x36b
#4 0xffffffff80d5679d at trap_pfault+0x2ed
#5 0xffffffff80d55e1a at trap+0x47a
#6 0xffffffff80d3bde2 at calltrap+0x8
#7 0xffffffff809f59b0 at getnewvnode+0x1c0
#8 0xffffffff81a51dda at zfs_znode_alloc+0x5a
#9 0xffffffff81a52ee2 at zfs_zget+0x2a2
#10 0xffffffff81a6b195 at zfs_dirent_lock+0x4a5
#11 0xffffffff81a6b43d at zfs_dirlook+0x17d
#12 0xffffffff81a817f0 at zfs_lookup+0x2e0
#13 0xffffffff81a81c9d at zfs_freebsd_lookup+0x6d
#14 0xffffffff80e80f01 at VOP_CACHEDLOOKUP_APV+0xa1
#15 0xffffffff809e4906 at vfs_cache_lookup+0xd6
#16 0xffffffff80e80df1 at VOP_LOOKUP_APV+0xa1
#17 0xffffffff809ed021 at lookup+0x5a1
Uptime: 3d1h11m26s
Dumping 1841 out of 12215 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%

Reading symbols from /mnt/boot/kernel/zfs.ko.symbols...done.
Loaded symbols for /mnt/boot/kernel/zfs.ko.symbols
Reading symbols from /mnt/boot/kernel/opensolaris.ko.symbols...done.
Loaded symbols for /mnt/boot/kernel/opensolaris.ko.symbols
Reading symbols from /mnt/boot/kernel/geom_mirror.ko.symbols...done.
Loaded symbols for /mnt/boot/kernel/geom_mirror.ko.symbols
Reading symbols from /mnt/boot/kernel/fdescfs.ko.symbols...done.
Loaded symbols for /mnt/boot/kernel/fdescfs.ko.symbols
Reading symbols from /mnt/boot/kernel/ums.ko.symbols...done.
Loaded symbols for /mnt/boot/kernel/ums.ko.symbols
Reading symbols from /mnt/boot/kernel/uhid.ko.symbols...done.
Loaded symbols for /mnt/boot/kernel/uhid.ko.symbols
Reading symbols from /mnt/boot/kernel/pf.ko.symbols...done.
Loaded symbols for /mnt/boot/kernel/pf.ko.symbols
#0  doadump (textdump=<value optimized out>) at pcpu.h:219
219     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) bt
#0  doadump (textdump=<value optimized out>) at pcpu.h:219
#1  0xffffffff80951142 in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:486
#2  0xffffffff80951525 in vpanic (fmt=<value optimized out>, ap=<value
optimized out>) at /usr/src/sys/kern/kern_shutdown.c:889
#3  0xffffffff809513b3 in panic (fmt=0x0) at
/usr/src/sys/kern/kern_shutdown.c:818
#4  0xffffffff80d5649b in trap_fatal (frame=<value optimized out>, eva=<value
optimized out>) at /usr/src/sys/amd64/amd64/trap.c:858
#5  0xffffffff80d5679d in trap_pfault (frame=0xfffffe034fc3fec0,
usermode=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:681
#6  0xffffffff80d55e1a in trap (frame=0xfffffe034fc3fec0) at
/usr/src/sys/amd64/amd64/trap.c:447
#7  0xffffffff80d3bde2 in calltrap () at
/usr/src/sys/amd64/amd64/exception.S:236
#8  0xffffffff809f7755 in vholdl (vp=0xfffff801ed8b0ce8) at
/usr/src/sys/kern/vfs_subr.c:2468
#9  0xffffffff809f59b0 in getnewvnode (tag=0xffffffff81af1c7b "zfs",
mp=0xfffff8002cfae660, vops=0xffffffff81b048e0, vpp=0xfffffe034fc40170)
    at /usr/src/sys/kern/vfs_subr.c:2163
#10 0xffffffff81a51dda in zfs_znode_alloc (zfsvfs=0xfffff8002ce75000,
db=0xfffff803145caaf8, blksz=1536, obj_type=DMU_OT_SA, hdl=0x0)
    at
/usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c:630
#11 0xffffffff81a52ee2 in zfs_zget (zfsvfs=0xfffff8002ce75000, obj_num=143239,
zpp=0xfffffe034fc40328)
    at
/usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c:1221
#12 0xffffffff81a6b195 in zfs_dirent_lock (dlpp=0xfffffe034fc40330, dzp=<value
optimized out>, name=<value optimized out>, zpp=0xfffffe034fc40328, 
    flag=<value optimized out>, direntflags=<value optimized out>,
realpnp=<value optimized out>)
    at
/usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_dir.c:318
#13 0xffffffff81a6b43d in zfs_dirlook (dzp=0xfffff8003d7525c0,
name=0xfffffe034fc40410 "msg-12736-1.txt", vpp=0xfffffe034fc40858, 
    flags=<value optimized out>, deflg=0x0, rpnp=0x0) at
/usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_dir.c:426
#14 0xffffffff81a817f0 in zfs_lookup () at
/usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1545
#15 0xffffffff81a81c9d in zfs_freebsd_lookup (ap=0xfffffe034fc40578)
    at
/usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:6195
#16 0xffffffff80e80f01 in VOP_CACHEDLOOKUP_APV (vop=<value optimized out>,
a=<value optimized out>) at vnode_if.c:197
#17 0xffffffff809e4906 in vfs_cache_lookup (ap=<value optimized out>) at
vnode_if.h:80
#18 0xffffffff80e80df1 in VOP_LOOKUP_APV (vop=<value optimized out>, a=<value
optimized out>) at vnode_if.c:129
#19 0xffffffff809ed021 in lookup (ndp=0xfffffe034fc407f8) at vnode_if.h:54
#20 0xffffffff809ec784 in namei (ndp=0xfffffe034fc407f8) at
/usr/src/sys/kern/vfs_lookup.c:302
#21 0xffffffff80a00ece in kern_statat_vnhook (td=0xfffff801ed35c000,
flag=<value optimized out>, fd=-100, 
    path=0x801022308 <Address 0x801022308 out of bounds>,
pathseg=UIO_USERSPACE, sbp=0xfffffe034fc40910, hook=0xfffff801ed8b0da8)
    at /usr/src/sys/kern/vfs_syscalls.c:2301
#22 0xffffffff80a00ddc in sys_fstatat (td=0xfffff801ed8b0ce8,
uap=0xfffffe034fc40a40) at /usr/src/sys/kern/vfs_syscalls.c:2281
#23 0xffffffff80d56e6f in amd64_syscall (td=0xfffff801ed35c000, traced=0) at
subr_syscall.c:141
#24 0xffffffff80d3c0cb in Xfast_syscall () at
/usr/src/sys/amd64/amd64/exception.S:396
#25 0x00000008008b6cba in ?? ()
Previous frame inner to this frame (corrupt stack?)
Current language:  auto; currently minimal


(kgdb) fr 8
#8  0xffffffff809f7755 in vholdl (vp=0xfffff801ed8b0ce8) at
/usr/src/sys/kern/vfs_subr.c:2468
2468            TAILQ_INSERT_HEAD(&mp->mnt_activevnodelist, vp, v_actfreelist);
(kgdb) set print pretty
(kgdb) p *vp
$1 = {
  v_tag = 0xffffffff81af1c7b "zfs", 
  v_op = 0xffffffff81b048e0, 
  v_data = 0x0, 
  v_mount = 0x0, 
  v_nmntvnodes = {
    tqe_next = 0xfffff801eda4b938, 
    tqe_prev = 0xfffff80118c5c1f8
  }, 
  v_un = {
    vu_mount = 0x0, 
    vu_socket = 0x0, 
    vu_cdev = 0x0, 
    vu_fifoinfo = 0x0
  }, 
  v_hashlist = {
    le_next = 0x0, 
    le_prev = 0xfffffe0000a39748
  }, 
  v_cache_src = {
    lh_first = 0x0
  }, 
  v_cache_dst = {
    tqh_first = 0xfffff800178c6a80, 
    tqh_last = 0xfffff800178c6aa0
  }, 
  v_cache_dd = 0x0, 
  v_lock = {
    lock_object = {
      lo_name = 0xffffffff81af1c7b "zfs", 
      lo_flags = 117112840, 
      lo_data = 0, 
      lo_witness = 0x0
    }, 
    lk_lock = 1, 
    lk_exslpfail = 0, 
    lk_timo = 51, 
    lk_pri = 96
  }, 
  v_interlock = {
    lock_object = {
      lo_name = 0xffffffff80fe4d4c "vnode interlock", 
      lo_flags = 16973824, 
      lo_data = 0, 
      lo_witness = 0x0
    }, 
    mtx_lock = 4
  }, 
  v_vnlock = 0xfffff801ed8b0d50, 
  v_actfreelist = {
    tqe_next = 0xfffff80227ca4b10, 
    tqe_prev = 0xfffff80023a5a648
  }, 
  v_bufobj = {
    bo_lock = {
      lock_object = {
        lo_name = 0xffffffff80fe4d5c "bufobj interlock", 
        lo_flags = 86179840, 
        lo_data = 0, 
        lo_witness = 0x0
      }, 
      rw_lock = 1
    }, 
    bo_ops = 0xffffffff814b7380, 
    bo_object = 0x0, 
    bo_synclist = {
      le_next = 0x0, 
      le_prev = 0x0
    }, 
    bo_private = 0xfffff801ed8b0ce8, 
    __bo_vnode = 0xfffff801ed8b0ce8, 
    bo_clean = {
      bv_hd = {
        tqh_first = 0x0, 
        tqh_last = 0xfffff801ed8b0e08
      }, 
      bv_root = {
        pt_root = 0
      }, 
      bv_cnt = 0
    }, 
    bo_dirty = {
      bv_hd = {
        tqh_first = 0x0, 
        tqh_last = 0xfffff801ed8b0e28
      }, 
      bv_root = {
        pt_root = 0
      }, 
      bv_cnt = 0
    }, 
    bo_numoutput = 0, 
    bo_flag = 0, 
    bo_bsize = 131072
  }, 
  v_pollinfo = 0x0, 
  v_label = 0x0, 
  v_lockf = 0x0, 
  v_rl = {
    rl_waiters = {
      tqh_first = 0x0, 
      tqh_last = 0xfffff801ed8b0e70
    }, 
    rl_currdep = 0x0
  }, 
  v_cstart = 0, 
  v_lasta = 0, 
  v_lastw = 0, 
  v_clen = 0, 
  v_holdcnt = 1, 
  v_usecount = 0, 
  v_iflag = 512, 
  v_vflag = 0, 
  v_writecount = 0, 
  v_hash = 53603, 
  v_type = VNON
}

-- 
You are receiving this mail because:
You are the assignee for the bug.