Panic in vfs_cache on i386

From: Joe Marcus Clarke <marcus_at_FreeBSD.org>
Date: Tue, 14 Apr 2009 02:17:48 -0400
I'm seeing this panic on my -CURRENT i386 Tinderbox machine (using
looped back NFS).  The backtrace does not point to a line number in
vfs_cache.c, and I can't figure out how atomic_cmpset_int is being
called, so I'm confused as to exactly what is causing this.  Any clues?

FreeBSD fugu.marcuscom.com 8.0-CURRENT FreeBSD 8.0-CURRENT #20: Mon Apr 13 17:21:39 EDT 2009     gnome_at_fugu.marcuscom.com:/space/obj/usr/src/sys/FUGU  i386

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address	= 0x84
fault code		= supervisor write, page not present
instruction pointer	= 0x20:0x80670cf0
stack pointer	        = 0x28:0xb9d59974
frame pointer	        = 0x28:0xb9d599a0
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 82240 (sh)
panic: from debugger
cpuid = 1


#0  doadump () at pcpu.h:246
#1  0x804958c9 in db_fncall (dummy1=1, dummy2=0, dummy3=-2137255936, dummy4=0xb9d59708 "\200��\204") at /usr/src/sys/ddb/db_command.c:548
#2  0x80495cc1 in db_command (last_cmdp=0x8094251c, cmd_table=0x0, dopager=1) at /usr/src/sys/ddb/db_command.c:445
#3  0x80495e1a in db_command_loop () at /usr/src/sys/ddb/db_command.c:498
#4  0x80497c5d in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_main.c:229
#5  0x80629ef6 in kdb_trap (type=12, code=0, tf=0xb9d59934) at /usr/src/sys/kern/subr_kdb.c:534
#6  0x808666ef in trap_fatal (frame=0xb9d59934, eva=132) at /usr/src/sys/i386/i386/trap.c:917
#7  0x80866990 in trap_pfault (frame=0xb9d59934, usermode=0, eva=132) at /usr/src/sys/i386/i386/trap.c:839
#8  0x80867362 in trap (frame=0xb9d59934) at /usr/src/sys/i386/i386/trap.c:521
#9  0x8084b93b in calltrap () at /usr/src/sys/i386/i386/exception.s:165
#10 0x80670cf0 in cache_lookup (dvp=0x8a55a10c, vpp=0xb9d59b78, cnp=0xb9d59b8c) at atomic.h:153
#11 0x80670f93 in vfs_cache_lookup (ap=0xb9d59a40) at /usr/src/sys/kern/vfs_cache.c:869
#12 0x808736e6 in VOP_LOOKUP_APV (vop=0x8092a680, a=0xb9d59a40) at vnode_if.c:123
#13 0x80678351 in lookup (ndp=0xb9d59b60) at vnode_if.h:54
#14 0x806792ab in namei (ndp=0xb9d59b60) at /usr/src/sys/kern/vfs_lookup.c:256
#15 0x8068893b in kern_statat_vnhook (td=0x86085000, flag=0, fd=-100, path=0x33f02400 <Address 0x33f02400 out of bounds>, pathseg=UIO_USERSPACE, sbp=0xb9d59c18, hook=0) at /usr/src/sys/kern/vfs_syscalls.c:2356
#16 0x80688aac in kern_statat (td=0x86085000, flag=0, fd=-100, path=0x33f02400 <Address 0x33f02400 out of bounds>, pathseg=UIO_USERSPACE, sbp=0xb9d59c18) at /usr/src/sys/kern/vfs_syscalls.c:2337
#17 0x80688bf6 in kern_stat (td=0x86085000, path=0x33f02400 <Address 0x33f02400 out of bounds>, pathseg=UIO_USERSPACE, sbp=0xb9d59c18) at /usr/src/sys/kern/vfs_syscalls.c:2329
#18 0x80688c9f in stat (td=0x86085000, uap=0xb9d59cf8) at /usr/src/sys/kern/vfs_syscalls.c:2298
#19 0x80866cd5 in syscall (frame=0xb9d59d38) at /usr/src/sys/i386/i386/trap.c:1066
#20 0x8084b9a0 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:261
#21 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)

print *dvp
$6 = {v_type = VDIR, v_tag = 0x808c518a "ufs", v_op = 0x8092a160, 
  v_data = 0x8a1f707c, v_mount = 0x8531b500, v_nmntvnodes = {
    tqe_next = 0x8a554754, tqe_prev = 0x8a55a65c}, v_un = {vu_mount = 0x0, 
    vu_socket = 0x0, vu_cdev = 0x0, vu_fifoinfo = 0x0, vu_yield = 0}, 
  v_hashlist = {le_next = 0x8600d324, le_prev = 0x8503b170}, 
  v_hash = 10739825, v_cache_src = {lh_first = 0x0}, v_cache_dst = {
    tqh_first = 0x0, tqh_last = 0x8a55a13c}, v_cache_dd = 0x86770120, 
  v_cstart = 0, v_lasta = 0, v_lastw = 0, v_clen = 0, v_lock = {lock_object = {
      lo_name = 0x808c518a "ufs", lo_flags = 91947009, lo_data = 0, 
      lo_witness = 0x0}, lk_lock = 1, lk_timo = 51, lk_pri = 80}, 
  v_interlock = {lock_object = {lo_name = 0x808d15c1 "vnode interlock", 
      lo_flags = 16973824, lo_data = 0, lo_witness = 0x0}, mtx_lock = 4}, 
  v_vnlock = 0x8a55a164, v_holdcnt = 3, v_usecount = 3, v_iflag = 0, 
  v_vflag = 0, v_writecount = 0, v_freelist = {tqe_next = 0x0, 
    tqe_prev = 0x0}, v_bufobj = {bo_mtx = {lock_object = {
        lo_name = 0x808d15d1 "bufobj interlock", lo_flags = 16973824, 
        lo_data = 0, lo_witness = 0x0}, mtx_lock = 4}, bo_clean = {bv_hd = {
        tqh_first = 0x0, tqh_last = 0x8a55a1c8}, bv_root = 0x0, bv_cnt = 0}, 
    bo_dirty = {bv_hd = {tqh_first = 0x0, tqh_last = 0x8a55a1d8}, 
      bv_root = 0x0, bv_cnt = 0}, bo_numoutput = 0, bo_flag = 0, 
    bo_ops = 0x8091ab80, bo_bsize = 16384, bo_object = 0x8a6c245c, 
    bo_synclist = {le_next = 0x0, le_prev = 0x0}, bo_private = 0x8a55a10c, 
    __bo_vnode = 0x8a55a10c}, v_pollinfo = 0x0, v_label = 0x0, v_lockf = 0x0}

print *vpp
$7 = (struct vnode *) 0x0

print *cnp
$9 = {cn_nameiop = 0, cn_flags = 83943748, cn_thread = 0x86085000, 
  cn_cred = 0x85ad4d00, cn_lkflags = 2097152, cn_pnbuf = 0x8acf6400 "..", 
  cn_nameptr = 0x8acf6400 "..", cn_namelen = 2, cn_consume = 0}

Joe

-- 
Joe Marcus Clarke
FreeBSD GNOME Team      ::      gnome_at_FreeBSD.org
FreeNode / #freebsd-gnome
http://www.FreeBSD.org/gnome
Received on Tue Apr 14 2009 - 04:17:49 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:46 UTC