Re: panic in vfs_lookup/kern_statat_vnhook?

From: John Baldwin <jhb_at_freebsd.org>
Date: Wed, 23 May 2012 09:30:03 -0400
On Wednesday, May 23, 2012 12:28:53 am Ian FREISLICH wrote:
> John Baldwin wrote:
> > On Tuesday, May 22, 2012 2:36:06 pm Ian FREISLICH wrote:
> > > Hi
> > > 
> > > I've had quite a few reproduceable panics that look to be VFS
> > > related.  The trigger is relatively heavy concurrent disk IO.
> > > I can trigger it easily two ways:
> > > 
> > > 1. running my backup script which essentially does:
> > > 	cd /; rsync --one-file-system --delete -aHv . /backup
> > > 	cd /tmp; rsync --one-file-system --delete -aHv . /backup/tmp
> > > 	cd /usr; rsync --one-file-system --delete -aHv . /backup/usr
> > > 	cd /var; rsync --one-file-system --delete -aHv . /backup/var
> > > 
> > > 2. While updating with cvsup or csup, launch firefox.
> > > 
> > > Both reliably provoke the panic:
> > > 
> > > #0  doadump (textdump=1) at pcpu.h:244
> > > #1  0xc06aa895 in kern_reboot (howto=260)
> > >     at /usr/src/sys/kern/kern_shutdown.c:454
> > > #2  0xc06aad36 in panic (fmt=Variable "fmt" is not available.
> > > ) at /usr/src/sys/kern/kern_shutdown.c:642
> > > #3  0xc087adee in trap_fatal (frame=0xedb365c8, eva=28)
> > >     at /usr/src/sys/i386/i386/trap.c:1022
> > > #4  0xc087aed8 in trap_pfault (frame=0xedb365c8, usermode=0, eva=28)
> > >     at /usr/src/sys/i386/i386/trap.c:875
> > > #5  0xc087bc4d in trap (frame=0xedb365c8) at 
/usr/src/sys/i386/i386/trap.c:
> 546
> > > #6  0xc086687c in calltrap () at /usr/src/sys/i386/i386/exception.s:169
> > > #7  0xc0878682 in pmap_enter (pmap=0xc09e4060, va=3359633408, access=7 
'\a'
> , 
> > >     m=0xc3073f70, prot=7 '\a', wired=1) at 
/usr/src/sys/i386/i386/pmap.c:15
> 96
> > 
> > This is the actual panic.  Can you go to this frame?  The VFS bits don't
> > matter, the pmap code blew up trying to malloc another vnode.
> 
> (kgdb) frame 7
> #7  0xc0878682 in pmap_enter (pmap=0xc09e4060, va=3359633408, access=7 '\a', 
>     m=0xc191bf70, prot=7 '\a', wired=1) at 
/usr/src/sys/i386/i386/pmap.c:1596
> 1596                    root = vm_page_splay(mpte->pindex, root);
> (kgdb) l
> 1591            root = pmap->pm_root;
> 1592            if (root == NULL) {
> 1593                    mpte->left = NULL;
> 1594                    mpte->right = NULL;
> 1595            } else {
> 1596                    root = vm_page_splay(mpte->pindex, root);
> 1597                    if (mpte->pindex < root->pindex) {
> 1598                            mpte->left = root->left;
> 1599                            mpte->right = root;
> 1600                            root->left = NULL;

Ok, can you do 'p root', 'p mpte', and 'p *mpte'?

-- 
John Baldwin
Received on Wed May 23 2012 - 11:34:09 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:27 UTC