Re: kernel panic with ZFS & VM subsystems: refcount == 1

From: Konstantin Belousov <kostikbel_at_gmail.com>
Date: Sun, 10 May 2015 23:10:57 +0300
On Sun, May 10, 2015 at 12:57:55PM -0700, Eitan Adler wrote:
> I left my computer on overnight and came back to find it sitting in
> ddb.  Here is the backtrace and a little more information.  Let me
> know what other debugging information I can provide.  I have vmcore.1
> and /boot/kernel
> 
You did not provided the panic message.
Your issue is most likely fixed by the r282706.
> 
> FreeBSD gravity.local 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r282701:
> Sat May  9 18:16:45 PDT 2015
> eitan_at_gravity.local:/usr/obj/usr/src/sys/EADLER  amd64
> 
> gdb$ b
> gdb$ bt
> #0  doadump (textdump=Unhandled dwarf expression opcode 0x93
> ) at pcpu.h:221
> #1  0xffffffff80353f86 in db_fncall (dummy1=<value optimized out>,
> dummy2=<value optimized out>, dummy3=<value optimized out>,
> dummy4=<value optimized out>) at /usr/src/sys/ddb/db_command.c:568
> #2  0xffffffff80353c6c in db_command (cmd_table=0x0) at
> /usr/src/sys/ddb/db_command.c:440
> #3  0xffffffff803539d4 in db_command_loop () at
> /usr/src/sys/ddb/db_command.c:493
> #4  0xffffffff80356510 in db_trap (type=<value optimized out>,
> code=Unhandled dwarf expression opcode 0x93
> ) at /usr/src/sys/ddb/db_main.c:251
> #5  0xffffffff80948f0e in kdb_trap (type=Unhandled dwarf expression opcode 0x93
> ) at /usr/src/sys/kern/subr_kdb.c:654
> #6  0xffffffff80d2262b in trap (frame=0xfffffe0232d601e0) at
> /usr/src/sys/amd64/amd64/trap.c:540
> #7  0xffffffff80d03302 in calltrap () at
> /usr/src/sys/amd64/amd64/exception.S:235
> #8  0xffffffff809485fe in kdb_enter (why=0xffffffff80fbf391 "panic",
> msg=0x80 <Address 0x80 out of bounds>) at cpufunc.h:63
> #9  0xffffffff8090c1b9 in vpanic (fmt=<value optimized out>, ap=<value
> optimized out>) at /usr/src/sys/kern/kern_shutdown.c:737
> #10 0xffffffff8090c002 in kassert_panic (fmt=<value optimized out>) at
> /usr/src/sys/kern/kern_shutdown.c:634
> #11 0xffffffff80bb03ea in vm_object_zdtor (mem=0xfffff8019f407400,
> size=<value optimized out>, arg=0xfffffe0232d60190) at
> /usr/src/sys/vm/vm_object.c:169
> #12 0xffffffff80b9d3d0 in uma_zfree_arg (zone=0xfffff8023f5de680,
> item=0xfffff8019f407400, udata=0x0) at /usr/src/sys/vm/uma_core.c:2723
> #13 0xffffffff80bc378e in vnode_pager_alloc
> (handle=0xfffff8017bdb23b0, size=0xe000, prot=Unhandled dwarf
> expression opcode 0x93
> ) at /usr/src/sys/vm/vnode_pager.c:240
> #14 0xffffffff80bc4051 in vnode_create_vobject (vp=0xfffff8017bdb23b0,
> isize=<value optimized out>, td=0xfffff800896ba940) at
> /usr/src/sys/vm/vnode_pager.c:144
> #15 0xffffffff81c80050 in zfs_freebsd_open (ap=0xfffffe0232d60668) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:6049
> #16 0xffffffff80e62a81 in VOP_OPEN_APV (vop=<value optimized out>,
> a=<value optimized out>) at vnode_if.c:467
> #17 0xffffffff809d1372 in vn_open_vnode (vp=0xfffff8017bdb23b0,
> fmode=Unhandled dwarf expression opcode 0x93
> ) at vnode_if.h:196
> #18 0xffffffff809d0f24 in vn_open_cred (ndp=0xfffffe0232d60880,
> flagp=0xfffffe0232d6095c, cmode=0x0, vn_open_flags=0xfffff800,
> cred=0xfffffe0232d60190, fp=0x0) at /usr/src/sys/kern/vfs_vnops.c:264
> #19 0xffffffff809ca327 in kern_openat (td=0xfffff800896ba940,
> fd=0xffffff9c, path=0x800daca1f <Address 0x800daca1f out of bounds>,
> pathseg=UIO_USERSPACE, flags=Cannot access memory at address 0x80
> ) at /usr/src/sys/kern/vfs_syscalls.c:1090
> #20 0xffffffff80d2354f in amd64_syscall (td=0xfffff800896ba940,
> traced=0x0) at subr_syscall.c:133
> #21 0xffffffff80d035eb in Xfast_syscall () at
> /usr/src/sys/amd64/amd64/exception.S:395
> #22 0x0000000800d98c7a in ?? ()
> Previous frame inner to this frame (corrupt stack?)
> Current language:  auto; currently minimal
> 
> gdb$ info frame
> Stack level 10, frame at 0xfffffe0232d603b0:
>  rip = 0xffffffff8090c002 in kassert_panic
> (/usr/src/sys/kern/kern_shutdown.c:634); saved rip 0xffffffff
> 80bb03ea
>                                   called by frame at
> 0xfffffe0232d603d0, caller of frame at 0xfffffe0232d60340
>  source language minimal.
>  Arglist at 0xfffffe0232d603a0, args: fmt=<value optimized out>
>  Locals at 0xfffffe0232d603a0, Previous frame's sp is 0xfffffe0232d603b0
>  Saved registers:
>   rax at 0xfffffe0232d60210, rbx at 0xfffffe0232d60388, rcx at
> 0xfffffe0232d601f8, rdx at 0xfffffe0232d6
> 01f0, rsi at 0xfffffe0232d601e8, rdi at 0xfffffe0232d601e0, rbp at
> 0xfffffe0232d603a0, r8 at 0xfffffe0232d60200, r9 at
> 0xfffffe0232d60208, r10 at 0xfffffe0232d60228, r11 at
> 0xfffffe0232d60230, r12 at 0xfffffe0232d60318, r13 at
> 0xfffffe0232d60240, r14 at 0xfffffe0232d60390, r15 at
> 0xfffffe0232d60398, rip at 0xfffffe0232d603a8, eflags at
> 0xfffffe0232d60288, cs at 0xfffffe0232d60280, ss at 0xfffffe0232d60298
>        gdb$ up
> #11 0xffffffff80bb03ea in vm_object_zdtor (mem=0xfffff8019f407400,
> size=<value optimized out>, arg=0xfff
> ffe0232d60190) at /usr/src/sys/vm/vm_object.c:169
>                                  169
> KASSERT(object->ref_count == 0,
> gdb$ info frame
> Stack level 11, frame at 0xfffffe0232d603d0:
>  rip = 0xffffffff80bb03ea in vm_object_zdtor
> (/usr/src/sys/vm/vm_object.c:169); saved rip 0xffffffff80b9
> d3d0
>                                   called by frame at
> 0xfffffe0232d60430, caller of frame at 0xfffffe0232d603b0
>  source language minimal.
>  Arglist at 0xfffffe0232d603c0, args: mem=0xfffff8019f407400,
> size=<value optimized out>, arg=0xfffffe02
> 32d60190
>                                   Locals at 0xfffffe0232d603c0,
> Previous frame's sp is 0xfffffe0232d603d0
>  Saved registers:
>   rax at 0xfffffe0232d60210, rbx at 0xfffffe0232d603b8, rcx at
> 0xfffffe0232d601f8, rdx at 0xfffffe0232d6
> 01f0, rsi at 0xfffffe0232d601e8, rdi at 0xfffffe0232d601e0, rbp at
> 0xfffffe0232d603c0, r8 at 0xfffffe0232d60200, r9 at
> 0xfffffe0232d60208, r10 at 0xfffffe0232d60228, r11 at
> 0xfffffe0232d60230, r12 at 0xfffffe0232d60318, r13 at
> 0xfffffe0232d60240, r14 at 0xfffffe0232d60390, r15 at
> 0xfffffe0232d60398, rip at 0xfffffe0232d603c8, eflags at
> 0xfffffe0232d60288, cs at 0xfffffe0232d60280, ss at 0xfffffe0232d60298
> 
> 
> 
> -- 
> Eitan Adler
> _______________________________________________
> freebsd-current_at_freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org"
Received on Sun May 10 2015 - 18:11:04 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:57 UTC