Bug 204254 - page fault kernel panic on ZFS operations
Summary: page fault kernel panic on ZFS operations
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 10.2-RELEASE
Hardware: amd64 Any
: --- Affects Only Me
Assignee: freebsd-fs (Nobody)
URL:
Keywords: crash
Depends on:
Blocks:
 
Reported: 2015-11-03 15:35 UTC by Swift Griggs
Modified: 2022-10-17 07:20 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Swift Griggs 2015-11-03 15:35:29 UTC
Crash and core dump from zfs. Here is the info from kgdb:

Uptime: 20m24s
Freed UMA keg (zfs_znode_cache) was not empty (9 items).  Lost 1 pages of memory.


Fatal trap 12: page fault while in kernel mode
cpuid = 3; apic id = 03
fault virtual address   = 0x20
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff81c983c7
stack pointer           = 0x28:0xfffffe0228a4df40
frame pointer           = 0x28:0xfffffe0228a4df50
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 73 (zfs)
trap number             = 12
panic: page fault
cpuid = 3
KDB: stack backtrace:
#0 0xffffffff80984e30 at kdb_backtrace+0x60
#1 0xffffffff809489e6 at vpanic+0x126
#2 0xffffffff809488b3 at panic+0x43
#3 0xffffffff80d4aadb at trap_fatal+0x36b
#4 0xffffffff80d4addd at trap_pfault+0x2ed
#5 0xffffffff80d4a47a at trap+0x47a
#6 0xffffffff80d307f2 at calltrap+0x8
#7 0xffffffff81a31087 at zfs_znode_free+0x87
#8 0xffffffff81a49a46 at zfs_rmnode+0x4d6
#9 0xffffffff81a6758e at zfs_freebsd_reclaim+0x4e
#10 0xffffffff80e73547 at VOP_RECLAIM_APV+0xa7
#11 0xffffffff809ec4f4 at vgonel+0x1b4
#12 0xffffffff809ec989 at vrecycle+0x59
#13 0xffffffff81a6752d at zfs_freebsd_inactive+0xd
#14 0xffffffff80e73437 at VOP_INACTIVE_APV+0xa7
#15 0xffffffff809eb2c2 at vinactive+0x102
#16 0xffffffff809eb6b2 at vputx+0x272
#17 0xffffffff81a4952b at zfs_unlinked_drain+0xbb

(kgdb) list *0xffffffff81c983c7
0xffffffff81c983c7 is in kmem_cache_free (/usr/src/sys/modules/opensolaris/../../cddl/compat/opensolaris/kern/opensolaris_kmem.c:206).
201
202     void
203     kmem_cache_free(kmem_cache_t *cache, void *buf)
204     {
205     #if defined(_KERNEL) && !defined(KMEM_DEBUG)
206             uma_zfree_arg(cache->kc_zone, buf, cache);
207     #else
208             if (cache->kc_destructor != NULL)
209                     kmem_std_destructor(buf, cache->kc_size, cache);
210             kmem_free(buf, cache->kc_size);
Current language:  auto; currently minimal

(kgdb) backtrace
#0  doadump (textdump=<value optimized out>) at pcpu.h:219
#1  0xffffffff80948642 in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:451
#2  0xffffffff80948a25 in vpanic (fmt=<value optimized out>, ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:758
#3  0xffffffff809488b3 in panic (fmt=0x0) at /usr/src/sys/kern/kern_shutdown.c:687
#4  0xffffffff80d4aadb in trap_fatal (frame=<value optimized out>, eva=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:851
#5  0xffffffff80d4addd in trap_pfault (frame=0xfffffe0228a4de90, usermode=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:674
#6  0xffffffff80d4a47a in trap (frame=0xfffffe0228a4de90) at /usr/src/sys/amd64/amd64/trap.c:440
#7  0xffffffff80d307f2 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:236
#8  0xffffffff81c983c7 in kmem_cache_free (cache=0x0, buf=0xfffff8000d2bbcf0)
    at /usr/src/sys/modules/opensolaris/../../cddl/compat/opensolaris/kern/opensolaris_kmem.c:204
#9  0xffffffff81a31087 in zfs_znode_free (zp=0xfffff8000d2bbcf0) at /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c:1428
#10 0xffffffff81a49a46 in zfs_rmnode (zp=0xfffff8000d2bbcf0) at /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_dir.c:684
#11 0xffffffff81a6758e in zfs_freebsd_reclaim (ap=<value optimized out>)
    at /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:6569
#12 0xffffffff80e73547 in VOP_RECLAIM_APV (vop=<value optimized out>, a=<value optimized out>) at vnode_if.c:2019
#13 0xffffffff809ec4f4 in vgonel (vp=0xfffff8000d2be3b0) at vnode_if.h:830
#14 0xffffffff809ec989 in vrecycle (vp=0xfffff8000d2be3b0) at /usr/src/sys/kern/vfs_subr.c:2703
#15 0xffffffff81a6752d in zfs_freebsd_inactive (ap=<value optimized out>)
    at /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:6540
#16 0xffffffff80e73437 in VOP_INACTIVE_APV (vop=<value optimized out>, a=<value optimized out>) at vnode_if.c:1953
#17 0xffffffff809eb2c2 in vinactive (vp=0xfffff8000d2be3b0, td=0xfffff8000d50a000) at vnode_if.h:807
#18 0xffffffff809eb6b2 in vputx (vp=0xfffff8000d2be3b0, func=1) at /usr/src/sys/kern/vfs_subr.c:2306
#19 0xffffffff81a4952b in zfs_unlinked_drain (zfsvfs=0xfffff800c00a6000)
    at /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_dir.c:514
#20 0xffffffff81a5c3e5 in zfsvfs_setup (zfsvfs=0xfffff800c00a6000, mounting=<value optimized out>)
    at /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c:1040
#21 0xffffffff81a5d6b8 in zfs_mount (vfsp=0xfffff800c00a5990) at /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c:1221
#22 0xffffffff809e3066 in vfs_donmount (td=0xfffff8000d50a000, fsflags=<value optimized out>, fsoptions=0xfffff8006bbb6c00)
    at /usr/src/sys/kern/vfs_mount.c:818
#23 0xffffffff809e20a1 in sys_nmount (td=0xfffff8000d50a000, uap=<value optimized out>) at /usr/src/sys/kern/vfs_mount.c:417
#24 0xffffffff80d4b3f7 in amd64_syscall (td=0xfffff8000d50a000, traced=0) at subr_syscall.c:134
#25 0xffffffff80d30adb in Xfast_syscall () at /usr/src/sys/amd64/amd64/exception.S:396
#26 0x000000080192a5da in ?? ()
Previous frame inner to this frame (corrupt stack?)