(kgdb) p/x *(struct vm_object *)0xffffffff81281580
$1 = {mtx = {lock_object = {lo_name = 0xffffffff80e54bbd,
lo_flags = 0x1430000, lo_data = 0x0, lo_witness = 0x0},
mtx_lock = 0xfffffe0006f44000}, object_list = {
tqe_next = 0xffffffff81281240, tqe_prev = 0xffffffff812814a0},
shadow_head = {lh_first = 0x0}, shadow_list = {le_next = 0x0,
le_prev = 0x0}, memq = {tqh_first = 0xfffffe00cfd3f880,
tqh_last = 0xfffffe00c9cac398}, root = 0xfffffe00cd733ab0,
size = 0x7ffffff, generation = 0x1, ref_count = 0x3f8, shadow_count = 0x0,
memattr = 0x6, type = 0x4, flags = 0x1000, pg_color = 0x0, pad1 = 0x0,
resident_page_count = 0x9b729, backing_object = 0x0,
backing_object_offset = 0x0, pager_object_list = {tqe_next = 0x0,
tqe_prev = 0x0}, rvq = {lh_first = 0xfffffe00c7dd2140}, cache = 0x0,
handle = 0x0, un_pager = {vnp = {vnp_size = 0x0, writemappings = 0x0},
devp = {devp_pglist = {tqh_first = 0x0, tqh_last = 0x0}, ops = 0x0},
sgp = {sgp_pglist = {tqh_first = 0x0, tqh_last = 0x0}}, swp = {
swp_bcount = 0x0}}, cred = 0x0, charge = 0x0, paging_in_progress = 0x1}
(kgdb) p/x *(struct vm_page *)0xfffffe00cd733ab0
$2 = {pageq = {tqe_next = 0x0, tqe_prev = 0xfffffe00c7e7d678}, listq = {
tqe_next = 0xfffffe00cd733b28, tqe_prev = 0xfffffe00cd7331d8},
left = 0xfffffe00c9b31c38, right = 0xfffffe00cd735c70,
object = 0xfffffffb81281580, pindex = 0x7495a, phys_addr = 0xbe95a000, md = {
pv_list = {tqh_first = 0x0, tqh_last = 0xfffffe00cd733af8},
pat_mode = 0x6}, queue = 0xff, segind = 0x2, hold_count = 0x0,
order = 0xd, pool = 0x0, cow = 0x0, wire_count = 0x0, aflags = 0x0,
flags = 0x0, oflags = 0x4, act_count = 0x0, busy = 0x0, valid = 0xff,
dirty = 0x0}
(kgdb) list *vm_page_free_toq+0x45
0xffffffff80b506f5 is in vm_page_free_toq (/usr/src/sys/vm/vm_page.c:1878).
warning: Source file is more recent than executable.
1873
1874 /*
1875 * If fictitious remove object association and
1876 * return, otherwise delay object association removal.
1877 */
1878 if ((m->flags & PG_FICTITIOUS) != 0) {
1879 return;
1880 }
1881
1882 m->valid = 0;
(kgdb)
-----Original Message-----
From: Konstantin Belousov [mailto:kostik...@gmail.com]
Sent: Wednesday, January 09, 2013 4:49 PM
To: Po-Li Soong
Cc: sta...@freebsd.org
Subject: Re: zio_done panic on unadulterated FreeBSD Release 9.1
On Wed, Jan 09, 2013 at 08:03:38PM +0000, Po-Li Soong wrote:
> Hi,
>
> My name is Po-Li Soong. I ran into a crash not long after installing the 9.1
> release on my home machine. I was performing a test run of file transfer with
> samba server running on the FreeBSD installation. The transfer rate was about
> 70-80 MB/sec. The core.txt is attached. If there are other crash dumps
> needed, please let me know.
>
> I first discussed this panic with Justin Gibbs, a coworker of mine at Spectra
> Logic. He referred me to this email address, suggesting that the information
> should be relevant to you. Thanks for the help.
>
> Regards,
>
> Po-Li Soong
>
> maestoso dumped core - see /var/crash/vmcore.0
>
> Sat Jan 5 19:53:24 MST 2013
>
> FreeBSD maestoso 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4
> 09:23:10 UTC 2012
> r...@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
>
> panic: page fault
>
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and
> you are welcome to change it and/or distribute copies of it under certain
> conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "amd64-marcel-freebsd"...
>
> Unread portion of the kernel message buffer:
>
>
> Fatal trap 12: page fault while in kernel mode cpuid = 1; apic id = 01
> fault virtual address = 0xfffffffb812815d8
> fault code = supervisor read data, page not present
> instruction pointer = 0x20:0xffffffff80b50597
> stack pointer = 0x28:0xffffff80fa3bc8d0
> frame pointer = 0x28:0xffffff80fa3bc900
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 0 (zio_write_intr_5)
> trap number = 12
> panic: page fault
> cpuid = 3
> KDB: stack backtrace:
> #0 0xffffffff809208a6 at kdb_backtrace+0x66
> #1 0xffffffff808ea8be at panic+0x1ce
> #2 0xffffffff80bd8240 at trap_fatal+0x290
> #3 0xffffffff80bd857d at trap_pfault+0x1ed
> #4 0xffffffff80bd8b9e at trap+0x3ce
> #5 0xffffffff80bc315f at calltrap+0x8
> #6 0xffffffff80b506f5 at vm_page_free_toq+0x45
> #7 0xffffffff80b4f276 at vm_object_page_remove+0x196
> #8 0xffffffff80b46b06 at vm_map_delete+0x316
> #9 0xffffffff80b46c11 at vm_map_remove+0x51
> #10 0xffffffff80b3a70a at uma_large_free+0x3a
> #11 0xffffffff808d589a at free+0x5a
> #12 0xffffffff8169b4ce at zio_done+0x2ee
> #13 0xffffffff81699063 at zio_execute+0xc3
> #14 0xffffffff8092cf55 at taskqueue_run_locked+0x85
> #15 0xffffffff8092ded6 at taskqueue_thread_loop+0x46
> #16 0xffffffff808bb9ef at fork_exit+0x11f
> #17 0xffffffff80bc368e at fork_trampoline+0xe
> Uptime: 3h19m34s
> Dumping 571 out of 3561
> MB:..3%..12%..23%..31%..42%..51%..62%..73%..82%..93%
>
> Reading symbols from /boot/kernel/zfs.ko...Reading symbols from
> /boot/kernel/zfs.ko.symbols...done.
> done.
> Loaded symbols for /boot/kernel/zfs.ko Reading symbols from
> /boot/kernel/opensolaris.ko...Reading symbols from
> /boot/kernel/opensolaris.ko.symbols...done.
> done.
> Loaded symbols for /boot/kernel/opensolaris.ko
> #0 doadump (textdump=Variable "textdump" is not available.
> ) at pcpu.h:224
> 224 pcpu.h: No such file or directory.
> in pcpu.h
> (kgdb) #0 doadump (textdump=Variable "textdump" is not available.
> ) at pcpu.h:224
> #1 0xffffffff808ea3a1 in kern_reboot (howto=260)
> at /usr/src/sys/kern/kern_shutdown.c:448
> #2 0xffffffff808ea897 in panic (fmt=0x1 <Address 0x1 out of bounds>)
> at /usr/src/sys/kern/kern_shutdown.c:636
> #3 0xffffffff80bd8240 in trap_fatal (frame=0xc, eva=Variable "eva" is not
> available.
> )
> at /usr/src/sys/amd64/amd64/trap.c:857
> #4 0xffffffff80bd857d in trap_pfault (frame=0xffffff80fa3bc820, usermode=0)
> at /usr/src/sys/amd64/amd64/trap.c:773
> #5 0xffffffff80bd8b9e in trap (frame=0xffffff80fa3bc820)
> at /usr/src/sys/amd64/amd64/trap.c:456
P
> #6 0xffffffff80bc315f in calltrap ()
> at /usr/src/sys/amd64/amd64/exception.S:228
> #7 0xffffffff80b50597 in vm_page_remove (m=0xfffffe00cd733ab0)
> at /usr/src/sys/vm/vm_page.c:975
> #8 0xffffffff80b506f5 in vm_page_free_toq (m=0xfffffe00cd733ab0)
> at /usr/src/sys/vm/vm_page.c:1872
> #9 0xffffffff80b4f276 in vm_object_page_remove (object=0xffffffff81281580,
> start=477512, end=477539, options=Variable "options" is not available.
> ) at /usr/src/sys/vm/vm_object.c:1899
> #10 0xffffffff80b46b06 in vm_map_delete (map=0xfffffe00020000e8,
> start=Variable "start" is not available.
> )
> at /usr/src/sys/vm/vm_map.c:2739
> #11 0xffffffff80b46c11 in vm_map_remove (map=0xfffffe00020000e8,
> start=18446743525909626880, end=18446743525909737472)
> at /usr/src/sys/vm/vm_map.c:2871
> #12 0xffffffff80b3a70a in uma_large_free (slab=0xfffffe00aceff8e0)
> at /usr/src/sys/vm/uma_core.c:3085
> #13 0xffffffff808d589a in free (addr=0xffffff8074948000,
> mtp=0xffffffff81747c20) at /usr/src/sys/kern/kern_malloc.c:572
> #14 0xffffffff8169b4ce in zio_done (zio=0xfffffe007a9906e0)
> at
> /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/
> zfs/zio.c:2960
> #15 0xffffffff81699063 in zio_execute (zio=0xfffffe007a9906e0)
> at
> /usr/src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/
> zfs/zio.c:1196
> #16 0xffffffff8092cf55 in taskqueue_run_locked (queue=0xfffffe0006ed9a00)
> at /usr/src/sys/kern/subr_taskqueue.c:308
> #17 0xffffffff8092ded6 in taskqueue_thread_loop (arg=Variable "arg" is not
> available.
> )
> at /usr/src/sys/kern/subr_taskqueue.c:497
> #18 0xffffffff808bb9ef in fork_exit (
> callout=0xffffffff8092de90 <taskqueue_thread_loop>,
> arg=0xfffffe0006c072e0, frame=0xffffff80fa3bcc40)
> at /usr/src/sys/kern/kern_fork.c:992
> #19 0xffffffff80bc368e in fork_trampoline ()
> at /usr/src/sys/amd64/amd64/exception.S:602
> #20 0x0000000000000000 in ?? ()
> #21 0x0000000000000000 in ?? ()
> #22 0x0000000000000000 in ?? ()
> #23 0x0000000000000000 in ?? ()
> #24 0x0000000000000000 in ?? ()
> #25 0x0000000000000000 in ?? ()
> #26 0x0000000000000000 in ?? ()
> #27 0x0000000000000000 in ?? ()
> #28 0x0000000000000000 in ?? ()
> #29 0x0000000000000000 in ?? ()
> #30 0x0000000000000000 in ?? ()
> #31 0x0000000000000000 in ?? ()
> #32 0x0000000000000000 in ?? ()
> #33 0x0000000000000000 in ?? ()
> #34 0x0000000000000000 in ?? ()
> #35 0x0000000000000000 in ?? ()
> #36 0x0000000000000000 in ?? ()
> #37 0x0000000000000000 in ?? ()
> #38 0x0000000000000000 in ?? ()
> #39 0x0000000000000000 in ?? ()
> #40 0x0000000000000000 in ?? ()
> #41 0x0000000000000000 in ?? ()
> #42 0x0000000000000000 in ?? ()
> #43 0x0000000000000000 in ?? ()
> #44 0xffffffff81242880 in tdq_cpu ()
> #45 0xffffffff81242880 in tdq_cpu ()
> #46 0xfffffe0006f44000 in ?? ()
> #47 0x0000000000000000 in ?? ()
> #48 0xffffff80fa3bc290 in ?? ()
> #49 0xffffff80fa3bc238 in ?? ()
> #50 0xfffffe00049a88e0 in ?? ()
> #51 0xffffffff8091352e in sched_switch (td=0xffffffff812228a0,
> newtd=0xfffffe0006c072e0, flags=Variable "flags" is not available.
> ) at /usr/src/sys/kern/sched_ule.c:1921
> Previous frame inner to this frame (corrupt stack?)
> (kgdb)
Please, at the kgdb prompt, do
p/x *(struct vm_object *)0xffffffff81281580 p/x *(struct vm_page
*)0xfffffe00cd733ab0 list *vm_page_free_toq+0x45
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
