From owner-svn-src-all@FreeBSD.ORG  Wed Jun 10 19:09:32 2015
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 0F3F2F82;
 Wed, 10 Jun 2015 19:09:32 +0000 (UTC)
 (envelope-from mjguzik@gmail.com)
Received: from mail-wi0-x22b.google.com (mail-wi0-x22b.google.com
 [IPv6:2a00:1450:400c:c05::22b])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 96FDC10DC;
 Wed, 10 Jun 2015 19:09:31 +0000 (UTC)
 (envelope-from mjguzik@gmail.com)
Received: by wibut5 with SMTP id ut5so57565563wib.1;
 Wed, 10 Jun 2015 12:09:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:content-disposition:content-transfer-encoding
 :in-reply-to:user-agent;
 bh=1DicaDYEpa0uP6YvuNy76ZU3Ki9xBrAghb4+Sr86poM=;
 b=E/50iKTqaiU+WQrIYU6RtVB3vc0VxfOifIQWXCe9hNsiviN942D6t8GNAW1iL6I7WM
 xwEOxANnGomnlJ8Ggxef4x52oFbZtK1z59H0kmJyhuqfRlDryjCAnJ9ijUYYd7wWvMWD
 yz9ydRVoEY435YeHjMIh4ONEN6VMH7SPzXvMAIHATIdKw/bEtSVgkuam1SqNPYZbhpmM
 38XyU4XFMR2UWQEjQqlhODa5OE9zTuLSYoOhixrFeChFVxT6SveXPnTWGohIufKqqR4G
 utBWbrLv4nZxG6IAisvB9LFBPm6b+uhVSR1nAcuz/NQWd9wlzynBtl9AbJdjtmGQswlB
 sVaw==
X-Received: by 10.194.177.133 with SMTP id cq5mr8590770wjc.145.1433963370067; 
 Wed, 10 Jun 2015 12:09:30 -0700 (PDT)
Received: from dft-labs.eu (n1x0n-1-pt.tunnel.tserv5.lon1.ipv6.he.net.
 [2001:470:1f08:1f7::2])
 by mx.google.com with ESMTPSA id r6sm9298522wiy.13.2015.06.10.12.09.27
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Wed, 10 Jun 2015 12:09:28 -0700 (PDT)
Date: Wed, 10 Jun 2015 21:09:25 +0200
From: Mateusz Guzik <mjguzik@gmail.com>
To: Ivan Klymenko <fidaj@ukr.net>
Cc: Mateusz Guzik <mjg@FreeBSD.org>, src-committers@freebsd.org,
 svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject: Re: svn commit: r284215 - in head/sys: amd64/linux32 compat/linux
 compat/svr4 dev/drm2/i915 fs/fdescfs i386/ibcs2 i386/linux kern
 ofed/drivers/infiniband/core ofed/drivers/infiniband/hw/mthca sys vm
Message-ID: <20150610190925.GD23380@dft-labs.eu>
References: <201506101048.t5AAmD1O029382@svn.freebsd.org>
 <20150610214757.59a4b2d0@nonamehost.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20150610214757.59a4b2d0@nonamehost.local>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jun 2015 19:09:32 -0000

On Wed, Jun 10, 2015 at 09:47:57PM +0300, Ivan Klymenko wrote:
> Wed, 10 Jun 2015 10:48:13 +0000 (UTC)
> Mateusz Guzik <mjg@FreeBSD.org> написав:
> 
> > kern_resource.c
> 
> I get another panic - this time with VirtualBox:
> 
> nonamehost.local dumped core - see /var/crash/vmcore.0
> 
> Wed Jun 10 21:38:13 EEST 2015
> 
> FreeBSD nonamehost.local 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r284222M: Wed Jun 10 17:58:54 EEST 2015     ivan@nonamehost.local:/media/da0s1/obj/usr/src/sys/mk11  amd64
> 
> panic: page fault
> 
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for details.
> This GDB was configured as "amd64-marcel-freebsd"...
> 
> Unread portion of the kernel message buffer:
> 
> 
> Fatal trap 12: page fault while in kernel mode
> cpuid = 3; apic id = 03
> fault virtual address	= 0x20030020
> fault code		= supervisor read data, page not present
> instruction pointer	= 0x20:0xffffffff809cfb1a
> stack pointer	        = 0x28:0xfffffe01aa0f95c0
> frame pointer	        = 0x28:0xfffffe01aa0f95e0
> code segment		= base 0x0, limit 0xfffff, type 0x1b
> 			= DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags	= interrupt enabled, resume, IOPL = 0
> current process		= 8647 (VirtualBox)
> trap number		= 12
> panic: page fault
> cpuid = 3
> KDB: stack backtrace:
> #0 0xffffffff80a17c27 at kdb_backtrace+0x67
> #1 0xffffffff809d3f79 at vpanic+0x189
> #2 0xffffffff809d3de3 at panic+0x43
> #3 0xffffffff80e73b35 at trap_fatal+0x355
> #4 0xffffffff80e73e6e at trap_pfault+0x31e
> #5 0xffffffff80e734d4 at trap+0x464
> #6 0xffffffff80e57422 at calltrap+0x8
> #7 0xffffffff8244eb94 at rtR0MemObjNativeMapUser+0xa4
> #8 0xffffffff8244d935 at RTR0MemObjMapUserTag+0x135
> #9 0xffffffff82435382 at SUPR0GipMap+0x152
> #10 0xffffffff82431311 at supdrvIOCtlInnerUnrestricted+0xa11
> #11 0xffffffff8243b515 at VBoxDrvFreeBSDIOCtl+0x1b5
> #12 0xffffffff80897dab at devfs_ioctl_f+0x13b
> #13 0xffffffff80a35ee1 at kern_ioctl+0x401
> #14 0xffffffff80a35a33 at sys_ioctl+0x153
> #15 0xffffffff80e74579 at amd64_syscall+0x3e9
> #16 0xffffffff80e5770b at Xfast_syscall+0xfb
> Uptime: 3h23m47s
> Dumping 998 out of 6047 MB:..2%..12%..21%..31%..41%..52%..61%..71%..81%..92%
> 
> 221	pcpu.h: No such file or directory.
> 	in pcpu.h
> (kgdb) #0  doadump (textdump=<value optimized out>) at pcpu.h:221
> #1  0xffffffff809d3a7d in kern_reboot (howto=260)
>     at /usr/src/sys/kern/kern_shutdown.c:447
> #2  0xffffffff809d3fb8 in vpanic (fmt=<value optimized out>, 
>     ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:744
> #3  0xffffffff809d3de3 in panic (fmt=0x0)
>     at /usr/src/sys/kern/kern_shutdown.c:675
> #4  0xffffffff80e73b35 in trap_fatal (frame=<value optimized out>, 
>     eva=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:853
> #5  0xffffffff80e73e6e in trap_pfault (frame=0xfffffe01aa0f9510, 
>     usermode=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:676
> #6  0xffffffff80e734d4 in trap (frame=0xfffffe01aa0f9510)
>     at /usr/src/sys/amd64/amd64/trap.c:426
> #7  0xffffffff80e57422 in calltrap ()
>     at /usr/src/sys/amd64/amd64/exception.S:235
> #8  0xffffffff809cfb1a in lim_max (td=0xfffff8008e3b4a70, which=2)
>     at /usr/src/sys/kern/kern_resource.c:1209
> #9  0xffffffff8244eb94 in rtR0MemObjNativeMapUser ()
>    from /boot/modules/vboxdrv.ko
> #10 0xffffffff8244d935 in RTR0MemObjMapUserTag ()
>    from /boot/modules/vboxdrv.ko
> #11 0xffffffff82435382 in SUPR0GipMap () from /boot/modules/vboxdrv.ko
> #12 0xffffffff82431311 in supdrvIOCtlInnerUnrestricted ()
>    from /boot/modules/vboxdrv.ko
> #13 0xffffffff8243b515 in VBoxDrvFreeBSDIOCtl () from /boot/modules/vboxdrv.ko
> #14 0xffffffff80897dab in devfs_ioctl_f (fp=0xfffff8008e3b4a70, 
>     com=18446744073709551615, data=0x1, cred=<value optimized out>, 
>     td=0xfffff80027d64000) at /usr/src/sys/fs/devfs/devfs_vnops.c:806
> #15 0xffffffff80a35ee1 in kern_ioctl (td=0xfffff8005dedc980, 
>     fd=<value optimized out>, com=2, data=<value optimized out>) at file.h:326
> #16 0xffffffff80a35a33 in sys_ioctl (td=0xfffff8005dedc980, 
>     uap=0xfffffe01aa0f9a40) at /usr/src/sys/kern/sys_generic.c:722
> #17 0xffffffff80e74579 in amd64_syscall (td=0xfffff8005dedc980, traced=0)
>     at subr_syscall.c:133
> #18 0xffffffff80e5770b in Xfast_syscall ()
>     at /usr/src/sys/amd64/amd64/exception.S:395
> #19 0x000000080129b6ca in ?? ()
> Previous frame inner to this frame (corrupt stack?)
> Current language:  auto; currently minimal
> (kgdb) 

Have you recompiled the module after you updated the kernel?

Quick guess suggests that the passed pointer is to struct proc, while
the function in question now expects struct thread.

lim_max_proc can be used instead if thread pointer is not suitable.

-- 
Mateusz Guzik <mjguzik gmail.com>