Site Navigation

Date:      Sun, 20 May 2018 14:34:02 +0000
From:      bugzilla-noreply@freebsd.org
To:        fs@FreeBSD.org
Subject:   [Bug 227784] zfs: Fatal trap 9: general protection fault while in kernel mode on shutdown
Message-ID:  <bug-227784-3630-dD76Zt8vZ5@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-227784-3630@https.bugs.freebsd.org/bugzilla/>
References:  <bug-227784-3630@https.bugs.freebsd.org/bugzilla/>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D227784

--- Comment #7 from Eitan Adler <eadler@FreeBSD.org> ---
Unfortunately I no longer have this specific crash, but I do have two crash=
es
that look similar on shutdown.

----
CrashB("shutdown"):

#11 _rw_wlock_cookie (c=3D0xdeadc0dedeadc286, file=3D0xffffffff81286e05
"/usr/src/sys/net/if.c", line=3D3646) at /usr/src/sys/kern/kern_rwlock.c:279
        rw =3D 0xdeadc0dedeadc26e
        v =3D <optimized out>
        tid =3D <optimized out>
#12 0xffffffff80c6e48b in if_delmulti_ifma (ifma=3D0xfffff8001f2cfb00) at
/usr/src/sys/net/if.c:3646
        ifp =3D 0xdeadc0dedeadc0de
        lastref =3D <optimized out>
#13 0xffffffff80daf699 in in6m_release (inm=3D<optimized out>) at
/usr/src/sys/netinet6/in6_mcast.c:545
        ifma =3D 0xfffff8001f2cfb00
        ifp =3D <optimized out>
        saved_vnet =3D 0x0
#14 in6m_release_task (arg=3D<optimized out>) at
/usr/src/sys/netinet6/in6_mcast.c:617
        inm =3D <optimized out>
        in6m_free_tmp =3D {
          slh_first =3D 0xfffff800071bfc00
        }
        tinm =3D 0x0
#15 0xffffffff80bb0c99 in gtaskqueue_run_locked (queue=3D0xfffff80003752b00=
) at
/usr/src/sys/kern/subr_gtaskqueue.c:332
        tb_first =3D <optimized out>
        gtask =3D 0xffffffff81f9d6d8 <free_gtask>
        tb =3D <optimized out>
#16 0xffffffff80bb0a18 in gtaskqueue_thread_loop (arg=3D<optimized out>) at
/usr/src/sys/kern/subr_gtaskqueue.c:507
        tqp =3D <optimized out>
        tq =3D 0xfffff80003752b00
#17 0xffffffff80b2d074 in fork_exit (callout=3D0xffffffff80bb0990
<gtaskqueue_thread_loop>, arg=3D0xfffffe00bbcc6008, frame=3D0xfffffe00004b9=
ac0)
    at /usr/src/sys/kern/kern_fork.c:1039
        td =3D 0xfffff8000387a000
        p =3D 0xffffffff81feeaa0 <proc0>
        dtd =3D <optimized out>
#18 <signal handler called>
-------

CrashC("shutdown-crash-3") crashes gdb so no further debugging information.
This is fro the minidump

(kgdb) #0  __curthread () at ./machine/pcpu.h:231
#1  doadump (textdump=3D1) at /usr/src/sys/kern/kern_shutdown.c:366
#2  0xffffffff80432eac in db_fncall_generic (addr=3D<optimized out>,
    rv=3D<optimized out>, nargs=3D<optimized out>, args=3D<optimized out>)
    at /usr/src/sys/ddb/db_command.c:609
#3  db_fncall (dummy1=3D<optimized out>, dummy2=3D<optimized out>,
    dummy3=3D<optimized out>, dummy4=3D<optimized out>)
    at /usr/src/sys/ddb/db_command.c:657
#4  0xffffffff804329dd in db_command (last_cmdp=3D<optimized out>,
    cmd_table=3D<optimized out>, dopager=3D<optimized out>)
    at /usr/src/sys/ddb/db_command.c:481
#5  0xffffffff80432774 in db_command_loop ()
    at /usr/src/sys/ddb/db_command.c:534
#6  0xffffffff8043595f in db_trap (type=3D<optimized out>, code=3D<optimize=
d out>)
    at /usr/src/sys/ddb/db_main.c:250
#7  0xffffffff80b9c8b3 in kdb_trap (type=3D9, code=3D0, tf=3D<optimized out=
>)
    at /usr/src/sys/kern/subr_kdb.c:697
#8  0xffffffff81010a8f in trap_fatal (frame=3D0xfffffe00bdb58890,
    eva=3D<optimized out>) at /usr/src/sys/amd64/amd64/trap.c:872
#9  0xffffffff8101006d in trap (frame=3D0xfffffe00bdb58890)
    at /usr/src/sys/amd64/amd64/trap.c:205
#10 <signal handler called>
#11 _sx_xlock (sx=3D0xdeadc0dedeadd47e, opts=3D0,
    file=3D0xffffffff827445a7
"/usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/refcount.c", line=
=3D162)
at /usr/src/sys/kern/kern_sx.c:320
#12 0xffffffff826772da in refcount_remove_many (rc=3D0xdeadc0dedeadd47e,
    number=3D1, holder=3D0xfffff80045e39400)
    at /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/refcount.c:1=
62
#13 0xffffffff8264bd7c in dsl_dir_evict_async (dbu=3D0xfffff80045e39400)
    at /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dsl_dir.c:158
#14 0xffffffff80baf95c in taskqueue_run_locked (queue=3D0xfffff80035845300)
    at /usr/src/sys/kern/subr_taskqueue.c:465
#15 0xffffffff80bb0728 in taskqueue_thread_loop (arg=3D<optimized out>)
    at /usr/src/sys/kern/subr_taskqueue.c:757
#16 0xffffffff80b17f04 in fork_exit (
    callout=3D0xffffffff80bb06a0 <taskqueue_thread_loop>,
    arg=3D0xfffff8000511d0b0, frame=3D0xfffffe00bdb58ac0)
    at /usr/src/sys/kern/kern_fork.c:1039
#17 <signal handler called>

--=20
You are receiving this mail because:
You are the assignee for the bug.=

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-227784-3630-dD76Zt8vZ5>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact