Date: Wed, 28 Jan 2015 21:04:42 +0200 From: Konstantin Belousov <kostikbel@gmail.com> To: Gleb Smirnoff <glebius@FreeBSD.org> Cc: current@FreeBSD.org Subject: Re: panic in softdep_slowdown() Message-ID: <20150128190441.GO42409@kib.kiev.ua> In-Reply-To: <20150128182230.GB15484@glebius.int.ru> References: <20150127203103.GZ15484@glebius.int.ru> <20150128104842.GL42409@kib.kiev.ua> <20150128182230.GB15484@glebius.int.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 28, 2015 at 09:22:30PM +0300, Gleb Smirnoff wrote: > On Wed, Jan 28, 2015 at 12:48:42PM +0200, Konstantin Belousov wrote: > K> > Stopped at softdep_slowdown+0x1d3: idivl %ecx,%eax > K> > db> bt > K> > Tracing pid 49 tid 100045 td 0xfffff800026ee000 > K> > softdep_slowdown() at softdep_slowdown+0x1d3/frame 0xfffffe001eb5f2b0 > K> > ffs_truncate() at ffs_truncate+0x1be/frame 0xfffffe001eb5f640 > K> > ufs_setattr() at ufs_setattr+0x4e5/frame 0xfffffe001eb5f6a0 > K> > VOP_SETATTR_APV() at VOP_SETATTR_APV+0x22a/frame 0xfffffe001eb5f710 > K> > VOP_SETATTR() at VOP_SETATTR+0x45/frame 0xfffffe001eb5f760 > K> > vn_truncate() at vn_truncate+0x196/frame 0xfffffe001eb5f870 > K> > fo_truncate() at fo_truncate+0x41/frame 0xfffffe001eb5f8b0 > K> > kern_ftruncate() at kern_ftruncate+0x16d/frame 0xfffffe001eb5f920 > K> > sys_ftruncate() at sys_ftruncate+0x27/frame 0xfffffe001eb5f940 > K> > syscallenter() at syscallenter+0x46e/frame 0xfffffe001eb5f9b0 > K> > amd64_syscall() at amd64_syscall+0x1f/frame 0xfffffe001eb5fab0 > K> > Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe001eb5fab0 > K> > --- syscall (480, FreeBSD ELF64, sys_ftruncate), rip = 0x800b511fa, rsp = 0x7fffffffe998, rbp = 0x7fffffffeb90 --- > K> > db> call doadump > K> > Dumping 60 out of 495 MB:..27%..54%..80% > K> > Dump complete > K> > = 0 > K> > db> > K> > > K> > I've got the core file. > K> > K> At least the source line for the panic is needed. > K> Also, print out the value of stat_flush_threads. > > (kgdb) fr 11 > #11 0xffffffff80895d63 in softdep_slowdown (vp=0xfffff800028011d8) > at /usr/src/ifnet/sys/ufs/ffs/ffs_softdep.c:13055 > 13055 if (dep_current[D_DIRREM] < max_softdeps_hard / 2 && > (kgdb) p dep_current > $1 = {1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, > 0, 0, 0, 0} > (kgdb) p max_softdeps_hard > $2 = 153357 > (kgdb) p *ump > $4 = {um_mountp = 0xfffff80002707330, um_dev = 0xfffff800026cbc00, > um_cp = 0xfffff80002717480, um_bo = 0xfffff8000271edb8, > um_devvp = 0xfffff8000271ece8, um_fstype = 2, um_fs = 0xfffff8000273b000, > um_extattr = {uepm_lock = {lock_object = {lo_name = 0x0, lo_flags = 0, > lo_data = 0, lo_witness = 0x0}, sx_lock = 0}, uepm_list = { > lh_first = 0x0}, uepm_ucred = 0x0, uepm_flags = 0}, um_nindir = 4096, > um_bptrtodb = 3, um_seqinc = 8, um_lock = {lock_object = { > lo_name = 0xffffffff80a53d30 "FFS", lo_flags = 16973824, lo_data = 0, > lo_witness = 0xfffffe00008e3400}, mtx_lock = 4}, um_fsckpid = 0, > um_softdep = 0xfffff800027a0200, um_quotas = {0x0, 0x0}, um_cred = {0x0, > 0x0}, um_btime = {0, 0}, um_itime = {0, 0}, um_qflags = "\000", > um_savedmaxfilesize = 0, um_candelete = 0, um_writesuspended = 0, > um_balloc = 0xffffffff8086eb90 <ffs_balloc_ufs2>, > um_blkatoff = 0xffffffff808a8170 <ffs_blkatoff>, > um_truncate = 0xffffffff808717b0 <ffs_truncate>, > um_update = 0xffffffff80871090 <ffs_update>, > um_valloc = 0xffffffff808660c0 <ffs_valloc>, > um_vfree = 0xffffffff808677b0 <ffs_vfree>, > um_ifree = 0xffffffff808af420 <ffs_ifree>, > um_rdonly = 0xffffffff808741c0 <ffs_rdonly>, > um_snapgone = 0xffffffff80879b70 <ffs_snapgone>} > (kgdb) p stat_flush_threads > $5 = 1 > > I can't see where integer divide fault can happen with stat_flush_threads=1 :( Look at the exact asm instruction which faulted, also look at the registers content. It might be hypervisor bug, after all.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150128190441.GO42409>