kernel stack overflow when running lua tests on FreeBSD

[mjguzik]

The kernel has debug on.

Test: /gh-zfs/tests/zfs-tests/tests/functional/channel_program/lua_core/tst.return_large (run as root) [00:01] [PASS]
Test: /gh-zfs/tests/zfs-tests/tests/functional/channel_program/lua_core/tst.return_nvlist_neg (run as root) [00:07] [PASS]
Test: /gh-zfs/tests/zfs-tests/tests/functional/channel_program/lua_core/tst.return_nvlist_pos (run as root) [00:35] [PASS]
Fatal double fault
rip 0xffffffff8066b0bb rsp 0xfffffe00e575ff60 rbp 0xfffffe00e5760020
rax 0 rdx 0xffffffff80b79ef9 rbx 0x8005f35a8
rcx 0xffffffff80b2e3ad rsi 0x5 rdi 0
r8 0x5 r9 0 r10 0xffffffff80b79ef9
r11 0xffffffff80b2e3ad r12 0x7fffffffa720 r13 0
r14 0x5 r15 0x48 rflags 0x10286
cs 0x20 ss 0x28 ds 0x3b es 0x3b fs 0x13 gs 0x1b
fsbase 0x80024aa20 gsbase 0xffffffff8161d000 kgsbase 0
cpuid = 13; apic id = 0d
panic: double fault
cpuid = 13
time = 1605325819
KDB: enter: panic
[ thread pid 55028 tid 101555 ]
Stopped at breakpoint+0x5: popq %rbp
db> bt
Tracing pid 55028 tid 101555 td 0xfffffe00d6b89100
breakpoint() at breakpoint+0x5/frame 0xfffffe003962cc00
kdb_enter() at kdb_enter+0x60/frame 0xfffffe003962cc20
vpanic() at vpanic+0x25e/frame 0xfffffe003962ccd0
doadump() at doadump/frame 0xfffffe003962cd30
rdmsr() at rdmsr/frame 0xfffffe003962cf20
Xdblfault() at Xdblfault+0xd7/frame 0xfffffe003962cf20
--- trap 0x17, rip = 0xffffffff8066b0bb, rsp = 0xfffffe00e575ff60, rbp = 0xfffffe00e5760020 ---
witness_warn() at witness_warn+0xb/frame 0xfffffe00e5760020
uma_zalloc_debug() at uma_zalloc_debug+0x7a/frame 0xfffffe00e5760090
uma_zalloc_arg() at uma_zalloc_arg+0x6c/frame 0xfffffe00e57600f0
uma_zalloc() at uma_zalloc+0x27/frame 0xfffffe00e5760120
malloc() at malloc+0x119/frame 0xfffffe00e5760190
zfs_kmem_alloc() at zfs_kmem_alloc+0x69/frame 0xfffffe00e57601e0
zcp_lua_alloc() at zcp_lua_alloc+0x186/frame 0xfffffe00e57602b0
luaM_realloc_() at luaM_realloc_+0x6e/frame 0xfffffe00e5760300
luaC_newobj() at luaC_newobj+0x4a/frame 0xfffffe00e5760360
createstrobj() at createstrobj+0x55/frame 0xfffffe00e57603c0
newshrstr() at newshrstr+0xa8/frame 0xfffffe00e5760410
internshrstr() at internshrstr+0x121/frame 0xfffffe00e5760460
luaS_newlstr() at luaS_newlstr+0x30/frame 0xfffffe00e57604a0
pushstr() at pushstr+0x3f/frame 0xfffffe00e57604e0
luaO_pushvfstring() at luaO_pushvfstring+0x9e/frame 0xfffffe00e5760620
lua_pushfstring() at lua_pushfstring+0x6b/frame 0xfffffe00e5760690
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3c9/frame 0xfffffe00e5760790
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5760850
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5760950
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5760a10
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5760b10
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5760bd0
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5760cd0
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5760d90
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5760e90
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5760f50
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5761050
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5761110
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5761210
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e57612d0
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e57613d0
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5761490
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5761590
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5761650
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5761750
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5761810
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5761910
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e57619d0
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5761ad0
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5761b90
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5761c90
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5761d50
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5761e50
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5761f10
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5762010
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e57620d0
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e57621d0
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5762290
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5762390
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5762450
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5762550
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5762610
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5762710
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e57627d0
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e57628d0
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5762990
zcp_table_to_nvlist() at zcp_table_to_nvlist+0x3f5/frame 0xfffffe00e5762a90
zcp_lua_to_nvlist_impl() at zcp_lua_to_nvlist_impl+0x16f/frame 0xfffffe00e5762b50
zcp_lua_to_nvlist() at zcp_lua_to_nvlist+0x33/frame 0xfffffe00e5762b90
zcp_lua_to_nvlist_helper() at zcp_lua_to_nvlist_helper+0x46/frame 0xfffffe00e5762bc0
luaD_precall() at luaD_precall+0x18f/frame 0xfffffe00e5762c40
luaD_call() at luaD_call+0x118/frame 0xfffffe00e5762c70
f_call() at f_call+0x36/frame 0xfffffe00e5762ca0
luaD_rawrunprotected() at luaD_rawrunprotected+0x6e/frame 0xfffffe00e5762d40
luaD_pcall() at luaD_pcall+0x6b/frame 0xfffffe00e5762da0
lua_pcallk() at lua_pcallk+0xce/frame 0xfffffe00e5762e10
zcp_convert_return_values() at zcp_convert_return_values+0xe1/frame 0xfffffe00e5762e80
zcp_eval_impl() at zcp_eval_impl+0x21d/frame 0xfffffe00e5762fb0
zcp_eval_open() at zcp_eval_open+0xb9/frame 0xfffffe00e5763000
zcp_eval() at zcp_eval+0xd80/frame 0xfffffe00e5763340
zfs_ioc_channel_program() at zfs_ioc_channel_program+0x1cd/frame 0xfffffe00e57633c0
zfsdev_ioctl_common() at zfsdev_ioctl_common+0x6ac/frame 0xfffffe00e5763520
zfsdev_ioctl() at zfsdev_ioctl+0x216/frame 0xfffffe00e57635d0
devfs_ioctl() at devfs_ioctl+0x19e/frame 0xfffffe00e5763680
VOP_IOCTL_APV() at VOP_IOCTL_APV+0x165/frame 0xfffffe00e57636e0
VOP_IOCTL() at VOP_IOCTL+0x66/frame 0xfffffe00e5763760
vn_ioctl() at vn_ioctl+0x273/frame 0xfffffe00e5763890
devfs_ioctl_f() at devfs_ioctl_f+0x57/frame 0xfffffe00e57638e0
fo_ioctl() at fo_ioctl+0x3e/frame 0xfffffe00e5763920
kern_ioctl() at kern_ioctl+0x341/frame 0xfffffe00e57639b0
sys_ioctl() at sys_ioctl+0x2e1/frame 0xfffffe00e5763aa0
syscallenter() at syscallenter+0x633/frame 0xfffffe00e5763b40
amd64_syscall() at amd64_syscall+0x4b/frame 0xfffffe00e5763bf0
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00e5763bf0
--- syscall (54, FreeBSD ELF64, sys_ioctl), rip = 0x8007f006a, rsp = 0x7fffffffa6a8, rbp = 0x7fffffffa710 ---

System information

Type	Version/Name
Distribution Name
Distribution Version
Linux Kernel
Architecture
ZFS Version
SPL Version

Describe the problem you're observing

Describe how to reproduce the problem

Include any warning/errors/backtraces from the system logs

[mjguzik]

Got another one somewhere else, based on the backtrace I think the actual culprit is:

.if defined(WITH_DEBUG) && ${WITH_DEBUG} == "true"
CFLAGS+= -DINVARIANTS -DWITNESS -g -O0 -DZFS_DEBUG -DOPENSOLARIS_WITNESS
.else
CFLAGS += -DNDEBUG
.endif

As in -O0.

[behlendorf]

Should be resolved by #11213.