Project

General

Profile

Actions

Bug #6330

closed

Freeze with

Added by Jan-Peter Koopmann almost 8 years ago. Updated almost 8 years ago.

Status:
Not a Bug
Priority:
Very High
Assignee:
-
Category:
Operating System
Target version:
-
Start date:
05/07/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:
amd64

Description

I had two kernel panics in the past 20 hours after upgrading to a newer 2.3.1 version (2.3.1.a.20160506.0040). Stack traces look slightly similar:

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x0
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff80d22566
stack pointer = 0x28:0xfffffe001a38c590
frame pointer = 0x28:0xfffffe001a38c770
code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 12 (irq260: igb2:que 0)
version.txt06000025412713111367 7616 ustarrootwheelFreeBSD 10.3-RELEASE #31 01118b4(RELENG_2_3): Thu Apr 28 03:57:55 CDT 2016
root@ce23-amd64-builder:/builder/pfsense/tmp/obj/builder/pfsense/tmp/FreeBSD-src/sys/pfSense

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x10
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff80bf7604
stack pointer = 0x28:0xfffffe00458f8310
frame pointer = 0x28:0xfffffe00458f8330
code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 68724 (pfctl)
version.txt06000025712713164773 7632 ustarrootwheelFreeBSD 10.3-RELEASE-p2 #50 3938f6f(RELENG_2_3): Fri May 6 01:18:07 CDT 2016
root@ce23-amd64-builder:/builder/pfsense/tmp/obj/builder/pfsense/tmp/FreeBSD-src/sys/pfSense

system freezes completly. No keyboard on the serial console is accepted. Only power down/up helps.

Actions #1

Updated by Chris Buechler almost 8 years ago

the two backtraces:


db:0:kdb.enter.default>  bt
Tracing pid 21034 tid 100546 td 0xfffff80051018960
bcmp() at bcmp+0x18/frame 0xfffffe0045796860
rn_addmask_r() at rn_addmask_r+0x13b/frame 0xfffffe00457968e0
rn_delete() at rn_delete+0xab/frame 0xfffffe0045796920
pfr_unroute_kentry() at pfr_unroute_kentry+0xf8/frame 0xfffffe0045796970
pfr_ina_commit() at pfr_ina_commit+0x3ab/frame 0xfffffe0045796a40
pfioctl() at pfioctl+0x4e3d/frame 0xfffffe00457977e0
devfs_ioctl_f() at devfs_ioctl_f+0x139/frame 0xfffffe0045797840
kern_ioctl() at kern_ioctl+0x255/frame 0xfffffe00457978b0
sys_ioctl() at sys_ioctl+0x15c/frame 0xfffffe0045797990
amd64_syscall() at amd64_syscall+0x40f/frame 0xfffffe0045797ab0
Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe0045797ab0

db:0:kdb.enter.default>  bt
Tracing pid 12 tid 100049 td 0xfffff8000357a960
pmap_kextract() at pmap_kextract+0x3c/frame 0xfffffe001c2848c0
bounce_bus_dmamap_load_buffer() at bounce_bus_dmamap_load_buffer+0x1bb/frame 0xfffffe001c284930
bus_dmamap_load_mbuf_sg() at bus_dmamap_load_mbuf_sg+0x72/frame 0xfffffe001c284990
igb_refresh_mbufs() at igb_refresh_mbufs+0x19e/frame 0xfffffe001c284a20
igb_rxeof() at igb_rxeof+0x808/frame 0xfffffe001c284ad0
igb_msix_que() at igb_msix_que+0x16d/frame 0xfffffe001c284b20
intr_event_execute_handlers() at intr_event_execute_handlers+0xab/frame 0xfffffe001c284b60
ithread_loop() at ithread_loop+0x96/frame 0xfffffe001c284bb0
fork_exit() at fork_exit+0x9a/frame 0xfffffe001c284bf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe001c284bf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---

discussing on forum.
https://forum.pfsense.org/index.php?topic=111428.0

Actions #2

Updated by Chris Buechler almost 8 years ago

  • Status changed from New to Not a Bug
  • Target version deleted (2.3.1)
  • Affected Version deleted (2.3.1)

Another crash, another completely diff bt.

db:0:kdb.enter.default>  bt
Tracing pid 4 tid 100016 td 0xfffff800032bc960
free_jsegs() at free_jsegs+0x1f9/frame 0xfffffe001b3c75e0
softdep_disk_write_complete() at softdep_disk_write_complete+0x717/frame 0xfffffe001b3c76b0
bufdone_finish() at bufdone_finish+0x33/frame 0xfffffe001b3c7710
bufdone() at bufdone+0x77/frame 0xfffffe001b3c7730
g_io_deliver() at g_io_deliver+0x244/frame 0xfffffe001b3c77b0
g_io_deliver() at g_io_deliver+0x244/frame 0xfffffe001b3c7830
g_io_deliver() at g_io_deliver+0x244/frame 0xfffffe001b3c78b0
g_io_deliver() at g_io_deliver+0x244/frame 0xfffffe001b3c7930
g_disk_done() at g_disk_done+0xfb/frame 0xfffffe001b3c7980
adadone() at adadone+0x45c/frame 0xfffffe001b3c79e0
xpt_done_process() at xpt_done_process+0x5ad/frame 0xfffffe001b3c7a20
xpt_done_td() at xpt_done_td+0x126/frame 0xfffffe001b3c7a70
fork_exit() at fork_exit+0x9a/frame 0xfffffe001b3c7ab0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe001b3c7ab0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---

and that was post-downgrading to 2.3.0, so issue as claimed doesn't exist.

Guessing this is a side effect of disabling additional cores in software in some edge case, or that in combination with #6296, or an unrelated hardware issue.

Actions

Also available in: Atom PDF