HEAD/i386 r320212: three reproducible panics
Oleg V. Nauman
oleg at theweb.org.ua
Fri Jun 30 15:50:30 UTC 2017
On Friday 30 June 2017 12:44:37 Hans Petter Selasky wrote:
Hello Hans,
> On 06/30/17 11:01, Oleg V. Nauman wrote:
> > On Friday 23 June 2017 19:42:55 Oleg V. Nauman wrote:
> >> a) Panic on shutdown:
> >> Fatal trap 1: privileged instruction fault while in kernel mode
> >> cpuid = 1; apic id = 01
> >> instruction pointer = 0x20:0xc6be2023
> >> stack pointer = 0x28:0xe13c39f4
> >> frame pointer = 0x28:0xe13c3a20
> >> code segment = base 0x0, limit 0xfffff, type 0x1b
> >>
> >> = DPL 0, pres 1, def32 1, gran 1
> >>
> >> processor eflags = interrupt enabled, resume, IOPL = 0
> >> current process = 11 (swi1: netisr 0)
> >> trap number = 1
> >> panic: privileged instruction fault
> >> cpuid = 1
> >> time = 1498206262
> >> Uptime: 6m19s
> >>
> >> The trace is:
> >> __curthread () at ./machine/pcpu.h:225
> >> 225 __asm("movl %%fs:%1,%0" : "=r" (td)
> >> (kgdb) #0 __curthread () at ./machine/pcpu.h:225
> >> #1 doadump (textdump=-968633472) at ../../../kern/kern_shutdown.c:318
> >> #2 0xc06e88c4 in kern_reboot (howto=<optimized out>)
> >>
> >> at ../../../kern/kern_shutdown.c:386
> >>
> >> #3 0xc06e8c5b in vpanic (fmt=<optimized out>,
> >>
> >> ap=0xe13c3874 "}\334\235\300H\254 \306\001")
> >> at ../../../kern/kern_shutdown.c:779
> >>
> >> #4 0xc06e8b1b in panic (fmt=0xc092e18e "%s")
> >>
> >> at ../../../kern/kern_shutdown.c:710
> >>
> >> #5 0xc08eed21 in trap_fatal (frame=0xe13c39b4, eva=<optimized out>)
> >>
> >> at ../../../i386/i386/trap.c:978
> >>
> >> #6 0xc08eea38 in trap (frame=<optimized out>)
> >>
> >> at ../../../i386/i386/trap.c:704
> >>
> >> #7 <signal handler called>
> >> #8 0xc6be2023 in ?? ()
> >> #9 0xc082ed53 in tcp_do_segment (m=<optimized out>, th=<optimized out>,
> >>
> >> so=<optimized out>, tp=<optimized out>, drop_hdrlen=<optimized out>,
> >> tlen=<optimized out>, iptos=<optimized out>,
> >> ti_locked=<error reading variable: Cannot access memory at address
> >> 0x1>)
> >>
> >> at ../../../netinet/tcp_input.c:2444
> >> #10 0xc082c181 in tcp_input (mp=<optimized out>, offp=<optimized out>,
> >>
> >> proto=<optimized out>) at ../../../netinet/tcp_input.c:1191
> >>
> >> #11 0xc0820878 in ip_input (m=0x0) at ../../../netinet/ip_input.c:823
> >> #12 0xc07d5d0f in netisr_process_workstream_proto (nwsp=<optimized out>,
> >>
> >> proto=<optimized out>) at ../../../net/netisr.c:899
> >>
> >> #13 swi_net (arg=<optimized out>) at ../../../net/netisr.c:946
> >> #14 0xc06bb3c5 in intr_event_execute_handlers (p=0x109, ie=<optimized
> >> out>)
> >>
> >> at ../../../kern/kern_intr.c:1336
> >>
> >> #15 0xc06bb5f0 in ithread_execute_handlers (ie=<optimized out>,
> >>
> >> p=<optimized out>) at ../../../kern/kern_intr.c:1349
> >>
> >> #16 ithread_loop (arg=0xc60e6d00) at ../../../kern/kern_intr.c:1430
> >> #17 0xc06b8a76 in fork_exit (callout=0xc06bb560 <ithread_loop>,
> >>
> >> arg=<optimized out>, frame=<optimized out>)
> >> at ../../../kern/kern_fork.c:1038
> >>
> >> #18 <signal handler called>
> >> (kgdb)
> >>
> > Interesting enough that panic triggered by named shutdown ( well, 'rndc
> >
> > flush' is triggering this panic too )
> >
> > rndc calling isc__app_ctxrun function and finally panics the system:
> > ---- lib/isc/unix/app.c ---
> >
> > return (ISC_R_UNEXPECTED);
> >
> > }
> >
> > #ifndef HAVE_UNIXWARE_SIGWAIT
> >
> > result = sigwait(&sset, &sig); <--- panic
> > if (result == 0) {
> >
> > ----------------------------
> >
> > variables are set to:
> > sset= {__bits = {16387, 0, 0, 0}}
> > sig = 134533280
>
> Here:
>
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220358
Subscribed && updated.
>
> Try to turn off hyperthreading to get a more sensible panic.
Done.
>
> Migh-t look like an issue with 32-bit systems and iflib.
I do not know if this related to iflib ; iflib functions were not mentioned
in backtraces.
>
> --HPS
--
Науман Олег
More information about the freebsd-current
mailing list