[Bug 236394] system crashes when deleting gre(4) interfaces
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Mar 8 15:03:00 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=236394
Bug ID: 236394
Summary: system crashes when deleting gre(4) interfaces
Product: Base System
Version: 12.0-RELEASE
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: bugs at FreeBSD.org
Reporter: emz at norma.perm.ru
After upgrade to 12.0-RELEASE I got repeatable, reproducible panics when
deleting gre interfaces. Paniv happens with about 66% probability: I got 2
immediate panics from 3 deletes.
System: FreeBSD moscow-alpha 12.0-RELEASE-p3 FreeBSD 12.0-RELEASE-p3 r344740
MOSCOW amd64
Backtrace:
===Cut===
[root at moscow-alpha:/var/crash]# cat core.txt.1 | more
moscow-alpha dumped core - see /var/crash/vmcore.1
Fri Mar 8 17:43:14 MSK 2019
FreeBSD moscow-alpha 12.0-RELEASE-p3 FreeBSD 12.0-RELEASE-p3 r344740 MOSCOW
amd64
panic: page fault
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...
Unread portion of the kernel message buffer:
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address = 0x218
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff80d3b437
stack pointer = 0x0:0xfffffe0040399a00
frame pointer = 0x0:0xfffffe0040399a30
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 0 (softirq_1)
trap number = 12
panic: page fault
cpuid = 1
time = 1552055867
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe00403996b0
vpanic() at vpanic+0x1a3/frame 0xfffffe0040399710
panic() at panic+0x43/frame 0xfffffe0040399770
trap_fatal() at trap_fatal+0x35f/frame 0xfffffe00403997c0
trap_pfault() at trap_pfault+0x49/frame 0xfffffe0040399820
trap() at trap+0x29e/frame 0xfffffe0040399930
calltrap() at calltrap+0x8/frame 0xfffffe0040399930
--- trap 0xc, rip = 0xffffffff80d3b437, rsp = 0xfffffe0040399a00, rbp =
0xfffffe0040399a30 ---
igmp_change_state() at igmp_change_state+0x47/frame 0xfffffe0040399a30
in_leavegroup_locked() at in_leavegroup_locked+0x96/frame 0xfffffe0040399a80
inp_freemoptions() at inp_freemoptions+0x1be/frame 0xfffffe0040399ad0
epoch_call_task() at epoch_call_task+0x1ea/frame 0xfffffe0040399b20
gtaskqueue_run_locked() at gtaskqueue_run_locked+0x144/frame 0xfffffe0040399b80
gtaskqueue_thread_loop() at gtaskqueue_thread_loop+0x98/frame
0xfffffe0040399bb0
fork_exit() at fork_exit+0x83/frame 0xfffffe0040399bf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0040399bf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
Uptime: 2d21h38m33s
Dumping 2169 out of 8147 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%
Reading symbols from /boot/kernel/ng_ether.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_ether.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_ether.ko
Reading symbols from /boot/kernel/netgraph.ko...Reading symbols from
/usr/lib/debug//boot/kernel/netgraph.ko.debug...done.
done.
Loaded symbols for /boot/kernel/netgraph.ko
Reading symbols from /boot/kernel/zfs.ko...Reading symbols from
/usr/lib/debug//boot/kernel/zfs.ko.debug...done.
done.
Loaded symbols for /boot/kernel/zfs.ko
Reading symbols from /boot/kernel/opensolaris.ko...Reading symbols from
/usr/lib/debug//boot/kernel/opensolaris.ko.debug...done.
done.
Loaded symbols for /boot/kernel/opensolaris.ko
Reading symbols from /boot/kernel/ng_iface.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_iface.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_iface.ko
Reading symbols from /boot/kernel/ichwd.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ichwd.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ichwd.ko
Reading symbols from /boot/kernel/geom_mirror.ko...Reading symbols from
/usr/lib/debug//boot/kernel/geom_mirror.ko.debug...done.
done.
Loaded symbols for /boot/kernel/geom_mirror.ko
Reading symbols from /boot/kernel/if_gre.ko...Reading symbols from
/usr/lib/debug//boot/kernel/if_gre.ko.debug...done.
done.
Loaded symbols for /boot/kernel/if_gre.ko
Reading symbols from /boot/kernel/uhid.ko...Reading symbols from
/usr/lib/debug//boot/kernel/uhid.ko.debug...done.
done.
Loaded symbols for /boot/kernel/uhid.ko
Reading symbols from /boot/kernel/ng_socket.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_socket.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_socket.ko
Reading symbols from /boot/kernel/ng_netflow.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_netflow.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_netflow.ko
Reading symbols from /boot/kernel/ng_ksocket.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_ksocket.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_ksocket.ko
Reading symbols from /boot/kernel/ng_mppc.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_mppc.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_mppc.ko
Reading symbols from /boot/kernel/rc4.ko...Reading symbols from
/usr/lib/debug//boot/kernel/rc4.ko.debug...done.
done.
Loaded symbols for /boot/kernel/rc4.ko
Reading symbols from /boot/kernel/ng_tee.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_tee.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_tee.ko
Reading symbols from /boot/kernel/ng_pptpgre.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_pptpgre.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_pptpgre.ko
Reading symbols from /boot/kernel/ng_ppp.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_ppp.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_ppp.ko
Reading symbols from /boot/kernel/ng_tcpmss.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_tcpmss.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_tcpmss.ko
Reading symbols from /boot/kernel/ng_l2tp.ko...Reading symbols from
/usr/lib/debug//boot/kernel/ng_l2tp.ko.debug...done.
done.
Loaded symbols for /boot/kernel/ng_l2tp.ko
#0 doadump (textdump=1) at pcpu.h:230
230 pcpu.h: No such file or directory.
in pcpu.h
(kgdb) #0 doadump (textdump=1) at pcpu.h:230
#1 0xffffffff80bafa30 in kern_reboot (howto=260)
at /usr/src/sys/kern/kern_shutdown.c:446
#2 0xffffffff80bafec3 in vpanic (fmt=<value optimized out>,
ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:872
#3 0xffffffff80bafcb3 in panic (fmt=<value optimized out>)
at /usr/src/sys/kern/kern_shutdown.c:799
#4 0xffffffff810dff4f in trap_fatal (frame=0xfffffe0040399940, eva=536)
at /usr/src/sys/amd64/amd64/trap.c:929
#5 0xffffffff810dffa9 in trap_pfault (frame=0xfffffe0040399940, usermode=0)
at pcpu.h:230
#6 0xffffffff810df5ce in trap (frame=0xfffffe0040399940)
at /usr/src/sys/amd64/amd64/trap.c:441
#7 0xffffffff810ba775 in calltrap ()
at /usr/src/sys/amd64/amd64/exception.S:232
#8 0xffffffff80d3b437 in igmp_change_state (inm=0xfffff800cb8a2800)
at /usr/src/sys/netinet/igmp.c:2277
#9 0xffffffff80d492b6 in in_leavegroup_locked (inm=0xfffff800cb8a2800,
imf=0xfffff8000352f800) at /usr/src/sys/netinet/in_mcast.c:1392
#10 0xffffffff80d4968e in inp_freemoptions (imo=<value optimized out>)
at /usr/src/sys/netinet/in_mcast.c:1334
#11 0xffffffff80bf717a in epoch_call_task (arg=<value optimized out>)
at /usr/src/sys/kern/subr_epoch.c:507
#12 0xffffffff80bfb0f4 in gtaskqueue_run_locked (queue=0xfffff8000306b300)
at /usr/src/sys/kern/subr_gtaskqueue.c:376
#13 0xffffffff80bfad58 in gtaskqueue_thread_loop (arg=<value optimized out>)
at /usr/src/sys/kern/subr_gtaskqueue.c:557
#14 0xffffffff80b6f313 in fork_exit (
callout=0xffffffff80bfacc0 <gtaskqueue_thread_loop>,
arg=0xfffffe00025fa020, frame=0xfffffe0040399c00)
at /usr/src/sys/kern/kern_fork.c:1057
#15 0xffffffff810bb76e in fork_trampoline ()
at /usr/src/sys/amd64/amd64/exception.S:995
#16 0x0000000000000000 in ?? ()
Current language: auto; currently minimal
(kgdb)
===Cut===
I'm attaching both core.txt here.
I can also provide the access to full coredumps.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list