Date: Mon, 14 Dec 2015 10:38:57 +0000 From: Rasool Al-Saadi <ralsaadi@swin.edu.au> To: Hans Petter Selasky <hps@selasky.org>, "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: RE: Random kernel panic when unloading Dummynet module in multicore processor Message-ID: <6545444AE21C2749939E637E56594CEA3C10CA5C@gsp-ex02.ds.swin.edu.au> In-Reply-To: <566E87F1.3040606@selasky.org> References: <6545444AE21C2749939E637E56594CEA3C10B9DA@gsp-ex02.ds.swin.edu.au> <566E87F1.3040606@selasky.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Monday, 14 December 2015 8:12, Hans Petter Selasky wrote: >=20 > On 12/14/15 01:06, Rasool Al-Saadi wrote: > > Hi everyone, > > > > I am not sure if this bug was reported before or not (I didn't find exa= ct > problem) . > > > > When I try to unload dummynet module (kldunload dummynet) in > FreeBSD11-CURRENT, sometimes the system is halt or panic. I noticed that > this only happens with multicore processor. > > When I disable all CPU's cores except one (using hint.lapic.x.disabled= =3D1), > the panic does not appear. > > I tried to reproduce the panic in a system with Intel Core 2 Due 2.33HG= z > processor and also in VirtualBox VM (I set number of processors in VM > setting to 2), and in both cases I got system panic. > > > > Most of the times the panic is: > > Fatal trap 12: page fault while in kernel mode ... > > Stopped at callout_process+... > > > > Kernel version: > > FreeBSD 11.0-CURRENT #0 r291495: Mon Nov 30 23:14:34 UTC 2015 > root@releng2.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64 > > > > To reproduce the panic: > > Run 'kldload dummynet && kldunload dummynet' many times (or write a > > shell script loop to do that) > > > > Debug Info: > > > > DUMMYNET 0 with IPv6 initialized (100409) load_dn_sched dn_sched FIFO > > loaded load_dn_sched dn_sched QFQ loaded load_dn_sched dn_sched RR > > loaded load_dn_sched dn_sched WF2Q+ loaded load_dn_sched dn_sched > PRIO > > loaded unload_dn_sched dn_sched PRIO unloaded unload_dn_sched > dn_sched > > WF2Q+ unloaded unload_dn_sched dn_sched RR unloaded > unload_dn_sched > > dn_sched QFQ unloaded unload_dn_sched dn_sched FIFO unloaded > kernel > > trap 12 with interrupts disabled > > > > > > Fatal trap 12: page fault while in kernel mode cpuid =3D 0; apic id =3D= 00 > > fault virtual address =3D 0xffffffff82251c68 > > fault code =3D supervisor read data, page not present > > instruction pointer =3D 0x20:0xffffffff80a36c50 > > stack pointer =3D 0x28:0xfffffe0116b0c710 > > frame pointer =3D 0x28:0xfffffe0116b0c7a0 > > code segment =3D base 0x0, limit 0xfffff, type 0x1b > > =3D DPL 0, pres 1, long 1, def32 0, gran 1 > > processor eflags =3D resume, IOPL =3D 0 > > current process =3D 11 (idle: cpu0) > > > > Backtrace: > > > > #0 doadump (textdump=3D380682592) at pcpu.h:221 > > 221 pcpu.h: No such file or directory. > > in pcpu.h > > (kgdb) backtrace > > #0 doadump (textdump=3D380682592) at pcpu.h:221 > > #1 0xffffffff8037d906 in db_fncall (dummy1=3D<value optimized out>, > > dummy2=3D<value optimized out>, dummy3=3D<value optimized out>, > > dummy4=3D<value optimized out>) at > > /usr/src/sys/ddb/db_command.c:568 > > #2 0xffffffff8037d39e in db_command (cmd_table=3D0x0) > > at /usr/src/sys/ddb/db_command.c:440 > > #3 0xffffffff8037d134 in db_command_loop () > > at /usr/src/sys/ddb/db_command.c:493 > > #4 0xffffffff8037fbcb in db_trap (type=3D<value optimized out>, code= =3D0) > > at /usr/src/sys/ddb/db_main.c:251 > > #5 0xffffffff80a5e593 in kdb_trap (type=3D12, code=3D0, tf=3D<value op= timized > out>) > > at /usr/src/sys/kern/subr_kdb.c:654 > > #6 0xffffffff80e69d01 in trap_fatal (frame=3D0xfffffe0116b0c660, > > eva=3D<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:82= 9 > > #7 0xffffffff80e69f4d in trap_pfault (frame=3D0xfffffe0116b0c660, > > usermode=3D<value optimized out>) at > > /usr/src/sys/amd64/amd64/trap.c:684 > > #8 0xffffffff80e6967f in trap (frame=3D0xfffffe0116b0c660) > > at /usr/src/sys/amd64/amd64/trap.c:435 > > #9 0xffffffff80e49447 in calltrap () > > at /usr/src/sys/amd64/amd64/exception.S:234 > > #10 0xffffffff80a36c50 in callout_process (now=3D307238251753) > > at /usr/src/sys/kern/kern_timeout.c:480 > > #11 0xffffffff80f6809d in handleevents (now=3D307238251753, fake=3D0) > > at /usr/src/sys/kern/kern_clocksource.c:212 > > #12 0xffffffff80f68725 in timercb (et=3D<value optimized out>, > > arg=3D<value optimized out>) at > > /usr/src/sys/kern/kern_clocksource.c:345 > > #13 0xffffffff80e6f766 in hpet_intr_single (arg=3D<value optimized out>= ) > > at /usr/src/sys/dev/acpica/acpi_hpet.c:273 > > #14 0xffffffff80e6f819 in hpet_intr (arg=3D0xfffffe0000dcb000) > > at /usr/src/sys/dev/acpica/acpi_hpet.c:291 > > #15 0xffffffff809e9f9c in intr_event_handle (ie=3D0xfffff80003ca1a00, > > frame=3D0xfffffe0116b0c970) at /usr/src/sys/kern/kern_intr.c:1436 > > #16 0xffffffff80fa1fb8 in intr_execute_handlers (isrc=3D0xfffff80003cea= 590, > > frame=3D0xfffffe0116b0c970) at > > /usr/src/sys/x86/x86/intr_machdep.c:275 > > #17 0xffffffff80fa6a78 in lapic_handle_intr (vector=3D<value optimized = out>, > > frame=3D0xfffffe0116b0c970) at > > /usr/src/sys/x86/x86/local_apic.c:1008 > > #18 0xffffffff80e49b27 in Xapic_isr1 () at apic_vector.S:116 > > #19 0xffffffff80f9f6b6 in acpi_cpu_c1 () > > at /usr/src/sys/x86/x86/cpu_machdep.c:133 > > #20 0xffffffff8039f855 in acpi_cpu_idle (sbt=3D<value optimized out>) > > at /usr/src/sys/dev/acpica/acpi_cpu.c:1157 > > #21 0xffffffff80f9f99f in cpu_idle_acpi (sbt=3D160862) > > at /usr/src/sys/x86/x86/cpu_machdep.c:263 > > #22 0xffffffff80f9fa47 in cpu_idle (busy=3D0) > > at /usr/src/sys/x86/x86/cpu_machdep.c:415 > > #23 0xffffffff80a4c565 in sched_idletd (dummy=3D<value optimized out>) > > at /usr/src/sys/kern/sched_ule.c:2688 > > #24 0xffffffff809e7714 in fork_exit ( > > callout=3D0xffffffff80a4c0c0 <sched_idletd>, arg=3D0x0, > > frame=3D0xfffffe0116b0cc00) at /usr/src/sys/kern/kern_fork.c:1011 > > #25 0xffffffff80e4997e in fork_trampoline () > > at /usr/src/sys/amd64/amd64/exception.S:609 > > #26 0x0000000000000000 in ?? () > > >=20 > Hi, >=20 > Can you try this DIFF: >=20 > https://reviews.freebsd.org/D3855 Thanks Hans! This DIFF solved the problem perfectly. Cheers, Rasool > --HPS >=20 > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6545444AE21C2749939E637E56594CEA3C10CA5C>