Date: Thu, 19 Jan 2017 23:09:21 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 216304] Adding xn0 to bridge0 causes kernel panic Message-ID: <bug-216304-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D216304 Bug ID: 216304 Summary: Adding xn0 to bridge0 causes kernel panic Product: Base System Version: 11.0-RELEASE Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: mark@rootbsd.net CC: freebsd-amd64@FreeBSD.org CC: freebsd-amd64@FreeBSD.org We've encountered kernel panic in FreeBSD 11-RELEASE when attempting to add= xn0 as a member of bridge0. The kernel panic happens immediately after the comm= and to add xn0 to bridge0 is issued. Oddly, the kernel panic doesn't occur after upgrading in-place to 11.0-RELEASE from 10.3-RELEASE and proceeding to add = xn0 to bridge0. This seems to only be an issue with fresh 11.0-RELEASE installs= .=20 All installs we've seen this issue on are virtual machines running on Xen 3= .4.4 hypervisors. The virtual machine we upgraded from 10.3 to 11.0 (where adding xn0 to bridge0 works fine) is also on a Xen 3.4.4 hypervisor. Output of "uname -r" on 11.0-RELEASE vm with kernel panic issue: 11.0-RELEASE-p2 Output of "uname -r" on 11.0-RELEASE vm upgraded from 10.3-RELEASE without kernel panic issue: 11.0-RELEASE-p2 Commands used on both servers to add bridge0 and then add xn0 to bridge0: ifconfig bridge create ifconfig bridge0 addm xn0 Output of "kgdb kernel.debug /var/crash/vmcore.0": GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: Sleeping thread (tid 100076, pid 831) owns a non-sleepable lock KDB: stack backtrace of thread 100076: #0 0xffffffff80ae46e2 at mi_switch+0xd2 #1 0xffffffff80b3279a at sleepq_timedwait+0x3a #2 0xffffffff80ae4091 at _sleep+0x281 #3 0xffffffff8096e9c8 at xn_ioctl+0x5d8 #4 0xffffffff822194b3 at bridge_ioctl_add+0x4b3 #5 0xffffffff8221af8f at bridge_ioctl+0x29f #6 0xffffffff80bdcbec at ifioctl+0xfbc #7 0xffffffff80b41ab4 at kern_ioctl+0x2d4 #8 0xffffffff80b41771 at sys_ioctl+0x171 #9 0xffffffff80fa168e at amd64_syscall+0x4ce #10 0xffffffff80f8442b at Xfast_syscall+0xfb panic: sleeping thread cpuid =3D 0 KDB: stack backtrace: #0 0xffffffff80b24077 at kdb_backtrace+0x67 #1 0xffffffff80ad93e2 at vpanic+0x182 #2 0xffffffff80ad9253 at panic+0x43 #3 0xffffffff80b39a99 at propagate_priority+0x299 #4 0xffffffff80b3a59f at turnstile_wait+0x3ef #5 0xffffffff80ab493d at __mtx_lock_sleep+0x13d #6 0xffffffff8221d4c5 at bridge_output+0x75 #7 0xffffffff80be286e at ether_output+0x68e #8 0xffffffff80c62fe7 at ip_output+0x16c7 #9 0xffffffff80cf593e at tcp_output+0x191e #10 0xffffffff80d01396 at tcp_timer_rexmt+0x526 #11 0xffffffff80af325a at softclock_call_cc+0x18a #12 0xffffffff80af37d4 at softclock+0x94 #13 0xffffffff80a9340f at intr_event_execute_handlers+0x20f #14 0xffffffff80a93676 at ithread_loop+0xc6 #15 0xffffffff80a90055 at fork_exit+0x85 #16 0xffffffff80f8467e at fork_trampoline+0xe Uptime: 2m27s Dumping 85 out of 479 MB:..19%..38%..57%..76%..94% Reading symbols from /boot/kernel/if_bridge.ko...done. Loaded symbols for /boot/kernel/if_bridge.ko Reading symbols from /boot/kernel/bridgestp.ko...done. Loaded symbols for /boot/kernel/bridgestp.ko #0 doadump (textdump=3D<value optimized out>) at pcpu.h:221 221 __asm("movq %%gs:%1,%0" : "=3Dr" (td) (kgdb) backtrace #0 doadump (textdump=3D<value optimized out>) at pcpu.h:221 #1 0xffffffff80ad8e69 in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff80ad941b in vpanic (fmt=3D<value optimized out>, ap=3D<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:759 #3 0xffffffff80ad9253 in panic (fmt=3D0x0) at /usr/src/sys/kern/kern_shutdown.c:690 #4 0xffffffff80b39a99 in propagate_priority (td=3D<value optimized out>) at /usr/src/sys/kern/subr_turnstile.c:226 #5 0xffffffff80b3a59f in turnstile_wait (ts=3D<value optimized out>, owner=3D<value optimized out>, queue=3D<value optimized out>) at /usr/src/sys/kern/subr_turnstile.c:742 #6 0xffffffff80ab493d in __mtx_lock_sleep (c=3D<value optimized out>, tid=3D18446735277668753408, opts=3D<value optimized out>,=20 file=3D<value optimized out>, line=3D<value optimized out>) at /usr/src/sys/kern/kern_mutex.c:583 #7 0xffffffff8221d4c5 in bridge_output () from /boot/kernel/if_bridge.ko #8 0xffffffff80be286e in ether_output (ifp=3D<value optimized out>, m=3D<v= alue optimized out>, dst=3D0xfffff800033bd9b0, ro=3D<value optimized out>) at /usr/src/sys/net/if_ethersubr.c:407 #9 0xffffffff80c62fe7 in ip_output (m=3D0x0, opt=3D<value optimized out>, ro=3D<value optimized out>, flags=3D<value optimized out>,=20 imo=3D<value optimized out>, inp=3D<value optimized out>) at /usr/src/sys/netinet/ip_output.c:661 #10 0xffffffff80cf593e in tcp_output (tp=3D<value optimized out>) at /usr/src/sys/netinet/tcp_output.c:1422 #11 0xffffffff80d01396 in tcp_timer_rexmt (xtp=3D<value optimized out>) at /usr/src/sys/netinet/tcp_timer.c:812 #12 0xffffffff80af325a in softclock_call_cc (c=3D<value optimized out>, cc= =3D<value optimized out>, direct=3D<value optimized out>) at /usr/src/sys/kern/kern_timeout.c:729 #13 0xffffffff80af37d4 in softclock (arg=3D<value optimized out>) at /usr/src/sys/kern/kern_timeout.c:867 #14 0xffffffff80a9340f in intr_event_execute_handlers (p=3D<value optimized= out>, ie=3D<value optimized out>) at /usr/src/sys/kern/kern_intr.c:1262 #15 0xffffffff80a93676 in ithread_loop (arg=3D<value optimized out>) at /usr/src/sys/kern/kern_intr.c:1275 #16 0xffffffff80a90055 in fork_exit (callout=3D0xffffffff80a935b0 <ithread_= loop>, arg=3D0xfffff800031c8be0, frame=3D0xfffffe002b696c00) at /usr/src/sys/kern/kern_fork.c:1038 #17 0xffffffff80f8467e in fork_trampoline () at /usr/src/sys/amd64/amd64/exception.S:611 #18 0x0000000000000000 in ?? () Current language: auto; currently minimal --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-216304-8>