Date: Mon, 19 Feb 2007 11:48:31 +0600 (OMST) From: Alex Masterov <alex@infobit.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/109308: [panic] Multiple panics kernel ppp suspected Message-ID: <200702190548.l1J5mVWE016102@prime.bit.ab.ru> Resent-Message-ID: <200702190630.l1J6U6N7099988@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 109308
>Category: kern
>Synopsis: [panic] Multiple panics kernel ppp suspected
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Feb 19 06:30:05 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Alex Masterov
>Release: FreeBSD 6.2-RELEASE i386
>Organization:
>Environment:
System: FreeBSD prime.bit.ab.ru 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Thu Feb 1 15:09:09 OMST 2007 alex@prime.bit.ab.ru:/usr/obj/usr/src/sys/FIRST i386
>Description:
After upgrading from 4.11-RELEASE to 6.1-RELEASE kernel panics occured randomly.
Under 4.11-RELEASE everything was OK. Panics occured once per week or more often.
This machine act as dial-in server for the small organization.
When I had switched from kernel ppp (pppd from base system) to user ppp (/usr/sbin/ppp) panics gone.
Here are backtraces of dumps:
====
kgdb: kvm_nlist(_stopped_cpus):
kgdb: kvm_nlist(_stoppcbs):
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Unde
fined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".
Unread portion of the kernel message buffer:
panic: clist reservation botch
Uptime: 13h7m38s
Dumping 255 MB (2 chunks)
chunk 0: 1MB (159 pages) ... ok
chunk 1: 255MB (65264 pages) 239 223 207 191 175 159 143 127 111 95 79 63 47 3
1 15
#0 doadump () at pcpu.h:165
165 __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) bt
#1 0xc067b8be in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2 0xc067bb54 in panic (fmt=0xc09161af "clist reservation botch")
at /usr/src/sys/kern/kern_shutdown.c:565
#3 0xc06afdb6 in b_to_q (src=0xc22c10a2 "", amount=350, clistp=0xc228b038)
at /usr/src/sys/kern/tty_subr.c:104
#4 0xc06f3cb4 in pppasyncstart (sc=0xc2ee5000)
at /usr/src/sys/net/ppp_tty.c:582
#5 0xc06ef006 in pppoutput (ifp=0xc232ac00, m0=0xc27ff500, dst=0xd1596a9c,
rtp=0xc2b84108) at /usr/src/sys/net/if_ppp.c:961
#6 0xc0723f54 in ip_output (m=0xc27ff500, opt=0xc232ac00, ro=0xd1596a98,
flags=0, imo=0x0, inp=0xc257d0b4) at /usr/src/sys/netinet/ip_output.c:777
#7 0xc072d072 in tcp_output (tp=0xc2b23000)
at /usr/src/sys/netinet/tcp_output.c:1080
#8 0xc07341e1 in tcp_usr_send (so=0xc2ab8c84, flags=0, m=0xc27c6b00, nam=0x0,
control=0x0, td=0xc25ff180) at /usr/src/sys/netinet/tcp_usrreq.c:698
#9 0xc06b49b3 in sosend (so=0xc2ab8c84, addr=0x0, uio=0xd1596cbc,
top=0xc27c6b00, control=0x0, flags=0, td=0xc25ff180)
at /usr/src/sys/kern/uipc_socket.c:836
#10 0xc06a323e in soo_write (fp=0x0, uio=0xd1596cbc, active_cred=0xc2621780,
flags=0, td=0xc25ff180) at /usr/src/sys/kern/sys_socket.c:118
#11 0xc069d947 in dofilewrite (td=0xc25ff180, fd=1, fp=0xc2f1aa20,
auio=0xd1596cbc, offset=Unhandled dwarf expression opcode 0x93
) at file.h:252
#12 0xc069d7eb in kern_writev (td=0xc25ff180, fd=1, auio=0xd1596cbc)
at /usr/src/sys/kern/sys_generic.c:402
#13 0xc069d711 in write (td=0xc25ff180, uap=0x0)
at /usr/src/sys/kern/sys_generic.c:326
#14 0xc089427b in syscall (frame=
{tf_fs = 59, tf_es = 134742075, tf_ds = -1078001605, tf_edi = 15833, tf_es
i = 134779136, tf_ebp = -1077942184, tf_isp = -782668444, tf_ebx = -1077942072,
tf_edx = -1, tf_ecx = 672628096, tf_eax = 4, tf_trapno = 12, tf_err = 2, tf_eip
= 672568111, tf_cs = 51, tf_eflags = 582, tf_esp = -1077942404, tf_ss = 59})
at /usr/src/sys/i386/i386/trap.c:983
#15 0xc088202f in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:200
#16 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)
====
And here is another dump:
====
Unread portion of the kernel message buffer:
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x6
fault code = supervisor write, page not present
instruction pointer = 0x20:0xc0891c26
stack pointer = 0x28:0xd0c909c8
frame pointer = 0x28:0xd0c909f8
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 895 (squid)
trap number = 12
panic: page fault
Uptime: 1d5h38m33s
Dumping 255 MB (2 chunks)
chunk 0: 1MB (159 pages) ... ok
chunk 1: 255MB (65264 pages) 239 223 207 191 175 159 143 127 111 95 79 63 47 3
1 15
#0 doadump () at pcpu.h:165
165 __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) bt
#0 doadump () at pcpu.h:165
#1 0xc067b8be in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2 0xc067bb54 in panic (fmt=0xc08f5854 "%s")
at /usr/src/sys/kern/kern_shutdown.c:565
#3 0xc0893f64 in trap_fatal (frame=0xd0c90988, eva=6)
at /usr/src/sys/i386/i386/trap.c:837
#4 0xc0893ccb in trap_pfault (frame=0xd0c90988, usermode=0, eva=6)
at /usr/src/sys/i386/i386/trap.c:745
#5 0xc0893909 in trap (frame=
{tf_fs = -792133624, tf_es = -1064763352, tf_ds = -1063452632, tf_edi = 6,
tf_esi = -1035290624, tf_ebp = -792131080, tf_isp = -792131148, tf_ebx = 122, t
f_edx = -1035289164, tf_ecx = 30, tf_eax = 1035290630, tf_trapno = 12, tf_err =
2, tf_eip = -1064756186, tf_cs = 32, tf_eflags = 66071, tf_esp = -1037517768, tf
_ss = 0}) at /usr/src/sys/i386/i386/trap.c:435
#6 0xc0881fda in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#7 0xc0891c26 in generic_bcopy () at /usr/src/sys/i386/i386/support.s:489
Previous frame inner to this frame (corrupt stack?)
====
>How-To-Repeat:
Use pppd-based dial-in server for a long time.
Panics occured more often if a lot of incoming ppp connections was online.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200702190548.l1J5mVWE016102>