Summary: | ciss driver causes immediate system crash&reboot if external SAS cable unplugged | ||
---|---|---|---|
Product: | Base System | Reporter: | Peter Eriksson <pen> |
Component: | kern | Assignee: | freebsd-bugs (Nobody) <bugs> |
Status: | New --- | ||
Severity: | Affects Some People | CC: | imp, rgrimes |
Priority: | --- | Keywords: | crash |
Version: | 12.1-RELEASE | ||
Hardware: | amd64 | ||
OS: | Any |
Description
Peter Eriksson
2020-05-07 11:17:33 UTC
HP D6020 cabinets HP H241 SmartHBA SAS controllers (in JBOD mode) HP DL380 Gen 9 servers FreeBSD 12.1-RELEASE-p3 It doesn't happen all the time, but I managed to provoke it finally by unplugging and the reconnecting it while having some I/O active: ciss0: *** Hot-plug drive inserted, Port=1E Box=2 Bay=3 SN= 5PGTTP6C ciss0: *** Hot-plug drive inserted, Port=1E Box=2 Bay=2 SN= 5PGU1RZC ciss0: *** Hot-plug drive inserted, Port=1E Box=2 Bay=1 SN= 5PGTSWAC ciss0: *** Expander Link Up, Port=2E Box=1 Exp=1 Phy=44 Port on module=255 ciss0: *** Expander Link Up, Port=2E Box=1 Exp=1 Phy=45 Port on module=255 ciss0: *** Expander Link Up, Port=2E Box=1 Exp=1 Phy=46 Port on module=255 ciss0: *** Expander Link Up, Port=2E Box=1 Exp=1 Phy=47 Port on module=255 ciss0: *** Enclosure added, Port=2E, storage system 2 - 7CE952P09P ciss0: Unknown hotplug event 6 ciss0: *** Hot-plug drive inserted, Port=2E Box=2 Bay=35 SN= 5PGLBRRE Fatal trap 18: integer divide fault while in kernel mode cpuid = 12; apic id = 14 instruction pointer = 0x20:0xffffffff805c692a stack pointer = 0x28:0xfffffe01fa4f1b60 frame pointer = 0x28:0xfffffe01fa4f1bb0 code segment = base rx0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 25 (ciss_notify0) trap number = 18 panic: integer divide fault cpuid = 12 time = 1589905482 KDB: stack backtrace: #0 0xffffffff80c1ce67 at kdb_backtrace+0x67 #1 0xffffffff80bcff4d at vpanic+0x19d #2 0xffffffff80bcfda3 at panic+0x43 #3 0xffffffff810aabbc at trap_fatal+0x39c #4 0xffffffff810aa00a at trap+0x6a #5 0xffffffff810832cc at calltrap+0x8 #6 0xffffffff80b901e3 at fork_exit+0x83 #7 0xffffffff8108431e at fork_trampoline+0xe I'm guessing this happens in sys/dev/ciss/ciss.c:ciss_notify_thread(): cr = ciss_dequeue_notify(sc); if (cr == NULL) panic("cr null"); |