Bug 138126 - [panic] Kernel panic trap 12 on bigger load
Summary: [panic] Kernel panic trap 12 on bigger load
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: i386 (show other bugs)
Version: unspecified
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-i386 mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-08-24 08:50 UTC by Zete Tresor
Modified: 2019-06-26 16:52 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Zete Tresor 2009-08-24 08:50:01 UTC
Server crashes on bigger load with Kernel Trap 12 page fault panic.  I've vmware virtual server that has 25 ezjail jails on it. jails contain various stuff, mostly apache, proftpd. Sometimes machine works up to 7 - 8 hours, sometime it does not even boot properly - it crashes upon enabling jails. it worked fine for 2 months, but started to crash when more and more jails where added. Works fine on other kinds of load, crashes only when many jails are up. It's multiprocessor machine w/ 4 CPU's and 4GB of RAM. Most times but not always it just freezes and does not reboot. Environment shows os w/ no pathes, at the moment of the first crash there were all patches until august 20th applied. 

Here are errors I see on crash:

kernel trap 12 with interrupts disabled

Fatal trap 12: page fault while in kernel mode
cpuid = 2; apic id = 02
fault virtual address    = 0x10
fault code                  = supervisor read, page not present
instruction pointer      = 0x20:0xc07d4a21
stack pointer             = 0x28:0xc72dec1c
frame pointer             = 0x28:0xc72dec30
code segment           = base rx0, limit 0xfffff, type 0x1b
                               = DPL 0, pres 1, def32 1, gran 1
processor eflags       = resume, IOPL = 0
current process        = 36 (sctp_iterator)
trap number             = 12
panic: page fault
cpuid = 2


Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address    = 0x6e727598
fault code                  = supervisor read, page not present
instruction pointer      = 0x20:0xc08bf945
stack pointer             = 0x28:0xc72bfaa8
frame pointer             = 0x28:0xc72bfacc
code segment           = base rx0, limit 0xfffff, type 0x1b
                               = DPL 0, pres 1, def32 1, gran 1
processor eflags       = interrupt enabled, resume, IOPL = 0
current process        = 30 (em1 taskq)
trap number             = 12


kernel trap 12 with interrupts disabled

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address    = 0x10
fault code                  = supervisor read, page not present
instruction pointer      = 0x20:0xc07d4a21
stack pointer             = 0x28:0xc73e29c4
frame pointer             = 0x28:0xc73e29d8
code segment           = base rx0, limit 0xfffff, type 0x1b
                               = DPL 0, pres 1, def32 1, gran 1
processor eflags       = resume, IOPL = 0
current process        = 9020 (libssl.so)
trap number             = 12
panic: page fault
cpuid = 0
Uptime: 25m37s


I run kgdb on kernel crash dump file, and this is the result:

# kgdb kernel.debug /var/crash/vmcore.2
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...

Unread portion of the kernel message buffer:
kernel trap 12 with interrupts disabled


Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address   = 0x10
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc07d4a21
stack pointer           = 0x28:0xe9c879c4
frame pointer           = 0x28:0xe9c879d8
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = resume, IOPL = 0
current process         = 18223 (libssl.so)
trap number             = 12
panic: page fault
cpuid = 1


Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address   = 0x6e727598
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc08bf945
stack pointer           = 0x28:0xc72bfaa8
frame pointer           = 0x28:0xc72bfacc
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 30 (em1 taskq)
trap number             = 12
panic: page fault
cpuid = 1
Uptime: 12h20m45s
Physical memory: 3827 MB
Dumping 295 MB: 280 264 248 232 216 200 184 168 152 136 120 104 88 72 56 40 24 8

Reading symbols from /boot/kernel/acpi.ko...Reading symbols from /boot/kernel/acpi.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/acpi.ko
Reading symbols from /boot/kernel/linux.ko...Reading symbols from /boot/kernel/linux.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/linux.ko
Reading symbols from /boot/kernel/nullfs.ko...Reading symbols from /boot/kernel/nullfs.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/nullfs.ko
Reading symbols from /boot/kernel/fdescfs.ko...Reading symbols from /boot/kernel/fdescfs.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/fdescfs.ko
#0  doadump () at pcpu.h:196
196             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb)

How-To-Repeat: Install freebsd 7.2 on vmware, patch it, make >20 apache jails. load the server. aait for crash.
Comment 1 Zete Tresor 2009-08-25 11:02:10 UTC
Seems that the bug is connected with latest patches. Unpatched system does
not have the bug. Reverting last patches did not help, needed to set up a
fresh install. Kernel panic appears soon after freebsd-update has been run.
Comment 2 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:01:19 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped
Comment 3 Pokemon 2019-04-06 07:30:53 UTC
MARKED AS SPAM