Bug 138126 - Panic with patched FreeBSD 7.2 on VMware: trap 12 (page fault while in kernel mode) on bigger load; supervisor read, page not present
Summary: Panic with patched FreeBSD 7.2 on VMware: trap 12 (page fault while in kernel...
Status: Closed Unable to Reproduce
Alias: None
Product: Base System
Classification: Unclassified
Component: i386 (show other bugs)
Version: Unspecified
Hardware: Any Any
: --- Affects Only Me
Assignee: Graham Perrin
URL:
Keywords: crash
Depends on:
Blocks:
 
Reported: 2009-08-24 08:50 UTC by Zete Tresor
Modified: 2023-06-24 13:21 UTC (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Zete Tresor 2009-08-24 08:50:01 UTC
Server crashes on bigger load with Kernel Trap 12 page fault panic.  I've vmware virtual server that has 25 ezjail jails on it. jails contain various stuff, mostly apache, proftpd. Sometimes machine works up to 7 - 8 hours, sometime it does not even boot properly - it crashes upon enabling jails. it worked fine for 2 months, but started to crash when more and more jails where added. Works fine on other kinds of load, crashes only when many jails are up. It's multiprocessor machine w/ 4 CPU's and 4GB of RAM. Most times but not always it just freezes and does not reboot. Environment shows os w/ no pathes, at the moment of the first crash there were all patches until august 20th applied. 

Here are errors I see on crash:

kernel trap 12 with interrupts disabled

Fatal trap 12: page fault while in kernel mode
cpuid = 2; apic id = 02
fault virtual address    = 0x10
fault code                  = supervisor read, page not present
instruction pointer      = 0x20:0xc07d4a21
stack pointer             = 0x28:0xc72dec1c
frame pointer             = 0x28:0xc72dec30
code segment           = base rx0, limit 0xfffff, type 0x1b
                               = DPL 0, pres 1, def32 1, gran 1
processor eflags       = resume, IOPL = 0
current process        = 36 (sctp_iterator)
trap number             = 12
panic: page fault
cpuid = 2


Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address    = 0x6e727598
fault code                  = supervisor read, page not present
instruction pointer      = 0x20:0xc08bf945
stack pointer             = 0x28:0xc72bfaa8
frame pointer             = 0x28:0xc72bfacc
code segment           = base rx0, limit 0xfffff, type 0x1b
                               = DPL 0, pres 1, def32 1, gran 1
processor eflags       = interrupt enabled, resume, IOPL = 0
current process        = 30 (em1 taskq)
trap number             = 12


kernel trap 12 with interrupts disabled

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address    = 0x10
fault code                  = supervisor read, page not present
instruction pointer      = 0x20:0xc07d4a21
stack pointer             = 0x28:0xc73e29c4
frame pointer             = 0x28:0xc73e29d8
code segment           = base rx0, limit 0xfffff, type 0x1b
                               = DPL 0, pres 1, def32 1, gran 1
processor eflags       = resume, IOPL = 0
current process        = 9020 (libssl.so)
trap number             = 12
panic: page fault
cpuid = 0
Uptime: 25m37s


I run kgdb on kernel crash dump file, and this is the result:

# kgdb kernel.debug /var/crash/vmcore.2
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...

Unread portion of the kernel message buffer:
kernel trap 12 with interrupts disabled


Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address   = 0x10
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc07d4a21
stack pointer           = 0x28:0xe9c879c4
frame pointer           = 0x28:0xe9c879d8
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = resume, IOPL = 0
current process         = 18223 (libssl.so)
trap number             = 12
panic: page fault
cpuid = 1


Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address   = 0x6e727598
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc08bf945
stack pointer           = 0x28:0xc72bfaa8
frame pointer           = 0x28:0xc72bfacc
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 30 (em1 taskq)
trap number             = 12
panic: page fault
cpuid = 1
Uptime: 12h20m45s
Physical memory: 3827 MB
Dumping 295 MB: 280 264 248 232 216 200 184 168 152 136 120 104 88 72 56 40 24 8

Reading symbols from /boot/kernel/acpi.ko...Reading symbols from /boot/kernel/acpi.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/acpi.ko
Reading symbols from /boot/kernel/linux.ko...Reading symbols from /boot/kernel/linux.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/linux.ko
Reading symbols from /boot/kernel/nullfs.ko...Reading symbols from /boot/kernel/nullfs.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/nullfs.ko
Reading symbols from /boot/kernel/fdescfs.ko...Reading symbols from /boot/kernel/fdescfs.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/fdescfs.ko
#0  doadump () at pcpu.h:196
196             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb)

How-To-Repeat: Install freebsd 7.2 on vmware, patch it, make >20 apache jails. load the server. aait for crash.
Comment 1 Zete Tresor 2009-08-25 11:02:10 UTC
Seems that the bug is connected with latest patches. Unpatched system does
not have the bug. Reverting last patches did not help, needed to set up a
fresh install. Kernel panic appears soon after freebsd-update has been run.
Comment 2 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:01:19 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped
Comment 3 Pokemon 2019-04-06 07:30:53 UTC
MARKED AS SPAM
Comment 4 Graham Perrin freebsd_committer freebsd_triage 2022-10-17 12:19:29 UTC
Keyword: 

    crash

– in lieu of summary line prefix: 

    [panic]

* bulk change for the keyword
* summary lines may be edited manually (not in bulk). 

Keyword descriptions and search interface: 

    <https://bugs.freebsd.org/bugzilla/describekeywords.cgi>
Comment 5 Graham Perrin freebsd_committer freebsd_triage 2023-06-24 13:21:36 UTC
I'm sorry that this bug was not investigated around the time of the report. 

If reproducible with an active branch of the operating system, please make a new report. 

Thank you.