Bug 138782 - [panic] sbflush_internal: cc 0 || mb 0xffffff004127b000 || mbcnt 2304
Summary: [panic] sbflush_internal: cc 0 || mb 0xffffff004127b000 || mbcnt 2304
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 10.1-STABLE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-net mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-09-13 17:00 UTC by vladislav V. Prodan
Modified: 2018-05-28 19:46 UTC (History)
3 users (show)

See Also:


Attachments
core.txt (160.31 KB, text/plain)
2009-09-14 17:17 UTC, vladislav V. Prodan
no flags Details
core.txt.0.gz (29.01 KB, application/gzip)
2010-01-05 04:56 UTC, hiyorin
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description vladislav V. Prodan 2009-09-13 17:00:13 UTC
Unread portion of the kernel message buffer:
panic: sbflush_internal: cc 0 || mb 0xffffff004127b000 || mbcnt 2304
cpuid = 1
Uptime: 14h42m52s
Physical memory: 6098 MB
Dumping 1729 MB: 1714 1698 1682 1666 1650 1634 1618 1602 1586 1570 1554 1538 1522 1506 1490 1474 1458 1442 1426 1410 1394 1378 1362 1346 1330 1314 1298 1282 1266 1250 1234 1218 1202 1186 1170 1154 1138 1122 1106 1090 1074 1058 1042 1026 1010 994 978 962 946 930 914 898 882 866 850 834 818 802 786 770 754 738 722 706 690 674 658 642 626 610 594 578 562 546 530 514 498 482 466 450 434 418 402 386 370 354 338 322 306 290 274 258 242 226 210 194 178 162 146 130 114 98 82 66 50 34 18 2

Reading symbols from /boot/kernel/zfs.ko...Reading symbols from /boot/kernel/zfs.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/zfs.ko
Reading symbols from /boot/kernel/opensolaris.ko...Reading symbols from /boot/kernel/opensolaris.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/opensolaris.ko
Reading symbols from /boot/kernel/linux.ko...Reading symbols from /boot/kernel/linux.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/linux.ko
Reading symbols from /boot/kernel/accf_http.ko...Reading symbols from /boot/kernel/accf_http.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/accf_http.ko
#0  doadump () at pcpu.h:223
223     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) #0  doadump () at pcpu.h:223
#1  0xffffffff803a5089 in boot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:416
#2  0xffffffff803a54dc in panic (fmt=Variable "fmt" is not available.
)
    at /usr/src/sys/kern/kern_shutdown.c:579
#3  0xffffffff80401a44 in sbflush_internal (sb=0xffffff01250e9180)
    at /usr/src/sys/kern/uipc_sockbuf.c:824
#4  0xffffffff80401b3c in sbrelease_internal (sb=0xffffff01250e9180,
    so=0xffffff01250e9000) at /usr/src/sys/kern/uipc_sockbuf.c:339
#5  0xffffffff8040335c in sofree (so=0xffffff01250e9000)
    at /usr/src/sys/kern/uipc_socket.c:632
#6  0xffffffff80552fa8 in tcp_close (tp=0x0)
    at /usr/src/sys/netinet/tcp_subr.c:937
#7  0xffffffff8054bc15 in tcp_do_segment (m=0xffffff0197fae300,
    th=0xffffff0197fae37c, so=0xffffff01250e9000, tp=0xffffff0125111a50,
    drop_hdrlen=52, tlen=0, iptos=0 '\0', ti_locked=3)
    at /usr/src/sys/netinet/tcp_input.c:2467
#8  0xffffffff8054ddbb in tcp_input (m=0xffffff0197fae300, off0=Variable "off0" is not available.
)
    at /usr/src/sys/netinet/tcp_input.c:1047
#9  0xffffffff804d8d7b in ip_input (m=0xffffff0197fae300)
    at /usr/src/sys/netinet/ip_input.c:775
#10 0xffffffff80471042 in swi_net (arg=Variable "arg" is not available.
) at /usr/src/sys/net/netisr.c:716
#11 0xffffffff8037f360 in intr_event_execute_handlers (p=Variable "p" is not available.
)
    at /usr/src/sys/kern/kern_intr.c:1165
#12 0xffffffff803808de in ithread_loop (arg=0xffffff00013926a0)
    at /usr/src/sys/kern/kern_intr.c:1178
#13 0xffffffff8037d367 in fork_exit (
    callout=0xffffffff80380850 <ithread_loop>, arg=0xffffff00013926a0,
    frame=0xffffff8000037c80) at /usr/src/sys/kern/kern_fork.c:843
#14 0xffffffff806457ee in fork_trampoline ()
    at /usr/src/sys/amd64/amd64/exception.S:561
#15 0x0000000000000000 in ?? ()
#16 0x0000000000000000 in ?? ()
#17 0x0000000000000001 in ?? ()
#18 0x0000000000000000 in ?? ()
#19 0x0000000000000000 in ?? ()
#20 0x0000000000000000 in ?? ()
#21 0x0000000000000000 in ?? ()
#22 0x0000000000000000 in ?? ()
#23 0x0000000000000000 in ?? ()
#24 0x0000000000000000 in ?? ()
#25 0x0000000000000000 in ?? ()
#26 0x0000000000000000 in ?? ()
#27 0x0000000000000000 in ?? ()
#28 0x0000000000000000 in ?? ()
#29 0x0000000000000000 in ?? ()
#30 0x0000000000000000 in ?? ()
#31 0x0000000000000000 in ?? ()
#32 0x0000000000000000 in ?? ()
#33 0x0000000000000000 in ?? ()
#34 0x0000000000000000 in ?? ()
#35 0x0000000000000000 in ?? ()
#36 0x0000000000000000 in ?? ()
#37 0x0000000000000000 in ?? ()
#38 0x0000000000000000 in ?? ()
#39 0x0000000000c6c000 in ?? ()
#40 0x000000000000000b in ?? ()
#41 0xffffffff808cf280 in affinity ()
#42 0xffffffff808cf280 in affinity ()
#43 0xffffff000150d720 in ?? ()
#44 0xffffff8000037230 in ?? ()
#45 0xffffff80000371e8 in ?? ()
#46 0xffffff0001399000 in ?? ()
#47 0xffffffff803c7f99 in sched_switch (td=0xffffff00013926a0,
    newtd=0xffffffff80380850, flags=Variable "flags" is not available.
) at /usr/src/sys/kern/sched_ule.c:1858
Previous frame inner to this frame (corrupt stack?)
(kgdb)

------------------------------------------------------------------------
ps -axl

Segmentation fault


####################
# df
Filesystem  1K-blocks        Used     Avail Capacity  Mounted on
/dev/ad6s1a     507630     502486    -35466   108%    /
devfs                1          1         0   100%    /dev
/dev/ad6s1g  407507692  219143688 155763390    58%    /dop
/dev/ad6s1d    8122126      12042   7460314     0%    /tmp
/dev/ad6s1e   20308398    7420918  11262810    40%    /usr
/dev/ad6s1f   20308398   17611500   1072228    94%    /var
tank        2859756032 2403491840 456264192    84%    /tank
devfs                1          1         0   100%    /var/named/dev

####
# ll /ps.core
-rw-------  1 root  wheel  230555648 13 sep 18:32 /ps.core

How-To-Repeat: I think, panic resulted from the overflow partition "/"
Comment 1 Gavin Atkinson freebsd_committer freebsd_triage 2009-09-13 21:41:07 UTC
Responsible Changed
From-To: freebsd-bugs->freebsd-net

Over to maintainer(s).  Not sure if there's enough info here at the 
moment, but the submitter has a core. 

To submitter: Can you run crashinfo(8) on the kernel core file and 
provide the complete output please?
Comment 3 vladislav V. Prodan 2009-09-14 17:27:21 UTC
http://otrada.od.ua/FreeBSD/crash/core.txt.gz
Comment 4 hiyorin 2010-01-05 04:56:56 UTC
Hi,
My 8.0-RELEASE server encountered similar problem recently.

FreeBSD minori 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 
UTC 2009     root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386

The difference of my situation is that / partition is not overflowed.
I want to know if there is any solution for this problem?
I can provide core dump if necessary.

Thanks,
C.C.
Comment 5 Hiren Panchasara freebsd_committer 2015-03-16 21:26:50 UTC
We randomly see this panic on 10.1 stable.

I'll try to get more info here.
Comment 6 Hiren Panchasara freebsd_committer 2015-03-18 17:37:09 UTC
I could not figure out the root-cause but found an interesting fix that stops possible overflow in sockbuf which _may_ cause this. 

Discussion: https://lists.freebsd.org/pipermail/freebsd-arch/2015-February/016739.html

Fix: https://svnweb.freebsd.org/changeset/base/278729
Comment 7 John W. O'Brien 2016-10-12 12:07:53 UTC
I just encountered this panic on 10-STABLE r306933 with under two days of uptime. I upgraded a few days ago from r301164 which had been running continuously for over 120 days. Unfortunately I don't have a core, but I would be glad to provide any other information and am interested in pursuing a fix.
Comment 8 Eitan Adler freebsd_committer freebsd_triage 2018-05-28 19:46:28 UTC
batch change:

For bugs that match the following
-  Status Is In progress 
AND
- Untouched since 2018-01-01.
AND
- Affects Base System OR Documentation

DO:

Reset to open status.


Note:
I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed.