Bug 259164 - FreeBSD 13.0-STABLE mpd5-5.9 panic
Summary: FreeBSD 13.0-STABLE mpd5-5.9 panic
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 13.0-STABLE
Hardware: amd64 Any
: --- Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-10-14 05:47 UTC by Anatoliy Nebrat
Modified: 2021-10-17 07:18 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Anatoliy Nebrat 2021-10-14 05:47:47 UTC
FreeBSD 13.0-STABLE #1 stable/13-n247549-b1cca743673: Thu Oct  7 14:54:18 EEST 2021


Fatal trap 9: general protection fault while in kernel mode
cpuid = 0; apic id = 00
instruction pointer     = 0x20:0xffffffff82b9f53c
stack pointer           = 0x28:0xfffffe00cfc3f540
frame pointer           = 0x28:0xfffffe00cfc3f570
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 12 (irq36: sfxge1:0)
trap number             = 9
panic: general protection fault
cpuid = 0
time = 1634152680
KDB: stack backtrace:
#0 0xffffffff80c73ec5 at kdb_backtrace+0x65
#1 0xffffffff80c26017 at vpanic+0x187
#2 0xffffffff80c25e83 at panic+0x43
#3 0xffffffff810af587 at trap_fatal+0x387
#4 0xffffffff810aea7b at trap+0x8b
#5 0xffffffff810859c8 at calltrap+0x8
#6 0xffffffff82b8497d at ng_apply_item+0x2bd
#7 0xffffffff82b844e6 at ng_snd_item+0x1c6
#8 0xffffffff82b9af53 at ng_pppoe_rcvdata_ether+0x193
#9 0xffffffff82b8497d at ng_apply_item+0x2bd
#10 0xffffffff82b844e6 at ng_snd_item+0x1c6
#11 0xffffffff80d413aa at ether_demux+0x22a
#12 0xffffffff80d4265e at ether_nh_input+0x34e
#13 0xffffffff80d5d27a at netisr_dispatch_src+0xca
#14 0xffffffff80d41709 at ether_input+0x69
#15 0xffffffff80d412a1 at ether_demux+0x121
#16 0xffffffff80d4265e at ether_nh_input+0x34e
#17 0xffffffff80d5d27a at netisr_dispatch_src+0xca
Uptime: 5d20h57m48s
Dumping 1856 out of 8123 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%

__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
55              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu,
(kgdb) #0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=<optimized out>)
    at /usr/src/sys/kern/kern_shutdown.c:399
#2  0xffffffff80c25c16 in kern_reboot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:487
#3  0xffffffff80c26086 in vpanic (fmt=0xffffffff811aa502 "%s",
    ap=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:920
#4  0xffffffff80c25e83 in panic (fmt=<unavailable>)
    at /usr/src/sys/kern/kern_shutdown.c:844
#5  0xffffffff810af587 in trap_fatal (frame=0xfffffe00cfc3f480, eva=0)
    at /usr/src/sys/amd64/amd64/trap.c:941
#6  0xffffffff810aea7b in trap (frame=0xfffffe00cfc3f480)
    at /usr/src/sys/amd64/amd64/trap.c:246
#7  <signal handler called>
#8  0xffffffff82b9f53c in ng_tee_rcvdata (hook=<optimized out>,
    item=0xfffff801345bcb00) at /usr/src/sys/netgraph/ng_tee.c:312
#9  0xffffffff82b8497d in ng_apply_item (node=node@entry=0xfffff80130bca600,
    item=item@entry=0xfffff801345bcb00, rw=0)
    at /usr/src/sys/netgraph/ng_base.c:2407
#10 0xffffffff82b844e6 in ng_snd_item (item=item@entry=0xfffff801345bcb00,
    flags=flags@entry=0) at /usr/src/sys/netgraph/ng_base.c:2324
#11 0xffffffff82b9af53 in ng_pppoe_rcvdata_ether (hook=<optimized out>,
    item=0xfffff801345bcb00) at /usr/src/sys/netgraph/ng_pppoe.c:1951
#12 0xffffffff82b8497d in ng_apply_item (node=node@entry=0xfffff80019916c00,
    item=item@entry=0xfffff801345bcb00, rw=0)
    at /usr/src/sys/netgraph/ng_base.c:2407
#13 0xffffffff82b844e6 in ng_snd_item (item=0xfffff801345bcb00, flags=0)
    at /usr/src/sys/netgraph/ng_base.c:2324
#14 0xffffffff80d413aa in ether_demux (ifp=ifp@entry=0xfffff8001925b000,
    m=<optimized out>) at /usr/src/sys/net/if_ethersubr.c:938
#15 0xffffffff80d4265e in ether_input_internal (ifp=0xfffff8001925b000, m=0x0)
    at /usr/src/sys/net/if_ethersubr.c:707
#16 ether_nh_input (m=<optimized out>) at /usr/src/sys/net/if_ethersubr.c:737
#17 0xffffffff80d5d27a in netisr_dispatch_src (proto=proto@entry=5,
    source=<optimized out>, source@entry=0, m=0x8, m@entry=0xfffff80018fed900)
    at /usr/src/sys/net/netisr.c:1143
#18 0xffffffff80d5d55f in netisr_dispatch (proto=3235637440, proto@entry=5,
    m=0x48, m@entry=0xfffff80018fed900) at /usr/src/sys/net/netisr.c:1234
#19 0xffffffff80d41709 in ether_input (ifp=<optimized out>,#20 0xffffffff80d412a1 in ether_demux (ifp=ifp@entry=0xfffff80003a87800,
    m=0x0) at /usr/src/sys/net/if_ethersubr.c:874
#21 0xffffffff80d4265e in ether_input_internal (ifp=0xfffff80003a87800, m=0x0)
    at /usr/src/sys/net/if_ethersubr.c:707
#22 ether_nh_input (m=<optimized out>) at /usr/src/sys/net/if_ethersubr.c:737
#23 0xffffffff80d5d27a in netisr_dispatch_src (proto=proto@entry=5,
    source=<optimized out>, source@entry=0, m=0x8, m@entry=0xfffff80018fed900)
    at /usr/src/sys/net/netisr.c:1143
#24 0xffffffff80d5d55f in netisr_dispatch (proto=3235637440, proto@entry=5,
    m=0x48, m@entry=0xfffff80018fed900) at /usr/src/sys/net/netisr.c:1234
#25 0xffffffff80d41709 in ether_input (ifp=<optimized out>,
    m=0xfffff80018fed900) at /usr/src/sys/net/if_ethersubr.c:828
#26 0xffffffff82121a3d in __sfxge_rx_deliver (sc=0xfffffe00101d4000,
    m=m@entry=0x0) at /usr/src/sys/dev/sfxge/sfxge_rx.c:331
#27 sfxge_rx_deliver (rxq=<optimized out>, rxq@entry=0xfffff8000364a000,
    rx_desc=rx_desc@entry=0xfffffe00101d74e8)
    at /usr/src/sys/dev/sfxge/sfxge_rx.c:365
#28 0xffffffff821213e4 in sfxge_rx_qcomplete (
    rxq=rxq@entry=0xfffff8000364a000, eop=eop@entry=1)
    at /usr/src/sys/dev/sfxge/sfxge_rx.c:918
#29 0xffffffff8211d32f in sfxge_ev_qcomplete (evq=0xfffff8000364a800, eop=1)
    at /usr/src/sys/dev/sfxge/sfxge_ev.c:86
#30 sfxge_ev_qpoll (evq=evq@entry=0xfffff8000364a800)
    at /usr/src/sys/dev/sfxge/sfxge_ev.c:707
#31 0xffffffff8211ed60 in sfxge_intr_message (arg=0xfffff8
000364a800)
    at /usr/src/sys/dev/sfxge/sfxge_intr.c:159
#32 0xffffffff80be66ca in intr_event_execute_handlers (p=<optimized out>,
    ie=0xfffff80003a88b00) at /usr/src/sys/kern/kern_intr.c:1168
#33 ithread_execute_handlers (p=<optimized out>, ie=<optimized out>)
    at /usr/src/sys/kern/kern_intr.c:1181
#34 ithread_loop (arg=arg@entry=0xfffff800059f7480)
    at /usr/src/sys/kern/kern_intr.c:1269
#35 0xffffffff80be34ea in fork_exit (
    callout=0xffffffff80be6470 <ithread_loop>, arg=0xfffff800059f7480,
    frame=0xfffffe00cfc3fc00) at /usr/src/sys/kern/kern_fork.c:1084
#36 <signal handler called>
(kgdb)
Comment 1 Anatoliy Nebrat 2021-10-17 07:18:02 UTC
Next panic

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 02
fault virtual address   = 0x29
fault code              = supervisor write data, page not present
instruction pointer     = 0x20:0xffffffff82b9f58d
stack pointer           = 0x28:0xfffffe00eec64710
frame pointer           = 0x28:0xfffffe00eec64740
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 22206 (mpd5)
trap number             = 12
panic: page fault
cpuid = 1
time = 1634454545
KDB: stack backtrace:
#0 0xffffffff80c73ec5 at kdb_backtrace+0x65
#1 0xffffffff80c26017 at vpanic+0x187
#2 0xffffffff80c25e83 at panic+0x43
#3 0xffffffff810af587 at trap_fatal+0x387
#4 0xffffffff810af5df at trap_pfault+0x4f
#5 0xffffffff810aec5a at trap+0x26a
#6 0xffffffff810859c8 at calltrap+0x8
#7 0xffffffff82b8497d at ng_apply_item+0x2bd
#8 0xffffffff82b844e6 at ng_snd_item+0x1c6
#9 0xffffffff82b7f63f at ngd_send+0x10f
#10 0xffffffff80cc6383 at sosend_generic+0x623
#11 0xffffffff80cc67f0 at sosend+0x50
#12 0xffffffff80ccd41e at kern_sendit+0x20e
#13 0xffffffff80ccd827 at sendit+0x1e7
#14 0xffffffff80ccd62d at sys_sendto+0x4d
#15 0xffffffff810afe7c at amd64_syscall+0x10c
#16 0xffffffff810862db at fast_syscall_common+0xf8
Uptime: 3d11h49m11s
Dumping 1787 out of 8123 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%

__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
55              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu,
(kgdb) #0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=<optimized out>)
    at /usr/src/sys/kern/kern_shutdown.c:399
#2  0xffffffff80c25c16 in kern_reboot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:487
#3  0xffffffff80c26086 in vpanic (fmt=0xffffffff811aa502 "%s",
    ap=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:920
#4  0xffffffff80c25e83 in panic (fmt=<unavailable>)
    at /usr/src/sys/kern/kern_shutdown.c:844
#5  0xffffffff810af587 in trap_fatal (frame=0xfffffe00eec64650, eva=41)
    at /usr/src/sys/amd64/amd64/trap.c:941
#6  0xffffffff810af5df in trap_pfault (frame=frame@entry=0xfffffe00eec64650,
    usermode=false, signo=<optimized out>, signo@entry=0x0,
    ucode=<optimized out>, ucode@entry=0x0)
    at /usr/src/sys/amd64/amd64/trap.c:760
#7  0xffffffff810aec5a in trap (frame=0xfffffe00eec64650)
    at /usr/src/sys/amd64/amd64/trap.c:438
#8  <signal handler called>
#9  0xffffffff82b9f58d in ng_tee_rcvdata (hook=<optimized out>,
    item=0xfffff8002dc95600) at /usr/src/sys/netgraph/ng_tee.c:322
#10 0xffffffff82b8497d in ng_apply_item (node=node@entry=0xfffff80187205e00,
    item=item@entry=0xfffff8002dc95600, rw=0)
    at /usr/src/sys/netgraph/ng_base.c:2407
#11 0xffffffff82b844e6 in ng_snd_item (item=item@entry=0xfffff8002dc95600,
    flags=flags@entry=0) at /usr/src/sys/netgraph/ng_base.c:2324
#12 0xffffffff82b7f63f in ngd_send (so=<optimized out>,
    flags=<optimized out>, m=0x0, addr=<optimized out>, control=0x0,
    td=<optimized out>) at /usr/src/sys/netgraph/ng_socket.c:480
#13 0xffffffff80cc6383 in sosend_generic (so=0xfffff80009b53760,
    addr=0xfffff8001e388200, uio=<optimized out>, top=0xfffff800c7e05300,
    control=0x0, flags=0, td=0xfffffe00d1e2c740)
    at /usr/src/sys/kern/uipc_socket.c:1753
#14 0xffffffff80cc67f0 in sosend (so=0xfffff8001af0c300,
    so@entry=0xfffff80009b53760, addr=0xfffff8002dc95600, uio=0x0,
    uio@entry=0xfffffe00eec64998, top=0x23, top@entry=0x0,
    control=control@entry=0x0, flags=451986176, flags@entry=0,
    td=0xfffffe00d1e2c740) at /usr/src/sys/kern/uipc_socket.c:1803
#15 0xffffffff80ccd41e in kern_sendit (td=<optimized out>,
    td@entry=0xfffffe00d1e2c740, s=6, mp=<optimized out>,
    mp@entry=0xfffffe00eec64a80, flags=0, control=0x0,
    segflg=segflg@entry=UIO_USERSPACE)
    at /usr/src/sys/kern/uipc_syscalls.c:795
#16 0xffffffff80ccd827 in sendit (td=0xfffffe00d1e2c740, s=768169472,
    mp=mp@entry=0xfffffe00eec64a80, flags=35)
    at /usr/src/sys/kern/uipc_syscalls.c:720
#17 0xffffffff80ccd62d in sys_sendto (td=0xfffff8001af0c300,
    uap=<optimized out>) at /usr/src/sys/kern/uipc_syscalls.c:838
#18 0xffffffff810afe7c in syscallenter (td=0xfffffe00d1e2c740)
    at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:189
#19 amd64_syscall (td=0xfffffe00d1e2c740, traced=0)
    at /usr/src/sys/amd64/amd64/trap.c:1182
#20 <signal handler called>
#21 0x00000008008c037a in ?? ()
Backtrace stopped: Cannot access memory at address 0x7fffdf9fabf8
(kgdb)