From owner-freebsd-stable@FreeBSD.ORG Wed Jun 4 22:25:46 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 942CA1065674 for ; Wed, 4 Jun 2008 22:25:46 +0000 (UTC) (envelope-from mav@FreeBSD.org) Received: from cmail.optima.ua (cmail.optima.ua [195.248.191.121]) by mx1.freebsd.org (Postfix) with ESMTP id 0DAF08FC1B for ; Wed, 4 Jun 2008 22:25:45 +0000 (UTC) (envelope-from mav@FreeBSD.org) X-Spam-Flag: SKIP X-Spam-Yversion: Spamooborona-2.1.0 Received: from [212.86.226.226] (account mav@alkar.net HELO [192.168.3.2]) by cmail.optima.ua (CommuniGate Pro SMTP 5.1.14) with ESMTPA id 141037552 for freebsd-stable@freebsd.org; Thu, 05 Jun 2008 00:25:43 +0300 Message-ID: <48470853.6080807@FreeBSD.org> Date: Thu, 05 Jun 2008 00:25:39 +0300 From: Alexander Motin User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Crashes in devfs. Possibly on interface creation/destruction. X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2008 22:25:46 -0000 Hi. After recent upgrading from 6.3-RC1/mpd-5.0rc1 to 6.3-STABLE/mpd-5.1 some of my PPPoE servers started to crash with about weekly period. Usually they just just hang without rebooting and core dumping. Consoles are inaccessible. All I have got from them was: kernel: Fatal trap 12: page fau kernel: lt while in k kernel: ernel kernel: mode kernel: kernel: cpuid = 1; apic id = 01 kernel: faut virtual address = 0x58 kernel: kernel: fault code = supervisor read, page not present kernel: kernel: instruction pointer = 0x20:0xc04800be kernel: kernel: stack pointer = 0x28:0xd690883c kernel: frame pointer = 0x28:0 kernel: xd6908854 kernel: code segment = kernel: base 0x0, limit 0xfffff, type 0x1b kernel: kernel: = DPL 0, pres 1, def32 1, gra kernel: n 1 kernel: processor eflags = interrupt kernel: enab kernel: led, r kernel: esume kernel: , IOPL kernel: = 0 kernel: kernel: current process = 1835 (mpd5) kernel: kernel: trap number = 12 "fault virtual address" and "instruction pointer" are always the same. Address 0xc04800be looks like part of devfs code: > addr2line -f -e kernel.debug 0xc04800be devfs_populate_loop /usr/src/sys/fs/devfs/devfs_devs.c:443 devfs_devs.c: de = devfs_newdirent(s, q - s); if (cdp->cdp_c.si_flags & SI_ALIAS) { de->de_uid = 0; de->de_gid = 0; de->de_mode = 0755; de->de_dirent->d_type = DT_LNK; pdev = cdp->cdp_c.si_parent; ->> line 443 ->> j = strlen(pdev->si_name) + 1; de->de_symlink = malloc(j, M_DEVFS, M_WAITOK); bcopy(pdev->si_name, de->de_symlink, j); 0x58 - is precisely the offset of si_name field inside of struct cdev. So looks like pdev = cdp->cdp_c.si_parent is NULL here for some reason. As soon as network interfaces have respective devfs entries and looking higher interface creation/destruction rate that newest mpd5.1 is able to reach due to optimizations, I think it may be some kind or race somewhere interface creation. Can somebody give me any hint where to look to? -- Alexander Motin