Date: Sat, 18 Feb 2017 21:35:06 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 217214] frequent panics in tcp_output/sbsndptr Message-ID: <bug-217214-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217214 Bug ID: 217214 Summary: frequent panics in tcp_output/sbsndptr Product: Base System Version: 11.0-STABLE Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: p-fbsd-bugs@ziemba.us 11.0-Stable r313801M Panics in sbsndptr when called from tcp_output, not always the same place. kgdb traces from two different core dumps follow. I tried rebuilding kernel with optimization disabled (/etc/src.conf: COPTFLAGS=-pipe) so I could examine variable values in kgdb, but that kernel crashed before fully coming up (i.e., reboot loop). Not sure how to proceed from here. Trace #1 (kgdb) where #0 doadump (textdump=<value optimized out>) at pcpu.h:222 #1 0xffffffff80abc999 in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff80abcf50 in vpanic (fmt=<value optimized out>, ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:759 #3 0xffffffff80abcd83 in panic (fmt=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:690 #4 0xffffffff80b5317a in sbsndptr (sb=<value optimized out>, off=<value optimized out>, len=<value optimized out>, moff=<value optimized out>) at /usr/src/sys/kern/uipc_sockbuf.c:1196 #5 0xffffffff80cddeb8 in tcp_output (tp=<value optimized out>) at /usr/src/sys/netinet/tcp_output.c:1047 #6 0xffffffff80cdabd2 in tcp_do_segment (m=0xfffff80023bc4300, th=<value optimized out>, so=0xfffff8026e26b000, tp=0xfffff8019470a820, drop_hdrlen=52, tlen=<value optimized out>, iptos=<value optimized out>, ti_locked=Cannot access memory at address 0x1 ) at /usr/src/sys/netinet/tcp_input.c:3173 #7 0xffffffff80cd7d5a in tcp_input (mp=<value optimized out>, offp=<value optimized out>, proto=<value optimized out>) at /usr/src/sys/netinet/tcp_input.c:1453 #8 0xffffffff80c4a6d9 in ip_input (m=<value optimized out>) at /usr/src/sys/netinet/ip_input.c:820 #9 0xffffffff80be6fd5 in netisr_dispatch_src (proto=1, source=<value optimized out>, m=<value optimized out>) at /usr/src/sys/net/netisr.c:1120 #10 0xffffffff80bd0169 in ether_demux (ifp=<value optimized out>, m=<value optimized out>) at /usr/src/sys/net/if_ethersubr.c:850 #11 0xffffffff830825fc in vboxNetFltFreeBSDinput () from /boot/modules/vboxnetflt.ko #12 0xffffffff80b18e7a in taskqueue_run_locked (queue=<value optimized out>) at /usr/src/sys/kern/subr_taskqueue.c:454 #13 0xffffffff80b18c6f in taskqueue_run (queue=0xfffff8000a3a9900) at /usr/src/sys/kern/subr_taskqueue.c:473 #14 0xffffffff80a780ef in intr_event_execute_handlers ( p=<value optimized out>, ie=<value optimized out>) at /usr/src/sys/kern/kern_intr.c:1262 #15 0xffffffff80a78356 in ithread_loop (arg=<value optimized out>) at /usr/src/sys/kern/kern_intr.c:1275 #16 0xffffffff80a74db5 in fork_exit ( callout=0xffffffff80a78290 <ithread_loop>, arg=0xfffff8000a37d4e0, frame=0xfffffe07c72baac0) at /usr/src/sys/kern/kern_fork.c:1040 #17 0xffffffff80f9218e in fork_trampoline () at /usr/src/sys/amd64/amd64/exception.S:611 #18 0x0000000000000000 in ?? () Trace #2: (kgdb) where #0 doadump (textdump=<value optimized out>) at pcpu.h:222 #1 0xffffffff80abc999 in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff80abcf50 in vpanic (fmt=<value optimized out>, ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:759 #3 0xffffffff80abcd83 in panic (fmt=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:690 #4 0xffffffff80faecd2 in trap_fatal (frame=0xfffffe07c72ba2f0, eva=24) at /usr/src/sys/amd64/amd64/trap.c:801 #5 0xffffffff80faee9c in trap_pfault (frame=0xfffffe07c72ba2f0, usermode=0) at /usr/src/sys/amd64/amd64/trap.c:658 #6 0xffffffff80fae550 in trap (frame=0xfffffe07c72ba2f0) at /usr/src/sys/amd64/amd64/trap.c:421 #7 0xffffffff80f91c51 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:236 #8 0xffffffff80b49ce3 in m_copym (m=0x0, off0=<value optimized out>, len=<value optimized out>, wait=1) at /usr/src/sys/kern/uipc_mbuf.c:456 #9 0xffffffff80cddee7 in tcp_output (tp=<value optimized out>) at /usr/src/sys/netinet/tcp_output.c:1054 #10 0xffffffff80cdb118 in tcp_do_segment (m=0xfffff800b77c0700, th=<value optimized out>, so=0xfffff800b70616c0, tp=0xfffff800b721a410, drop_hdrlen=80, tlen=<value optimized out>, iptos=<value optimized out>, ti_locked=Cannot access memory at address 0x1 ) at /usr/src/sys/netinet/tcp_input.c:2609 #11 0xffffffff80cd7d5a in tcp_input (mp=<value optimized out>, offp=<value optimized out>, proto=<value optimized out>) at /usr/src/sys/netinet/tcp_input.c:1453 #12 0xffffffff80c4a6d9 in ip_input (m=<value optimized out>) at /usr/src/sys/netinet/ip_input.c:820 #13 0xffffffff80be6fd5 in netisr_dispatch_src (proto=1, source=<value optimized out>, m=<value optimized out>) at /usr/src/sys/net/netisr.c:1120 #14 0xffffffff80bd0169 in ether_demux (ifp=<value optimized out>, m=<value optimized out>) at /usr/src/sys/net/if_ethersubr.c:850 #15 0xffffffff830825fc in vboxNetFltFreeBSDinput () from /boot/modules/vboxnetflt.ko #16 0xffffffff80b18e7a in taskqueue_run_locked (queue=<value optimized out>) at /usr/src/sys/kern/subr_taskqueue.c:454 #17 0xffffffff80b18c6f in taskqueue_run (queue=0xfffff8000a3a9900) at /usr/src/sys/kern/subr_taskqueue.c:473 #18 0xffffffff80a780ef in intr_event_execute_handlers ( p=<value optimized out>, ie=<value optimized out>) at /usr/src/sys/kern/kern_intr.c:1262 #19 0xffffffff80a78356 in ithread_loop (arg=<value optimized out>) at /usr/src/sys/kern/kern_intr.c:1275 #20 0xffffffff80a74db5 in fork_exit ( callout=0xffffffff80a78290 <ithread_loop>, arg=0xfffff8000a37d4c0, frame=0xfffffe07c72baac0) at /usr/src/sys/kern/kern_fork.c:1040 #21 0xffffffff80f9218e in fork_trampoline () at /usr/src/sys/amd64/amd64/exception.S:611 #22 0x0000000000000000 in ?? () -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-217214-8>