From owner-freebsd-current@FreeBSD.ORG Mon Mar 30 18:50:59 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 093741065678 for ; Mon, 30 Mar 2009 18:50:59 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay04.ispgateway.de (smtprelay04.ispgateway.de [80.67.18.16]) by mx1.freebsd.org (Postfix) with ESMTP id 720228FC23 for ; Mon, 30 Mar 2009 18:50:58 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from [88.153.16.109] (helo=localhost) by smtprelay04.ispgateway.de with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.68) (envelope-from ) id 1LoMZU-00059c-Rs for freebsd-current@freebsd.org; Mon, 30 Mar 2009 20:50:57 +0200 Date: Mon, 30 Mar 2009 20:50:49 +0200 From: Fabian Keil To: freebsd-current@freebsd.org Message-ID: <20090330205049.0c28552c@fabiankeil.de> X-Mailer: Claws Mail 3.7.0 (GTK+ 2.14.7; i386-portbld-freebsd8.0) X-PGP-KEY-URL: http://www.fabiankeil.de/gpg-keys/freebsd-listen-2008-08-18.asc Mime-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/kp4DqCC0auUIc6DlwUxdkM_"; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-Df-Sender: 775067 Subject: Fatal double fault in pf_pull_hdr() after ifconfig wlan0 mtu 100 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Mar 2009 18:50:59 -0000 --Sig_/kp4DqCC0auUIc6DlwUxdkM_ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable A few seconds after changing wlan0's mtu to 100 (to debug an application problem), the system froze. Reproducing the problem without Xorg running I got: fk@TP51 /usr/crash $ kgdb /boot/kernel/kernel.symbols vmcore.4 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd"... Unread portion of the kernel message buffer: Fatal double fault: eip =3D 0xc04a63d4 esp =3D 0xf3c06ff4 ebp =3D 0xf3c07010 cpuid =3D 0; apic id =3D 00 panic: double fault cpuid =3D 0 KDB: enter: panic panic: from debugger cpuid =3D 0 Uptime: 4m54s Physical memory: 998 MB Dumping 138 MB: 123 107 91 75 59 43 27 11 Reading symbols from /boot/kernel/unionfs.ko...Reading symbols from /boot/k= ernel/unionfs.ko.symbols...done. done. Loaded symbols for /boot/kernel/unionfs.ko Reading symbols from /boot/kernel/if_tap.ko...Reading symbols from /boot/ke= rnel/if_tap.ko.symbols...done. done. Loaded symbols for /boot/kernel/if_tap.ko Reading symbols from /boot/kernel/if_iwi.ko...Reading symbols from /boot/ke= rnel/if_iwi.ko.symbols...done. done. Loaded symbols for /boot/kernel/if_iwi.ko Reading symbols from /boot/kernel/snd_ich.ko...Reading symbols from /boot/k= ernel/snd_ich.ko.symbols...done. done. Loaded symbols for /boot/kernel/snd_ich.ko Reading symbols from /boot/kernel/sound.ko...Reading symbols from /boot/ker= nel/sound.ko.symbols...done. done. Loaded symbols for /boot/kernel/sound.ko Reading symbols from /boot/kernel/acpi_video.ko...Reading symbols from /boo= t/kernel/acpi_video.ko.symbols...done. done. Loaded symbols for /boot/kernel/acpi_video.ko Reading symbols from /boot/kernel/radeon.ko...Reading symbols from /boot/ke= rnel/radeon.ko.symbols...done. done. Loaded symbols for /boot/kernel/radeon.ko Reading symbols from /boot/kernel/drm.ko...Reading symbols from /boot/kerne= l/drm.ko.symbols...done. done. Loaded symbols for /boot/kernel/drm.ko Reading symbols from /boot/kernel/acpi_ibm.ko...Reading symbols from /boot/= kernel/acpi_ibm.ko.symbols...done. done. Loaded symbols for /boot/kernel/acpi_ibm.ko Reading symbols from /boot/kernel/geom_eli.ko...Reading symbols from /boot/= kernel/geom_eli.ko.symbols...done. done. Loaded symbols for /boot/kernel/geom_eli.ko Reading symbols from /boot/kernel/nullfs.ko...Reading symbols from /boot/ke= rnel/nullfs.ko.symbols...done. done. Loaded symbols for /boot/kernel/nullfs.ko Reading symbols from /boot/kernel/zfs.ko...Reading symbols from /boot/kerne= l/zfs.ko.symbols...done. done. Loaded symbols for /boot/kernel/zfs.ko Reading symbols from /boot/kernel/opensolaris.ko...Reading symbols from /bo= ot/kernel/opensolaris.ko.symbols...done. done. Loaded symbols for /boot/kernel/opensolaris.ko Reading symbols from /boot/kernel/iwi_bss.ko...Reading symbols from /boot/k= ernel/iwi_bss.ko.symbols...done. done. Loaded symbols for /boot/kernel/iwi_bss.ko Reading symbols from /boot/kernel/fdescfs.ko...Reading symbols from /boot/k= ernel/fdescfs.ko.symbols...done. done. Loaded symbols for /boot/kernel/fdescfs.ko #0 doadump () at pcpu.h:246 246 pcpu.h: No such file or directory. in pcpu.h (kgdb) where #0 doadump () at pcpu.h:246 #1 0xc0648486 in boot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:4= 20 #2 0xc06486c2 in panic (fmt=3DVariable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:576 #3 0xc04d5c87 in db_panic (addr=3DCould not find the frame base for "db_pa= nic". ) at /usr/src/sys/ddb/db_command.c:478 #4 0xc04d6211 in db_command (last_cmdp=3D0xc09b501c, cmd_table=3D0x0, dopa= ger=3D1) at /usr/src/sys/ddb/db_command.c:445 #5 0xc04d636a in db_command_loop () at /usr/src/sys/ddb/db_command.c:498 #6 0xc04d812d in db_trap (type=3D3, code=3D0) at /usr/src/sys/ddb/db_main.= c:229 #7 0xc0672626 in kdb_trap (type=3D3, code=3D0, tf=3D0xc172d170) at /usr/sr= c/sys/kern/subr_kdb.c:534 #8 0xc08be28b in trap (frame=3D0xc172d170) at /usr/src/sys/i386/i386/trap.= c:678 #9 0xc08a399b in calltrap () at /usr/src/sys/i386/i386/exception.s:165 #10 0xc06727aa in kdb_enter (why=3D0xc092aadd "panic", msg=3D0xc092aadd "pa= nic") at cpufunc.h:71 #11 0xc06486a6 in panic (fmt=3D0xc0954134 "double fault") at /usr/src/sys/k= ern/kern_shutdown.c:559 #12 0xc08bd236 in dblfault_handler () at /usr/src/sys/i386/i386/trap.c:959 #13 0xc04a63d4 in pf_pull_hdr (m=3D0xc50fd700, off=3D20, p=3D0xf3c07080, le= n=3D32, actionp=3D0x0, reasonp=3D0x0, af=3D2 '\002') at /usr/src/sys/contrib/pf/net/pf.c:5927 #14 0xc04c166e in pf_normalize_tcp_stateful (m=3D0xc50fd700, off=3D20, pd= =3D0xf3c07268, reason=3D0xf3c07264, th=3D0xf3c07240,=20 state=3D0xc69d18e0, src=3D0xc69d196c, dst=3D0xc69d1988, writeback=3D0xf= 3c0716c) at /usr/src/sys/contrib/pf/net/pf_norm.c:1645 #15 0xc04abd92 in pf_test_state_tcp (state=3D0xf3c07258, direction=3D2, kif= =3D0xc667e800, m=3D0xc50fd700, off=3D20, h=3D0xc50fd760,=20 pd=3D0xf3c07268, reason=3D0xf3c07264) at /usr/src/sys/contrib/pf/net/pf= .c:4952 #16 0xc04b2b0d in pf_test (dir=3D2, ifp=3D0xc5d5a400, m0=3D0xf3c07338, eh= =3D0x0, inp=3D0xc69bc000) at /usr/src/sys/contrib/pf/net/pf.c:6912 #17 0xc04b9a26 in pf_check_out (arg=3D0x0, m=3D0xf3c07338, ifp=3D0xc5d5a400= , dir=3D2, inp=3D0xc69bc000) at /usr/src/sys/contrib/pf/net/pf_ioctl.c:3689 #18 0xc06e1418 in pfil_run_hooks (ph=3D0xc16e2760, mp=3D0xf3c073a0, ifp=3D0= xc5d5a400, dir=3D2, inp=3D0xc69bc000) at /usr/src/sys/net/pfil.c:79 #19 0xc072f951 in ip_output (m=3D0xc50fd700, opt=3D0x0, ro=3D0xf3c073a8, fl= ags=3D0, imo=3D0x0, inp=3D0xc69bc000) at /usr/src/sys/netinet/ip_output.c:470 #20 0xc0790b8d in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1189 #21 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 #22 0xc0790c85 in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1250 #23 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 #24 0xc0790c85 in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1250 #25 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 #26 0xc0790c85 in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1250 #27 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 #28 0xc0790c85 in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1250 #29 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 #30 0xc0790c85 in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1250 #31 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 #32 0xc0790c85 in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1250 #33 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 #34 0xc0790c85 in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1250 #35 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 #36 0xc0790c85 in tcp_output (tp=3D0xc8cda5b8) at /usr/src/sys/netinet/tcp_= output.c:1250 #37 0xc0792c8f in tcp_mtudisc (inp=3D0xc69bc000, errno=3D0) at tcp_offload.= h:269 ---Type to continue, or q to quit---q Quit (kgdb) f 13 #13 0xc04a63d4 in pf_pull_hdr (m=3D0xc50fd700, off=3D20, p=3D0xf3c07080, le= n=3D32, actionp=3D0x0, reasonp=3D0x0, af=3D2 '\002') at /usr/src/sys/contrib/pf/net/pf.c:5927 5927 m_copydata(m, off, len, p); (kgdb) l 5922 } 5923 break; 5924 } 5925 #endif /* INET6 */ 5926 } 5927 m_copydata(m, off, len, p); 5928 return (p); 5929 } 5930=09 5931 int The kernel is FreeBSD 8.0-CURRENT #1: Fri Mar 27 18:07:57 CET 2009. Fabian --Sig_/kp4DqCC0auUIc6DlwUxdkM_ Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAknRFIoACgkQBYqIVf93VJ08GQCeKuWbXEC/ptUlFDWrR9ZNBtxG 9NoAoM0LW5OaWsSmYQ2EoQ6vafg4tDgi =4lMV -----END PGP SIGNATURE----- --Sig_/kp4DqCC0auUIc6DlwUxdkM_--