Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 2 Feb 2014 09:48:38 +0000
From:      Vlad Galu <dudu@dudu.ro>
To:        freebsd-pf@freebsd.org,  "freebsd-stable@FreeBSD.org" <freebsd-stable@freebsd.org>
Subject:   Crash in pf_normalize_ip() in 10-STABLE (r261024)
Message-ID:  <CA%2BFTnKPFMcSWcUhyXUKTcMS33-38SJK_wN6KHrvVYo5hLEfa3w@mail.gmail.com>

next in thread | raw e-mail | index | archive | help
Unfortunately, although dmesg indicates the coredump being written to
the swap partition, savecore did not leave anything in /var/crash
after the machine automatically rebooted. All I got is this backtrace:

-- cut here --

Fatal trap 12: page fault while in kernel mode

cpuid = 5; apic id = 05

fault virtual address   = 0xe

fault code              = supervisor write data, page not present

instruction pointer     = 0x20:0xffffffff80757455

stack pointer           = 0x28:0xfffffe04529a83e0

frame pointer           = 0x28:0xfffffe04529a84d0

code segment            = base 0x0, limit 0xfffff, type 0x1b

                        = DPL 0, pres 1, long 1, def32 0, gran 1

processor eflags        = interrupt enabled, resume, IOPL = 0

current process         = 12 (swi5: fast taskq)

trap number             = 12

panic: page fault

cpuid = 5

KDB: stack backtrace:

db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe04529a7ec0

kdb_backtrace() at kdb_backtrace+0x39/frame 0xfffffe04529a7f70

panic() at panic+0x155/frame 0xfffffe04529a7ff0

trap_fatal() at trap_fatal+0x3a2/frame 0xfffffe04529a8050

trap_pfault() at trap_pfault+0x2c9/frame 0xfffffe04529a8100

trap() at trap+0x5e6/frame 0xfffffe04529a8320

calltrap() at calltrap+0x8/frame 0xfffffe04529a8320

--- trap 0xc, rip = 0xffffffff80757455, rsp = 0xfffffe04529a83e0, rbp
= 0xfffffe04529a84d0 ---

pf_normalize_ip() at pf_normalize_ip+0x1a65/frame 0xfffffe04529a84d0

pf_test() at pf_test+0x211/frame 0xfffffe04529a8660

pf_check_in() at pf_check_in+0x1d/frame 0xfffffe04529a8680

pfil_run_hooks() at pfil_run_hooks+0x83/frame 0xfffffe04529a8710

ip_input() at ip_input+0x38e/frame 0xfffffe04529a8760

netisr_dispatch_src() at netisr_dispatch_src+0x60/frame 0xfffffe04529a87d0

ether_demux() at ether_demux+0x12a/frame 0xfffffe04529a8800

ether_nh_input() at ether_nh_input+0x35f/frame 0xfffffe04529a8860

netisr_dispatch_src() at netisr_dispatch_src+0x60/frame 0xfffffe04529a88d0

re_rxeof() at re_rxeof+0x4f4/frame 0xfffffe04529a8930

re_int_task() at re_int_task+0x9f/frame 0xfffffe04529a8970

taskqueue_run_locked() at taskqueue_run_locked+0xe6/frame 0xfffffe04529a89c0

taskqueue_run() at taskqueue_run+0x81/frame 0xfffffe04529a89e0

intr_event_execute_handlers() at
intr_event_execute_handlers+0xab/frame 0xfffffe04529a8a20

ithread_loop() at ithread_loop+0x96/frame 0xfffffe04529a8a70

fork_exit() at fork_exit+0x9a/frame 0xfffffe04529a8ab0

fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe04529a8ab0

--- trap 0, rip = 0, rsp = 0xfffffe04529a8b70, rbp = 0 ---
-- and here --

As a workaround I have temporarily disabled scrubbing and the system
has run smoothly for a few days.

Please CC me, I am not subscribed to these lists.

Regards
Vlad



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BFTnKPFMcSWcUhyXUKTcMS33-38SJK_wN6KHrvVYo5hLEfa3w>