Date: Sun, 11 Feb 2018 02:46:47 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-arm@FreeBSD.org Subject: [Bug 225816] ipfw crashing on Raspberry Pi 3 Message-ID: <bug-225816-7@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225816 Bug ID: 225816 Summary: ipfw crashing on Raspberry Pi 3 Product: Base System Version: CURRENT Hardware: arm64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: arm Assignee: freebsd-arm@FreeBSD.org Reporter: jlduran@gmail.com ipfw crashes upon start on FreeBSD 12.0-CURRENT r329009 on a Raspberry Pi 3: root@raspberrypi:~ # service ipfw onestart ipfw2 (+ipv6) initialized, divert loadable, nat loadable, default to accept, logging disabled Flushed all rules. 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 00400 deny ip from any to ::1 00500 deny ip from ::1 to any 00600 allow ipv6-icmp from :: to ff02::/16 00700 allow ipv6-icmp from fe80::/10 to fe80::/10 00800 allow ipv6-icmp from fe80::/10 to ff02::/16 00900 allow ipv6-icmp from any to any ip6 icmp6types 1 01000 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136 Firewall rules loaded. Firewall logging enabled. root@raspberrypi:~ # Fatal data abort: x0: 0 x1: 8 x2: ffff0000006d69ec x3: 2b3 x4: 0 x5: ffff000051368810 x6: 0 x7: 0 x8: ffff000000b540d0 x9: 1 x10: ffff000000b54108 x11: ffff000000b53da0 x12: ffff0000531ad900 x13: 0 x14: ffff000053a14100 x15: 1 x16: 2af8 x17: 283c x18: ffff0000513686d0 x19: ffff0000531cc238 x20: 0 x21: 0 x22: ffff0000531cc000 x23: 0 x24: 0 x25: 94 x26: ffff000000b4aa00 x27: ffff0000008e9000 x28: 0 x29: ffff000051368750 sp: ffff0000513686d0 lr: ffff00000036bcc8 elr: ffff000053194ee4 spsr: 5 far: ffff000053a14100 esr: 96000006 [ thread pid 12 tid 100013 ] Stopped at dyn_tick+0x7c: ldr x14, [x14] db> bt Tracing pid 12 tid 100013 td 0xfffffd00014c7a80 db_trace_self() at db_stack_trace+0xec pc =3D 0xffff00000062ea04 lr =3D 0xffff0000000bda34 sp =3D 0xffff000051368020 fp =3D 0xffff000051368050 db_stack_trace() at db_command+0x220 pc =3D 0xffff0000000bda34 lr =3D 0xffff0000000bd6bc sp =3D 0xffff000051368060 fp =3D 0xffff000051368140 db_command() at db_command_loop+0x60 pc =3D 0xffff0000000bd6bc lr =3D 0xffff0000000bd480 sp =3D 0xffff000051368150 fp =3D 0xffff000051368170 db_command_loop() at db_trap+0xf4 pc =3D 0xffff0000000bd480 lr =3D 0xffff0000000c0594 sp =3D 0xffff000051368180 fp =3D 0xffff0000513683a0 db_trap() at kdb_trap+0x1b8 pc =3D 0xffff0000000c0594 lr =3D 0xffff000000395a70 sp =3D 0xffff0000513683b0 fp =3D 0xffff000051368420 kdb_trap() at data_abort+0x1c0 pc =3D 0xffff000000395a70 lr =3D 0xffff0000006494fc sp =3D 0xffff000051368430 fp =3D 0xffff0000513684e0 data_abort() at do_el1h_sync+0x11c pc =3D 0xffff0000006494fc lr =3D 0xffff000000649238 sp =3D 0xffff0000513684f0 fp =3D 0xffff000051368520 do_el1h_sync() at handle_el1h_sync+0x74 pc =3D 0xffff000000649238 lr =3D 0xffff000000631074 sp =3D 0xffff000051368530 fp =3D 0xffff000051368640 handle_el1h_sync() at softclock_call_cc+0x174 pc =3D 0xffff000000631074 lr =3D 0xffff00000036bcc4 sp =3D 0xffff000051368650 fp =3D 0xffff000051368750 softclock_call_cc() at softclock_call_cc+0x174 pc =3D 0xffff00000036bcc4 lr =3D 0xffff00000036bcc4 sp =3D 0xffff000051368760 fp =3D 0xffff000051368810 softclock_call_cc() at softclock+0x84 pc =3D 0xffff00000036bcc4 lr =3D 0xffff00000036c024 sp =3D 0xffff000051368820 fp =3D 0xffff000051368840 softclock() at intr_event_execute_handlers+0xac pc =3D 0xffff00000036c024 lr =3D 0xffff00000031a664 sp =3D 0xffff000051368850 fp =3D 0xffff0000513688a0 intr_event_execute_handlers() at ithread_loop+0xb0 pc =3D 0xffff00000031a664 lr =3D 0xffff00000031ad0c sp =3D 0xffff0000513688b0 fp =3D 0xffff000051368910 ithread_loop() at fork_exit+0x7c pc =3D 0xffff00000031ad0c lr =3D 0xffff00000031795c sp =3D 0xffff000051368920 fp =3D 0xffff000051368950 fork_exit() at fork_trampoline+0x10 pc =3D 0xffff00000031795c lr =3D 0xffff000000648f8c sp =3D 0xffff000051368960 fp =3D 0x0000000000000000 db> continue local_intc0: local_intc0: local_intc0: Stray irq 2 detected Stray irq 2 detected Stray irq 2 detected Fatal data abort: x0: 0 x1: 8 x2: ffff0000006d69ec x3: 2b3 x4: 0 x5: ffff000051368810 x6: 0 x7: 0 x8: ffff000000b540d0 x9: 1 x10: ffff000000b54108 x11: ffff000000b53da0 x12: ffff0000531ad900 x13: 0 x14: ffff000053a14100 x15: 1 x16: 2af8 x17: 283c x18: ffff0000513686d0 x19: ffff0000531cc238 x20: 0 x21: 0 x22: ffff0000531cc000 x23: 0 x24: 0 x25: 94 x26: ffff000000b4aa00 x27: ffff0000008e9000 x28: 0 x29: ffff000051368750 sp: ffff0000513686d0 lr: ffff00000036bcc8 elr: ffff000053194ee4 spsr: 5 far: ffff000053a14100 esr: 96000006 timeout stopping cpus [ thread pid 12 tid 100013 ] Stopped at dyn_tick+0x7c: ldr x14, [x14] db> timeout stopping cpus panic: acquiring blockable sleep lock with spinlock or critical section held (sleep mutex) pmap @ /usr/src/sys/arm64/arm64/pmap.c:4791 cpuid =3D 1 time =3D 1518316508 KDB: stack backtrace: db_trace_self() at db_trace_self_wrapper+0x28 pc =3D 0xffff00000062ea04 lr =3D 0xffff0000000c042c sp =3D 0xffff0000403c8260 fp =3D 0xffff0000403c8470 db_trace_self_wrapper() at vpanic+0x184 pc =3D 0xffff0000000c042c lr =3D 0xffff00000035421c sp =3D 0xffff0000403c8480 fp =3D 0xffff0000403c8500 vpanic() at kassert_panic+0x158 pc =3D 0xffff00000035421c lr =3D 0xffff000000354094 sp =3D 0xffff0000403c8510 fp =3D 0xffff0000403c85d0 kassert_panic() at witness_checkorder+0x140 pc =3D 0xffff000000354094 lr =3D 0xffff0000003b3300 sp =3D 0xffff0000403c85e0 fp =3D 0xffff0000403c8650 witness_checkorder() at __mtx_lock_flags+0xb0 pc =3D 0xffff0000003b3300 lr =3D 0xffff000000334b80 sp =3D 0xffff0000403c8660 fp =3D 0xffff0000403c86a0 __mtx_lock_flags() at pmap_fault+0x58 pc =3D 0xffff000000334b80 lr =3D 0xffff000000647314 sp =3D 0xffff0000403c86b0 fp =3D 0xffff0000403c86d0 pmap_fault() at data_abort+0xb8 pc =3D 0xffff000000647314 lr =3D 0xffff0000006493f4 sp =3D 0xffff0000403c86e0 fp =3D 0xffff0000403c8790 data_abort() at do_el1h_sync+0x11c pc =3D 0xffff0000006493f4 lr =3D 0xffff000000649238 sp =3D 0xffff0000403c87a0 fp =3D 0xffff0000403c87d0 do_el1h_sync() at handle_el1h_sync+0x74 pc =3D 0xffff000000649238 lr =3D 0xffff000000631074 sp =3D 0xffff0000403c87e0 fp =3D 0xffff0000403c88f0 handle_el1h_sync() at vfp_save_state+0x4c pc =3D 0xffff000000631074 lr =3D 0xffff00000064a6bc sp =3D 0xffff0000403c8900 fp =3D 0xffff0000403c8990 vfp_save_state() at savectx+0x50 pc =3D 0xffff00000064a6bc lr =3D 0xffff000000649040 sp =3D 0xffff0000403c89a0 fp =3D 0xffff0000403c89b0 savectx() at bcm_lintc_intr+0xf4 pc =3D 0xffff000000649040 lr =3D 0xffff00000062b5a8 sp =3D 0xffff0000403c89c0 fp =3D 0xffff0000403c8a40 bcm_lintc_intr() at intr_irq_handler+0x68 pc =3D 0xffff00000062b5a8 lr =3D 0xffff000000672400 sp =3D 0xffff0000403c8a50 fp =3D 0xffff0000403c8a70 intr_irq_handler() at handle_el0_irq+0x6c pc =3D 0xffff000000672400 lr =3D 0xffff0000006312ec sp =3D 0xffff0000403c8a80 fp =3D 0xffff0000403c8b90 handle_el0_irq() at 0x40050ffc pc =3D 0xffff0000006312ec lr =3D 0x0000000040050ffc sp =3D 0xffff0000403c8ba0 fp =3D 0x0000ffffffffece0 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-225816-7>