From owner-freebsd-current@FreeBSD.ORG Fri Oct 17 20:24:29 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2068F16A4B3 for ; Fri, 17 Oct 2003 20:24:29 -0700 (PDT) Received: from h00609772adf0.ne.client2.attbi.com (h00609772adf0.ne.client2.attbi.com [66.31.45.197]) by mx1.FreeBSD.org (Postfix) with ESMTP id F07CC43FDF for ; Fri, 17 Oct 2003 20:24:27 -0700 (PDT) (envelope-from rodrigc@h00609772adf0.ne.client2.attbi.com) Received: from h00609772adf0.ne.client2.attbi.com (localhost.crodrigues.org [127.0.0.1])h9I3Pnji000714 for ; Fri, 17 Oct 2003 23:25:49 -0400 (EDT) (envelope-from rodrigc@h00609772adf0.ne.client2.attbi.com) Received: (from rodrigc@localhost)h9I3PhHe000713 for freebsd-current@freebsd.org; Fri, 17 Oct 2003 23:25:43 -0400 (EDT) (envelope-from rodrigc) Date: Fri, 17 Oct 2003 23:25:43 -0400 From: Craig Rodrigues To: freebsd-current@freebsd.org Message-ID: <20031018032543.GA702@crodrigues.org> References: <20031018022048.GA873@crodrigues.org> Mime-Version: 1.0 Content-Type: text/plain; charset=unknown-8bit Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20031018022048.GA873@crodrigues.org> User-Agent: Mutt/1.4i Subject: Re: ip_divert.c lock order reversal X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Oct 2003 03:24:29 -0000 Hi, I am seeing an occasional kernel panic. I think it is related to natd and ip_divert Fatal trap 3: breakpoint instruction fault while in kernel mode instruction pointer = 0x8:0xc07e6c24 stack pointer = 0x10:0xce7026c4 frame pointer = 0x10:0xce7026d0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = IOPL = 0 current process = 273 (natd) Reading symbols from /usr/obj/usr/src/sys/MYKERNEL1/modules/usr/src/sys/modules/acpi/acpi.ko.debug...done. Loaded symbols for /usr/obj/usr/src/sys/MYKERNEL1/modules/usr/src/sys/modules/acpi/acpi.ko.debug #0 doadump () at /usr/src/sys/kern/kern_shutdown.c:240 240 dumping++; (kgdb) where #0 doadump () at /usr/src/sys/kern/kern_shutdown.c:240 #1 0xc065c29c in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:372 #2 0xc065c627 in panic () at /usr/src/sys/kern/kern_shutdown.c:550 #3 0xc0467692 in db_panic () at /usr/src/sys/ddb/db_command.c:450 #4 0xc04675f2 in db_command (last_cmdp=0xc08f7d80, cmd_table=0x0, aux_cmd_tablep=0xc0882788, aux_cmd_tablep_end=0xc08827a0) at /usr/src/sys/ddb/db_command.c:346 #5 0xc0467735 in db_command_loop () at /usr/src/sys/ddb/db_command.c:472 #6 0xc046a735 in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_trap.c:73 #7 0xc07e696c in kdb_trap (type=12, code=0, regs=0xce702904) at /usr/src/sys/i386/i386/db_interface.c:171 #8 0xc07f7d96 in trap_fatal (frame=0xce702904, eva=0) at /usr/src/sys/i386/i386/trap.c:815 #9 0xc07f7a62 in trap_pfault (frame=0xce702904, usermode=0, eva=3735929054) at /usr/src/sys/i386/i386/trap.c:734 #10 0xc07f761d in trap (frame= {tf_fs = 24, tf_es = 16, tf_ds = -831520752, tf_edi = -1064957451, tf_esi = -559038242, tf_ebp = -831510204, tf_isp = -831510224, tf_ebx = -831509976, tf_edx = -559038242, tf_ecx = 0, tf_eax = -559038242, tf_trapno = 12, tf_err = 0, tf_eip = -1066647656, tf_cs = 8, tf_eflags = 66118, tf_esp = -831510004, tf_ss = -1066938255}) at /usr/src/sys/i386/i386/trap.c:419 #11 0xc07e8358 in calltrap () at {standard input}:102 #12 0xc067d071 in kvprintf (fmt=0xc08609f5 " @ %s:%d", func=0xc067ca10 , arg=0xce702a28, radix=10, ap=0xce702a74 "\004É\206À\n\001") at /usr/src/sys/kern/subr_prf.c:669 #13 0xc067c98e in vsnprintf (str=0xc09214e0 "mtx_lock() of spin mutex ", size=0, format=0x0, ap=0x0) at /usr/src/sys/kern/subr_prf.c:414 #14 0xc065c541 in panic (fmt=0xc08609da "mtx_lock() of spin mutex %s @ %s:%d") at /usr/src/sys/kern/kern_shutdown.c:511 #15 0xc0652646 in _mtx_lock_flags (m=0xc2f37d90, opts=0, file=0xc086c904 "/usr/src/sys/netinet/ip_output.c", line=266) at /usr/src/sys/kern/kern_mutex.c:332 #16 0xc06f50c7 in ip_output (m0=0xc2f37d90, opt=0x10a, ro=0xc086c904, flags=34, imo=0x0, inp=0x0) at /usr/src/sys/netinet/ip_output.c:266 #17 0xc06e9021 in div_output (so=0xc2ee2000, m=0xc16e2f00, sin=0xc2ecb240, control=0x0) at /usr/src/sys/netinet/ip_divert.c:320 #18 0xc06e94fd in div_send (so=0x0, flags=0, m=0x0, nam=0x0, control=0x0, td=0xc2d40720) at /usr/src/sys/netinet/ip_divert.c:476 #19 0xc0699ecd in sosend (so=0xc2ee2000, addr=0xc2ecb240, uio=0xce702c48, top=0xc16e2f00, control=0x0, flags=0, td=0xc2d40720) at /usr/src/sys/kern/uipc_socket.c:714 #20 0xc069e48c in kern_sendit (td=0xc2d40720, s=3, mp=0xce702cc0, flags=0, control=0x0) at /usr/src/sys/kern/uipc_syscalls.c:723 #21 0xc069e2de in sendit (td=0x0, s=0, mp=0xce702cc0, flags=0) at /usr/src/sys/kern/uipc_syscalls.c:663 #22 0xc069e61b in sendto (td=0x0, uap=0x0) at /usr/src/sys/kern/uipc_syscalls.c:784 #23 0xc07f8100 in syscall (frame= {tf_fs = 47, tf_es = 47, tf_ds = -1078001617, tf_edi = -1078002688, tf_esi = 2, tf_ebp = -1077937128, tf_isp = -831509132, tf_ebx = 482, tf_edx = 26852, tf_ecx = 1148159575, tf_eax = 133, tf_trapno = 0, tf_err = 2, tf_eip = 134558627, tf_cs = 31, tf_eflags = 582, tf_esp = -1078002836, tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:1009 #24 0xc07e83ad in Xint0x80_syscall () at {standard input}:144 ---Can't read userspace from dump, or kernel process--- (kgdb) quit -- Craig Rodrigues http://crodrigues.org rodrigc@crodrigues.org