Date: Wed, 30 May 2018 00:15:12 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 228599] iflib / arp : Memory modified after free 0xfffff8009a1a9c00(504) val=8ff4fc00 @ 0xfffff8009a1a9c90 [ Message-ID: <bug-228599-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228599 Bug ID: 228599 Summary: iflib / arp : Memory modified after free 0xfffff8009a1a9c00(504) val=8ff4fc00 @ 0xfffff8009a1a9c90 [ Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Keywords: crash, panic Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: eadler@FreeBSD.org Unread portion of the kernel message buffer: [60500] Memory modified after free 0xfffff8009a1a9c00(504) val=8ff4fc00 @ 0xfffff8009a1a9c90 [60500] panic: Most recently used by ifaddr [60500] [60500] cpuid = 25 [60500] time = 1527628213 [60500] KDB: stack backtrace: [60500] db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe0174463360 [60500] vpanic() at vpanic+0x1a3/frame 0xfffffe01744633c0 [60500] panic() at panic+0x43/frame 0xfffffe0174463420 [60500] mtrash_dtor() at mtrash_dtor/frame 0xfffffe0174463440 [60500] uma_zalloc_arg() at uma_zalloc_arg+0x523/frame 0xfffffe01744634b0 [60500] malloc() at malloc+0x110/frame 0xfffffe0174463500 [60500] in_lltable_alloc() at in_lltable_alloc+0x1fb/frame 0xfffffe01744635f0 [60500] arp_add_ifa_lle() at arp_add_ifa_lle+0x2e/frame 0xfffffe0174463640 [60500] arp_ifinit() at arp_ifinit+0xf3/frame 0xfffffe0174463680 [60500] iflib_if_ioctl() at iflib_if_ioctl+0x2bd/frame 0xfffffe01744636f0 [60500] in_control() at in_control+0x904/frame 0xfffffe0174463780 [60500] ifioctl() at ifioctl+0x17a3/frame 0xfffffe0174463850 [60500] kern_ioctl() at kern_ioctl+0x2ca/frame 0xfffffe01744638b0 [60500] sys_ioctl() at sys_ioctl+0x158/frame 0xfffffe0174463980 [60500] amd64_syscall() at amd64_syscall+0x28c/frame 0xfffffe0174463ab0 [60500] fast_syscall_common() at fast_syscall_common+0x101/frame 0xfffffe0174463ab0 [60500] --- syscall (54, FreeBSD ELF64, sys_ioctl), rip = 0x8004597ca, rsp = 0x7fffffffd268, rbp = 0x7fffffffd2b0 --- [60500] KDB: enter: panic #0 __curthread () at ./machine/pcpu.h:231 td = <optimized out> #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:366 error = <error reading variable error (Cannot access memory at address 0x0)> coredump = <optimized out> #2 0xffffffff804350bb in db_dump (dummy=<optimized out>, dummy2=<unavailable>, dummy3=<unavailable>, dummy4=<unavailable>) at /usr/src/sys/ddb/db_command.c:574 error = <optimized out> #3 0xffffffff80434e7d in db_command (last_cmdp=<optimized out>, cmd_table=<optimized out>, dopager=<optimized out>) at /usr/src/sys/ddb/db_command.c:481 modif = "" have_addr = false t = <optimized out> result = <optimized out> cmd = 0xffffffff81a5ce20 <db_cmds+480> addr = <unavailable> count = <unavailable> #4 0xffffffff80434c14 in db_command_loop () at /usr/src/sys/ddb/db_command.c:534 No locals. #5 0xffffffff80437dff in db_trap (type=<optimized out>, code=<optimized out>) at /usr/src/sys/ddb/db_main.c:252 jb = {{ _jb = {-2193054773040, -2193054773048, -2193054772912, -2115128448, -2119837784, 0, 12, -2143060599, -2193054772944, -2140630981, -2116086448, 0} }} bkpt = false watchpt = false prev_jb = 0x0 why = <optimized out> #6 0xffffffff80ba3923 in kdb_trap (type=12, code=0, tf=<optimized out>) at /usr/src/sys/kern/subr_kdb.c:697 be = 0xffffffff81a5d7a8 <ddb_dbbe> intr = 582 did_stop_cpus = <error reading variable did_stop_cpus (Cannot access memory at address 0x1)> handled = <optimized out> other_cpus = <optimized out> #7 0xffffffff8101fbef in trap_fatal (frame=0xfffffe0163bfd380, eva=<optimized out>) at /usr/src/sys/amd64/amd64/trap.c:883 code = <optimized out> softseg = { ssd_base = 0, ssd_limit = 1048575, ssd_type = 27, ssd_dpl = 0, ssd_p = 1, ssd_long = 1, ssd_def32 = 0, ssd_gran = 1 } msg = <optimized out> ss = 40 type = <optimized out> handled = <optimized out> #8 0xffffffff8101fd12 in trap_pfault (frame=0xfffffe0163bfd380, usermode=<optimized out>) at /usr/src/sys/amd64/amd64/trap.c:728 td = 0xfffff80e2432e000 eva = 0 p = <optimized out> va = <optimized out> map = <optimized out> ftype = <optimized out> rv = <optimized out> #9 0xffffffff8101f391 in trap (frame=0xfffffe0163bfd380) at /usr/src/sys/amd64/amd64/trap.c:427 td = 0xfffff80e2432e000 dr6 = <error reading variable dr6 (Cannot access memory at address 0x0)> addr = -2193054772352 ucode = <error reading variable ucode (Cannot access memory at address 0x3)> signo = <error reading variable signo (Cannot access memory at address 0xa)> p = <optimized out> type = 12 ksi = <optimized out> #10 <signal handler called> No locals. #11 strncmp (s1=0x0, s2=0xffffffff812626a6 "set_", n=4) at /usr/src/sys/libkern/strncmp.c:44 No locals. #12 0xffffffff81156b94 in link_elf_lookup_set (lf=0xfffff802db0ae400, name=0xffffffff83ba9bc2 "sdt_providers_set", startp=0xfffffe0163bfd4a0, stopp=0xfffffe0163bfd4a8, countp=0x0) at /usr/src/sys/kern/link_elf_obj.c:1272 ef = 0xfffff802db0ae400 i = 12 start = <optimized out> stop = <optimized out> count = <optimized out> #13 0xffffffff83ba9509 in sdt_kld_unload_try (arg=<optimized out>, lf=0xfffff802db0ae200, error=0xfffffe0163bfd504) at /usr/src/sys/cddl/dev/sdt/sdt.c:321 curr = <optimized out> begin = <optimized out> prov = <optimized out> tmp = <optimized out> end = <optimized out> #14 0xffffffff80b2c68b in linker_file_unload (file=0xfffff802db0ae400, flags=1) at /usr/src/sys/kern/kern_linker.c:656 _ep = <optimized out> _t = 0xfffff800983b6840 _el = <optimized out> error = 0 mod = <optimized out> next = <optimized out> ml = <optimized out> nextml = <optimized out> i = <optimized out> cp = <optimized out> #15 0xffffffff81155233 in link_elf_load_file (cls=<optimized out>, filename=<optimized out>, result=0xfffffe0163bfd788) at /usr/src/sys/kern/link_elf_obj.c:1002 mapsize = <error reading variable mapsize (Cannot access memory at address 0x0)> error = 28 td = 0xfffff80e2432e000 nd = 0xfffff800a29ae200 flags = 1 hdr = 0xfffff80786571d00 resid = 0 lf = <optimized out> ef = <optimized out> nbytes = <optimized out> shdr = <optimized out> nsym = <optimized out> symtabindex = <optimized out> symstrindex = <optimized out> i = <optimized out> shstrindex = <optimized out> alignmask = <optimized out> mapbase = <optimized out> ra = <optimized out> rl = <optimized out> pb = <optimized out> j = <optimized out> es = <optimized out> #16 0xffffffff80b2bf87 in LINKER_LOAD_FILE (cls=0xffffffff81b827e0 <link_elf_class>, result=0x0, filename=<optimized out>) at ./linker_if.h:180 _m = <optimized out> rc = <optimized out> _desc = <optimized out> _ce = <optimized out> _cep = <optimized out> #17 linker_load_file (filename=<optimized out>, result=<optimized out>) at /usr/src/sys/kern/kern_linker.c:447 lf = <optimized out> foundfile = <error reading variable foundfile (Cannot access memory at address 0x0)> error = <error reading variable error (Cannot access memory at address 0x0)> lc = <optimized out> modules = <optimized out> _el = <optimized out> _ep = <optimized out> _t = <optimized out> #18 linker_load_module (kldname=<optimized out>, modname=0xfffff800a29b0800 "ipl", parent=0x0, verinfo=<optimized out>, lfpp=0xfffffe0163bfd918) at /usr/src/sys/kern/kern_linker.c:2092 pathname = <optimized out> filename = <optimized out> error = <error reading variable error (Cannot access memory at address 0x0)> lfdep = <optimized out> #19 0xffffffff80b2d8b1 in kern_kldload (td=<optimized out>, file=<optimized out>, fileid=<optimized out>) at /usr/src/sys/kern/kern_linker.c:1071 error = 0 saved_vnet = 0x0 modname = 0xfffff800a29b0800 "ipl" kldname = 0x0 lf = 0x6 #20 0xffffffff80b2d9db in sys_kldload (td=0xfffff80e2432e000, uap=<optimized out>) at /usr/src/sys/kern/kern_linker.c:1097 pathname = 0xfffff800a29b0800 "ipl" error = 0 fileid = -1 #21 0xffffffff810205fc in syscallenter (td=0xfffff80e2432e000) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:135 p = 0xfffff802e5ba6a70 error = <optimized out> sa = 0xfffff80e2432e3b0 traced = <optimized out> #22 amd64_syscall (td=0xfffff80e2432e000, traced=0) at /usr/src/sys/amd64/amd64/trap.c:1006 ksi = <optimized out> error = <optimized out> #23 <signal handler called> No locals. #24 0x00000008002cc44a in ?? () No symbol table info available. Backtrace stopped: Cannot access memory at address 0x7fffffffd458 #11 strncmp (s1=0x0, s2=0xffffffff812626a6 "set_", n=4) at /usr/src/sys/libkern/strncmp.c:44 44 if (*s1 != *s2++) $1 = 115 's' $2 = 0xffffffff812626a6 "set_" #12 0xffffffff81156b94 in link_elf_lookup_set (lf=0xfffff802db0ae400, name=0xffffffff83ba9bc2 "sdt_providers_set", startp=0xfffffe0163bfd4a0, stopp=0xfffffe0163bfd4a8, countp=0x0) at /usr/src/sys/kern/link_elf_obj.c:1272 1272 if ((strncmp(ef->progtab[i].name, "set_", 4) == 0) && $3 = { addr = 0xffffffff8456b000 <sysctl_ipf_int>, size = 296178, flags = 0, sec = 1, name = 0xfffff800a279fc20 ".text" } Structure has no component named operator*. Structure has no component named operator*. $4 = { addr = 0xffffffff8456b000 <sysctl_ipf_int>, size = 296178, flags = 0, sec = 1, name = 0xfffff800a279fc20 ".text" } $5 = { addr = 0xffffffff845b34f2, size = 12137, flags = 0, sec = 3, name = 0xfffff800a279fc26 ".rodata.str1.1" } A syntax error in expression, near `]'. $6 = { addr = 0xffffffff845b6460 <sysctl___net_inet_ipf>, size = 100848, flags = 0, sec = 4, name = 0xfffff800a279fc3a ".data" } $7 = { addr = 0xffffffff845cee50 <__set_sysctl_set_sym_sysctl___net_inet_ipf>, size = 128, flags = 0, sec = 6, name = 0xfffff800a279fc45 "set_sysctl_set" } $8 = { addr = 0xffffffff845ceed0 <__set_sysinit_set_sym_vnet_init_vnet_ipf_init_sys_init>, size = 24, flags = 0, sec = 8, name = 0xfffff800a279fc59 "set_sysinit_set" } $9 = { addr = 0xffffffff845ceee8 <__set_sysuninit_set_sym_vnet_init_vnet_ipf_init_sys_uninit>, size = 16, flags = 0, sec = 10, name = 0xfffff800a279fc6e "set_sysuninit_set" } $10 = { addr = 0xffffffff845ceef8 <__set_modmetadata_set_sym__mod_metadata_md_ipfilter_on_kernel>, size = 24, flags = 0, sec = 12, name = 0xfffff800a279fc85 "set_modmetadata_set" } $11 = { addr = 0xffffffff845cef10 <ipf_devs>, size = 6584, flags = 0, sec = 14, name = 0xfffff800a279fc99 ".bss" } $12 = { addr = 0xffffffff845d08d0 <ipf_devfiles>, size = 5496, flags = 0, sec = 15, name = 0xfffff800a279fca3 ".rodata" } $13 = { addr = 0xffffffff845d1e48 <ipf_nat_ioctl.__set_sdt_probes_set_sym_sdt_sdt___user_error>, size = 5360, flags = 0, sec = 18, name = 0xfffff800a279fcb9 "set_sdt_probes_set" } $14 = { addr = 0xffffffff845d3338 <ipf_nat_ioctl.__set_sdt_argtypes_set_sym_sdta_sdt___user_error0>, size = 4736, flags = 0, sec = 20, name = 0xfffff800a279fcd1 "set_sdt_argtypes_set" } $15 = { addr = 0x0, size = 0, flags = 0, sec = 0, name = 0xfffff800a279fce6 "set_vnet" } $16 = { addr = 0x0, size = 0, flags = 0, sec = 0, name = 0x0 } $17 = { addr = 0x0, size = 0, flags = 0, sec = 0, name = 0x0 } quit #0 __curthread () at ./machine/pcpu.h:231 td = <optimized out> #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:366 error = <error reading variable error (Cannot access memory at address 0x0)> coredump = <optimized out> #2 0xffffffff804350bb in db_dump (dummy=<optimized out>, dummy2=<unavailable>, dummy3=<unavailable>, dummy4=<unavailable>) at /usr/src/sys/ddb/db_command.c:574 error = <optimized out> #3 0xffffffff80434e7d in db_command (last_cmdp=<optimized out>, cmd_table=<optimized out>, dopager=<optimized out>) at /usr/src/sys/ddb/db_command.c:481 modif = "" have_addr = false t = <optimized out> result = <optimized out> cmd = 0xffffffff81a5ce20 <db_cmds+480> addr = <unavailable> count = <unavailable> #4 0xffffffff80434c14 in db_command_loop () at /usr/src/sys/ddb/db_command.c:534 No locals. #5 0xffffffff80437dff in db_trap (type=<optimized out>, code=<optimized out>) at /usr/src/sys/ddb/db_main.c:252 jb = {{ _jb = {-2192777531264, -2192777531272, -2192777531136, -2115128448, -2119837784, 0, 3, -2143060599, -2192777531168, -2137136836, -2116086448, 0} }} bkpt = false watchpt = false prev_jb = 0x0 why = <optimized out> #6 0xffffffff80ba3923 in kdb_trap (type=3, code=0, tf=<optimized out>) at /usr/src/sys/kern/subr_kdb.c:697 be = 0xffffffff81a5d7a8 <ddb_dbbe> intr = 70 did_stop_cpus = <error reading variable did_stop_cpus (Cannot access memory at address 0x1)> handled = <optimized out> other_cpus = <optimized out> #7 0xffffffff8101f881 in trap (frame=0xfffffe0174463290) at /usr/src/sys/amd64/amd64/trap.c:605 td = 0xfffff8008d076000 dr6 = 0 addr = -2192777530736 ucode = -2093870928 signo = 25 p = 0xfffffe0174463400 type = 3 ksi = { ksi_link = { tqe_next = 0x20fffe0100000012, tqe_prev = 0xfffffe01744631d8 }, ksi_info = { si_signo = -2118462976, si_errno = -1, si_code = -2106818494, si_pid = -351901867, si_uid = 54, si_status = 0, si_addr = 0x0, si_value = { sival_int = -1009, sival_ptr = 0xfffffc0f, sigval_int = -1009, sigval_ptr = 0xfffffc0f }, _reason = { _fault = { _trapno = 4560842 }, _timer = { _timerid = 4560842, _overrun = 8 }, _mesgq = { _mqd = 4560842 }, _poll = { _band = 34364299210 }, __spare__ = { __spare1__ = 34364299210, __spare2__ = {-4096, 511, 1950757456, -511, -2143060083, -1, -2106818494} } } }, ksi_flags = -2127898362, ksi_sigq = 0x16c8a801 } #8 <signal handler called> No locals. #9 kdb_enter (why=0xffffffff812ad906 "panic", msg=<optimized out>) at /usr/src/sys/kern/subr_kdb.c:479 No locals. #10 0xffffffff80b5c7a0 in vpanic (fmt=<optimized out>, ap=0xfffffe0174463400) at /usr/src/sys/kern/kern_shutdown.c:852 buf = "Most recently used by ifaddr\n" td = 0xfffff8008d076000 bootopt = <error reading variable bootopt (Cannot access memory at address 0x4)> newpanic = <error reading variable newpanic (Cannot access memory at address 0x1)> other_cpus = <optimized out> #11 0xffffffff80b5c833 in panic (fmt=0xffffffff81df1598 <cnputs_mtx> "\276\061'\201\377\377\377\377") at /usr/src/sys/kern/kern_shutdown.c:790 ap = {{ gp_offset = 16, fp_offset = 48, overflow_arg_area = 0xfffffe0174463430, reg_save_area = 0xfffffe01744633d0 }} #12 0xffffffff80e84f10 in mtrash_ctor (mem=0xfffff8009a1a9c00, size=<optimized out>, arg=<optimized out>, flags=<optimized out>) at /usr/src/sys/vm/uma_dbg.c:162 p = <optimized out> cnt = <optimized out> ksp = <optimized out> #13 0xffffffff80e804b3 in uma_zalloc_arg (zone=0xfffffe000032d000, udata=0x0, flags=257) at /usr/src/sys/vm/uma_core.c:2268 cache = 0xfffffe000032de00 bucket = 0xfffff80005176500 domain = -2047 lockfail = <optimized out> zdom = <optimized out> item = 0xfffff8009a1a9c00 cpu = <optimized out> #14 0xffffffff80b35fd0 in uma_zalloc (zone=0xfffffe000032d000, flags=<optimized out>) at /usr/src/sys/vm/uma.h:361 No locals. #15 malloc (size=336, mtp=0xffffffff81b30780 <M_LLTABLE>, flags=257) at /usr/src/sys/kern/kern_malloc.c:575 va = 0x80 <error: Cannot access memory at address 0x80> zone = 0xfffffe000032d000 indx = <optimized out> #16 0xffffffff80cdb08b in in_lltable_new (flags=0, addr4=...) at /usr/src/sys/netinet/in.c:1098 lle = <optimized out> #17 in_lltable_alloc (llt=<optimized out>, flags=6, l3addr=0xfffff8008ff4fc98) at /usr/src/sys/netinet/in.c:1343 linkhdr = "" sin = 0xfffff8008ff4fc98 ifp = 0xfffff80005095800 lle = <optimized out> linkhdrsize = <optimized out> lladdr_off = <optimized out> #18 0xffffffff80cd133e in arp_add_ifa_lle (ifp=0xfffff80005095800, dst=<optimized out>) at /usr/src/sys/netinet/if_ether.c:1280 lle = <optimized out> lle_tmp = <optimized out> #19 0xffffffff80cd12d3 in arp_ifinit (ifp=0xfffff80005095800, ifa=0xfffff8008ff4fc00) at /usr/src/sys/netinet/if_ether.c:1428 dst_in = 0xfffff8008ff4fc98 dst = 0xfffff8008ff4fc98 #20 0xffffffff80c7a3ed in iflib_if_ioctl (ifp=0xfffff80005095800, command=<optimized out>, data=0xfffff8008ff4fc00 "\230\374\364\217") at /usr/src/sys/net/iflib.c:4022 ifr = 0xfffff8008ff4fc00 ifa = 0xfffff8008ff4fc00 ctx = 0xfffff80005093000 reinit = 0 err = <optimized out> avoid_reset = <error reading variable avoid_reset (Cannot access memory at address 0x1)> bits = <optimized out> #21 0xffffffff80cd9784 in in_aifaddr_ioctl (cmd=<optimized out>, ifp=<optimized out>, td=<optimized out>, data=<optimized out>) at /usr/src/sys/netinet/in.c:473 ifra = <optimized out> addr = <optimized out> error = <error reading variable error (Cannot access memory at address 0x0)> broadaddr = 0xfffff8008ff4fc80 dstaddr = <optimized out> mask = 0xfffff8008ff4fc90 vhid = 0 iaIsFirst = <error reading variable iaIsFirst (Cannot access memory at address 0x0)> ifa = <optimized out> ia = <optimized out> it = <optimized out> i = <optimized out> ii = <optimized out> allhosts_addr = <optimized out> flags = <optimized out> curelm = <optimized out> curelm = <optimized out> eia = <optimized out> _el = <optimized out> _ep = <optimized out> _t = <optimized out> #22 in_control (so=<optimized out>, cmd=<optimized out>, data=<optimized out>, ifp=<optimized out>, td=<optimized out>) at /usr/src/sys/netinet/in.c:256 ifr = <optimized out> addr = 0xfffff800050959a0 ifa = <optimized out> ia = <optimized out> error = <error reading variable error (Cannot access memory at address 0x0)> #23 0xffffffff80c5af33 in ifioctl (so=0xfffff8010c52ea08, cmd=<optimized out>, data=<optimized out>, td=0xfffff8008d076000) at /usr/src/sys/net/if.c:3089 saved_vnet = <optimized out> error = <optimized out> ifmr = { ifm_name = "\220\017", ifm_current = 1, ifm_mask = 0, ifm_status = -1493875568, ifm_active = -2044, ifm_count = 0, ifm_ulist = 0xfffff804a6f54490 } ifmrp = 0xf90 ifr = <optimized out> ifp = <optimized out> saved_data = <optimized out> oif_flags = 35079 shutdown = <optimized out> #24 0xffffffff80bc931a in fo_ioctl (fp=<optimized out>, com=<optimized out>, active_cred=0x80, td=<optimized out>, data=<optimized out>) at /usr/src/sys/sys/file.h:325 No locals. #25 kern_ioctl (td=0xfffff8008d076000, fd=<optimized out>, com=<optimized out>, data=0xfffffe0174463250 "") at /usr/src/sys/kern/sys_generic.c:800 fdp = 0xfffff804a6f54450 locked = <optimized out> fp = 0xfffff8008ffeeeb0 error = <optimized out> tmp = <optimized out> #26 0xffffffff80bc8fd8 in sys_ioctl (td=0xfffff8008d076000, uap=0xfffff8008d0763c0) at /usr/src/sys/kern/sys_generic.c:712 smalldata = "igb0" com = 2151967019 size = <optimized out> arg = <optimized out> data = 0xfffffe01744638d0 "igb0" error = <optimized out> #27 0xffffffff810205fc in syscallenter (td=0xfffff8008d076000) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:135 p = 0xfffff8008f6e5538 error = <optimized out> sa = 0xfffff8008d0763b0 traced = <optimized out> #28 amd64_syscall (td=0xfffff8008d076000, traced=0) at /usr/src/sys/amd64/amd64/trap.c:1006 ksi = <optimized out> error = <optimized out> #29 <signal handler called> No locals. #30 0x00000008004597ca in ?? () No symbol table info available. Backtrace stopped: Cannot access memory at address 0x7fffffffd268 Already logging to /home/eax/out. #0 __curthread () at ./machine/pcpu.h:231 td = <optimized out> #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:366 error = <error reading variable error (Cannot access memory at address 0x0)> coredump = <optimized out> #2 0xffffffff804350bb in db_dump (dummy=<optimized out>, dummy2=<unavailable>, dummy3=<unavailable>, dummy4=<unavailable>) at /usr/src/sys/ddb/db_command.c:574 error = <optimized out> #3 0xffffffff80434e7d in db_command (last_cmdp=<optimized out>, cmd_table=<optimized out>, dopager=<optimized out>) at /usr/src/sys/ddb/db_command.c:481 modif = "" have_addr = false t = <optimized out> result = <optimized out> cmd = 0xffffffff81a5ce20 <db_cmds+480> addr = <unavailable> count = <unavailable> #4 0xffffffff80434c14 in db_command_loop () at /usr/src/sys/ddb/db_command.c:534 No locals. #5 0xffffffff80437dff in db_trap (type=<optimized out>, code=<optimized out>) at /usr/src/sys/ddb/db_main.c:252 jb = {{ _jb = {-2192777531264, -2192777531272, -2192777531136, -2115128448, -2119837784, 0, 3, -2143060599, -2192777531168, -2137136836, -2116086448, 0} }} bkpt = false watchpt = false prev_jb = 0x0 why = <optimized out> #6 0xffffffff80ba3923 in kdb_trap (type=3, code=0, tf=<optimized out>) at /usr/src/sys/kern/subr_kdb.c:697 be = 0xffffffff81a5d7a8 <ddb_dbbe> intr = 70 did_stop_cpus = <error reading variable did_stop_cpus (Cannot access memory at address 0x1)> handled = <optimized out> other_cpus = <optimized out> #7 0xffffffff8101f881 in trap (frame=0xfffffe0174463290) at /usr/src/sys/amd64/amd64/trap.c:605 td = 0xfffff8008d076000 dr6 = 0 addr = -2192777530736 ucode = -2093870928 signo = 25 p = 0xfffffe0174463400 type = 3 ksi = { ksi_link = { tqe_next = 0x20fffe0100000012, tqe_prev = 0xfffffe01744631d8 }, ksi_info = { si_signo = -2118462976, si_errno = -1, si_code = -2106818494, si_pid = -351901867, si_uid = 54, si_status = 0, si_addr = 0x0, si_value = { sival_int = -1009, sival_ptr = 0xfffffc0f, sigval_int = -1009, sigval_ptr = 0xfffffc0f }, _reason = { _fault = { _trapno = 4560842 }, _timer = { _timerid = 4560842, _overrun = 8 }, _mesgq = { _mqd = 4560842 }, _poll = { _band = 34364299210 }, __spare__ = { __spare1__ = 34364299210, __spare2__ = {-4096, 511, 1950757456, -511, -2143060083, -1, -2106818494} } } }, ksi_flags = -2127898362, ksi_sigq = 0x16c8a801 } #8 <signal handler called> No locals. #9 kdb_enter (why=0xffffffff812ad906 "panic", msg=<optimized out>) at /usr/src/sys/kern/subr_kdb.c:479 No locals. #10 0xffffffff80b5c7a0 in vpanic (fmt=<optimized out>, ap=0xfffffe0174463400) at /usr/src/sys/kern/kern_shutdown.c:852 buf = "Most recently used by ifaddr\n" td = 0xfffff8008d076000 bootopt = <error reading variable bootopt (Cannot access memory at address 0x4)> newpanic = <error reading variable newpanic (Cannot access memory at address 0x1)> other_cpus = <optimized out> #11 0xffffffff80b5c833 in panic (fmt=0xffffffff81df1598 <cnputs_mtx> "\276\061'\201\377\377\377\377") at /usr/src/sys/kern/kern_shutdown.c:790 ap = {{ gp_offset = 16, fp_offset = 48, overflow_arg_area = 0xfffffe0174463430, reg_save_area = 0xfffffe01744633d0 }} #12 0xffffffff80e84f10 in mtrash_ctor (mem=0xfffff8009a1a9c00, size=<optimized out>, arg=<optimized out>, flags=<optimized out>) at /usr/src/sys/vm/uma_dbg.c:162 p = <optimized out> cnt = <optimized out> ksp = <optimized out> #13 0xffffffff80e804b3 in uma_zalloc_arg (zone=0xfffffe000032d000, udata=0x0, flags=257) at /usr/src/sys/vm/uma_core.c:2268 cache = 0xfffffe000032de00 bucket = 0xfffff80005176500 domain = -2047 lockfail = <optimized out> zdom = <optimized out> item = 0xfffff8009a1a9c00 cpu = <optimized out> #14 0xffffffff80b35fd0 in uma_zalloc (zone=0xfffffe000032d000, flags=<optimized out>) at /usr/src/sys/vm/uma.h:361 No locals. #15 malloc (size=336, mtp=0xffffffff81b30780 <M_LLTABLE>, flags=257) at /usr/src/sys/kern/kern_malloc.c:575 va = 0x80 <error: Cannot access memory at address 0x80> zone = 0xfffffe000032d000 indx = <optimized out> #16 0xffffffff80cdb08b in in_lltable_new (flags=0, addr4=...) at /usr/src/sys/netinet/in.c:1098 lle = <optimized out> #17 in_lltable_alloc (llt=<optimized out>, flags=6, l3addr=0xfffff8008ff4fc98) at /usr/src/sys/netinet/in.c:1343 linkhdr = "" sin = 0xfffff8008ff4fc98 ifp = 0xfffff80005095800 lle = <optimized out> linkhdrsize = <optimized out> lladdr_off = <optimized out> #18 0xffffffff80cd133e in arp_add_ifa_lle (ifp=0xfffff80005095800, dst=<optimized out>) at /usr/src/sys/netinet/if_ether.c:1280 lle = <optimized out> lle_tmp = <optimized out> #19 0xffffffff80cd12d3 in arp_ifinit (ifp=0xfffff80005095800, ifa=0xfffff8008ff4fc00) at /usr/src/sys/netinet/if_ether.c:1428 dst_in = 0xfffff8008ff4fc98 dst = 0xfffff8008ff4fc98 #20 0xffffffff80c7a3ed in iflib_if_ioctl (ifp=0xfffff80005095800, command=<optimized out>, data=0xfffff8008ff4fc00 "\230\374\364\217") at /usr/src/sys/net/iflib.c:4022 ifr = 0xfffff8008ff4fc00 ifa = 0xfffff8008ff4fc00 ctx = 0xfffff80005093000 reinit = 0 err = <optimized out> avoid_reset = <error reading variable avoid_reset (Cannot access memory at address 0x1)> bits = <optimized out> #21 0xffffffff80cd9784 in in_aifaddr_ioctl (cmd=<optimized out>, ifp=<optimized out>, td=<optimized out>, data=<optimized out>) at /usr/src/sys/netinet/in.c:473 ifra = <optimized out> addr = <optimized out> error = <error reading variable error (Cannot access memory at address 0x0)> broadaddr = 0xfffff8008ff4fc80 dstaddr = <optimized out> mask = 0xfffff8008ff4fc90 vhid = 0 iaIsFirst = <error reading variable iaIsFirst (Cannot access memory at address 0x0)> ifa = <optimized out> ia = <optimized out> it = <optimized out> i = <optimized out> ii = <optimized out> allhosts_addr = <optimized out> flags = <optimized out> curelm = <optimized out> curelm = <optimized out> eia = <optimized out> _el = <optimized out> _ep = <optimized out> _t = <optimized out> #22 in_control (so=<optimized out>, cmd=<optimized out>, data=<optimized out>, ifp=<optimized out>, td=<optimized out>) at /usr/src/sys/netinet/in.c:256 ifr = <optimized out> addr = 0xfffff800050959a0 ifa = <optimized out> ia = <optimized out> error = <error reading variable error (Cannot access memory at address 0x0)> #23 0xffffffff80c5af33 in ifioctl (so=0xfffff8010c52ea08, cmd=<optimized out>, data=<optimized out>, td=0xfffff8008d076000) at /usr/src/sys/net/if.c:3089 saved_vnet = <optimized out> error = <optimized out> ifmr = { ifm_name = "\220\017", ifm_current = 1, ifm_mask = 0, ifm_status = -1493875568, ifm_active = -2044, ifm_count = 0, ifm_ulist = 0xfffff804a6f54490 } ifmrp = 0xf90 ifr = <optimized out> ifp = <optimized out> saved_data = <optimized out> oif_flags = 35079 shutdown = <optimized out> #24 0xffffffff80bc931a in fo_ioctl (fp=<optimized out>, com=<optimized out>, active_cred=0x80, td=<optimized out>, data=<optimized out>) at /usr/src/sys/sys/file.h:325 No locals. #25 kern_ioctl (td=0xfffff8008d076000, fd=<optimized out>, com=<optimized out>, data=0xfffffe0174463250 "") at /usr/src/sys/kern/sys_generic.c:800 fdp = 0xfffff804a6f54450 locked = <optimized out> fp = 0xfffff8008ffeeeb0 error = <optimized out> tmp = <optimized out> #26 0xffffffff80bc8fd8 in sys_ioctl (td=0xfffff8008d076000, uap=0xfffff8008d0763c0) at /usr/src/sys/kern/sys_generic.c:712 smalldata = "igb0" com = 2151967019 size = <optimized out> arg = <optimized out> data = 0xfffffe01744638d0 "igb0" error = <optimized out> #27 0xffffffff810205fc in syscallenter (td=0xfffff8008d076000) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:135 p = 0xfffff8008f6e5538 error = <optimized out> sa = 0xfffff8008d0763b0 traced = <optimized out> #28 amd64_syscall (td=0xfffff8008d076000, traced=0) at /usr/src/sys/amd64/amd64/trap.c:1006 ksi = <optimized out> error = <optimized out> #29 <signal handler called> No locals. #30 0x00000008004597ca in ?? () No symbol table info available. Backtrace stopped: Cannot access memory at address 0x7fffffffd268 quit #0 __curthread () at ./machine/pcpu.h:231 td = <optimized out> #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:366 error = <error reading variable error (Cannot access memory at address 0x0)> coredump = <optimized out> #2 0xffffffff804350bb in db_dump (dummy=<optimized out>, dummy2=<unavailable>, dummy3=<unavailable>, dummy4=<unavailable>) at /usr/src/sys/ddb/db_command.c:574 error = <optimized out> #3 0xffffffff80434e7d in db_command (last_cmdp=<optimized out>, cmd_table=<optimized out>, dopager=<optimized out>) at /usr/src/sys/ddb/db_command.c:481 modif = "" have_addr = false t = <optimized out> result = <optimized out> cmd = 0xffffffff81a5ce20 <db_cmds+480> addr = <unavailable> count = <unavailable> #4 0xffffffff80434c14 in db_command_loop () at /usr/src/sys/ddb/db_command.c:534 No locals. #5 0xffffffff80437dff in db_trap (type=<optimized out>, code=<optimized out>) at /usr/src/sys/ddb/db_main.c:252 jb = {{ _jb = {-2192777531264, -2192777531272, -2192777531136, -2115128448, -2119837784, 0, 3, -2143060599, -2192777531168, -2137136836, -2116086448, 0} }} bkpt = false watchpt = false prev_jb = 0x0 why = <optimized out> #6 0xffffffff80ba3923 in kdb_trap (type=3, code=0, tf=<optimized out>) at /usr/src/sys/kern/subr_kdb.c:697 be = 0xffffffff81a5d7a8 <ddb_dbbe> intr = 70 did_stop_cpus = <error reading variable did_stop_cpus (Cannot access memory at address 0x1)> handled = <optimized out> other_cpus = <optimized out> #7 0xffffffff8101f881 in trap (frame=0xfffffe0174463290) at /usr/src/sys/amd64/amd64/trap.c:605 td = 0xfffff8008d076000 dr6 = 0 addr = -2192777530736 ucode = -2093870928 signo = 25 p = 0xfffffe0174463400 type = 3 ksi = { ksi_link = { tqe_next = 0x20fffe0100000012, tqe_prev = 0xfffffe01744631d8 }, ksi_info = { si_signo = -2118462976, si_errno = -1, si_code = -2106818494, si_pid = -351901867, si_uid = 54, si_status = 0, si_addr = 0x0, si_value = { sival_int = -1009, sival_ptr = 0xfffffc0f, sigval_int = -1009, sigval_ptr = 0xfffffc0f }, _reason = { _fault = { _trapno = 4560842 }, _timer = { _timerid = 4560842, _overrun = 8 }, _mesgq = { _mqd = 4560842 }, _poll = { _band = 34364299210 }, __spare__ = { __spare1__ = 34364299210, __spare2__ = {-4096, 511, 1950757456, -511, -2143060083, -1, -2106818494} } } }, ksi_flags = -2127898362, ksi_sigq = 0x16c8a801 } #8 <signal handler called> No locals. #9 kdb_enter (why=0xffffffff812ad906 "panic", msg=<optimized out>) at /usr/src/sys/kern/subr_kdb.c:479 No locals. #10 0xffffffff80b5c7a0 in vpanic (fmt=<optimized out>, ap=0xfffffe0174463400) at /usr/src/sys/kern/kern_shutdown.c:852 buf = "Most recently used by ifaddr\n" td = 0xfffff8008d076000 bootopt = <error reading variable bootopt (Cannot access memory at address 0x4)> newpanic = <error reading variable newpanic (Cannot access memory at address 0x1)> other_cpus = <optimized out> #11 0xffffffff80b5c833 in panic (fmt=0xffffffff81df1598 <cnputs_mtx> "\276\061'\201\377\377\377\377") at /usr/src/sys/kern/kern_shutdown.c:790 ap = {{ gp_offset = 16, fp_offset = 48, overflow_arg_area = 0xfffffe0174463430, reg_save_area = 0xfffffe01744633d0 }} #12 0xffffffff80e84f10 in mtrash_ctor (mem=0xfffff8009a1a9c00, size=<optimized out>, arg=<optimized out>, flags=<optimized out>) at /usr/src/sys/vm/uma_dbg.c:162 p = <optimized out> cnt = <optimized out> ksp = <optimized out> #13 0xffffffff80e804b3 in uma_zalloc_arg (zone=0xfffffe000032d000, udata=0x0, flags=257) at /usr/src/sys/vm/uma_core.c:2268 cache = 0xfffffe000032de00 bucket = 0xfffff80005176500 domain = -2047 lockfail = <optimized out> zdom = <optimized out> item = 0xfffff8009a1a9c00 cpu = <optimized out> #14 0xffffffff80b35fd0 in uma_zalloc (zone=0xfffffe000032d000, flags=<optimized out>) at /usr/src/sys/vm/uma.h:361 No locals. #15 malloc (size=336, mtp=0xffffffff81b30780 <M_LLTABLE>, flags=257) at /usr/src/sys/kern/kern_malloc.c:575 va = 0x80 <error: Cannot access memory at address 0x80> zone = 0xfffffe000032d000 indx = <optimized out> #16 0xffffffff80cdb08b in in_lltable_new (flags=0, addr4=...) at /usr/src/sys/netinet/in.c:1098 lle = <optimized out> #17 in_lltable_alloc (llt=<optimized out>, flags=6, l3addr=0xfffff8008ff4fc98) at /usr/src/sys/netinet/in.c:1343 linkhdr = "" sin = 0xfffff8008ff4fc98 ifp = 0xfffff80005095800 lle = <optimized out> linkhdrsize = <optimized out> lladdr_off = <optimized out> #18 0xffffffff80cd133e in arp_add_ifa_lle (ifp=0xfffff80005095800, dst=<optimized out>) at /usr/src/sys/netinet/if_ether.c:1280 lle = <optimized out> lle_tmp = <optimized out> #19 0xffffffff80cd12d3 in arp_ifinit (ifp=0xfffff80005095800, ifa=0xfffff8008ff4fc00) at /usr/src/sys/netinet/if_ether.c:1428 dst_in = 0xfffff8008ff4fc98 dst = 0xfffff8008ff4fc98 #20 0xffffffff80c7a3ed in iflib_if_ioctl (ifp=0xfffff80005095800, command=<optimized out>, data=0xfffff8008ff4fc00 "\230\374\364\217") at /usr/src/sys/net/iflib.c:4022 ifr = 0xfffff8008ff4fc00 ifa = 0xfffff8008ff4fc00 ctx = 0xfffff80005093000 reinit = 0 err = <optimized out> avoid_reset = <error reading variable avoid_reset (Cannot access memory at address 0x1)> bits = <optimized out> #21 0xffffffff80cd9784 in in_aifaddr_ioctl (cmd=<optimized out>, ifp=<optimized out>, td=<optimized out>, data=<optimized out>) at /usr/src/sys/netinet/in.c:473 ifra = <optimized out> addr = <optimized out> error = <error reading variable error (Cannot access memory at address 0x0)> broadaddr = 0xfffff8008ff4fc80 dstaddr = <optimized out> mask = 0xfffff8008ff4fc90 vhid = 0 iaIsFirst = <error reading variable iaIsFirst (Cannot access memory at address 0x0)> ifa = <optimized out> ia = <optimized out> it = <optimized out> i = <optimized out> ii = <optimized out> allhosts_addr = <optimized out> flags = <optimized out> curelm = <optimized out> curelm = <optimized out> eia = <optimized out> _el = <optimized out> _ep = <optimized out> _t = <optimized out> #22 in_control (so=<optimized out>, cmd=<optimized out>, data=<optimized out>, ifp=<optimized out>, td=<optimized out>) at /usr/src/sys/netinet/in.c:256 ifr = <optimized out> addr = 0xfffff800050959a0 ifa = <optimized out> ia = <optimized out> error = <error reading variable error (Cannot access memory at address 0x0)> #23 0xffffffff80c5af33 in ifioctl (so=0xfffff8010c52ea08, cmd=<optimized out>, data=<optimized out>, td=0xfffff8008d076000) at /usr/src/sys/net/if.c:3089 saved_vnet = <optimized out> error = <optimized out> ifmr = { ifm_name = "\220\017", ifm_current = 1, ifm_mask = 0, ifm_status = -1493875568, ifm_active = -2044, ifm_count = 0, ifm_ulist = 0xfffff804a6f54490 } ifmrp = 0xf90 ifr = <optimized out> ifp = <optimized out> saved_data = <optimized out> oif_flags = 35079 shutdown = <optimized out> #24 0xffffffff80bc931a in fo_ioctl (fp=<optimized out>, com=<optimized out>, active_cred=0x80, td=<optimized out>, data=<optimized out>) at /usr/src/sys/sys/file.h:325 No locals. #25 kern_ioctl (td=0xfffff8008d076000, fd=<optimized out>, com=<optimized out>, data=0xfffffe0174463250 "") at /usr/src/sys/kern/sys_generic.c:800 fdp = 0xfffff804a6f54450 locked = <optimized out> fp = 0xfffff8008ffeeeb0 error = <optimized out> tmp = <optimized out> #26 0xffffffff80bc8fd8 in sys_ioctl (td=0xfffff8008d076000, uap=0xfffff8008d0763c0) at /usr/src/sys/kern/sys_generic.c:712 smalldata = "igb0" com = 2151967019 size = <optimized out> arg = <optimized out> data = 0xfffffe01744638d0 "igb0" error = <optimized out> #27 0xffffffff810205fc in syscallenter (td=0xfffff8008d076000) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:135 p = 0xfffff8008f6e5538 error = <optimized out> sa = 0xfffff8008d0763b0 traced = <optimized out> #28 amd64_syscall (td=0xfffff8008d076000, traced=0) at /usr/src/sys/amd64/amd64/trap.c:1006 ksi = <optimized out> error = <optimized out> #29 <signal handler called> No locals. #30 0x00000008004597ca in ?? () No symbol table info available. Backtrace stopped: Cannot access memory at address 0x7fffffffd268 -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-228599-227>