From owner-freebsd-current@freebsd.org Thu Sep 29 18:52:22 2016 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F1012C022E4 for ; Thu, 29 Sep 2016 18:52:22 +0000 (UTC) (envelope-from sb@sysinfo.pl) Received: from cloudserver114020.home.net.pl (cloudserver114020.home.net.pl [188.128.140.228]) by mx1.freebsd.org (Postfix) with SMTP id 8CBC598E for ; Thu, 29 Sep 2016 18:52:21 +0000 (UTC) (envelope-from sb@sysinfo.pl) Received: from ox2-ap8.home.net.pl (79.96.240.158) (HELO ox2-ap8) by sysinfo.home.pl (188.128.140.228) with SMTP (IdeaSmtpServer v0.80.3) id dd657bbc9c771b7d; Thu, 29 Sep 2016 20:45:38 +0200 Date: Thu, 29 Sep 2016 20:45:38 +0200 (CEST) From: "sb@sysinfo.pl sb@sysinfo.pl" To: freebsd-current@freebsd.org Message-ID: <67989994.100217.271fd9fd-5524-4ade-bbec-9be7f230fc30.open-xchange@poczta.home.pl> Subject: kernel panic with ipnat/dummynet MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.8.0-Rev36 X-Originating-Client: open-xchange-appsuite X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Sep 2016 18:52:23 -0000 Hi, I have problems with panics since 2 years. Diffrent machines, diffrent versions of FreeBSD (9+). Nothing has changed even in 12-CURRENT. FreeBSD is used as router/nat(ipnat)/ipfw/dummynet for over 400 desktops. I have 2 panics in 3h. Previous with only screen photo: https://postimg.org/image/g6eq69jkf/ And last: GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: <110>ipfw: 3700 Deny TCP 200.100.229.149:12750 155.133.23.8:23 out via em1 <110>ipfw: 3700 Deny TCP 216.243.31.2:40159 155.133.22.217:443 out via em1 <110>ipfw: 3700 Deny TCP 192.168.0.101:48000 31.13.81.13:443 in via em1 Kernel page fault with the following non-sleepable locks held: shared rw ipf IP NAT rwlock (ipf IP NAT rwlock) r = 0 (0xffffffff818d6170) locked @ /usr/src/sys/contrib/ipfilter/netinet/ip_nat.c:4925 shared rw ipf filter rwlock (ipf filter rwlock) r = 0 (0xffffffff818d6058) locked @ /usr/src/sys/contrib/ipfilter/netinet/fil.c:3024 shared rm PFil shared rmlock (PFil shared rmlock) r = 0 (0xffffffff81eab3f0) locked @ /usr/src/sys/net/pfil.c:78 stack backtrace: #0 0xffffffff80af7b90 at witness_debugger+0x70 #1 0xffffffff80af8e77 at witness_warn+0x3d7 #2 0xffffffff80f34507 at trap_pfault+0x57 #3 0xffffffff80f33bbb at trap+0x28b #4 0xffffffff80f14461 at calltrap+0x8 #5 0xffffffff803a7e87 at ipf_proxy_check+0x127 #6 0xffffffff8039b36b at ipf_nat_out+0x6db #7 0xffffffff8039a72f at ipf_nat_checkout+0x1ff #8 0xffffffff80381496 at ipf_check+0x726 #9 0xffffffff80ba08cb at pfil_run_hooks+0x8b #10 0xffffffff80c0326b at ip_tryforward+0x26b #11 0xffffffff80c058b7 at ip_input+0x377 #12 0xffffffff80b9f7b0 at netisr_dispatch_src+0x80 #13 0xffffffff80cecc07 at dummynet_send+0x167 #14 0xffffffff80cec530 at dummynet_task+0x310 #15 0xffffffff80aeb5bc at taskqueue_run_locked+0x13c #16 0xffffffff80aec138 at taskqueue_thread_loop+0x88 #17 0xffffffff80a5bd74 at fork_exit+0x84 Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0xe fault code = supervisor read data, page not present instruction pointer = 0x20:0xffffffff803a09cd stack pointer = 0x28:0xfffffe023ab3e4e0 frame pointer = 0x28:0xfffffe023ab3e5c0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 0 (dummynet) trap number = 12 panic: page fault cpuid = 0 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe023ab3e060 vpanic() at vpanic+0x182/frame 0xfffffe023ab3e0e0 panic() at panic+0x43/frame 0xfffffe023ab3e140 trap_fatal() at trap_fatal+0x331/frame 0xfffffe023ab3e1a0 trap_pfault() at trap_pfault+0x1fd/frame 0xfffffe023ab3e200 trap() at trap+0x28b/frame 0xfffffe023ab3e410 calltrap() at calltrap+0x8/frame 0xfffffe023ab3e410 --- trap 0xc, rip = 0xffffffff803a09cd, rsp = 0xfffffe023ab3e4e0, rbp = 0xfffffe023ab3e5c0 --- ipf_p_ftp_process() at ipf_p_ftp_process+0x16d/frame 0xfffffe023ab3e5c0 ipf_proxy_check() at ipf_proxy_check+0x127/frame 0xfffffe023ab3e630 ipf_nat_out() at ipf_nat_out+0x6db/frame 0xfffffe023ab3e690 ipf_nat_checkout() at ipf_nat_checkout+0x1ff/frame 0xfffffe023ab3e740 ipf_check() at ipf_check+0x726/frame 0xfffffe023ab3e8b0 pfil_run_hooks() at pfil_run_hooks+0x8b/frame 0xfffffe023ab3e940 ip_tryforward() at ip_tryforward+0x26b/frame 0xfffffe023ab3e9c0 ip_input() at ip_input+0x377/frame 0xfffffe023ab3ea20 netisr_dispatch_src() at netisr_dispatch_src+0x80/frame 0xfffffe023ab3ea80 dummynet_send() at dummynet_send+0x167/frame 0xfffffe023ab3eac0 dummynet_task() at dummynet_task+0x310/frame 0xfffffe023ab3eb20 taskqueue_run_locked() at taskqueue_run_locked+0x13c/frame 0xfffffe023ab3eb80 taskqueue_thread_loop() at taskqueue_thread_loop+0x88/frame 0xfffffe023ab3ebb0 fork_exit() at fork_exit+0x84/frame 0xfffffe023ab3ebf0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe023ab3ebf0 --- trap 0, rip = 0, rsp = 0, rbp = 0 --- Uptime: 3h12m45s Dumping 641 out of 8158 MB:..3%..13%..23%..33%..43%..53%..63%..73%..83%..93% Reading symbols from /boot/kernel/fdescfs.ko...Reading symbols from /usr/lib/debug//boot/kernel/fdescfs.ko.debug...done. done. Loaded symbols for /boot/kernel/fdescfs.ko Reading symbols from /boot/kernel/iscsi.ko...Reading symbols from /usr/lib/debug//boot/kernel/iscsi.ko.debug...done. done. Loaded symbols for /boot/kernel/iscsi.ko #0 doadump (textdump=1) at pcpu.h:221 221 __asm("movq %%gs:%1,%0" : "=r" (td) (kgdb) list *0xffffffff803a09cd 0xffffffff803a09cd is in ipf_p_ftp_process (ip_ftp_pxy.c:1336). 1331 aps = nat->nat_aps; 1332 1333 sel = aps->aps_sel[1 - rv]; 1334 sel2 = aps->aps_sel[rv]; 1335 if (rv == 1) { 1336 seqoff = aps->aps_seqoff[sel]; 1337 if (aps->aps_seqmin[sel] > seqoff + thseq) 1338 seqoff = aps->aps_seqoff[!sel]; 1339 ackoff = aps->aps_ackoff[sel2]; 1340 if (aps->aps_ackmin[sel2] > ackoff + thack) Current language: auto; currently minimal (kgdb) backtrace #0 doadump (textdump=1) at pcpu.h:221 #1 0xffffffff80a97b75 in kern_reboot (howto=) at /usr/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff80a9814b in vpanic (fmt=, ap=) at /usr/src/sys/kern/kern_shutdown.c:759 #3 0xffffffff80a98193 in panic (fmt=0x0) at /usr/src/sys/kern/kern_shutdown.c:690 #4 0xffffffff80f344a1 in trap_fatal (frame=0xfffffe023ab3e420, eva=14) at /usr/src/sys/amd64/amd64/trap.c:837 #5 0xffffffff80f346ad in trap_pfault (frame=0xfffffe023ab3e420, usermode=0) at /usr/src/sys/amd64/amd64/trap.c:694 #6 0xffffffff80f33bbb in trap (frame=0xfffffe023ab3e420) at /usr/src/sys/amd64/amd64/trap.c:443 #7 0xffffffff80f14461 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:236 #8 0xffffffff803a09cd in ipf_p_ftp_process (softf=, fin=0xfffffe023ab3e780, nat=0xfffff801c2ad7400, ftp=0xfffff800433e4c00, rv=) at ip_ftp_pxy.c:1331 #9 0xffffffff803a7e87 in ipf_proxy_check (fin=0xfffffe023ab3e780, nat=0xfffff801c2ad7400) at /usr/src/sys/contrib/ipfilter/netinet/ip_proxy.c:992 #10 0xffffffff8039b36b in ipf_nat_out (fin=0xfffffe023ab3e780, nat=0xfffff801c2ad7400, natadd=, nflags=1) at /usr/src/sys/contrib/ipfilter/netinet/ip_nat.c:5315 #11 0xffffffff8039a72f in ipf_nat_checkout (fin=, passp=) at /usr/src/sys/contrib/ipfilter/netinet/ip_nat.c:5019 #12 0xffffffff80381496 in ipf_check (ctx=, ip=, hlen=, ifp=, out=1, mp=) at /usr/src/sys/contrib/ipfilter/netinet/fil.c:3104 #13 0xffffffff80ba08cb in pfil_run_hooks (ph=, mp=, ifp=, dir=, inp=) at /usr/src/sys/net/pfil.c:83 #14 0xffffffff80c0326b in ip_tryforward (m=0xffffffff818d5fe0) at /usr/src/sys/netinet/ip_fastfwd.c:330 #15 0xffffffff80c058b7 in ip_input (m=0x0) at /usr/src/sys/netinet/ip_input.c:558 #16 0xffffffff80b9f7b0 in netisr_dispatch_src (proto=1, source=0, m=0xfffff80009cf2900) at /usr/src/sys/net/netisr.c:1120 #17 0xffffffff80cecc07 in dummynet_send (m=) at /usr/src/sys/netpfil/ipfw/ip_dn_io.c:791 #18 0xffffffff80cec530 in dummynet_task (context=, pending=) at /usr/src/sys/netpfil/ipfw/ip_dn_io.c:746 #19 0xffffffff80aeb5bc in taskqueue_run_locked (queue=) at /usr/src/sys/kern/subr_taskqueue.c:449 #20 0xffffffff80aec138 in taskqueue_thread_loop (arg=) at /usr/src/sys/kern/subr_taskqueue.c:708 #21 0xffffffff80a5bd74 in fork_exit (callout=0xffffffff80aec0b0 , arg=0xffffffff81e0c278, frame=0xfffffe023ab3ec00) at /usr/src/sys/kern/kern_fork.c:1038 #22 0xffffffff80f1499e in fork_trampoline () at /usr/src/sys/amd64/amd64/exception.S:611 #23 0x0000000000000000 in ?? () (kgdb) SB