From owner-freebsd-stable@FreeBSD.ORG Sun Nov 13 18:55:57 2005 Return-Path: X-Original-To: stable@FreeBSD.org Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F63716A41F for ; Sun, 13 Nov 2005 18:55:57 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id D079943D45 for ; Sun, 13 Nov 2005 18:55:56 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 7CBB046B3E; Sun, 13 Nov 2005 13:55:53 -0500 (EST) Date: Sun, 13 Nov 2005 18:55:53 +0000 (GMT) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Jason In-Reply-To: <20051113185045.GA63704@monsterjam.org> Message-ID: <20051113185207.B90423@fledge.watson.org> References: <20051113134951.GA3965@monsterjam.org> <20051113144034.S88008@fledge.watson.org> <20051113161744.GB3965@monsterjam.org> <20051113174635.L90423@fledge.watson.org> <20051113185045.GA63704@monsterjam.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: stable@FreeBSD.org Subject: Re: can someone please let me know what this crash means? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Nov 2005 18:55:57 -0000 On Sun, 13 Nov 2005, Jason wrote: >> There have also been a number of fixes relating to raw sockets which >> may also apply to ipdivert related configurations, but I'm not sure >> they could lead to this particular panic easily. This strikes me a a >> pcb/tcp race of some sort. > > I am running ipfw on this box and do have $fwcmd add divert natd all > from any to any via fxp0 > > hmm, I guess its time to upgrade to 6.0? While it looks like a familiar stack trace and I've fixed bugs that sound a lot like this, I'm not entirely fixed that this specific bug has been fixed. Unfortunately, I'm not sure how easily we can debug it without more information. I spent a bit of time this evening reviewing all the diffs between the revisions you're running and current revisions, and other than IPv6-related and tcpdrop-related changes, I don't see anything obvious. I'll spent some more time looking at the stack trace tonight. Updating to 6.x probably is a good idea, as there are some bugs fixed in 6.x that cannot easily be fixed in 5.x, but I don't promise it will fix this particular problem. On the other hand, it apparently took months to trigger and has not been seen by anyone else, so the changes are low it will recur before we do find and fix it :-). I'll do some more reading over the next few days and see if I see anything. What's interesting about the ipdivert input path is that it generates parallelism in the IP input code, which is actually somewhat unusual unless running with net.isr.direct=1, so if a bug is hiding somewhere here, that's probably why it's not been triggered by anyone else. Thanks for the report -- it might not hurt to file a PR with all the details you have (including the file revisions) and drop me the PR number so I can grab it and make sure it doesn't fall off my todo list. Thanks again! Robert N M Watson