Bug #1959
openDFBSD v2.9.1.422.gc98f2 - Panic during boot - IPv6 and PF
0%
Description
Hi all,
Got this panic during a boot up process. I haven't been able to reproduce it again:
(kgdb) bt
#0 _get_mycpu (di=0xc06faf20) at ./machine/thread.h:83
#1 md_dumpsys (di=0xc06faf20) at
/home/source/dfbsd/sys/platform/pc32/i386/dump_machdep.c:263
#2 0xc031b416 in dumpsys () at /home/source/dfbsd/sys/kern/kern_shutdown.c:881
#3 0xc031b9d6 in boot (howto=260) at
/home/source/dfbsd/sys/kern/kern_shutdown.c:388
#4 0xc031bc7d in panic (fmt=0xc05c3404 "%s") at
/home/source/dfbsd/sys/kern/kern_shutdown.c:787
#5 0xc0575c12 in trap_fatal (frame=0xd8727614, eva=<value optimized out>)
at /home/source/dfbsd/sys/platform/pc32/i386/trap.c:1116
#6 0xc0575d48 in trap_pfault (frame=0xd8727614, usermode=0, eva=826367903)
at /home/source/dfbsd/sys/platform/pc32/i386/trap.c:1018
#7 0xc05762a1 in trap (frame=0xd8727614) at
/home/source/dfbsd/sys/platform/pc32/i386/trap.c:705
#8 0xc055dfc7 in calltrap () at
/home/source/dfbsd/sys/platform/pc32/i386/exception.s:785
#9 0xc08e3c7a in pf_find_state (kif=0xc7170270, key=0xd8727748, dir=2,
m=0xd8798200)
at /home/source/dfbsd/sys/net/pf/pf.c:883
#10 0xc08e410f in pf_test_state_icmp (state=0xd872783c, direction=2,
kif=0xc7170270, m=0xd8798200, off=48,
h=0xd87983d8, pd=0xd87277f0, reason=0xd8727848) at
/home/source/dfbsd/sys/net/pf/pf.c:4570
#11 0xc08e965e in pf_test6 (dir=2, ifp=0xd86c1460, m0=0xd8727894, eh=0x0, inp=0x0)
at /home/source/dfbsd/sys/net/pf/pf.c:6361
#12 0xc08ed084 in pf_check6_out (arg=0x0, m=0xd8727894, ifp=0xd86c1460, dir=2)
at /home/source/dfbsd/sys/net/pf/pf_ioctl.c:3158
#13 0xc039e995 in pfil_run_hooks (ph=0xc0756f4c, mp=0xd8727980, ifp=0xd86c1460,
dir=2)
at /home/source/dfbsd/sys/net/pfil.c:116
#14 0xc0403e49 in ip6_output (m0=0xd8798200, opt=0xc07594e0, ro=0xd8727960,
flags=0, im6o=0xd87279d0,
ifpp=0xd87279cc, inp=0x0) at /home/source/dfbsd/sys/netinet6/ip6_output.c:884
#15 0xc040a247 in mld6_sendpkt (in6m=0xc6f05060, type=<value optimized out>,
dst=0x0)
at /home/source/dfbsd/sys/netinet6/mld6.c:452
#16 0xc040a352 in mld6_start_listening (in6m=0xc6f05060) at
/home/source/dfbsd/sys/netinet6/mld6.c:156
#17 0xc03fb423 in in6_addmulti (maddr6=0xd8727a80, ifp=0xd86c1460,
errorp=0xd8727ac0)
at /home/source/dfbsd/sys/netinet6/in6.c:1736
#18 0xc03fc537 in in6_update_ifa (ifp=0xd86c1460, ifra=0xd8727afc, ia=0xd7646380)
at /home/source/dfbsd/sys/netinet6/in6.c:1105
#19 0xc03fef56 in in6_ifattach_linklocal (ifp=0xd86c1460, altifp=0x0)
at /home/source/dfbsd/sys/netinet6/in6_ifattach.c:455
#20 in6_ifattach (ifp=0xd86c1460, altifp=0x0) at
/home/source/dfbsd/sys/netinet6/in6_ifattach.c:751
#21 0xc03fb95f in in6_if_up (ifp=0xd86c1460) at
/home/source/dfbsd/sys/netinet6/in6.c:2378
#22 0xc039ac95 in if_route (ifp=0xd86c1460, flag=1, fam=0) at
/home/source/dfbsd/sys/net/if.c:1317
#23 0xc039acaf in if_up (ifp=0xd86c1460) at /home/source/dfbsd/sys/net/if.c:1345
#24 0xc03dd37f in in_control_internal (cmd=2151704858, data=0xd885ce84 "",
ifp=0xd86c1460, td=0xdd6b6c58)
at /home/source/dfbsd/sys/netinet/in.c:716
#25 0xc03dda20 in in_control_internal_dispatch (msg=0xddc77a8c) at
/home/source/dfbsd/sys/netinet/in.c:216
#26 0xc03a6113 in netmsg_service_loop (arg=0x0) at
/home/source/dfbsd/sys/net/netisr.c:294
#27 0xc0324b48 in lwkt_deschedule_self (td=Cannot access memory at address 0x8
) at /home/source/dfbsd/sys/kern/lwkt_thread.c:272
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(kgdb) frame 10
#10 0xc08e410f in pf_test_state_icmp (state=0xd872783c, direction=2,
kif=0xc7170270, m=0xd8798200, off=48,
h=0xd87983d8, pd=0xd87277f0, reason=0xd8727848) at
/home/source/dfbsd/sys/net/pf/pf.c:4570
4570 STATE_LOOKUP(kif, &key, direction, *state, m);
core will be uploaded to leaf.
Cheers,
Antonio Huete
Updated by qhwt.dfly almost 14 years ago
Hi.
On Wed, Jan 12, 2011 at 09:36:33PM +0000, Antonio Huete Jimenez (via DragonFly issue tracker) wrote:
Hi all,
Got this panic during a boot up process. I haven't been able to reproduce it again:
(kgdb) bt
#0 _get_mycpu (di=0xc06faf20) at ./machine/thread.h:83
#1 md_dumpsys (di=0xc06faf20) at
/home/source/dfbsd/sys/platform/pc32/i386/dump_machdep.c:263
#2 0xc031b416 in dumpsys () at /home/source/dfbsd/sys/kern/kern_shutdown.c:881
#3 0xc031b9d6 in boot (howto=260) at
/home/source/dfbsd/sys/kern/kern_shutdown.c:388
#4 0xc031bc7d in panic (fmt=0xc05c3404 "%s") at
/home/source/dfbsd/sys/kern/kern_shutdown.c:787
#5 0xc0575c12 in trap_fatal (frame=0xd8727614, eva=<value optimized out>)
at /home/source/dfbsd/sys/platform/pc32/i386/trap.c:1116
#6 0xc0575d48 in trap_pfault (frame=0xd8727614, usermode=0, eva=826367903)
at /home/source/dfbsd/sys/platform/pc32/i386/trap.c:1018
#7 0xc05762a1 in trap (frame=0xd8727614) at
/home/source/dfbsd/sys/platform/pc32/i386/trap.c:705
#8 0xc055dfc7 in calltrap () at
/home/source/dfbsd/sys/platform/pc32/i386/exception.s:785
#9 0xc08e3c7a in pf_find_state (kif=0xc7170270, key=0xd8727748, dir=2,
m=0xd8798200)
at /home/source/dfbsd/sys/net/pf/pf.c:883
This backtrace looks like the one in issue1956, for which I've committed
the patch to add missing initializations, but {kern,vmcore}.641.xz is a
panic triggered in pf_test_rule() (actually pf_create_state() but it's
inlined).
The version[] shows that it's built from source as of c98f2,
(kgdb) p version
$1 = "DragonFly v2.9.1.422.gc98f2-DEVELOPMENT #0: Mon Jan 10 01:55:30 CET 2011\n antonioh@dfbsdx86:/usr/obj/home/source/dfbsd/sys/GENERIC_SMP\n"
but the line numbers don't match with the actual code in c98f2;
for instance, the line 6027 is in pf_test(), but it can't be
inlined in pf_test6() or its callees. Do you have local patch
in your source tree?
#8 0xc055dfc7 in calltrap ()
at /home/source/dfbsd/sys/platform/pc32/i386/exception.s:785
#9 0xc08e3c7a in pf_test_rule (rm=0xc7170270, sm=0xd8727748, direction=2,
kif=0x2, m=0xd8794df0, off=-663586848, h=0x8, pd=0xd87983e0,
am=0xd87983f0, rsm=0x0, ifq=0x0, inp=0x830000)
at /usr/src/sys/net/pf/pf.c:3635
#10 0xc08e410f in pf_test6 (dir=-663586756, ifp=0x2, m0=0xc7170270,
eh=0xd8798200, inp=0x0) at /usr/src/sys/net/pf/pf.c:6027
#11 0xc08e965e in pfioctl (ap=0x1) at /usr/src/sys/net/pf/pf_ioctl.c:1082
#12 0xc08ed084 in pfattach () at /usr/src/sys/net/pf/pf_ioctl.c:270
#13 0xc039e995 in pfil_run_hooks (ph=0xc0756f4c, mp=0xd8727980,
ifp=0xd86c1460, dir=2) at /home/source/dfbsd/sys/net/pfil.c:116
#14 0xc0403e49 in ip6_output (m0=0xd8798200, opt=0xc07594e0, ro=0xd8727960,
flags=0, im6o=0xd87279d0, ifpp=0xd87279cc, inp=0x0)
at /home/source/dfbsd/sys/netinet6/ip6_output.c:884
#15 0xc040a247 in mld6_sendpkt (in6m=0xc6f05060, type=<value optimized out>,
dst=0x0) at /home/source/dfbsd/sys/netinet6/mld6.c:452
#16 0xc040a352 in mld6_start_listening (in6m=0xc6f05060)
at /home/source/dfbsd/sys/netinet6/mld6.c:156
#17 0xc03fb423 in in6_addmulti (maddr6=0xd8727a80, ifp=0xd86c1460,
errorp=0xd8727ac0) at /home/source/dfbsd/sys/netinet6/in6.c:1736
#18 0xc03fc537 in in6_update_ifa (ifp=0xd86c1460, ifra=0xd8727afc,
ia=0xd7646380) at /home/source/dfbsd/sys/netinet6/in6.c:1105
#19 0xc03fef56 in in6_ifattach_linklocal (ifp=0xd86c1460, altifp=0x0)
at /home/source/dfbsd/sys/netinet6/in6_ifattach.c:455
#20 in6_ifattach (ifp=0xd86c1460, altifp=0x0)
at /home/source/dfbsd/sys/netinet6/in6_ifattach.c:751
#21 0xc03fb95f in in6_if_up (ifp=0xd86c1460)
at /home/source/dfbsd/sys/netinet6/in6.c:2378
#22 0xc039ac95 in if_route (ifp=0xd86c1460, flag=1, fam=0)
at /home/source/dfbsd/sys/net/if.c:1317