Site Navigation

Date:      Tue, 3 Nov 2015 06:04:36 -0800
From:      David Wolfskill <david@catwhisker.org>
To:        ipfw@freebsd.org
Cc:        current@freebsd.org, net@freebsd.org
Subject:   panic: refcount inconsistency: found: 0 total: 1
Message-ID:  <20151103140436.GJ21127@albert.catwhisker.org>

---

next in thread | raw e-mail | index | archive | help

---

--C7PTD44AewjTsiSV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

This was on my laptop; yesterday, it built & booted:

FreeBSD g1-252.catwhisker.org 11.0-CURRENT FreeBSD 11.0-CURRENT #230  r2902=
70M/290270:1100085: Mon Nov  2 05:03:07 PST 2015     root@g1-252.catwhisker=
=2Eorg:/common/S4/obj/usr/src/sys/CANARY  amd64


OK; today, after building:

FreeBSD localhost 11.0-CURRENT FreeBSD 11.0-CURRENT #231  r290334M/290334:1=
100086: Tue Nov  3 04:51:24 PST 2015     root@g1-252.catwhisker.org:/common=
/S4/obj/usr/src/sys/CANARY  amd64


I tried booting it, and during the transition to multi-user mode,
once ipfw was being invoked, I got the above-cited panic.  Circumvention
was to leave it disconnected from a network (turn off the WiFi
switch, in my case), so we don't get a chance to use the network.

I was able to get a dump by explicitly typing "call doadump" -- an
earlier attempt at "panic" didn't capture one.  Stack trace:

#0  doadump (textdump=3D0) at pcpu.h:221
221     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) #0  doadump (textdump=3D0) at pcpu.h:221
#1  0xffffffff8037b6b6 in db_fncall (dummy1=3D<value optimized out>,=20
    dummy2=3D<value optimized out>, dummy3=3D<value optimized out>,=20
    dummy4=3D<value optimized out>) at /usr/src/sys/ddb/db_command.c:568
#2  0xffffffff8037b14e in db_command (cmd_table=3D0x0)
    at /usr/src/sys/ddb/db_command.c:440
#3  0xffffffff8037aee4 in db_command_loop ()
    at /usr/src/sys/ddb/db_command.c:493
#4  0xffffffff8037d97b in db_trap (type=3D<value optimized out>, code=3D0)
    at /usr/src/sys/ddb/db_main.c:251
#5  0xffffffff80a270f3 in kdb_trap (type=3D3, code=3D0, tf=3D<value optimiz=
ed out>)
    at /usr/src/sys/kern/subr_kdb.c:654
#6  0xffffffff80db6668 in trap (frame=3D0xfffffe060bdde1d0)
    at /usr/src/sys/amd64/amd64/trap.c:549
#7  0xffffffff80d961f7 in calltrap ()
    at /usr/src/sys/amd64/amd64/exception.S:234
#8  0xffffffff80a267db in kdb_enter (why=3D0xffffffff812a5566 "panic",=20
    msg=3D0x80 <Address 0x80 out of bounds>) at cpufunc.h:63
#9  0xffffffff809ea01f in vpanic (fmt=3D<value optimized out>,=20
    ap=3D<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:750
#10 0xffffffff809e9e76 in kassert_panic (fmt=3D<value optimized out>)
    at /usr/src/sys/kern/kern_shutdown.c:647
#11 0xffffffff80c2a788 in ipfw_rewrite_rule_uidx (chain=3D0xffffffff81be531=
0,=20
    ci=3D0xfffffe060bdde4b8) at /usr/src/sys/netpfil/ipfw/ip_fw_table.c:3395
#12 0xffffffff80c267c3 in commit_rules (chain=3D0xffffffff81be5310,=20
    rci=3D0xfffffe060bdde4b8, count=3D1)
    at /usr/src/sys/netpfil/ipfw/ip_fw_sockopt.c:678
#13 0xffffffff80c25d80 in add_rules (chain=3D0xffffffff81be5310,=20
    op3=3D<value optimized out>, sd=3D<value optimized out>)
    at /usr/src/sys/netpfil/ipfw/ip_fw_sockopt.c:2594
#14 0xffffffff80c232f4 in ipfw_ctl3 (sopt=3D0xfffffe060bdde920)
    at /usr/src/sys/netpfil/ipfw/ip_fw_sockopt.c:3242
#15 0xffffffff80b3d8b1 in rip_ctloutput (so=3D<value optimized out>,=20
    sopt=3D0xfffffe060bdde920) at /usr/src/sys/netinet/raw_ip.c:588
#16 0xffffffff80a72bc6 in sogetopt (so=3D0xfffff80009e658b8,=20
    sopt=3D0xfffffe060bdde920) at /usr/src/sys/kern/uipc_socket.c:2731
#17 0xffffffff80a7729e in kern_getsockopt (td=3D0xfffff800098119a0,=20
    s=3D<value optimized out>, level=3D<value optimized out>,=20
    name=3D<value optimized out>, val=3D<value optimized out>, valseg=3D464=
,=20
    valsize=3D0xfffffe060bdde98c) at /usr/src/sys/kern/uipc_syscalls.c:1540
#18 0xffffffff80a771a0 in sys_getsockopt (td=3D0xfffff800098119a0,=20
    uap=3D0xfffffe060bddea40) at /usr/src/sys/kern/uipc_syscalls.c:1486
#19 0xffffffff80db7519 in amd64_syscall (td=3D0xfffff800098119a0, traced=3D=
0)
    at subr_syscall.c:140
#20 0xffffffff80d964db in Xfast_syscall ()
    at /usr/src/sys/amd64/amd64/exception.S:394
#21 0x0000000800b2cbea in ?? ()
Previous frame inner to this frame (corrupt stack?)
Current language:  auto; currently minimal
(kgdb)=20

I've copied the vmcore.z & core.txt.7 to
<http://www.catwhisker.org/~david/FreeBSD/head/ipfw/>; gzipped
copies are also available:

                    Index of /~david/FreeBSD/head/ipfw

 Icon   Name                    Last modified      Size  Description
  _____________________________________________________________________
 [PARENTDIR]  Parent Directory                             -
 [TXT]  core.txt.7              2015-11-03 05:22  155K
 [   ]  core.txt.7.gz           2015-11-03 05:22   35K
 [   ]  vmcore.7                2015-11-03 05:22  528M
 [   ]  vmcore.7.gz             2015-11-03 05:22   45M
  _____________________________________________________________________


I'll start taking a closer look at recent changes (e.g., in
src/sys/netpfil/ipfw), but I'm not really all that familiar with
the code.

Peace,
david
--=20
David H. Wolfskill				david@catwhisker.org
Those who would murder in the name of God or prophet are blasphemous coward=
s.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.

--C7PTD44AewjTsiSV
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJWOL70XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RThEMDY4QTIxMjc1MDZFRDIzODYzRTc4
QTY3RjlDOERFRjQxOTNCAAoJEIpn+cje9Bk7YqwP/3ctxamCUq5Xt5CxCle4HVSG
LL3gi+6WEC6FbYMO7SjKdHw/OREkja/mBkNDcI76ps7W+o3xMNW0YwMX5/Wr/aNR
T7KTGNkTDK6MP04DimtMscQXqTYVLerd3hOKNoGw/vrGUQZwYbhO9jBlVAoBP2Ax
aobqivKD5ajHngRnOKfdGQKucfx75mKNbwypej0w6GnDo0vhkETfwvsYSFIdOvUD
JFPSXq5raGJKpjazE6tXvxFi+zN/XHQ2CnYni/1Q8pbuNc17TMBIA73zC0sDbTp4
9hiA22/G7EdAfC+PpRNfx2afwd39yNx5zlTAAKXzpA+12HLRVhX2q3y5xaMDlrCK
r82csuRGX+lq0w//I6S2zMKolx9fxj6GOQrg38uAdjgwNaywRdm5V9es9KfmYlBO
BTLLY1szyYZOzql8GeVI7D2zXC2jxhZZ8YCWOlJtrvLhcrYYI5tjUdQd88HQSIan
Irn9Vrf6cMJwrFw7qiZIzPrCi1QTknkFaq5ybVAA84TG0YA4XGWhC3zeVLpUFMKp
v4lRI/tAPhtAShu/zA8u58nqVUJj9Nvg/U2K4JS+nPI2NTrKEOVIeh1LpGM3lZS2
hUTjqnHZNBEBCXgvxcPjNkwL5noT+DUWX8V5fNpnCT8mWCXPYIHge6cLpW0jSO0r
kCVxbpPFuJXMOz2KhldA
=Xz+w
-----END PGP SIGNATURE-----

--C7PTD44AewjTsiSV--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151103140436.GJ21127>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact