From owner-freebsd-current@FreeBSD.ORG Fri Aug 21 15:27:13 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2EDE0106568E for ; Fri, 21 Aug 2009 15:27:13 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.9]) by mx1.freebsd.org (Postfix) with ESMTP id CD9B28FC0C for ; Fri, 21 Aug 2009 15:27:12 +0000 (UTC) Received: from vampire.homelinux.org (dslb-088-066-032-025.pools.arcor-ip.net [88.66.32.25]) by mrelayeu.kundenserver.de (node=mrbap0) with ESMTP (Nemesis) id 0MKsym-1MeW1H3IUv-000lQD; Fri, 21 Aug 2009 17:27:11 +0200 Received: (qmail 49154 invoked from network); 21 Aug 2009 15:27:11 -0000 Received: from kvm.laiers.local (HELO kvm.localnet) (192.168.4.200) by router.laiers.local with SMTP; 21 Aug 2009 15:27:11 -0000 From: Max Laier Organization: FreeBSD To: freebsd-current@freebsd.org Date: Fri, 21 Aug 2009 17:27:11 +0200 User-Agent: KMail/1.12.0 (Linux/2.6.30-ARCH; KDE/4.3.0; x86_64; ; ) References: In-Reply-To: MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-15" Content-Transfer-Encoding: quoted-printable Message-Id: <200908211727.11400.max@love2party.net> X-Provags-ID: V01U2FsdGVkX1+eV4PVEFjEybd50Dknt1D7Cwkd8GV9qhwcrLT XyhK974940CG337ILdnBTvylHz9SmwZb5bvSiSbvUXPcw25b9L VH/k9v33ZX74RX8Iphqkg== Cc: Ian Freislich Subject: Re: panic: in pf_reassemble() ? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Aug 2009 15:27:13 -0000 On Friday 21 August 2009 17:01:14 Ian Freislich wrote: > So, I thought I'd run a benchmark and see how my forwarding did. > I got the following panic, easily provokable: > > Fatal trap 9: general protection fault while in kernel mode > cpuid =3D 10; apic id =3D 0a > instruction pointer =3D 0x20:0xffffffff801bc111 > stack pointer =3D 0x28:0xffffff81ccae46b0 > frame pointer =3D 0x28:0xffffff81ccae4710 > code segment =3D base 0x0, limit 0xfffff, type 0x1b > =3D DPL 0, pres 1, long 1, def32 0, gran 1 > processor eflags =3D interrupt enabled, resume, IOPL =3D 0 > current process =3D 11 (irq258: bce2) > trap number =3D 9 > panic: general protection fault > cpuid =3D 10 > KDB: stack backtrace: > db_trace_self_wrapper() at db_trace_self_wrapper+0x2a > panic() at panic+0x182 > trap_fatal() at trap_fatal+0x2ad > trap() at trap+0x10b > calltrap() at calltrap+0x8 > --- trap 0x9, rip =3D 0xffffffff801bc111, rsp =3D 0xffffff81ccae46b0, rbp= =3D > 0xffffff 81ccae4710 --- > pf_reassemble() at pf_reassemble+0xb1 > pf_normalize_ip() at pf_normalize_ip+0x694 Can you get me line numbers for these two? > pf_test() at pf_test+0x78e > pf_check_in() at pf_check_in+0x39 > pfil_run_hooks() at pfil_run_hooks+0x9c > ip_fastforward() at ip_fastforward+0x319 Does switching fast forward off change the situation - not that it should, = but=20 it might help with finding the culprit. > ether_demux() at ether_demux+0x131 > ether_input() at ether_input+0x1e0 > ether_demux() at ether_demux+0x6f > ether_input() at ether_input+0x1e0 > bce_intr() at bce_intr+0x398 > intr_event_execute_handlers() at intr_event_execute_handlers+0x100 > ithread_loop() at ithread_loop+0x8e > fork_exit() at fork_exit+0x117 > fork_trampoline() at fork_trampoline+0xe > --- trap 0, rip =3D 0, rsp =3D 0xffffff81ccae4d30, rbp =3D 0 --- > > I also got a core, but it's totally useless: > > [firewall2.jnb1] ~ # kgdb -c /var/crash/vmcore.10 /boot/kernel/kernel > GNU gdb 6.1.1 [FreeBSD] > Copyright 2004 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and you > are welcome to change it and/or distribute copies of it under certain > conditions. Type "show copying" to see the conditions. > There is absolutely no warranty for GDB. Type "show warranty" for detail= s. > This GDB was configured as "amd64-marcel-freebsd"...(no debugging symbols > found)... Attempt to extract a component of a value that is not a structu= re > pointer. Attempt to extract a component of a value that is not a structure > pointer. Attempt to extract a component of a value that is not a structure > pointer. Attempt to extract a component of a value that is not a structure > pointer. kgdb: kvm_read: invalid address (0xffffff009c31a460) > #0 0x0000000000000000 in ?? () > > I can setup remote GDB and set this panic off again if there's > something specific someone would like me to look at. =46rom a very first glance this could be a byte order mismatch in ip_len or= the=20 like, so if you could take a look at the ip header in the involved mbufs. = =20 Anything that looks like swapped bytes. Are you using jumbo frames? Thanks. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News