From owner-freebsd-amd64@FreeBSD.ORG Sun Dec 8 19:20:01 2013 Return-Path: Delivered-To: freebsd-amd64@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B8579624 for ; Sun, 8 Dec 2013 19:20:01 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 90F7E1845 for ; Sun, 8 Dec 2013 19:20:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id rB8JK1k8037107 for ; Sun, 8 Dec 2013 19:20:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id rB8JK1MP037106; Sun, 8 Dec 2013 19:20:01 GMT (envelope-from gnats) Resent-Date: Sun, 8 Dec 2013 19:20:01 GMT Resent-Message-Id: <201312081920.rB8JK1MP037106@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-amd64@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Viktor Velichkin Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 900B2537 for ; Sun, 8 Dec 2013 19:15:01 +0000 (UTC) Received: from oldred.freebsd.org (oldred.freebsd.org [IPv6:2001:1900:2254:206a::50:4]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 617721826 for ; Sun, 8 Dec 2013 19:15:01 +0000 (UTC) Received: from oldred.freebsd.org ([127.0.1.6]) by oldred.freebsd.org (8.14.5/8.14.7) with ESMTP id rB8JF0bv074093 for ; Sun, 8 Dec 2013 19:15:00 GMT (envelope-from nobody@oldred.freebsd.org) Received: (from nobody@localhost) by oldred.freebsd.org (8.14.5/8.14.5/Submit) id rB8JF0uc074078; Sun, 8 Dec 2013 19:15:00 GMT (envelope-from nobody) Message-Id: <201312081915.rB8JF0uc074078@oldred.freebsd.org> Date: Sun, 8 Dec 2013 19:15:00 GMT From: Viktor Velichkin To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Subject: amd64/184601: Panic on 10-BETA4 when using mpd5 X-Mailman-Approved-At: Sun, 08 Dec 2013 20:28:23 +0000 X-BeenThere: freebsd-amd64@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Porting FreeBSD to the AMD64 platform List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Dec 2013 19:20:01 -0000 >Number: 184601 >Category: amd64 >Synopsis: Panic on 10-BETA4 when using mpd5 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-amd64 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Dec 08 19:20:01 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Viktor Velichkin >Release: 10.0-BETA4 >Organization: >Environment: FreeBSD 10.0-BETA4 #1 r258815: Mon Dec 2 09:55:54 MSK 2013 /usr/obj/usr/src/sys/GENERIC amd64 >Description: Problem appears when I installed mpd5 and try to use this host as PPtP concetrator. Problem appears stable, 5-10 minutes after start of accepting pptp connections. And after third panic I move service on another host. There are backtrace and other information below: root@bell:/usr/obj/usr/src/sys/GENERIC # kgdb kernel.debug /var/crash/vmcore.0 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid = 2; apic id = 04 fault virtual address = 0x18 fault code = supervisor read data, page not present instruction pointer = 0x20:0xffffffff809180f0 stack pointer = 0x28:0xfffffe0121bca380 frame pointer = 0x28:0xfffffe0121bca3b0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 17876 (ng_queue2) trap number = 12 panic: page fault cpuid = 2 KDB: stack backtrace: #0 0xffffffff808e7cc0 at kdb_backtrace+0x60 #1 0xffffffff808af7a5 at panic+0x155 #2 0xffffffff80c8e4c2 at trap_fatal+0x3a2 #3 0xffffffff80c8e799 at trap_pfault+0x2c9 #4 0xffffffff80c8df26 at trap+0x5e6 #5 0xffffffff80c751c2 at calltrap+0x8 #6 0xffffffff809d3655 at ip_forward+0x1d5 #7 0xffffffff809d345d at ip_input+0x63d #8 0xffffffff80974cbe at netisr_dispatch_src+0x5e #9 0xffffffff81a336c2 at ng_iface_rcvdata+0xf2 #10 0xffffffff81a1c040 at ng_apply_item+0x210 #11 0xffffffff81a1bc63 at ng_snd_item+0x383 #12 0xffffffff81a1c040 at ng_apply_item+0x210 #13 0xffffffff81a1bc63 at ng_snd_item+0x383 #14 0xffffffff81a3a0ea at ng_ppp_comp_recv+0xfa #15 0xffffffff81a38edc at ng_ppp_rcvdata+0x22c #16 0xffffffff81a1c040 at ng_apply_item+0x210 #17 0xffffffff81a1bc63 at ng_snd_item+0x383 Uptime: 49m29s Dumping 413 out of 4064 MB:..4%..12%..24%..31%..43%..51%..62%..74%..82%..93% Reading symbols from /boot/kernel/ums.ko.symbols...done. Loaded symbols for /boot/kernel/ums.ko.symbols Reading symbols from /boot/kernel/ng_socket.ko.symbols...done. Loaded symbols for /boot/kernel/ng_socket.ko.symbols Reading symbols from /boot/kernel/netgraph.ko.symbols...done. Loaded symbols for /boot/kernel/netgraph.ko.symbols Reading symbols from /boot/kernel/ng_mppc.ko.symbols...done. Loaded symbols for /boot/kernel/ng_mppc.ko.symbols Reading symbols from /boot/kernel/rc4.ko.symbols...done. Loaded symbols for /boot/kernel/rc4.ko.symbols Reading symbols from /boot/kernel/ng_tee.ko.symbols...done. Loaded symbols for /boot/kernel/ng_tee.ko.symbols Reading symbols from /boot/kernel/ng_pptpgre.ko.symbols...done. Loaded symbols for /boot/kernel/ng_pptpgre.ko.symbols Reading symbols from /boot/kernel/ng_ksocket.ko.symbols...done. Loaded symbols for /boot/kernel/ng_ksocket.ko.symbols Reading symbols from /boot/kernel/ng_iface.ko.symbols...done. Loaded symbols for /boot/kernel/ng_iface.ko.symbols Reading symbols from /boot/kernel/ng_ppp.ko.symbols...done. Loaded symbols for /boot/kernel/ng_ppp.ko.symbols Reading symbols from /boot/kernel/ng_tcpmss.ko.symbols...done. Loaded symbols for /boot/kernel/ng_tcpmss.ko.symbols Reading symbols from /boot/kernel/ng_l2tp.ko.symbols...done. Loaded symbols for /boot/kernel/ng_l2tp.ko.symbols #0 doadump (textdump=) at pcpu.h:219 219 __asm("movq %%gs:%1,%0" : "=r" (td) (kgdb) list 0xffffffff809180f0 Function "0xffffffff809180f0" not defined. (kgdb) list 0x20:0xffffffff809180f0 No source file named 0x20. (kgdb) backtrace #0 doadump (textdump=) at pcpu.h:219 #1 0xffffffff808af420 in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:447 #2 0xffffffff808af7e4 in panic (fmt=) at /usr/src/sys/kern/kern_shutdown.c:754 #3 0xffffffff80c8e4c2 in trap_fatal (frame=, eva=) at /usr/src/sys/amd64/amd64/trap.c:882 #4 0xffffffff80c8e799 in trap_pfault (frame=0xfffffe0121bca2d0, usermode=0) at /usr/src/sys/amd64/amd64/trap.c:699 #5 0xffffffff80c8df26 in trap (frame=0xfffffe0121bca2d0) at /usr/src/sys/amd64/amd64/trap.c:463 #6 0xffffffff80c751c2 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:232 #7 0xffffffff809180f0 in m_copydata (m=, off=, len=, cp=) at /usr/src/sys/kern/uipc_mbuf.c:881 #8 0xffffffff809d3655 in ip_forward (m=0xfffff8001ca37700, srcrt=0) at /usr/src/sys/netinet/ip_input.c:1437 #9 0xffffffff809d345d in ip_input (m=0xfffff8001ca37700) at /usr/src/sys/netinet/ip_input.c:710 #10 0xffffffff80974cbe in netisr_dispatch_src (proto=, source=, m=0x0) at /usr/src/sys/net/netisr.c:972 #11 0xffffffff81a336c2 in ng_iface_rcvdata (hook=, item=) at /usr/src/sys/modules/netgraph/iface/../../../netgraph/ng_iface.c:780 #12 0xffffffff81a1c040 in ng_apply_item (node=0xfffff800909eb500, item=0xfffff8012062be00, rw=0) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2397 #13 0xffffffff81a1bc63 in ng_snd_item (item=0xfffff8012062be00, flags=) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2314 #14 0xffffffff81a1c040 in ng_apply_item (node=0xfffff8004f7cac00, item=0xfffff8012062be00, rw=0) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2397 #15 0xffffffff81a1bc63 in ng_snd_item (item=0xfffff8012062be00, flags=) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2314 #16 0xffffffff81a3a0ea in ng_ppp_comp_recv (node=, item=, proto=, linkNum=) at /usr/src/sys/modules/netgraph/ppp/../../../netgraph/ng_ppp.c:1047 #17 0xffffffff81a38edc in ng_ppp_rcvdata (hook=, item=0xfffff8012062be00) at /usr/src/sys/modules/netgraph/ppp/../../../netgraph/ng_ppp.c:1522 #18 0xffffffff81a1c040 in ng_apply_item (node=0xfffff80090159500, item=0xfffff8012062be00, rw=0) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2397 #19 0xffffffff81a1bc63 in ng_snd_item (item=0xfffff8012062be00, flags=) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2314 #20 0xffffffff81a1c040 in ng_apply_item (node=0xfffff8004ff0a700, item=0xfffff8012062be00, rw=0) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2397 #21 0xffffffff81a1bc63 in ng_snd_item (item=0xfffff8012062be00, flags=) ---Type to continue, or q to quit--- at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2314 #22 0xffffffff81a2c26f in ng_pptpgre_rcvdata_lower (hook=, item=0xfffff8001c9188d5) at /usr/src/sys/modules/netgraph/pptpgre/../../../netgraph/ng_pptpgre.c:811 #23 0xffffffff81a1c040 in ng_apply_item (node=0xfffff8004f7ed100, item=0xfffff8012062be00, rw=0) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2397 #24 0xffffffff81a1bc63 in ng_snd_item (item=0xfffff8012062be00, flags=) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2314 #25 0xffffffff81a2f3f9 in ng_ksocket_incoming2 (node=0xfffff8004fd71a00, hook=, arg1=0xfffff801206ce828, arg2=0) at /usr/src/sys/modules/netgraph/ksocket/../../../netgraph/ng_ksocket.c:1158 #26 0xffffffff81a1bee6 in ng_apply_item (node=0xfffff8004fd71a00, item=0xfffff801206bd300, rw=1) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:2468 #27 0xffffffff81a1db9d in ngthread (arg=) at /usr/src/sys/modules/netgraph/netgraph/../../../netgraph/ng_base.c:3432 #28 0xffffffff808819fa in fork_exit (callout=0xffffffff81a1d9e0 , arg=0x0, frame=0xfffffe0121bcac00) at /usr/src/sys/kern/kern_fork.c:995 #29 0xffffffff80c756fe in fork_trampoline () at /usr/src/sys/amd64/amd64/exception.S:606 #30 0x0000000000000000 in ?? () (kgdb) frame 8 #8 0xffffffff809d3655 in ip_forward (m=0xfffff8001ca37700, srcrt=0) at /usr/src/sys/netinet/ip_input.c:1437 1437 m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t)); Current language: auto; currently minimal (kgdb) l 1432 mcopy = NULL; 1433 } 1434 if (mcopy != NULL) { 1435 mcopy->m_len = min(ntohs(ip->ip_len), M_TRAILINGSPACE(mcopy)); 1436 mcopy->m_pkthdr.len = mcopy->m_len; 1437 m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t)); 1438 } 1439 1440 #ifdef IPSTEALTH 1441 if (!V_ipstealth) { (kgdb) p m $1 = (struct mbuf *) 0xfffff8001ca37700 (kgdb) p *m $2 = {m_hdr = {mh_next = 0xfffff8001cbe8400, mh_nextpkt = 0x0, mh_data = 0xfffff8001ca377a4 "E", mh_len = 92, mh_type = 1, mh_flags = 2}, M_dat = {MH = {MH_pkthdr = {rcvif = 0xfffff80120723000, tags = {slh_first = 0x0}, len = 1450, flowid = 0, csum_flags = 50331648, fibnum = 0, cosqos = 0 '\0', rsstype = 0 '\0', l2hlen = 0 '\0', l3hlen = 0 '\0', l4hlen = 0 '\0', l5hlen = 0 '\0', PH_per = { eigth = "\000\000\000\000\000\000\000", sixteen = {0, 0, 0, 0}, thirtytwo = {0, 0}, sixtyfour = {0}, unintptr = {0}, ptr = 0x0}, PH_loc = {eigth = "\000\000\000\000\000\000\000", sixteen = {0, 0, 0, 0}, thirtytwo = {0, 0}, sixtyfour = {0}, unintptr = {0}, ptr = 0x0}}, MH_dat = {MH_ext = {ref_cnt = 0x1d0130000045, ext_buf = 0x200002207
, ext_size = 98566144, ext_type = 0, ext_flags = 16776960, ext_free = 0xd071836facb80000, ext_arg1 = 0x8f358d8230400, ext_arg2 = 0x66f905ce0045}, MH_databuf = "E\000\0000\001\035\000\000\a\"\000\000\002\000\000\000\000\000▒\005\000\000▒▒\000\000▒▒o\203q▒\000\004#▒X▒\b\000E\000▒\005▒f\000\000?/S▒\n\f\n▒\n\n\n\0030\001\210\v\005▒\033▒\000\003B▒▒\003\000!E\000\005▒r▒@\000?\006▒▒[▒\tpW▒\016\231\000P\004|▒y▒\006▒\f\0055P\020yp▒\027\000\000m▒\032▒o▒arZz▒▒d▒▒y\212#9CG#▒W\217\023\211pk▒b\224!▒▒\220+\202V0\210\016pZ▒ڮ▒\a\027▒"}}, M_databuf = "\0000r \001▒▒▒\000\000\000\000\000\000\000\000▒\005\000\000\000\000\000\000\000\000\000\003", '\0' , "E\000\0000\001\035\000\000\a\"\000\000\002\000\000\000\000\000▒\005\000\000▒▒\000\000▒▒o\203q▒\000\004#▒X▒\b\000E\000▒\005▒f\000\000?/S▒\n\f\n▒\n\n\n\0030\001\210\v\005▒\033▒\000\003B▒▒\003\000!E\000\005▒r▒@\000?\006▒▒[▒\tpW▒\016\231\000P\004|▒y▒\006▒\f\0055P\020yp▒\027\000\000m▒\032▒o▒arZz▒▒d▒▒y\212#9CG#▒W\217\023\211pk▒b\224!▒▒\220+\202V0\210\016pZ▒"...}} (kgdb) p m->M_dat.MH.MH_pkthdr.rcvif $3 = (struct ifnet *) 0xfffff80120723000 (kgdb) p *m->M_dat.MH.MH_pkthdr.rcvif $4 = {if_softc = 0xfffff80090e62780, if_l2com = 0x0, if_vnet = 0x0, if_link = {tqe_next = 0xfffff8012073a000, tqe_prev = 0xfffff801207be018}, if_xname = "ng28", '\0' , if_dname = 0xffffffff81a34020 "ng", if_dunit = 28, if_refcount = 1, if_addrhead = { tqh_first = 0xfffff800909e8800, tqh_last = 0xfffff8004fc0f0c0}, if_pcount = 0, if_carp = 0x0, if_bpf = 0xfffff80090417a80, if_index = 32, if_index_reserved = 0, if_vlantrunk = 0x0, if_flags = 34961, if_capabilities = 0, if_capenable = 0, if_linkmib = 0x0, if_linkmiblen = 0, if_data = {ifi_type = 53 '5', ifi_physical = 0 '\0', ifi_addrlen = 0 '\0', ifi_hdrlen = 0 '\0', ifi_link_state = 0 '\0', ifi_vhid = 0 '\0', ifi_baudrate_pf = 0 '\0', ifi_datalen = 152 '\230', ifi_mtu = 1460, ifi_metric = 0, ifi_baudrate = 64000, ifi_ipackets = 213659, ifi_ierrors = 0, ifi_opackets = 135695, ifi_oerrors = 0, ifi_collisions = 0, ifi_ibytes = 289518603, ifi_obytes = 6084398, ifi_imcasts = 0, ifi_omcasts = 0, ifi_iqdrops = 0, ifi_noproto = 0, ifi_hwassist = 0, ifi_epoch = 2785, ifi_lastchange = {tv_sec = 1386521104, tv_usec = 983942}}, if_multiaddrs = {tqh_first = 0xfffff8008f99e240, tqh_last = 0xfffff8009a1a0d40}, if_amcount = 0, if_output = 0xffffffff81a33760 , if_input = 0, if_start = 0xffffffff81a33980 , if_ioctl = 0xffffffff81a33ba0 , if_init = 0, if_resolvemulti = 0, if_qflush = 0xffffffff80967780 , if_transmit = 0xffffffff8096a260 , if_reassign = 0, if_home_vnet = 0x0, if_addr = 0xfffff800909e8800, if_llsoftc = 0x0, if_drv_flags = 64, if_snd = {ifq_head = 0x0, ifq_tail = 0x0, ifq_len = 0, ifq_maxlen = 50, ifq_drops = 0, ifq_mtx = {lock_object = { lo_name = 0xfffff80120723028 "ng28", lo_flags = 16973824, lo_data = 0, lo_witness = 0x0}, mtx_lock = 4}, ifq_drv_head = 0x0, ifq_drv_tail = 0x0, ifq_drv_len = 0, ifq_drv_maxlen = 50, altq_type = 0, altq_flags = 1, altq_disc = 0x0, altq_ifp = 0xfffff80120723000, altq_enqueue = 0, altq_dequeue = 0, altq_request = 0, altq_clfier = 0x0, altq_classify = 0, altq_tbr = 0x0, altq_cdnr = 0x0}, if_broadcastaddr = 0x0, if_bridge = 0x0, if_label = 0x0, if_unused = {0x0, 0x0}, if_afdata = {0x0, 0x0, 0xfffff80120753e00, 0x0 , 0xfffff8009a0274c0, 0x0 }, if_afdata_initialized = 2, if_afdata_lock = {lock_object = { lo_name = 0xffffffff80eeea00 "if_afdata", lo_flags = 86179840, lo_data = 0, lo_witness = 0x0}, rw_lock = 1}, if_linktask = {ta_link = { stqe_next = 0x0}, ta_pending = 0, ta_priority = 0, ta_func = 0xffffffff80964a80 , ta_context = 0xfffff80120723000}, if_addr_lock = {lock_object = {lo_name = 0xffffffff80eee9f3 "if_addr_lock", lo_flags = 86179840, lo_data = 0, lo_witness = 0x0}, rw_lock = 1}, if_clones = {le_next = 0x0, le_prev = 0x0}, if_groups = {tqh_first = 0xfffff8001c3516c0, tqh_last = 0xfffff8001c3516c8}, if_pf_kif = 0x0, if_lagg = 0x0, if_description = 0x0, if_fib = 0, if_alloctype = 53 '5', if_hw_tsomax = 65535, if_cspare = "\000\000", if_ispare = {0, 0, 0, 0}, if_pspare = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} (kgdb) >How-To-Repeat: Try to use mpd5/PPtP on 10.0-BETA4 ? I don't actually now. >Fix: >Release-Note: >Audit-Trail: >Unformatted: