Date: Fri, 20 Mar 2009 21:58:58 GMT From: Vany Serezhkin <ivan@serezhkin.com> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/132885: 802.1x broken after SVN rev 189592 Message-ID: <200903202158.n2KLwwvx031913@www.freebsd.org> Resent-Message-ID: <200903202200.n2KM02Wg068796@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 132885
>Category: kern
>Synopsis: 802.1x broken after SVN rev 189592
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 20 22:00:02 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Vany Serezhkin
>Release: CURRENT
>Organization:
Yandex
>Environment:
FreeBSD vany.yandex.ru 8.0-CURRENT FreeBSD 8.0-CURRENT #5: Fri Mar 20 04:51:06 MSK 2009 root@vany.yandex.ru:/opt/obj/opt/src/sys/VWN i386
>Description:
i cant try this on unsecured networks, but when i kldload if_wpi, kernel panics.
Also? when i load if_msk and then try wpa_supplicant to authenticate in 802.1x network it crashes too.
dump attached.
>How-To-Repeat:
wlans_wpi0="wlan0"
wpa_supplicant_enable="YES"
wpa_supplicant_interface="wlan0"
wpa_supplicant_flags="-s -dd"
ifconfig_wlan0="WPA DHCP"
>Fix:
Patch attached with submission follows:
Dump header from device /dev/ad4s1b
Architecture: i386
Architecture Version: 2
Dump Length: 117395456B (111 MB)
Blocksize: 512
Dumptime: Fri Mar 20 02:47:07 2009
Hostname: vany.yandex.ru
Magic: FreeBSD Kernel Dump
Version String: FreeBSD 8.0-CURRENT #3: Fri Mar 20 02:36:56 MSK 2009
root@vany.yandex.ru:/opt/obj/opt/src/sys/VWN
Panic String: sbappendaddr_locked
Dump Parity: 1643601937
Bounds: 0
Dump Status: good
db> show allpcpu
Current CPU: 0
cpuid = 0
curthread = 0xc6563000: pid 12 "swi1: net"
curpcb = 0xe6a4ed90
fpcurthread = none
idlethread = 0xc65638c0: pid 11 "idle: cpu0"
APIC ID = 0
currentldt = 0x50
cpuid = 1
curthread = 0xc6563af0: pid 11 "idle: cpu1"
curpcb = 0xc63f4d90
fpcurthread = none
idlethread = 0xc6563af0: pid 11 "idle: cpu1"
APIC ID = 1
currentldt = 0x50
db> trace
Tracing pid 12 tid 100008 td 0xc6563000
kdb_enter(c08c2a9c,c08c2a9c,c08c7e3c,e6a4eb30,0,...) at kdb_enter+0x3a
panic(c08c7e3c,c68b3818,10,0,e6a40008,...) at panic+0x131
sbappendaddr_locked(c6cb94e8,e6a4ec10,c68b3800,0,1,...) at sbappendaddr_locked+0x30
udp_append(1c,e6a4ec10,0,1,1,...) at udp_append+0x11f
udp_input(c68b3800,14,c690b800,1,0,...) at udp_input+0x4a1
ip_input(c68b3800,e6a4ecc4,c095eec0,c65481c0,0,...) at ip_input+0x530
swi_net(0,0,109,1df580ec,25,...) at swi_net+0x135
intr_event_execute_handlers(c65617ec,c65a2d00,c08c0145,4d7,c65a2d70,...) at intr_event_execute_handlers+0x140
ithread_loop(c64ec540,e6a4ed38,0,0,0,...) at ithread_loop+0x6b
fork_exit(c05b8b69,c64ec540,e6a4ed38) at fork_exit+0x91
fork_trampoline() at fork_trampoline+0x8
--- trap 0, eip = 0, esp = 0xe6a4ed70, ebp = 0 ---
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1448 1 1448 65 Ss select 0xc6eae224 dhclient
1445 1 1445 0 Ss select 0xc6d098a4 dhclient
1242 1 1242 0 Ss select 0xc6eaf324 wpa_supplicant
1152 1107 1152 0 S+ ttyin 0xc675e070 csh
1128 1123 1119 0 S select 0xc6eaed24 initial thread
1123 1119 1119 0 S select 0xc69a9624 initial thread
1122 1 1122 0 Ss (threaded) console-kit-daemon
100157 S waitvt 0xc095879c console-kit-daemon
100156 S waitvt 0xc0958798 console-kit-daemon
100155 S waitvt 0xc0958794 console-kit-daemon
100154 S waitvt 0xc0958790 console-kit-daemon
100153 S waitvt 0xc095878c console-kit-daemon
100152 S waitvt 0xc0958788 console-kit-daemon
100151 S waitvt 0xc0958784 console-kit-daemon
100150 S waitvt 0xc0958780 console-kit-daemon
100149 S waitvt 0xc095877c console-kit-daemon
100148 S waitvt 0xc0958778 console-kit-daemon
100147 S waitvt 0xc0958774 console-kit-daemon
100146 S waitvt 0xc0958770 console-kit-daemon
100145 S waitvt 0xc095876c console-kit-daemon
100144 S waitvt 0xc0958768 console-kit-daemon
100143 S waitvt 0xc0958764 console-kit-daemon
100142 S ucond 0xc698bd40 console-kit-daemon
100140 S select 0xc698a624 console-kit-daemon
1119 1 1119 560 Rs hald
1114 1 1114 0 Ss+ ttyin 0xc675e470 getty
1113 1 1113 0 Ss+ ttyin 0xc675e270 getty
1112 1 1112 0 Ss+ ttyin 0xc65a1270 getty
1111 1 1111 0 Ss+ ttyin 0xc65a1670 getty
1110 1 1110 0 Ss+ ttyin 0xc65a1870 getty
1109 1 1109 0 Ss+ ttyin 0xc65a1a70 getty
1108 1 1108 0 Ss+ ttyin 0xc65a1070 getty
1107 1 1107 0 Ss+ wait 0xc6d1b2a4 login
1105 1104 41 0 S+ nanslp 0xc095b144 sleep
1104 1102 41 0 S+ wait 0xc6d1d548 sh
1103 1 41 0 S+ piperd 0xc69d5600 logger
1102 1 41 0 S+ wait 0xc6d1d000 sh
1044 1 1044 0 Ss nanslp 0xc095b144 cron
1037 1 1037 25 Ss pause 0xc6d1c5a0 sendmail
1033 1 1033 0 Ss select 0xc69a90e4 sendmail
1026 1 1026 0 Ss select 0xc6989664 sshd
1003 1 1003 0 Ss select 0xc6d084e4 avahi-dnsconfd
998 1 998 558 Ss select 0xc6d08964 avahi-daemon
954 1 954 556 Ss select 0xc698a2a4 dbus-daemon
940 1 940 65534 Ss select 0xc698a464 mdnsd
912 1 911 0 S select 0xc69a9324 snmpd
909 896 896 0 S select 0xc6915124 winbindd
896 1 896 0 Ss select 0xc69a8824 winbindd
895 891 891 0 S pause 0xc6a052fc smbd
891 1 891 0 Ss select 0xc69162e4 smbd
887 1 887 0 Rs nmbd
870 1 870 0 Ss kqread 0xc6ba0d80 cupsd
830 1 830 0 Ss select 0xc698a7e4 powerd
653 1 653 53 Ss (threaded) named
100114 S kqread 0xc694f780 named
100113 S ucond 0xc698b200 named
100112 S ucond 0xc698b280 named
100111 S ucond 0xc6989d00 named
100083 S sigwait 0xe92e6be0 named
584 1 584 0 Ss select 0xc69a9264 syslogd
544 0 0 0 SL mdwait 0xc6a12800 [md0]
461 1 461 0 Ss select 0xc6989ce4 devd
341 0 0 0 SL pftm 0xc6af9c24 [pfpurge]
40 0 0 0 SL sdflush 0xc097a7a0 [softdepflush]
39 0 0 0 SL vlruwt 0xc6953a90 [vnlru]
38 0 0 0 SL syncer 0xc096eb70 [syncer]
37 0 0 0 SL psleep 0xc096e8c4 [bufdaemon]
36 0 0 0 SL pgzero 0xc097b3d4 [pagezero]
9 0 0 0 SL psleep 0xc097affc [vmdaemon]
8 0 0 0 SL psleep 0xc097afc4 [pagedaemon]
35 0 0 0 SL wmsg 0xc6715c78 [usbus4]
34 0 0 0 SL wmsg 0xc6715ca8 [usbus4]
33 0 0 0 SL wmsg 0xc6715d0c [usbus4]
32 0 0 0 SL wmsg 0xc6715cdc [usbus4]
31 0 0 0 SL wmsg 0xc6703d18 [usbus3]
30 0 0 0 SL wmsg 0xc6703d48 [usbus3]
29 0 0 0 SL wmsg 0xc6703dac [usbus3]
28 0 0 0 SL wmsg 0xc6703d7c [usbus3]
27 0 0 0 SL wmsg 0xc66e8d18 [usbus2]
26 0 0 0 SL wmsg 0xc66e8d48 [usbus2]
25 0 0 0 SL wmsg 0xc66e8dac [usbus2]
24 0 0 0 SL wmsg 0xc66e8d7c [usbus2]
23 0 0 0 SL wmsg 0xc66d6d18 [usbus1]
22 0 0 0 SL wmsg 0xc66d6d48 [usbus1]
21 0 0 0 SL wmsg 0xc66d6dac [usbus1]
20 0 0 0 SL wmsg 0xc66d6d7c [usbus1]
19 0 0 0 SL wmsg 0xc66c4d18 [usbus0]
18 0 0 0 SL wmsg 0xc66c4d48 [usbus0]
17 0 0 0 SL wmsg 0xc66c4dac [usbus0]
16 0 0 0 SL wmsg 0xc66c4d7c [usbus0]
7 0 0 0 SL waiting_ 0xc09709fc [sctp_iterator]
15 0 0 0 SL cooling 0xc672dcd4 [acpi_cooling0]
14 0 0 0 SL tzpoll 0xc09469e8 [acpi_thermal]
6 0 0 0 SL - 0xc665e3bc [cbb0 event thread]
5 0 0 0 SL ccb_scan 0xc0943554 [xpt_thrd]
13 0 0 0 SL - 0xc095afc4 [yarrow]
4 0 0 0 SL - 0xc0958b64 [g_down]
3 0 0 0 SL - 0xc0958b60 [g_up]
2 0 0 0 SL - 0xc0958b58 [g_event]
12 0 0 0 RL (threaded) intr
100038 I [irq7: ppc0]
100037 I [swi0: uart]
100036 I [irq12: psm0]
100035 I [irq1: atkbd0]
100032 I [irq19: atapci1+]
100031 I [irq14: ata0]
100029 I [irq16: cbb0 uhci3]
100028 I [irq18: wpi0 uhci2]
100027 I [irq20: uhci1]
100026 I [irq23: uhci0 ehci0]
100025 I [irq256: hdac0]
100024 I [irq9: acpi0]
100023 I [swi2: cambio]
100017 I [swi6: task queue]
100016 I [swi6: Giant taskq]
100014 I [swi5: +]
100008 Run CPU 0 [swi1: net]
100007 I [swi4: clock]
100006 I [swi4: clock]
100005 I [swi3: vm]
11 0 0 0 RL (threaded) idle
100004 CanRun [idle: cpu0]
100003 Run CPU 1 [idle: cpu1]
1 0 1 0 SLs wait 0xc6561d34 [init]
10 0 0 0 SL audit_wo 0xc097a140 [audit]
0 0 0 0 SLs (threaded) kernel
100162 D - 0xc6eaf0c0 [wpi0 taskq]
100021 D - 0xc6641a00 [kqueue taskq]
100020 D - 0xc6641c00 [acpi_task_2]
100019 D - 0xc6641c00 [acpi_task_1]
100018 D - 0xc6641c00 [acpi_task_0]
100015 D - 0xc6641d40 [thread taskq]
100012 D - 0xc6547e00 [firmware taskq]
100000 D sched 0xc0958c20 [swapper]
db> capture status
11334/49152 bytes used
capture is on
db> trace 100008
Tracing pid 12 tid 100008 td 0xc6563000
kdb_enter(c08c2a9c,c08c2a9c,c08c7e3c,e6a4eb30,0,...) at kdb_enter+0x3a
panic(c08c7e3c,c68b3818,10,0,e6a40008,...) at panic+0x131
sbappendaddr_locked(c6cb94e8,e6a4ec10,c68b3800,0,1,...) at sbappendaddr_locked+0x30
udp_append(1c,e6a4ec10,0,1,1,...) at udp_append+0x11f
udp_input(c68b3800,14,c690b800,1,0,...) at udp_input+0x4a1
ip_input(c68b3800,e6a4ecc4,c095eec0,c65481c0,0,...) at ip_input+0x530
swi_net(0,0,109,1df580ec,25,...) at swi_net+0x135
intr_event_execute_handlers(c65617ec,c65a2d00,c08c0145,4d7,c65a2d70,...) at intr_event_execute_handlers+0x140
ithread_loop(c64ec540,e6a4ed38,0,0,0,...) at ithread_loop+0x6b
fork_exit(c05b8b69,c64ec540,e6a4ed38) at fork_exit+0x91
fork_trampoline() at fork_trampoline+0x8
--- trap 0, eip = 0, esp = 0xe6a4ed70, ebp = 0 ---
db> trace 1119
Tracing pid 1119 tid 100138 td 0xc6e9e230
sched_switch(c6e9e230,0,207,1dfc3d80,25,...) at sched_switch+0x369
mi_switch(207,0,c08c5e41,d5,e93c6d28,...) at mi_switch+0x127
ast(e93c6d38) at ast+0x288
doreti_ast() at doreti_ast+0x17
db> trace 887
Tracing pid 887 tid 100087 td 0xc69d88c0
sched_switch(c69d88c0,0,602,1df60990,25,...) at sched_switch+0x369
mi_switch(602,0,c08c2eff,bc,c69d88c0,...) at mi_switch+0x127
critical_exit(c6563000,e92f6998,c05b76f5,c6563000,4,...) at critical_exit+0x92
spinlock_exit(c6563000,4,c08c0145,320,0,...) at spinlock_exit+0x10
intr_event_schedule_thread(e92f69b0,c067cd3b,c65481c0,0,e92f69cc,...) at intr_event_schedule_thread+0xe0
swi_sched(c65481c0,0,e92f69cc,c067cdb6,c0970800,...) at swi_sched+0x25
legacy_setsoftnet(c0970800,c68b3800,0,0,c68b3800,...) at legacy_setsoftnet+0x1b
netisr_queue(2,c68b3800,0,b3950001,c68b3800,...) at netisr_queue+0x79
if_simloop(c690b800,c68b3800,2,e,e92f6a18,...) at if_simloop+0xe0
ether_output(c690b800,c6bba400,e92f6ac4,c6aced00,c6972000,...) at ether_output+0x436
ieee80211_output(c690b800,c6bba400,e92f6ac4,c6aced00,c6acbcf0,...) at ieee80211_output+0x47
ip_output(c6bba400,0,0,20,0,...) at ip_output+0x910
udp_send(c6eca000,0,c6bba400,c66a08a0,0,...) at udp_send+0x90a
sosend_dgram(c6eca000,c66a08a0,e92f6be8,c6bba400,0,...) at sosend_dgram+0x465
sosend(c6eca000,c66a08a0,e92f6be8,0,0,...) at sosend+0x3f
kern_sendit(c69d88c0,9,e92f6c5c,0,0,...) at kern_sendit+0x109
sendit(0,c66a08a0,10,e92f6c78,1,...) at sendit+0xad
sendto(c69d88c0,e92f6cf8,18,c05dee54,56,...) at sendto+0x48
syscall(e92f6d38) at syscall+0x312
Xint0x80_syscall() at Xint0x80_syscall+0x20
--- syscall (133, FreeBSD ELF32, sendto), eip = 0x205cf71f, esp = 0xbfbfe3ec, ebp = 0xbfbfe848 ---
db> trace 12
Tracing pid 12 tid 100038 td 0xc6666d20
fork_trampoline() at fork_trampoline
db> capture status
14181/49152 bytes used
capture is on
db> capture off
#0 doadump () at pcpu.h:246
#1 0xc05d7ff4 in boot (howto=260) at /opt/src/sys/kern/kern_shutdown.c:420
#2 0xc05d830b in panic (fmt=Variable "fmt" is not available.
) at /opt/src/sys/kern/kern_shutdown.c:576
#3 0xc0493aee in db_panic (addr=Could not find the frame base for "db_panic".
) at /opt/src/sys/ddb/db_command.c:478
#4 0xc049405e in db_command (last_cmdp=0xc094449c, cmd_table=0x0, dopager=1) at /opt/src/sys/ddb/db_command.c:445
#5 0xc0494197 in db_command_loop () at /opt/src/sys/ddb/db_command.c:498
#6 0xc0495e3f in db_trap (type=3, code=0) at /opt/src/sys/ddb/db_main.c:229
#7 0xc0603cce in kdb_trap (type=3, code=0, tf=0xe6a4eab0) at /opt/src/sys/kern/subr_kdb.c:534
#8 0xc086102b in trap (frame=0xe6a4eab0) at /opt/src/sys/i386/i386/trap.c:678
#9 0xc08468eb in calltrap () at /opt/src/sys/i386/i386/exception.s:165
#10 0xc0603e2f in kdb_enter (why=0xc08c2a9c "panic", msg=0xc08c2a9c "panic") at cpufunc.h:71
#11 0xc05d82ec in panic (fmt=0xc08c7e3c "sbappendaddr_locked") at /opt/src/sys/kern/kern_shutdown.c:559
#12 0xc062d2e0 in sbappendaddr_locked (sb=0xc6cb94e8, asa=0xe6a4ec10, m0=0xc68b3800, control=0x0)
at /opt/src/sys/kern/uipc_sockbuf.c:632
#13 0xc073e51a in udp_append (inp=Variable "inp" is not available.
) at /opt/src/sys/netinet/udp_usrreq.c:251
#14 0xc073fa02 in udp_input (m=0xc68b3800, off=20) at /opt/src/sys/netinet/udp_usrreq.c:501
#15 0xc06c5af1 in ip_input (m=0xc68b3800) at /opt/src/sys/netinet/ip_input.c:710
#16 0xc067ccf2 in swi_net (dummy=0x0) at /opt/src/sys/net/netisr.c:145
#17 0xc05b7848 in intr_event_execute_handlers (p=0xc65617ec, ie=0xc65a2d00) at /opt/src/sys/kern/kern_intr.c:1134
#18 0xc05b8bd4 in ithread_loop (arg=0xc64ec540) at /opt/src/sys/kern/kern_intr.c:1147
#19 0xc05b51c9 in fork_exit (callout=0xc05b8b69 <ithread_loop>, arg=0xc64ec540, frame=0xe6a4ed38)
at /opt/src/sys/kern/kern_fork.c:821
#20 0xc0846960 in fork_trampoline () at /opt/src/sys/i386/i386/exception.s:270
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903202158.n2KLwwvx031913>