From owner-freebsd-net@FreeBSD.ORG Thu Oct 1 11:24:19 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A8AB8106566B; Thu, 1 Oct 2009 11:24:19 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: from mail-fx0-f222.google.com (mail-fx0-f222.google.com [209.85.220.222]) by mx1.freebsd.org (Postfix) with ESMTP id 0CF538FC19; Thu, 1 Oct 2009 11:24:18 +0000 (UTC) Received: by fxm22 with SMTP id 22so33416fxm.36 for ; Thu, 01 Oct 2009 04:24:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=Ri/2phxPyjuTsvNuOa6AK+8Hi+OcitApeR/Js45ZmA8=; b=j/PvfeU7VVQU85rvjbhCcdId/DbJuyTaxnrMr2ODCG5JoD6JFOx1Qimi1kg3qD1Ggv 6hXmZq97dT8RMP1J9D2vJnSXI50J3t96VP+zcJsg6AtlSu6B4tsGaykJx3sPdoYBJgU0 TBhh3pfBs4ZK/fl8krF5cVxgTLP3nm08nIPcw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=uBRgook838/QfR6ns6r/4karsCXBbh6yT3OgV/lLKc7EyGWGBoh9gJWoxsVOluV1bj tFbGX8F9O6iI2LaI1hMnCRBHEPDgCcJJ5Xt3ecyP7MmYGdpsiZ81Qv798LlTiyB3jWG2 dyszn4Bkv8w8L4A9br66xl35/5OpLV5acIZLE= MIME-Version: 1.0 Received: by 10.204.153.217 with SMTP id l25mr883438bkw.108.1254396257570; Thu, 01 Oct 2009 04:24:17 -0700 (PDT) In-Reply-To: References: Date: Thu, 1 Oct 2009 15:24:17 +0400 Message-ID: From: pluknet To: Robert Watson Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: FreeBSD Net Subject: Re: panic in soabort X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2009 11:24:19 -0000 2009/10/1 pluknet : > 2009/4/25 Robert Watson : >> >> On Fri, 24 Apr 2009, pluknet wrote: >> >>> 2009/4/23 Robert Watson : >>>> >>>> On Thu, 23 Apr 2009, pluknet wrote: >>>> >>>>> Please, give me comment on this. The panic is on 6.2-REL. Is it known= to >>>>> be fixed in the latter releases? >>>> >>>> It may well be -- there have been quite significant architectural >>>> improvements to socket life cycle (etc) between 6.2 and 7.x releases, = which >>>> may well close the race causing this panic. =A0However, we'll probably= need to >>>> learn a bit more in order to decide for sure. =A0Could you convert the >>>> trapping instruction pointer to file+offset in the source code? >>> >>> Looks I've lost the corresponding kernel.debug. Anyway I have such bt t= he >>> first time. >> >> If you run into this again, let me know. =A0Also, are you using accept f= ilters >> on the box? >> > > Got it again (this time on 6.4-p5). P.S. It's funny to say: I got it on two boxes nearly simultaneously. Both from proftpd. See also my first mail (the same). > > Fatal trap 12: page fault while in kernel mode > cpuid =3D 2; apic id =3D 02 > fault virtual address =A0 =3D 0x104 > fault code =A0 =A0 =A0 =A0 =A0 =A0 =A0=3D supervisor read, page not prese= nt > instruction pointer =A0 =A0 =3D 0x20:0xc06a3425 > stack pointer =A0 =A0 =A0 =A0 =A0 =3D 0x28:0xef764bb0 > frame pointer =A0 =A0 =A0 =A0 =A0 =3D 0x28:0xef764bbc > code segment =A0 =A0 =A0 =A0 =A0 =A0=3D base 0x0, limit 0xfffff, type 0x1= b > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =3D DPL 0, pres 1, def32 1, g= ran 1 > processor eflags =A0 =A0 =A0 =A0=3D resume, IOPL =3D 0 > current process =A0 =A0 =A0 =A0 =3D 74303 (proftpd) > > db> bt 74303 > Tracing pid 74303 tid 101039 td 0xcaa08820 > _mtx_lock_sleep(ccd50768,caa08820,0,0,0) at _mtx_lock_sleep+0x9d > soabort(ccd506f4) at soabort+0x82 > soclose(d1aa8b20) at soclose+0x21a > soo_close(c9f50a20,caa08820) at soo_close+0x63 > fdrop_locked(c9f50a20,caa08820,caf78a00,ef764ca8,c06875f3,...) at > fdrop_locked+0xd0 > fdrop(c9f50a20,caa08820,caa08820,ef764c64,c0689055,...) at fdrop+0x41 > closef(c9f50a20,caa08820,0,ef764d38,cad8f648,...) at closef+0x42f > kern_close(caa08820,a,ef764d30,c08e1d4b,caa08820,...) at kern_close+0x20d > close(caa08820,ef764d04) at close+0x10 > syscall(bfbf003b,3b,bfbf003b,8150034,811a434,...) at syscall+0x2bf > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (6, FreeBSD ELF32, close), eip =3D 0x2832230f, esp =3D > 0xbfbfe6bc, ebp =3D 0xbfbfe6d8 --- > db> show proc 74303 > Process 74303 (proftpd) at 0xcad8f648: > state: NORMAL > uid: 36830 =A0gids: 36830 > parent: pid 95478 at 0xc8e60000 > ABI: FreeBSD ELF32 > arguments: proftpd: fatich_1 - 93.118.217.18: IDLE > threads: 1 > 101039 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Run =A0 =A0 CPU 2 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 proftpd > > (gdb) list *(soabort+0x82) > 0xc06ea2a6 is in soabort (/usr/src/sys/kern/uipc_socket.c:510). > 505 =A0 =A0 =A0 =A0 =A0 =A0 int error; > 506 > 507 =A0 =A0 =A0 =A0 =A0 =A0 error =3D (*so->so_proto->pr_usrreqs->pru_abo= rt)(so); > 508 =A0 =A0 =A0 =A0 =A0 =A0 if (error) { > 509 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 ACCEPT_LOCK(); > 510 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 SOCK_LOCK(so); > 511 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 sotryfree(so); =A0/* note: do= es not decrement > the ref count */ > 512 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 return error; > 513 =A0 =A0 =A0 =A0 =A0 =A0 } > 514 =A0 =A0 =A0 =A0 =A0 =A0 return (0); > > -- > wbr, > pluknet > --=20 wbr, pluknet