kern/122014: FreeBSD 6.2 panic in pf

Alexander V. Shulikov shulikov at gmail.com
Sun Mar 23 12:20:01 UTC 2008 

>Number:         122014
>Category:       kern
>Synopsis:       FreeBSD 6.2 panic in pf
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar 23 12:20:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Alexander V. Shulikov
>Release:        6.2-RELEASE-p11
>Organization:
ISP DonEC
>Environment:
FreeBSD hostname 6.2-RELEASE-p11 FreeBSD 6.2-RELEASE-p11 #0: Thu Mar 20 22:31:50 EET 2008     root at hostname:/usr/obj/usr/src/sys/kernconf  i386
>Description:
Situation similar as in kern/121955.
But used FreeBSD 6.2-RELEASE-p11, mpd-5.0, ipfw for traffic shaping and counting, pf for filtering and nat.
Today I receive panic (before this panic I can't receive dump,because after rebooting dump was not saved in /var/crash).

Panic details:
# kgdb /usr/obj/usr/src/sys/uzbek/kernel.debug /var/crash/vmcore.0
kgdb: kvm_nlist(_stopped_cpus):
kgdb: kvm_nlist(_stoppcbs):
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x73737420
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xcc85a4b7
stack pointer           = 0x28:0xec4e5af4
frame pointer           = 0x28:0xec4e5bb8
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 11 (swi4: clock sio)
trap number             = 12
panic: page fault
Sleeping thread (tid 100005, pid 11) owns a non-sleepable lock
panic: sleeping thread
Uptime: 4m52s
Dumping 2047 MB (2 chunks)
  chunk 0: 1MB (159 pages) ... ok
  chunk 1: 2047MB (524016 pages) 2031 2015 1999 1983 1967 1951 1935 1919 1903 1887 1871 1855 1839 1823 1807 1791 1775 1759 1743 1727 1711 16951679 1663 1647 1631 1615 1599 1583 1567 1551 1535 1519 1503 1487 1471 1455 1439 1423 1407 1391 1375 1359 1343 1327 1311 1295 1279 1263 1247 1231 1215 1199 1183 1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943 927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 383 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15

#0  doadump () at pcpu.h:165
165     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) backtrace
#0  doadump () at pcpu.h:165
#1  0xc04e6e50 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2  0xc04e70e8 in panic (fmt=0xc066fa4a "sleeping thread") at /usr/src/sys/kern/kern_shutdown.c:565
#3  0xc0506e4c in propagate_priority (td=0xcc304780) at /usr/src/sys/kern/subr_turnstile.c:204
#4  0xc050763a in turnstile_wait (lock=0xcc86fda0, owner=0xcc304780) at /usr/src/sys/kern/subr_turnstile.c:643
#5  0xc04dd4c4 in _mtx_lock_sleep (m=0xcc86fda0, tid=3425716864, opts=0, file=0xcc86d269 "/usr/src/sys/modules/pf/../../contrib/pf/net/pf.c",
    line=6386) at /usr/src/sys/kern/kern_mutex.c:579
#6  0xc04dd300 in _mtx_lock_flags (m=0x0, opts=0, file=0xcc86d269 "/usr/src/sys/modules/pf/../../contrib/pf/net/pf.c", line=6386)
    at /usr/src/sys/kern/kern_mutex.c:288
#7  0xcc85a469 in ?? ()
#8  0xcc86fda0 in ?? ()
#9  0x00000000 in ?? ()
#10 0xcc86d269 in ?? ()
#11 0x000018f2 in ?? ()
#12 0xec4ebb74 in ?? ()
#13 0x0000f052 in ?? ()
#14 0x99c5f062 in ?? ()
#15 0xec4ebb74 in ?? ()
#16 0x00000000 in ?? ()
#17 0x00000000 in ?? ()
#18 0xcc86fde0 in ?? ()
#19 0x00000000 in ?? ()
#20 0x00000000 in ?? ()
#21 0x00000246 in ?? ()
#22 0xcc304a80 in ?? ()
#23 0xec4ebb90 in ?? ()
#24 0xc04f366b in callout_reset (c=0xc06c9ea0, to_ticks=1, ftn=0, arg=0x0) at /usr/src/sys/kern/kern_timeout.c:490
#25 0xcc860f43 in ?? ()
#26 0x00000001 in ?? ()
#27 0xcc494400 in ?? ()
#28 0xec4ebc54 in ?? ()
#29 0x00000000 in ?? ()
#30 0x00000000 in ?? ()
#31 0xcc727a00 in ?? ()
#32 0xc06c9ea0 in ip_rsvpd ()
#33 0xec4ebc64 in ?? ()
#34 0xc055dcdf in pfil_run_hooks (ph=0xc06c9ea0, mp=0xec4ebc54, ifp=0xcc494400, dir=1, inp=0x0) at /usr/src/sys/net/pfil.c:139
Previous frame identical to this frame (corrupt stack?)
(kgdb)
>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list