kern/94307: [bge] kernel panics when passing trafffic through
bge1
Byron L. Hicks
bhicks at nmsu.edu
Mon Mar 20 17:20:24 UTC 2006
The following reply was made to PR kern/94307; it has been noted by GNATS.
From: "Byron L. Hicks" <bhicks at nmsu.edu>
To: bug-followup at FreeBSD.org, bhicks at nmsu.edu
Cc:
Subject: Re: kern/94307: [bge] kernel panics when passing trafffic through
bge1
Date: Mon, 20 Mar 2006 10:19:03 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
monitor-temp# cd /usr/obj/usr/src/sys/DL320
monitor-temp# kgdb kernel.debug /usr/crash/vmcore.0
[GDB will not be able to debug user-mode threads:
/usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".
Unread portion of the kernel message buffer:
bge1: discard frame w/o leading ethernet header (len 4294967292 pkt len
4294967292)
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0xc
fault code = supervisor write, page not present
instruction pointer = 0x20:0xc04ed93b
stack pointer = 0x28:0xe500cca8
frame pointer = 0x28:0xe500ccd0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 28 (irq17: bge1 uhci1+)
trap number = 12
panic: page fault
Uptime: 58s
Dumping 1023 MB (2 chunks)
chunk 0: 1MB (159 pages) ... ok
chunk 1: 1023MB (261848 pages) 1007 991 975 959 943 927 911 895 879
863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591
575 559 543 527 511 495 479 463 447 431 415 399 383 367 351 335 319 303
287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15
#0 doadump () at pcpu.h:165
165 __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) list 0xc04ed93b
Function "0xc04ed93b" not defined.
(kgdb) list *0xc04ed93b
0xc04ed93b is in bge_rxeof (/usr/src/sys/dev/bge/if_bge.c:2626).
2621 cur_rx->bge_len);
2622 m->m_data += ETHER_ALIGN;
2623 }
2624 #endif
2625 eh = mtod(m, struct ether_header *);
2626 m->m_pkthdr.len = m->m_len = cur_rx->bge_len -
ETHER_CRC_LEN;
2627 m->m_pkthdr.rcvif = ifp;
2628
2629 if (ifp->if_capenable & IFCAP_RXCSUM) {
2630 if (cur_rx->bge_flags &
BGE_RXBDFLAG_IP_CSUM) {
(kgdb) backtrace
#0 doadump () at pcpu.h:165
#1 0xc063f6b2 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399
#2 0xc063f948 in panic (fmt=0xc08367d7 "%s")
at /usr/src/sys/kern/kern_shutdown.c:555
#3 0xc07ee6b4 in trap_fatal (frame=0xe500cc68, eva=12)
at /usr/src/sys/i386/i386/trap.c:836
#4 0xc07ee41b in trap_pfault (frame=0xe500cc68, usermode=0, eva=12)
at /usr/src/sys/i386/i386/trap.c:744
#5 0xc07ee079 in trap (frame=
{tf_fs = -994312184, tf_es = 822280232, tf_ds = -994312152, tf_edi
= -452247520, tf_esi = -994267136, tf_ebp = -452932400, tf_isp =
- -452932460, tf_ebx = 0, tf_edx = 0, tf_ecx = -994290688, tf_eax = -4,
tf_trapno = 12, tf_err = 2, tf_eip = -1068574405, tf_cs = 32, tf_eflags
= 590487, tf_esp = 1014144642, tf_ss = 0}) at
/usr/src/sys/i386/i386/trap.c:434
#6 0xc07ddfca in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#7 0xc04ed93b in bge_rxeof (sc=0xc4bcb000)
at /usr/src/sys/dev/bge/if_bge.c:2626
#8 0xc04edd6c in bge_intr (xsc=0xc4bcb000)
at /usr/src/sys/dev/bge/if_bge.c:2818
#9 0xc062ae2d in ithread_loop (arg=0xc4a87400)
at /usr/src/sys/kern/kern_intr.c:547
#10 0xc062a0b4 in fork_exit (callout=0xc062acd4 <ithread_loop>,
arg=0xc4a87400, frame=0xe500cd38) at /usr/src/sys/kern/kern_fork.c:789
- ---Type <return> to continue, or q <return> to quit---
#11 0xc07de02c in fork_trampoline () at
/usr/src/sys/i386/i386/exception.s:208
(kgdb) frame 7
#7 0xc04ed93b in bge_rxeof (sc=0xc4bcb000)
at /usr/src/sys/dev/bge/if_bge.c:2626
2626 m->m_pkthdr.len = m->m_len = cur_rx->bge_len -
ETHER_CRC_LEN;
(kgdb) p m
$1 = (struct mbuf *) 0x0
(kgdb) p *m
Cannot access memory at address 0x0
(kgdb) p cur_rx
$2 = (struct bge_rx_bd *) 0xe50b4020
(kgdb) p *cur_rx
$3 = {bge_addr = {bge_addr_hi = 0, bge_addr_lo = 0}, bge_len = 0,
bge_idx = 0,
bge_flags = 0, bge_type = 0, bge_tcp_udp_csum = 0, bge_ip_csum = 0,
bge_vlan_tag = 0, bge_error_flag = 0, bge_rsvd = 0, bge_opaque = 0}
(kgdb) p ifp
$4 = (struct ifnet *) 0xc4bc5400
(kgdb) p *ifp
$5 = {if_softc = 0xc4bcb000, if_l2com = 0xc4bc31f0, if_link = {
tqe_next = 0xc4c5e800, tqe_prev = 0xc4bbd808},
if_xname = "bge1", '\0' <repeats 11 times>, if_dname = 0xc4ad3dec "bge",
if_dunit = 1, if_addrhead = {tqh_first = 0xc4b9d400, tqh_last =
0xc4d9bb60},
if_klist = {kl_list = {slh_first = 0x0},
kl_lock = 0xc0624d8c <knlist_mtx_lock>,
kl_unlock = 0xc0624dc0 <knlist_mtx_unlock>,
kl_locked = 0xc0624dfc <knlist_mtx_locked>, kl_lockarg = 0xc0907360},
if_pcount = 0, if_carp = 0x0, if_bpf = 0x0, if_index = 2, if_timer = 0,
if_nvlans = 0, if_flags = 34819, if_capabilities = 27, if_capenable = 27,
if_linkmib = 0x0, if_linkmiblen = 0, if_data = {ifi_type = 6 '\006',
ifi_physical = 0 '\0', ifi_addrlen = 6 '\006', ifi_hdrlen = 14 '\016',
ifi_link_state = 2 '\002', ifi_recvquota = 0 '\0', ifi_xmitquota = 0
'\0',
ifi_datalen = 80 'P', ifi_mtu = 1500, ifi_metric = 0,
ifi_baudrate = 10000000, ifi_ipackets = 610, ifi_ierrors = 1252492992,
ifi_opackets = 375, ifi_oerrors = 2944995602, ifi_collisions =
2706406393,
ifi_ibytes = 770316, ifi_obytes = 24940, ifi_imcasts = 71,
ifi_omcasts = 0, ifi_iqdrops = 0, ifi_noproto = 0, ifi_hwassist = 7,
ifi_epoch = 0, ifi_lastchange = {tv_sec = 1142522343, tv_usec =
446415}},
if_multiaddrs = {tqh_first = 0xc4c289c0, tqh_last = 0xc4c289a0},
if_amcount = 0, if_output = 0xc06ac748 <ether_output>,
if_input = 0xc06acf80 <ether_input>, if_start = 0xc04ee84c <bge_start>,
if_ioctl = 0xc04eee6c <bge_ioctl>, if_watchdog = 0xc04ef1bc
<bge_watchdog>,
- ---Type <return> to continue, or q <return> to quit---
if_init = 0xc04eebb4 <bge_init>,
if_resolvemulti = 0xc06ad78c <ether_resolvemulti>, if_spare1 = 0x0,
if_spare2 = 0x0, if_spare3 = 0x0, if_drv_flags = 64, if_spare_flags2 = 0,
if_snd = {ifq_head = 0x0, ifq_tail = 0x0, ifq_len = 0, ifq_maxlen = 511,
ifq_drops = 0, ifq_mtx = {mtx_object = {lo_class = 0xc08a9884,
lo_name = 0xc4bc5410 "bge1", lo_type = 0xc0855521 "if send queue",
lo_flags = 196608, lo_list = {tqe_next = 0x0, tqe_prev = 0x0},
lo_witness = 0x0}, mtx_lock = 4, mtx_recurse = 0}, ifq_drv_head
= 0x0,
ifq_drv_tail = 0x0, ifq_drv_len = 0, ifq_drv_maxlen = 511, altq_type
= 0,
altq_flags = 1, altq_disc = 0x0, altq_ifp = 0xc4bc5400, altq_enqueue
= 0,
altq_dequeue = 0, altq_request = 0, altq_clfier = 0x0, altq_classify
= 0,
altq_tbr = 0x0, altq_cdnr = 0x0}, if_broadcastaddr = 0xc0810c20
"??????",
if_bridge = 0x0, lltables = 0x0, if_label = 0x0, if_prefixhead = {
tqh_first = 0x0, tqh_last = 0xc4bc557c}, if_afdata = {
0x0 <repeats 37 times>}, if_afdata_initialized = 2, if_afdata_mtx = {
mtx_object = {lo_class = 0xc08a9884, lo_name = 0xc0855511 "if_afdata",
lo_type = 0xc0855511 "if_afdata", lo_flags = 196608, lo_list = {
tqe_next = 0x0, tqe_prev = 0x0}, lo_witness = 0x0}, mtx_lock = 4,
mtx_recurse = 0}, if_starttask = {ta_link = {stqe_next = 0x0},
ta_pending = 0, ta_priority = 0, ta_func = 0xc06ab8f4
<if_start_deferred>,
ta_context = 0xc4bc5400}, if_linktask = {ta_link = {stqe_next = 0x0},
ta_pending = 0, ta_priority = 0,
ta_func = 0xc06a9a00 <do_link_state_change>, ta_context = 0xc4bc5400},
- ---Type <return> to continue, or q <return> to quit---
if_addr_mtx = {mtx_object = {lo_class = 0xc08a9884,
lo_name = 0xc08554a7 "if_addr_mtx", lo_type = 0xc08554a7
"if_addr_mtx",
lo_flags = 196608, lo_list = {tqe_next = 0x0, tqe_prev = 0x0},
lo_witness = 0x0}, mtx_lock = 4, mtx_recurse = 0}}
monitor-temp# ident /boot/kernel/kernel | grep kern_mbuf.c
$FreeBSD: src/sys/kern/kern_mbuf.c,v 1.9.2.5 2006/03/01 20:51:49
andre Exp $
- --
Byron L. Hicks
Network Engineer
NMSU ICT/CHECS-NET
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFEHuQHIuuK+iJ+1EMRAosXAKDZ7cVr8tUd1wf3MKhvObbvdGi1UQCgyKlB
iKtAZ3JTdg7pdTGrdr/AxMo=
=Wkmo
-----END PGP SIGNATURE-----
More information about the freebsd-bugs
mailing list