From nobody@FreeBSD.org Thu Nov 3 09:10:13 2011 Return-Path: Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 67195106567B for ; Thu, 3 Nov 2011 09:10:07 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 6E2908FC13 for ; Thu, 3 Nov 2011 09:10:07 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id pA39A6hB025617 for ; Thu, 3 Nov 2011 09:10:06 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id pA39A60c025616; Thu, 3 Nov 2011 09:10:06 GMT (envelope-from nobody) Message-Id: <201111030910.pA39A60c025616@red.freebsd.org> Date: Thu, 3 Nov 2011 09:10:06 GMT From: Alexandr Gorsky To: freebsd-gnats-submit@FreeBSD.org Subject: mpd kernel panic X-Send-Pr-Version: www-3.1 X-GNATS-Notify: >Number: 162267 >Category: kern >Synopsis: [mpd] mpd kernel panic >Confidential: no >Severity: serious >Priority: medium >Responsible: qingli >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Nov 03 09:20:08 UTC 2011 >Closed-Date: >Last-Modified: Fri Nov 11 02:06:58 UTC 2011 >Originator: Alexandr Gorsky >Release: FreeBSD 9.0-RC1 >Organization: NEVOSOFT >Environment: FreeBSD rt02.nevosoft.local 9.0-RC1 FreeBSD 9.0-RC1 #0: Wed Nov 2 13:02:37 MSK 2011 al@rt02.nevosoft.local:/usr/obj/usr/src/sys/GENERIC i386 >Description: When user connect to mpd5 server configured as pptp server, kernel have panic after successful authorization. In 9.0 BETA 3 it work fine. backtrace: Fatal trap 12: page fault while in kernel mode cpuid = 1; apic id = 01 fault virtual address = 0x0 fault code = supervisor read, page not present instruction pointer = 0x20:0xc0b205a9 stack pointer = 0x28:0xdf1b39bc frame pointer = 0x28:0xdf1b39f8 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 2959 (arp) trap number = 12 panic: page fault cpuid = 1 KDB: stack backtrace: #0 0xc0a4ad67 at kdb_backtrace+0x47 #1 0xc0a18337 at panic+0x117 #2 0xc0d48623 at trap_fatal+0x323 #3 0xc0d486dd at trap_pfault+0xad #4 0xc0d49465 at trap+0x465 #5 0xc0d323bc at calltrap+0x6 #6 0xc0ad03af at lla_rt_output+0x2df #7 0xc0add937 at route_output+0x407 #8 0xc0ad9988 at raw_usend+0x48 #9 0xc0adc775 at rts_send+0x35 #10 0xc0a7e28a at sosend_generic+0x64a #11 0xc0a7a2ff at sosend+0x3f #12 0xc0a630a3 at soo_write+0x63 #13 0xc0a5c407 at dofilewrite+0x97 #14 0xc0a5c718 at kern_writev+0x68 #15 0xc0a5c79f at sys_write+0x4f #16 0xc0d48c45 at syscall+0x355 #17 0xc0d32421 at Xint0x80_syscall+0x21 Uptime: 4m38s Physical memory: 2023 MB Dumping 193 MB: 178panic: bufwrite: buffer is not busy??? cpuid = 1 162 146 130 114 98 82 66 50 34 18 2 Reading symbols from /boot/kernel/accf_data.ko...Reading symbols from /boot/kernel/accf_data.ko.symbols...done. done. Loaded symbols for /boot/kernel/accf_data.ko Reading symbols from /boot/kernel/accf_dns.ko...Reading symbols from /boot/kernel/accf_dns.ko.symbols...done. done. Loaded symbols for /boot/kernel/accf_dns.ko Reading symbols from /boot/kernel/accf_http.ko...Reading symbols from /boot/kernel/accf_http.ko.symbols...done. done. Loaded symbols for /boot/kernel/accf_http.ko Reading symbols from /boot/kernel/libalias.ko...Reading symbols from /boot/kernel/libalias.ko.symbols...done. done. Loaded symbols for /boot/kernel/libalias.ko Reading symbols from /boot/kernel/ipl.ko...Reading symbols from /boot/kernel/ipl.ko.symbols...done. done. Loaded symbols for /boot/kernel/ipl.ko Reading symbols from /boot/kernel/if_carp.ko...Reading symbols from /boot/kernel/if_carp.ko.symbols...done. done. Loaded symbols for /boot/kernel/if_carp.ko Reading symbols from /boot/kernel/ipfw.ko...Reading symbols from /boot/kernel/ipfw.ko.symbols...done. done. Loaded symbols for /boot/kernel/ipfw.ko Reading symbols from /boot/kernel/ng_socket.ko...Reading symbols from /boot/kernel/ng_socket.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_socket.ko Reading symbols from /boot/kernel/netgraph.ko...Reading symbols from /boot/kernel/netgraph.ko.symbols...done. done. Loaded symbols for /boot/kernel/netgraph.ko Reading symbols from /boot/kernel/ng_mppc.ko...Reading symbols from /boot/kernel/ng_mppc.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_mppc.ko Reading symbols from /boot/kernel/rc4.ko...Reading symbols from /boot/kernel/rc4.ko.symbols...done. done. Loaded symbols for /boot/kernel/rc4.ko Reading symbols from /boot/kernel/ng_tee.ko...Reading symbols from /boot/kernel/ng_tee.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_tee.ko Reading symbols from /boot/kernel/ng_pptpgre.ko...Reading symbols from /boot/kernel/ng_pptpgre.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_pptpgre.ko Reading symbols from /boot/kernel/ng_ksocket.ko...Reading symbols from /boot/kernel/ng_ksocket.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_ksocket.ko Reading symbols from /boot/kernel/ng_iface.ko...Reading symbols from /boot/kernel/ng_iface.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_iface.ko Reading symbols from /boot/kernel/ng_ppp.ko...Reading symbols from /boot/kernel/ng_ppp.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_ppp.ko Reading symbols from /boot/kernel/ng_vjc.ko...Reading symbols from /boot/kernel/ng_vjc.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_vjc.ko Reading symbols from /boot/kernel/ng_tcpmss.ko...Reading symbols from /boot/kernel/ng_tcpmss.ko.symbols...done. done. Loaded symbols for /boot/kernel/ng_tcpmss.ko #0 doadump (textdump=1) at pcpu.h:244 244 pcpu.h: No such file or directory. in pcpu.h (kgdb) backtrace #0 doadump (textdump=1) at pcpu.h:244 #1 0xc0a180da in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:442 #2 0xc0a18371 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:607 #3 0xc0d48623 in trap_fatal (frame=0xdf1b397c, eva=0) at /usr/src/sys/i386/i386/trap.c:972 #4 0xc0d486dd in trap_pfault (frame=0xdf1b397c, usermode=0, eva=0) at /usr/src/sys/i386/i386/trap.c:836 #5 0xc0d49465 in trap (frame=0xdf1b397c) at /usr/src/sys/i386/i386/trap.c:555 #6 0xc0d323bc in calltrap () at /usr/src/sys/i386/i386/exception.s:168 #7 0xc0b205a9 in in_lltable_lookup (llt=0xc5993b00, flags=Variable "flags" is not available. ) at /usr/src/sys/netinet/in.c:1445 #8 0xc0ad03af in lla_rt_output (rtm=0xc61f0800, info=0xdf1b3a70) at if_llatbl.h:202 #9 0xc0add937 in route_output (m=0xc5c6c200, so=0xc62df680) at /usr/src/sys/net/rtsock.c:638 #10 0xc0ad9988 in raw_usend (so=0xc62df680, flags=Variable "flags" is not available. ) at /usr/src/sys/net/raw_usrreq.c:238 #11 0xc0adc775 in rts_send (so=0xc62df680, flags=0, m=0xc5c6c200, nam=0x0, control=0x0, td=0xc59c2000) at /usr/src/sys/net/rtsock.c:386 #12 0xc0a7e28a in sosend_generic (so=0xc62df680, addr=0x0, uio=0xdf1b3c48, top=0xc5c6c200, control=0x0, flags=0, td=0xc59c2000) at /usr/src/sys/kern/uipc_socket.c:1303 #13 0xc0a7a2ff in sosend (so=0xc62df680, addr=0x0, uio=0xdf1b3c48, top=0x0, control=0x0, flags=0, td=0xc59c2000) at /usr/src/sys/kern/uipc_socket.c:1347 #14 0xc0a630a3 in soo_write (fp=0xc610c2a0, uio=0xdf1b3c48, active_cred=0xc557a800, flags=0, td=0xc59c2000) at /usr/src/sys/kern/sys_socket.c:102 #15 0xc0a5c407 in dofilewrite (td=0xc59c2000, fd=3, fp=0xc610c2a0, auio=0xdf1b3c48, offset=-1, flags=0) at file.h:262 #16 0xc0a5c718 in kern_writev (td=0xc59c2000, fd=3, auio=0xdf1b3c48) at /usr/src/sys/kern/sys_generic.c:449 #17 0xc0a5c79f in sys_write (td=0xc59c2000, uap=0xdf1b3cec) at /usr/src/sys/kern/sys_generic.c:365 #18 0xc0d48c45 in syscall (frame=0xdf1b3d28) at subr_syscall.c:131 #19 0xc0d32421 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:266 #20 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) >How-To-Repeat: connect to mpd server configured as pptp >Fix: >Release-Note: >Audit-Trail: State-Changed-From-To: open->feedback State-Changed-By: remko State-Changed-When: Sun Nov 6 12:47:24 UTC 2011 State-Changed-Why: http://www.freebsd.org/cgi/query-pr.cgi?pr=162267 State-Changed-From-To: feedback->open State-Changed-By: remko State-Changed-When: Sun Nov 6 12:47:58 UTC 2011 State-Changed-Why: Bogus feedback, mention it as open. There is mentioning by Michael Holt in PR 162322 that the problem goes away on an older version. http://www.freebsd.org/cgi/query-pr.cgi?pr=162267 Responsible-Changed-From-To: freebsd-bugs->qingli-bugs Responsible-Changed-By: glebius Responsible-Changed-When: Thu Nov 10 12:06:34 UTC 2011 Responsible-Changed-Why: The problem was introduced and later fixed by Qing. I suppose the PR can be closed, but let Qing re-check that. http://www.freebsd.org/cgi/query-pr.cgi?pr=162267 Responsible-Changed-From-To: qingli-bugs->qingli Responsible-Changed-By: glebius Responsible-Changed-When: Thu Nov 10 12:29:58 UTC 2011 Responsible-Changed-Why: The problem was introduced and later fixed by Qing. I suppose the PR can be closed, but let Qing re-check that. http://www.freebsd.org/cgi/query-pr.cgi?pr=162267 >Unformatted: