LOR and Panic in 5.2-BETA

From: Ruben de Groot <mail25_at_bzerk.org>
Date: Fri, 28 Nov 2003 15:25:02 +0100
This is on a machine running 5.2-BETA, compiled with last night's
sources

I get the following LOR when starting pptpclient:

lock order reversal
 1st 0xc27d6164 rtentry (rtentry) _at_ /usr/build/current/usr/src/sys/net/rtsock.c:387
 2nd 0xc24e9c7c radix node head (radix node head) _at_ /usr/build/current/usr/src/sys/net/route.c:133
Stack backtrace:
backtrace(c0690084,c24e9c7c,c0695c74,c0695c74,c0695cca) at backtrace+0x17
witness_lock(c24e9c7c,8,c0695cca,85,c0e97820) at witness_lock+0x672
_mtx_lock_flags(c24e9c7c,0,c0695cca,85,121) at _mtx_lock_flags+0xba
rtalloc1(c27d556c,1,0,436,0) at rtalloc1+0x79
rt_setgate(c27d6100,c0e97820,c27d556c,184,0) at rt_setgate+0x258
route_output(c0eada00,c25bd1e0,7c,c0eada00,1f84) at route_output+0x67f
raw_usend(c25bd1e0,0,c0eada00,0,0) at raw_usend+0x73
rts_send(c25bd1e0,0,c0eada00,0,0) at rts_send+0x35
sosend(c25bd1e0,0,de5abc80,c0eada00,0) at sosend+0x44d
soo_write(c25a5550,de5abc80,c27d5f00,0,c25b68c0) at soo_write+0x70
dofilewrite(c25b68c0,c25a5550,1,bfbfde60,7c) at dofilewrite+0xfb
write(c25b68c0,de5abd14,c06a86fb,3ee,3) at write+0x6e
syscall(2f,2f,2f,1,1) at syscall+0x2c0
Xint0x80_syscall() at Xint0x80_syscall+0x1d
--- syscall (4), eip = 0x282830af, esp = 0xbfbfde1c, ebp = 0xbfbfde48 ---

Also, a repeatable panic when I run tcpdump on a gif interface.
Without tcpdump, the tunnel is working as expected, but when tcpdump
is listening on the gif0 interface and any traffic (e.g. a ping) 
is generated, I get the following panic :

panic: gif_output: attempted use of a free mbuf!
Debugger("panic")
Stopped at      Debugger+0x54:  xchgl   %ebx,in_Debugger.0
db>
db>
db> trace
Debugger(c068cb20,c06e8940,c0681033,de5fe954,100) at Debugger+0x54
panic(c0681033,c06731f0,1,2,c0eadb00) at panic+0xd5
gif_output(c257c000,c0eadb00,de5feb40,c2586d00,c050c42b) at gif_output+0xd5
ip_output(c0eadb00,0,0,20,0,c27ebe10) at ip_output+0xfad
rip_output(c0eadb00,c25be0f0,2800000a,2cf,40) at rip_output+0x1c2
rip_send(c25be0f0,0,c0eadb00,c0e869e0,0) at rip_send+0xfe
sosend(c25be0f0,c0e869e0,de5fec4c,c0eadb00,0) at sosend+0x44d
kern_sendit(c27b4000,3,de5fecc4,0,0) at kern_sendit+0x17c
sendit(c27b4000,3,de5fecc4,0,804ee14) at sendit+0x16e
sendto(c27b4000,de5fed14,c06a86fb,3ee,6) at sendto+0x5b
syscall(2f,2f,2f,804edd4,804edd4) at syscall+0x2c0
Xint0x80_syscall() at Xint0x80_syscall+0x1d
--- syscall (133, FreeBSD ELF32, sendto), eip = 0x280de68f, esp = 0xbfbee7cc, ebp = 0xbfbee808 ---


If there's any other info I should provide, please let me know.

Ruben
Received on Fri Nov 28 2003 - 05:24:57 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:31 UTC