Hi, While testing IPSec and IPv6 I got this panic when sending ICMPv6 echo requests to the peer. kernel.debug and vmcore available if more info is needed. FreeBSD 7.0-CURRENT #0: Fri Aug 24 22:31:26 CEST 2007 Script started on Sun Aug 26 04:20:22 2007 kgdb: kvm_nlist(_stopped_cpus): kgdb: kvm_nlist(_stoppcbs): [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". Unread portion of the kernel message buffer: Fatal double fault: eip = 0xc078ea95 esp = 0xe25cc000 ebp = 0xe25cc060 panic: double fault KDB: stack backtrace: db_trace_self_wrapper(c07d4c94,c0861cc4,c056b7da,c07d308a,c0849280,...) at db_trace_self_wrapper+0x26 kdb_backtrace(c07d308a,c0849280,c07f1a71,c0861cd0,c0861cd0,...) at kdb_backtrace+0x29 panic(c07f1a71,e25cc060,e25cc060,0,0,...) at panic+0xaa dblfault_handler() at dblfault_handler+0x69 --- trap 0x17, eip = 0xc078ea95, esp = 0xe25cc000, ebp = 0xe25cc060 --- bcmp(c08521c0,e25cdb0c,0,c07b548c,0,...) at bcmp+0x1 udp6_ctlinput(6,e25cdb0c,e25cc0e8,e25cc0e8,e25cdb0c,...) at udp6_ctlinput+0x152 pfctlinput2(6,e25cdb0c,e25cc0e8,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc164,e25cc164,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc164,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc1e0,e25cc1e0,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc1e0,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc25c,e25cc25c,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc25c,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc2d8,e25cc2d8,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc2d8,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc354,e25cc354,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc354,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc3d0,e25cc3d0,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc3d0,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc44c,e25cc44c,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc44c,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc4c8,e25cc4c8,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc4c8,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc544,e25cc544,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc544,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc5c0,e25cc5c0,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc5c0,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc63c,e25cc63c,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc63c,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc6b8,e25cc6b8,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc6b8,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc734,e25cc734,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc734,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc7b0,e25cc7b0,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc7b0,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc82c,e25cc82c,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc82c,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc8a8,e25cc8a8,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc8a8,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc924,e25cc924,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc924,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cc9a0,e25cc9a0,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cc9a0,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cca1c,e25cca1c,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cca1c,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cca98,e25cca98,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cca98,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccb14,e25ccb14,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccb14,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccb90,e25ccb90,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccb90,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccc0c,e25ccc0c,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccc0c,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccc88,e25ccc88,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccc88,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccd04,e25ccd04,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccd04,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccd80,e25ccd80,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccd80,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccdfc,e25ccdfc,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccdfc,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cce78,e25cce78,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cce78,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccef4,e25ccef4,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccef4,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccf70,e25ccf70,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccf70,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25ccfec,e25ccfec,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25ccfec,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd068,e25cd068,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd068,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd0e4,e25cd0e4,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd0e4,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd160,e25cd160,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd160,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd1dc,e25cd1dc,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd1dc,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd258,e25cd258,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd258,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd2d4,e25cd2d4,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd2d4,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd350,e25cd350,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd350,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd3cc,e25cd3cc,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd3cc,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd448,e25cd448,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd448,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd4c4,e25cd4c4,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd4c4,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd540,e25cd540,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd540,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd5bc,e25cd5bc,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd5bc,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd638,e25cd638,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd638,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd6b4,e25cd6b4,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd6b4,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd730,e25cd730,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd730,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd7ac,e25cd7ac,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd7ac,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd828,e25cd828,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd828,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd8a4,e25cd8a4,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd8a4,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd920,e25cd920,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd920,0,0,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cd99c,e25cd99c,e25cdb0c,...) at esp6_ctlinput+0x73 pfctlinput2(6,e25cdb0c,e25cd99c,c3ba5c00,e25cdb30,...) at pfctlinput2+0x4a esp6_ctlinput(6,e25cdb0c,e25cdacc,84,c66a7400,...) at esp6_ctlinput+0x73 icmp6_input(e25cdc74,e25cdc5c,3a,1,0,...) at icmp6_input+0x25de ip6_input(c66a7400,c055f65d,c3a9ac30,c3ab1c00,0,...) at ip6_input+0xed9 netisr_processqueue(c08490d0,c3ab2000,0,0,0,...) at netisr_processqueue+0xdb swi_net(0,0,c07d0e15,46b,ffffffff,...) at swi_net+0xca ithread_loop(c3a78a80,e25cdd38,ffdfffff,ffffffff,ffefffff,...) at ithread_loop+0x1cb fork_exit(c05520a0,c3a78a80,e25cdd38) at fork_exit+0xa1 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xe25cdd70, ebp = 0 --- Uptime: 1h59m52s Physical memory: 1014 MB Dumping 141 MB: 126 110 94 78 62 46 30 14 #0 doadump () at pcpu.h:195 195 pcpu.h: No such file or directory. in pcpu.h (kgdb) bt #0 doadump () at pcpu.h:195 #1 0xc056b5e3 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409 #2 0xc056b81a in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:563 #3 0xc0790059 in dblfault_handler () at /usr/src/sys/i386/i386/trap.c:901 #4 0x00000000 in ?? () (kgdb) l *pfctlinput2+0x4a 0xc05b64ca is in pfctlinput2 (/usr/src/sys/kern/uipc_domain.c:444). 439 * correct way. the following check is made just for safety. 440 */ 441 if (dp->dom_family != sa->sa_family) 442 continue; 443 444 for (pr = dp->dom_protosw; pr < dp->dom_protoswNPROTOSW; pr++) 445 if (pr->pr_ctlinput) 446 (*pr->pr_ctlinput)(cmd, sa, ctlparam); 447 } 448 } (kgdb) l *esp6_ctlinput+0x73 0xc06d8ca3 is in esp6_ctlinput (/usr/src/sys/netipsec/ipsec_input.c:801). 796 * Then go to special cases that need ESP header information. 797 * XXX: We assume that when ip6 is non NULL, 798 * M and OFF are valid. 799 */ 800 801 if (cmd == PRC_MSGSIZE) { 802 struct secasvar *sav; 803 u_int32_t spi; 804 int valid; 805 (kgdb) Script done on Sun Aug 26 04:20:50 2007 -- PawelReceived on Mon Aug 27 2007 - 13:51:30 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:16 UTC