Hi, This is a known issue and is being actively investigated. There are 2 known crash instances related to this issue. As a workaround, include "VIMAGE_GLOBALS" in your kernel config file will resolve this issue (assuming you are not using VIMAGE). The problem is the V_loif interface pointer is reinitialized to another ifnet that is different from what V_loif is set to in "lo_clone_create()". -- Qing -----Original Message----- From: owner-freebsd-current_at_freebsd.org on behalf of Norikatsu Shigemura Sent: Sun 5/17/2009 4:00 AM To: freebsd-current_at_freebsd.org Cc: Norikatsu Shigemura Subject: panic after dhclient in sys/net/if.c mtx_lock Hi. I got a panic after dhclient like following: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <118>re0: no link ... <118>. <118> got link <118>DHCPREQUEST on re0 to 255.255.255.255 port 67 <118> <118>DHCPREQUEST on re0 to 255.255.255.255 port 67 <118> <118>DHCPREQUEST on re0 to 255.255.255.255 port 67 <118> <118>DHCPACK from 192.168.36.1 <118> Fatal trap 12: page fault while in kernel mode cpuid = 1; apic id = 01 fault virtual address = 0x288 fault code = supervisor read data, page not present instruction pointer = 0x20:0xffffffff802bb31e stack pointer = 0x28:0xffffff80ec9167e0 frame pointer = 0x28:0xffffff80ec916800 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 542 (ifconfig) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - According to backtrace, I got following list: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (kgdb) bt #0 doadump () at pcpu.h:223 #1 0xffffffff8019306c in db_fncall (dummy1=Variable "dummy1" is not available. ) at /usr/src/sys/ddb/db_command.c:548 #2 0xffffffff801933a1 in db_command (last_cmdp=0xffffffff8070c9a0, cmd_table=Variable "cmd_table" is not available. ) at /usr/src/sys/ddb/db_command.c:445 #3 0xffffffff801935f0 in db_command_loop () at /usr/src/sys/ddb/db_command.c:498 #4 0xffffffff80195599 in db_trap (type=Variable "type" is not available. ) at /usr/src/sys/ddb/db_main.c:229 #5 0xffffffff802f9000 in kdb_trap (type=12, code=0, tf=0xffffff80ec916730) at /usr/src/sys/kern/subr_kdb.c:534 #6 0xffffffff8049e29d in trap_fatal (frame=0xffffff80ec916730, eva=Variable "eva" is not available. ) at /usr/src/sys/amd64/amd64/trap.c:847 #7 0xffffffff8049e674 in trap_pfault (frame=0xffffff80ec916730, usermode=0) at /usr/src/sys/amd64/amd64/trap.c:768 #8 0xffffffff8049f0bf in trap (frame=0xffffff80ec916730) at /usr/src/sys/amd64/amd64/trap.c:494 #9 0xffffffff80478d33 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:223 #10 0xffffffff802bb31e in _mtx_lock_sleep (m=0xffffff00050cae20, tid=18446742974297508528, opts=Variable "opts" is not available. ) at /usr/src/sys/kern/kern_mutex.c:340 #11 0xffffffff8036f4ad in ifaof_ifpforaddr (addr=0xffffffff806e4800, ifp=0xffffff00050caa00) at /usr/src/sys/net/if.c:1541 #12 0xffffffff8037b4d8 in rt_getifa_fib (info=0xffffff80ec9168d0, fibnum=0) at /usr/src/sys/net/route.c:745 #13 0xffffffff8037bc8d in rtrequest1_fib (req=Variable "req" is not available. ) at /usr/src/sys/net/route.c:1025 #14 0xffffffff8038650d in in_ifinit (ifp=Variable "ifp" is not available. ) at /usr/src/sys/netinet/in.c:921 #15 0xffffffff80387aeb in in_control (so=Variable "so" is not available. ) at /usr/src/sys/netinet/in.c:547 #16 0xffffffff80372d91 in ifioctl (so=0xffffff0005fa5510, cmd=2151704858, data=0xffffff000576bcc0 "re0", td=0xffffff0005ef8ab0) at /usr/src/sys/net/if.c:2226 #17 0xffffffff80307c1f in kern_ioctl (td=0xffffff0005ef8ab0, fd=Variable "fd" is not available. ) at file.h:262 #18 0xffffffff80307e51 in ioctl (td=0xffffff0005ef8ab0, uap=0xffffff80ec916c00) at /usr/src/sys/kern/sys_generic.c:677 #19 0xffffffff8049e8e7 in syscall (frame=0xffffff80ec916c90) at /usr/src/sys/amd64/amd64/trap.c:984 #20 0xffffffff80478fc0 in Xfast_syscall () at /usr/src/sys/amd64/amd64/exception.S:364 #21 0x0000000800a6d19c in ?? () Previous frame inner to this frame (corrupt stack?) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - So, I up 10 and print 'v' value: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (kgdb) up 10 #10 0xffffffff802bb31e in _mtx_lock_sleep (m=0xffffff00050cae20, tid=18446742974297508528, opts=Variable "opts" is not available. ) at /usr/src/sys/kern/kern_mutex.c:340 340 owner = (struct thread *)(v & ~MTX_FLAGMASK); (kgdb) p v $1 = 0 (kgdb) p m $2 = (struct mtx *) 0xffffff00050cae20 (kgdb) p *m $3 = {lock_object = {lo_name = 0x0, lo_flags = 0, lo_data = 0, lo_witness = 0x0}, mtx_lock = 0} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - In this time, mtx_lock == NULL. So more up: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (kgdb) up #11 0xffffffff8036f4ad in ifaof_ifpforaddr (addr=0xffffffff806e4800, ifp=0xffffff00050caa00) at /usr/src/sys/net/if.c:1541 1541 IF_ADDR_LOCK(ifp); (kgdb) p *ifp $4 = {if_softc = 0xffffff00050caa90, if_l2com = 0x0, if_vnet = 0xffffffff80393b30, if_link = {tqe_next = 0x0, tqe_prev = 0xffffffff80379700}, if_xname = "\000\000\000\000\000\000\000\000:9\200", if_dname = 0xffffffff80379f20 "UH\211H\211H\203 H\205H\211]L\211mH\211L\211eI\211u\025H\213]L\213eH\211L\213m?\001", if_dunit = 0, if_refcount = 0, if_addrhead = {tqh_first = 0xffffffff803790a0, tqh_last = 0xffffffff80378f50}, if_klist = {kl_list = { slh_first = 0xffffffff80393700}, kl_lock = 0, kl_unlock = 0xffffff0005f49b20, kl_locked = 0x600ffdf, kl_lockarg = 0xffffff000516b180}, if_pcount = 0, if_carp = 0x0, if_bpf = 0x0, if_index = 43664, if_timer = 1292, if_vlantrunk = 0x6800020, if_flags = 4, if_capabilities = 0, if_capenable = 99916576, if_linkmib = 0xffffff000b1c8350, if_linkmiblen = 0, if_data = {ifi_type = 80 'P', ifi_physical = 131 '\203', ifi_addrlen = 28 '\034', ifi_hdrlen = 11 '\v', ifi_link_state = 0 '\0', ifi_spare_char1 = 255 '', ifi_spare_char2 = 255 '', ifi_datalen = 255 '', ifi_mtu = 100728799, ifi_metric = 18446742974283297180, ifi_baudrate = 0, ifi_ipackets = 0, ifi_ierrors = 1, ifi_opackets = 18446744071567800714, ifi_oerrors = 69926912, ifi_collisions = 0, ifi_ibytes = 1, ifi_obytes = 0, ifi_imcasts = 0, ifi_omcasts = 0, ifi_iqdrops = 0, ifi_noproto = 0, ifi_hwassist = 0, ifi_epoch = 0, ifi_lastchange = {tv_sec = 0, tv_usec = 0}}, if_multiaddrs = {tqh_first = 0x0, tqh_last = 0x0}, if_amcount = 0, if_output = 0, if_input = 0, if_start = 0, if_ioctl = 0, if_watchdog = 0, if_init = 0, if_resolvemulti = 0, if_qflush = 0, if_transmit = 0, if_addr = 0x0, if_llsoftc = 0x0, if_drv_flags = 0, if_snd = {ifq_head = 0x0, ifq_tail = 0x0, ifq_len = 0, ifq_maxlen = 0, ifq_drops = 0, ifq_mtx = {lock_object = {lo_name = 0x0, lo_flags = 84716688, lo_data = 4294967040, lo_witness = 0x0}, mtx_lock = 18446744071565818672}, ifq_drv_head = 0x0, ifq_drv_tail = 0xffffffff80379700, ifq_drv_len = 0, ifq_drv_maxlen = 0, altq_type = -2143733008, altq_flags = -1, altq_disc = 0xffffffff80379f20, altq_ifp = 0x0, altq_enqueue = 0xffffffff803790a0 <rn_walktree>, altq_dequeue = 0xffffffff80378f50 <rn_walktree_from>, altq_request = 0xffffffff80393700 <in_clsroute>, altq_clfier = 0x0, altq_classify = 0xffffff0005f49be8, altq_tbr = 0x600ffdf, altq_cdnr = 0xffffff000516b180}, if_broadcastaddr = 0x0, if_bridge = 0x0, if_label = 0x0, if_prefixhead = {tqh_first = 0xffffff00050cac90, tqh_last = 0x6800020}, if_afdata = {0x4, 0xffffff0005f49be8, 0xffffff000b1c8418, 0x0, 0xffffff000b1c8418, 0x600ffdf, 0xffffff000516b19c, 0x0, 0x0, 0x1, 0xffffffff8057798a, 0x42b0000, 0x0, 0xffffff0005ef8ab0, 0x0 <repeats 24 times>}, if_afdata_initialized = 0, if_afdata_lock = {lock_object = {lo_name = 0x0, lo_flags = 0, lo_data = 0, lo_witness = 0x0}, rw_lock = 0}, if_linktask = { ta_link = {stqe_next = 0x0}, ta_pending = 0, ta_priority = 0, ta_func = 0, ta_context = 0x0}, if_addr_mtx = {lock_object = {lo_name = 0x0, lo_flags = 0, lo_data = 0, lo_witness = 0x0}, mtx_lock = 0}, if_clones = {le_next = 0x0, le_prev = 0x0}, if_groups = {tqh_first = 0x0, tqh_last = 0x0}, if_pf_kif = 0x0, if_lagg = 0x0, if_alloctype = 0 '\0', if_cspare = "\000\000", if_pspare = {0x0, 0x0, ---Type <return> to continue, or q <return> to quit--- 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, if_ispare = {0, 0, 0, 0}} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Sorry, I don't have any idea. Is above report OK? _______________________________________________ freebsd-current_at_freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org"Received on Sun May 17 2009 - 15:08:15 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:47 UTC