[Bug 268840] tunnel interface destruction leads to a crash

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 09 Jan 2023 12:14:03 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268840

            Bug ID: 268840
           Summary: tunnel interface destruction leads to a crash
           Product: Base System
           Version: 13.1-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: eugene@zhegan.in

Tunnel interface destruction leads to a crash.
Reproducible with if_ipsec(4) and if_gre(4) at least.

Workaround: down the interface with ifconfig.

13.1-RELEASE/amd64:

===Cut===
[root@ronin:/var/crash]# kgdb /boot/kernel/kernel /var/crash/vmcore.1
GNU gdb (GDB) 12.1 [GDB v12.1 for FreeBSD]
Copyright (C) 2022 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd13.1".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /boot/kernel/kernel...
Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug...

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x238
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff80db2c80
stack pointer           = 0x28:0xfffffe001b1cecd0
frame pointer           = 0x28:0xfffffe001b1ced00
code segment            = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 0 (softirq_0)
trap number             = 12
panic: page fault
cpuid = 0
time = 1670863158
KDB: stack backtrace:
#0 0xffffffff80c69465 at kdb_backtrace+0x65
#1 0xffffffff80c1bb1f at vpanic+0x17f
#2 0xffffffff80c1b993 at panic+0x43
#3 0xffffffff810afdf5 at trap_fatal+0x385
#4 0xffffffff810afe4f at trap_pfault+0x4f
#5 0xffffffff81087528 at calltrap+0x8
#6 0xffffffff80dbb77f at in_leavegroup_locked+0x9f
#7 0xffffffff80dbbab5 at inp_freemoptions+0x155
#8 0xffffffff80dc2095 at in_pcbfree_deferred+0x195
#9 0xffffffff80c6412a at epoch_call_task+0x16a
#10 0xffffffff80c67e9d at gtaskqueue_run_locked+0x15d
#11 0xffffffff80c67b12 at gtaskqueue_thread_loop+0xc2
#12 0xffffffff80bd8a5e at fork_exit+0x7e
#13 0xffffffff8108859e at fork_trampoline+0xe
Uptime: 1m22s
Dumping 889 out of 16214 MB:..2%..11%..22%..31%..42%..51%..62%..71%..81%..92%

__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
55              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct
pcpu,
(kgdb) bt
#0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:399
#2  0xffffffff80c1b71c in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:487
#3  0xffffffff80c1bb8e in vpanic (fmt=0xffffffff811b4fb9 "%s", ap=<optimized
out>)
at /usr/src/sys/kern/kern_shutdown.c:920
#4  0xffffffff80c1b993 in panic (fmt=<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:844
#5  0xffffffff810afdf5 in trap_fatal (frame=0xfffffe001b1cec10, eva=568) at
/usr/src/sys/amd64/amd64/trap.c:944
#6  0xffffffff810afe4f in trap_pfault (frame=0xfffffe001b1cec10,
usermode=false, signo=<optimized out>,
ucode=<optimized out>) at /usr/src/sys/amd64/amd64/trap.c:763
#7  <signal handler called>
#8  igmp_change_state (inm=inm@entry=0xfffff801a588a600) at
/usr/src/sys/netinet/igmp.c:2340
#9  0xffffffff80dbb77f in in_leavegroup_locked
(inm=inm@entry=0xfffff801a588a600, imf=imf@entry=0xfffff8002d857dc0)
at /usr/src/sys/netinet/in_mcast.c:1355
#10 0xffffffff80dbbab5 in in_leavegroup (inm=0xfffff801a588a600,
imf=0xfffff8002d857dc0)
at /usr/src/sys/netinet/in_mcast.c:1297
#11 inp_gcmoptions (imo=<optimized out>) at
/usr/src/sys/netinet/in_mcast.c:1634
#12 inp_freemoptions (imo=<optimized out>, imo@entry=0xfffff8002d71b8c0) at
/usr/src/sys/netinet/in_mcast.c:1656
#13 0xffffffff80dc2095 in in_pcbfree_deferred (ctx=0xfffff80119ec27b0) at
/usr/src/sys/netinet/in_pcb.c:1745
#14 0xffffffff80c6412a in epoch_call_task (arg=<optimized out>) at
/usr/src/sys/kern/subr_epoch.c:819
#15 0xffffffff80c67e9d in gtaskqueue_run_locked
(queue=queue@entry=0xfffff800031ec100)
at /usr/src/sys/kern/subr_gtaskqueue.c:371
#16 0xffffffff80c67b12 in gtaskqueue_thread_loop (arg=<optimized out>,
arg@entry=0xfffffe001dfe4008)
at /usr/src/sys/kern/subr_gtaskqueue.c:547
#17 0xffffffff80bd8a5e in fork_exit (callout=0xffffffff80c67a50
<gtaskqueue_thread_loop>, arg=0xfffffe001dfe4008,
frame=0xfffffe001b1cef40) at /usr/src/sys/kern/kern_fork.c:1093
#18 <signal handler called>
#19 mi_startup () at /usr/src/sys/kern/init_main.c:322
Backtrace stopped: Cannot access memory at address 0x8
(kgdb)
quit
===Cut===

another one, same server:

===Cut===
[root@ronin:/var/crash]# kgdb /boot/kernel/kernel /var/crash/vmcore.2
GNU gdb (GDB) 12.1 [GDB v12.1 for FreeBSD]
Copyright (C) 2022 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd13.1".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /boot/kernel/kernel...
Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug...

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 2; apic id = 04
fault virtual address   = 0x238
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff80db2c80
stack pointer           = 0x0:0xfffffe00c3ff4cd0
frame pointer           = 0x0:0xfffffe00c3ff4d00
code segment            = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 0 (softirq_2)
trap number             = 12
panic: page fault
cpuid = 2
time = 1670863429
KDB: stack backtrace:
#0 0xffffffff80c69465 at kdb_backtrace+0x65
#1 0xffffffff80c1bb1f at vpanic+0x17f
#2 0xffffffff80c1b993 at panic+0x43
#3 0xffffffff810afdf5 at trap_fatal+0x385
#4 0xffffffff810afe4f at trap_pfault+0x4f
#5 0xffffffff81087528 at calltrap+0x8
#6 0xffffffff80dbb77f at in_leavegroup_locked+0x9f
#7 0xffffffff80dbbab5 at inp_freemoptions+0x155
#8 0xffffffff80dc2095 at in_pcbfree_deferred+0x195
#9 0xffffffff80c6412a at epoch_call_task+0x16a
#10 0xffffffff80c67e9d at gtaskqueue_run_locked+0x15d
#11 0xffffffff80c67b12 at gtaskqueue_thread_loop+0xc2
#12 0xffffffff80bd8a5e at fork_exit+0x7e
#13 0xffffffff8108859e at fork_trampoline+0xe
Uptime: 4m5s
Dumping 1151 out of 16214 MB:..2%..12%..21%..31%..41%..51%..62%..71%..81%..91%

__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
55              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct
pcpu,
(kgdb) bt
#0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:399
#2  0xffffffff80c1b71c in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:487
#3  0xffffffff80c1bb8e in vpanic (fmt=0xffffffff811b4fb9 "%s", ap=<optimized
out>)
at /usr/src/sys/kern/kern_shutdown.c:920
#4  0xffffffff80c1b993 in panic (fmt=<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:844
#5  0xffffffff810afdf5 in trap_fatal (frame=0xfffffe00c3ff4c10, eva=568) at
/usr/src/sys/amd64/amd64/trap.c:944
#6  0xffffffff810afe4f in trap_pfault (frame=0xfffffe00c3ff4c10,
usermode=false, signo=<optimized out>,
ucode=<optimized out>) at /usr/src/sys/amd64/amd64/trap.c:763
#7  <signal handler called>
#8  igmp_change_state (inm=inm@entry=0xfffff801d1a0b000) at
/usr/src/sys/netinet/igmp.c:2340
#9  0xffffffff80dbb77f in in_leavegroup_locked
(inm=inm@entry=0xfffff801d1a0b000, imf=imf@entry=0xfffff801d0cc01c0)
at /usr/src/sys/netinet/in_mcast.c:1355
#10 0xffffffff80dbbab5 in in_leavegroup (inm=0xfffff801d1a0b000,
imf=0xfffff801d0cc01c0)
at /usr/src/sys/netinet/in_mcast.c:1297
#11 inp_gcmoptions (imo=<optimized out>) at
/usr/src/sys/netinet/in_mcast.c:1634
#12 inp_freemoptions (imo=<optimized out>, imo@entry=0xfffff801d561ba00) at
/usr/src/sys/netinet/in_mcast.c:1656
#13 0xffffffff80dc2095 in in_pcbfree_deferred (ctx=0xfffff801d5d2d5c0) at
/usr/src/sys/netinet/in_pcb.c:1745
#14 0xffffffff80c6412a in epoch_call_task (arg=<optimized out>) at
/usr/src/sys/kern/subr_epoch.c:819
#15 0xffffffff80c67e9d in gtaskqueue_run_locked
(queue=queue@entry=0xfffff800031ebc00)
at /usr/src/sys/kern/subr_gtaskqueue.c:371
#16 0xffffffff80c67b12 in gtaskqueue_thread_loop (arg=<optimized out>,
arg@entry=0xfffffe001dfe4038)
at /usr/src/sys/kern/subr_gtaskqueue.c:547
#17 0xffffffff80bd8a5e in fork_exit (callout=0xffffffff80c67a50
<gtaskqueue_thread_loop>, arg=0xfffffe001dfe4038,
frame=0xfffffe00c3ff4f40) at /usr/src/sys/kern/kern_fork.c:1093
#18 <signal handler called>
#19 mi_startup () at /usr/src/sys/kern/init_main.c:322
Backtrace stopped: Cannot access memory at address 0xe
(kgdb)
===Cut===

older versions (I realize nobody is interrested in seeing older stuff by
probably this will help to understand how old the bug is):


13.0-RELEASE/amd64:

===Cut===
[root@shogun:/var/crash]# kgdb /boot/kernel/kernel vmcore.0 
GNU gdb (GDB) 11.1 [GDB v11.1 for FreeBSD]
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd13.0".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /boot/kernel/kernel...
Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug...

Unread portion of the kernel message buffer:
gw sdl_len too small


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x238
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff80d9e3f0
stack pointer           = 0x0:0xfffffe000e18dad0
frame pointer           = 0x0:0xfffffe000e18db00
code segment            = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 0 (softirq_0)
trap number             = 12
panic: page fault
cpuid = 0
time = 1670864052
KDB: stack backtrace:
#0 0xffffffff80c58345 at kdb_backtrace+0x65
#1 0xffffffff80c0ad21 at vpanic+0x181
#2 0xffffffff80c0ab93 at panic+0x43
#3 0xffffffff81097187 at trap_fatal+0x387
#4 0xffffffff810971df at trap_pfault+0x4f
#5 0xffffffff8109683d at trap+0x27d
#6 0xffffffff8106d888 at calltrap+0x8
#7 0xffffffff80da6aef at in_leavegroup_locked+0x9f
#8 0xffffffff80da6e28 at inp_freemoptions+0x148
#9 0xffffffff80dadd99 at in_pcbfree_deferred+0x199
#10 0xffffffff80c530ba at epoch_call_task+0x16a
#11 0xffffffff80c56dad at gtaskqueue_run_locked+0x15d
#12 0xffffffff80c56a4c at gtaskqueue_thread_loop+0xac
#13 0xffffffff80bc8c5e at fork_exit+0x7e
#14 0xffffffff8106e90e at fork_trampoline+0xe
Uptime: 114d13h59m39s
Dumping 2218 out of 8148 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%

__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
55              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct
pcpu,
(kgdb) bt
#0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:399
#2  0xffffffff80c0a916 in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:486
#3  0xffffffff80c0ad90 in vpanic (fmt=<optimized out>, ap=<optimized out>) at
/usr/src/sys/kern/kern_shutdown.c:919
#4  0xffffffff80c0ab93 in panic (fmt=<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:843
#5  0xffffffff81097187 in trap_fatal (frame=0xfffffe000e18da10, eva=568) at
/usr/src/sys/amd64/amd64/trap.c:915
#6  0xffffffff810971df in trap_pfault (frame=frame@entry=0xfffffe000e18da10,
usermode=false, signo=<optimized out>,
signo@entry=0x0, ucode=<optimized out>, ucode@entry=0x0) at
/usr/src/sys/amd64/amd64/trap.c:732
#7  0xffffffff8109683d in trap (frame=0xfffffe000e18da10) at
/usr/src/sys/amd64/amd64/trap.c:398
#8  <signal handler called>
#9  igmp_change_state (inm=inm@entry=0xfffff8009835c800) at
/usr/src/sys/netinet/igmp.c:2340
#10 0xffffffff80da6aef in in_leavegroup_locked
(inm=inm@entry=0xfffff8009835c800, imf=imf@entry=0xfffff8003e1d6380)
at /usr/src/sys/netinet/in_mcast.c:1355
#11 0xffffffff80da6e28 in in_leavegroup (inm=0xfffff8009835c800,
imf=0xfffff8003e1d6380)
at /usr/src/sys/netinet/in_mcast.c:1297
#12 inp_gcmoptions (imo=<optimized out>) at
/usr/src/sys/netinet/in_mcast.c:1634
#13 inp_freemoptions (imo=<optimized out>, imo@entry=0xfffff800150ffb00) at
/usr/src/sys/netinet/in_mcast.c:1656
#14 0xffffffff80dadd99 in in_pcbfree_deferred (ctx=0xfffff80098b3bf30) at
/usr/src/sys/netinet/in_pcb.c:1740
#15 0xffffffff80c530ba in epoch_call_task (arg=<optimized out>) at
/usr/src/sys/kern/subr_epoch.c:816
#16 0xffffffff80c56dad in gtaskqueue_run_locked
(queue=queue@entry=0xfffff80003613900)
at /usr/src/sys/kern/subr_gtaskqueue.c:371
#17 0xffffffff80c56a4c in gtaskqueue_thread_loop (arg=<optimized out>,
arg@entry=0xfffffe000f9af008)
at /usr/src/sys/kern/subr_gtaskqueue.c:547
#18 0xffffffff80bc8c5e in fork_exit (callout=0xffffffff80c569a0
<gtaskqueue_thread_loop>, arg=0xfffffe000f9af008,
frame=0xfffffe000e18dd40) at /usr/src/sys/kern/kern_fork.c:1069
#19 <signal handler called>
(kgdb)
===Cut===


12.0-STABLE/amd64:

===Cut===
[root@gw:/boot]# kgdb /boot/kernel.old/kernel /var/crash/vmcore.0
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 2; apic id = 04
fault virtual address   = 0x218
fault code              = supervisor read data  , page not present
instruction pointer     = 0x20:0xffffffff80d41c57
stack pointer           = 0x0:0xfffffe0025177860
frame pointer           = 0x0:0xfffffe0025177890
code segment            = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 0 (softirq_2)
trap number             = 12
panic: page fault
cpuid = 2
time = 1670863725
KDB: stack backtrace:
#0 0xffffffff80c15f97 at kdb_backtrace+0x67
#1 0xffffffff80bc9e6d at vpanic+0x19d
#2 0xffffffff80bc9cc3 at panic+0x43
#3 0xffffffff810a6544 at trap_fatal+0x394
#4 0xffffffff810a65a9 at trap_pfault+0x49
#5 0xffffffff810a5b8f at trap+0x29f
#6 0xffffffff8107ff55 at calltrap+0x8
#7 0xffffffff80d4a146 at in_leavegroup_locked+0x96
#8 0xffffffff80d4a508 at inp_freemoptions+0x1b8
#9 0xffffffff80d50fda at in_pcbfree_deferred+0x15a
#10 0xffffffff80c1089a at epoch_call_task+0x1ca
#11 0xffffffff80c14864 at gtaskqueue_run_locked+0x144
#12 0xffffffff80c144c8 at gtaskqueue_thread_loop+0x98
#13 0xffffffff80b8ab03 at fork_exit+0x83
#14 0xffffffff81080f4e at fork_trampoline+0xe
Uptime: 207d6h2m4s
Dumping 1636 out of 3945 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%

Reading symbols from /boot/kernel.old/fuse.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/fuse.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/fuse.ko
Reading symbols from /boot/kernel.old/ipfw_nat.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/ipfw_nat.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/ipfw_nat.ko
Reading symbols from /boot/kernel.old/ipfw.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/ipfw.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/ipfw.ko
Reading symbols from /boot/kernel.old/libalias.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/libalias.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/libalias.ko
Reading symbols from /boot/kernel.old/if_lagg.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/if_lagg.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/if_lagg.ko
Reading symbols from /boot/kernel.old/speaker.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/speaker.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/speaker.ko
Reading symbols from /boot/kernel.old/accf_data.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/accf_data.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/accf_data.ko
Reading symbols from /boot/kernel.old/zfs.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/zfs.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/zfs.ko
Reading symbols from /boot/kernel.old/opensolaris.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/opensolaris.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/opensolaris.ko
Reading symbols from /boot/kernel.old/coretemp.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/coretemp.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/coretemp.ko
Reading symbols from /boot/kernel.old/if_gre.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/if_gre.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/if_gre.ko
Reading symbols from /boot/kernel.old/mac_ntpd.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/mac_ntpd.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/mac_ntpd.ko
Reading symbols from /boot/kernel.old/smbfs.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/smbfs.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/smbfs.ko
Reading symbols from /boot/kernel.old/libiconv.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/libiconv.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/libiconv.ko
Reading symbols from /boot/kernel.old/libmchain.ko...Reading symbols from
/usr/lib/debug//boot/kernel.old/libmchain.ko.debug...done.
done.
Loaded symbols for /boot/kernel.old/libmchain.ko
#0  0xffffffff8121d3df in cpustop_handler () at
/usr/src/sys/x86/x86/mp_x86.c:1394

warning: Source file is more recent than executable.

1394             */
(kgdb) bt
#0  0xffffffff8121d3df in cpustop_handler () at
/usr/src/sys/x86/x86/mp_x86.c:1394
#1  0xffffffff8121d3a0 in ipi_nmi_handler () at
/usr/src/sys/x86/x86/mp_x86.c:1355
#2  0xffffffff810a5938 in trap (frame=0xffffffff81fb47b0) at
/usr/src/sys/amd64/amd64/trap.c:206
#3  0xffffffff81080c6d in nmi_calltrap () at
/usr/src/sys/amd64/amd64/exception.S:778
#4  0xffffffff8120e060 in acpi_cpu_idle_mwait (mwait_hint=0) at
src/sys/amd64/include/cpufunc.h:627
Previous frame inner to this frame (corrupt stack?)
Current language:  auto; currently minimal
(kgdb)
===Cut===

-- 
You are receiving this mail because:
You are the assignee for the bug.