in6.c and panic: 0xc63dd000 must be migratable

Bjoern A. Zeeb bzeeb-lists at lists.zabbadoz.net
Sat Apr 9 01:02:46 UTC 2011 

On Fri, 8 Apr 2011, Doug Barton wrote:

> Bjoern,
>
> We're seeing something very similar to the following with pf and IPv6:

similar to what?

> http://pastebin.com/AJzXmEWe

> Kernel page fault with the following non-sleepable locks held:
> exclusive rw lle (lle) r = 0 (0xc9f90b08) locked @ /src/sys/netinet6/in6.c:2478
> shared rm PFil hook read/write mutex (PFil hook read/write mutex) r = 0 (0xc0ff4cd8) locked @ /src/sys/net/pfil.c:77
> exclusive rw rawinp (rawinp) r = 0 (0xd3139e88) locked @ /src/sys/netinet6/raw_ip6.c:415
> KDB: stack backtrace:
> #0 0xc091bcd7 at kdb_backtrace+0x47
> #1 0xc092dc45 at _witness_debugger+0x25
> #2 0xc092f15e at witness_warn+0x1fe
> #3 0xc0c42485 at trap+0x195
> #4 0xc0c28f2c at calltrap+0x6
> #5 0xc0a9e61d at nd6_output+0x3d
> #6 0xc04f5a4d at pf_route6+0x55d
> #7 0xc04f542d at pf_test6+0x129d
> #8 0xc04f82f7 at pf_check6_out+0x47
> #9 0xc09a6698 at pfil_run_hooks+0x98
> #10 0xc0a982c7 at ip6_output+0x11c7
> #11 0xc0aa68ff at rip6_output+0x46f
> #12 0xc0aa6e2c at rip6_send+0x17c
> #13 0xc0954afd at sosend_generic+0x50d
> #14 0xc095032f at sosend+0x3f
> #15 0xc0959e04 at kern_sendit+0x164
> #16 0xc095a021 at sendit+0xb1
> #17 0xc095a0c1 at sendmsg+0x71
> 
> 
> Fatal trap 12: page fault while in kernel mode
> cpuid = 1; apic id = 01
> fault virtual address	= 0xdeadc0e2

memory modified after free.


It would be helpful to include more data in your problem reports.

What freebsd release?
Can you reproduce it?  If so, how?

> fault code		= supervisor read, page not present
> instruction pointer	= 0x20:0xc0a9e355
> stack pointer	        = 0x28:0xf4af0590
> frame pointer	        = 0x28:0xf4af05fc
> code segment		= base 0x0, limit 0xfffff, type 0x1b
>			= DPL 0, pres 1, def32 1, gran 1
> processor eflags	= interrupt enabled, resume, IOPL = 0
> current process		= 28297 (ping6)
> trap number		= 12
> panic: page fault
> cpuid = 1
> KDB: stack backtrace:
> #0 0xc091bcd7 at kdb_backtrace+0x47
> #1 0xc08ec297 at panic+0x117
> #2 0xc0c41fb3 at trap_fatal+0x323
> #3 0xc0c42493 at trap+0x1a3
> #4 0xc0c28f2c at calltrap+0x6
> #5 0xc0a9e61d at nd6_output+0x3d
> #6 0xc04f5a4d at pf_route6+0x55d
> #7 0xc04f542d at pf_test6+0x129d
> #8 0xc04f82f7 at pf_check6_out+0x47
> #9 0xc09a6698 at pfil_run_hooks+0x98
> #10 0xc0a982c7 at ip6_output+0x11c7
> #11 0xc0aa68ff at rip6_output+0x46f
> #12 0xc0aa6e2c at rip6_send+0x17c
> #13 0xc0954afd at sosend_generic+0x50d
> #14 0xc095032f at sosend+0x3f
> #15 0xc0959e04 at kern_sendit+0x164
> #16 0xc095a021 at sendit+0xb1
> #17 0xc095a0c1 at sendmsg+0x71
> panic: 0xc63dd000 must be migratable
> cpuid = 1
> panic: 0xc63dd000 must be migratable
> cpuid = 1
> panic: 0xc63dd000 must be migratable
> cpuid = 1
> panic: 0xc63dd000 must be migratable
> cpuid = 1
> panic: 0xc63dd000 must be migratable
> cpuid = 1
> panic: 0xc63dd000 must be migratable
> cpuid = 1
> panic: 0xc63dd000 must be migratable
> cpuid = 1
>

Depsite being in the subject that's just follow-up problems, though thinking
about it (very wild guess) -- how many cores do you have and are you running
with flowtable enabled?



> I notice that you did some locking changes in r216022, could this be related?
>
>
> Doug
>
>

-- 
Bjoern A. Zeeb                                 You have to have visions!
          Stop bit received. Insert coin for new address family.

More information about the freebsd-net mailing list