Hi,
I have a reproducible panic, mostly tested in 4.9-GENERIC but seems to be
present in 5.0-current as well. The trace makes me believe that the crash is
on line 454 in net/trunklacp.c:
old_state = lp->lp_state;
The steps to reproduce is:
# ifconfig trunk0 create
# ifconfig trunk0 trunkproto lacp
# trunk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:00:00:00:00
priority: 0
trunk: trunkproto lacp
trunk id: [(0000,00:00:00:00:00:00,0000,0000,0000),
(0000,00:00:00:00:00:00,0000,0000,0000)]
groups: trunk lan
media: Ethernet autoselect
status: no carrier
inet6 fe80::290:fbff:fe3b:1e40%trunk0 prefixlen 64 scopeid 0x9
inet 192.168.66.1 netmask 0xffffff00 broadcast 192.168.66.255
# ifconfig trunk0 trunkproto roundrobin
# ifconfig trunk0
trunk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:00:00:00:00
priority: 0
trunk: trunkproto roundrobin
groups: trunk lan
media: Ethernet autoselect
status: no carrier
inet6 fe80::290:fbff:fe3b:1e40%trunk0 prefixlen 64 scopeid 0x9
inet 192.168.66.1 netmask 0xffffff00 broadcast 192.168.66.255
# ifconfig trunk0 trunkport em2
ifconfig: SIOCSTRUNKPORT: Network is down
# ifconfig em2 up
# ifconfig trunk0 trunkport em2
uvm_fault(0xd0955340, 0x0, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at lacp_linkstate+0x17: movzbl 0x3c(%ebx),%esi
ddb> ps
PID PPID PGRP UID S FLAGS WAIT COMMAND
7045 32229 7045 0 3 0x4080 ttyin ksh
32229 8627 32229 0 3 0x4180 select sshd
26382 16832 16832 77 3 0x4180 poll dhcpd
22588 5320 22588 0 3 0x4080 ttyin ksh
5320 8627 5320 0 3 0x4180 select sshd
6552 21601 21601 67 3 0x180 semwait httpd
19543 21601 21601 67 3 0x180 semwait httpd
11361 21601 21601 67 3 0x180 netio httpd
15489 21601 21601 67 3 0x180 semwait httpd
13448 21601 21601 67 3 0x180 select httpd
3628 1 3628 0 3 0x4080 ttyin getty
7064 1 7064 0 3 0x4080 ttyin getty
4587 1 4587 0 3 0x4080 ttyin getty
4280 1 4280 0 3 0x4080 ttyin getty
20173 1 20173 0 3 0x4080 ttyin getty
20512 1 20512 0 3 0x4080 ttyin getty
21601 16832 21601 67 3 0x4180 select httpd
8627 16832 16832 0 3 0x4080 select sshd
23245 1 18710 0 3 0x4080 poll statd
20818 1824 1824 74 3 0x180 bpf pflogd
1824 1 1824 0 3 0x80 netio pflogd
25185 1 25185 0 3 0x80 select cron
29662 31966 31966 73 2 0x180 syslogd
31966 1 31966 0 3 0x88 netio syslogd
16832 1 16832 0 3 0x80 poll backend
10388 1 10388 0 3 0x80 mfsidl mount_mfs
4638 1 4638 0 3 0x80 mfsidl mount_mfs
7611 1 7611 0 3 0x80 mfsidl mount_mfs
16548 1 16548 0 3 0x80 mfsidl mount_mfs
15 0 0 0 3 0x100200 aiodoned aiodoned
14 0 0 0 3 0x100200 syncer update
13 0 0 0 3 0x100200 cleaner cleaner
12 0 0 0 3 0x100200 reaper reaper
11 0 0 0 3 0x100200 pgdaemon pagedaemon
10 0 0 0 3 0x100200 bored crypto
9 0 0 0 3 0x100200 pftm pfpurge
8 0 0 0 3 0x100200 usbtsk usbtask
7 0 0 0 3 0x100200 usbatsk usbatsk
6 0 0 0 3 0x100200 bored intelrel
5 0 0 0 3 0x100200 acpi0 acpi0
4 0 0 0 3 0x100200 bored syswq
* 3 0 0 0 7 0x40100200 idle0
2 0 0 0 3 0x100200 kmalloc kmthread
1 0 1 0 3 0x4080 wait init
0 -1 0 0 3 0x80200 scheduler swapper
ddb> trace
lacp_linkstate(d19f3480,d146d030,0,d1497d80,d17e1150)
trunk_port_state(d19f3480,0,d146d030,d146d030,d146d000) at
trunk_port_state+0x29
dohooks(d1327ed0,0,d146d4f4,81000006,81000006) at dohooks+0x29
if_link_state_change(d146d030,ffffffff,c0,d9baff14,d052b5e7) at
if_link_state_change+0x2d
em_intr(d146d000) at em_intr+0xf8
Xintr_ioapic2() at Xintr_ioapic2+0x6e
--- interrupt ---
cpu_idle_cycle(d0a016c0) at cpu_idle_cycle+0xf
Bad frame pointer: 0xd0aa3e48
... at lacp_linkstate+0x17
# grep "<lacp_linkstate>:" trunklacp.dis
00001850 <lacp_linkstate>:
00001850+0x17 = 0x1867
../../../../net/trunklacp.c:454
1867: 0f b6 73 3c movzbl 0x3c(%ebx),%esi
vim ../../../../net/trunklacp.c
454 old_state = lp->lp_state;
ddb> dmesg
OpenBSD 4.9 (GENERIC) #3: Thu Oct 20 15:31:34 CEST 2011
[email protected]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Atom(TM) CPU N450 @ 1.66GHz ("GenuineIntel" 686-class) 1.67
GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,
DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,
xT
PR,PDCM,MOVBE
real mem = 526528512 (502MB)
avail mem = 508805120 (485MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/21/11, BIOS32 rev. 0 @ 0xf0010,
SMBIOS
rev. 2.6 @ 0xfcdc0 (25 entries)
bios0: vendor American Megatrends Inc. version "080015" date 07/21/2011
acpi0 at bios0: rev 0
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG OEMB HPET ASF! GSCI
acpi0: wakeup devices P0P1(S4) USB0(S4) USB1(S4) USB2(S4) USB3(S4) EUSB(S4)
P0P
4(S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) HDAC(S4) USB4(S4) USB5(S4)
U
SBE(S4) GBEC(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 166MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 1, remapped to apid 2
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-255
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P1)
acpiprt2 at acpi0: bus 2 (P0P4)
acpiprt3 at acpi0: bus 3 (P0P5)
acpiprt4 at acpi0: bus 4 (P0P6)
acpiprt5 at acpi0: bus 5 (P0P7)
acpiprt6 at acpi0: bus -1 (P0P8)
acpiprt7 at acpi0: bus -1 (P0P9)
acpicpu0 at acpi0
acpibtn0 at acpi0: PWRB
bios0: ROM list: 0xc0000/0xda00! 0xce000/0x1000 0xcf000/0x1000
cpu0: unknown Enhanced SpeedStep CPU, msr 0x06130a2406000a24
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 1667 MHz: speeds: 1667, 1000 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel Pineview DMI" rev 0x00
vga1 at pci0 dev 2 function 0 "Intel Pineview Video" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xd0000000, size 0x10000000
inteldrm0 at vga1: apic 2 int 16 (irq 3)
drm0 at inteldrm0
"Intel Pineview Video" rev 0x00 at pci0 dev 2 function 1 not configured
ppb0 at pci0 dev 28 function 0 "Intel 82801H PCIE" rev 0x03: apic 2 int 22
(irq
10)
pci1 at ppb0 bus 2
em0 at pci1 dev 0 function 0 "Intel PRO/1000 (82583V)" rev 0x00: apic 2 int 16
(
irq 3), address 00:90:fb:3b:1e:40
ppb1 at pci0 dev 28 function 1 "Intel 82801H PCIE" rev 0x03: apic 2 int 23
(irq
11)
pci2 at ppb1 bus 3
em1 at pci2 dev 0 function 0 "Intel PRO/1000 (82583V)" rev 0x00: apic 2 int 17
(
irq 10), address 00:90:fb:3b:1e:41
ppb2 at pci0 dev 28 function 2 "Intel 82801H PCIE" rev 0x03: apic 2 int 20
(irq
5)
pci3 at ppb2 bus 4
em2 at pci3 dev 0 function 0 "Intel PRO/1000 (82583V)" rev 0x00: apic 2 int 18
(
irq 6), address 00:90:fb:3b:1e:42
ppb3 at pci0 dev 28 function 3 "Intel 82801H PCIE" rev 0x03: apic 2 int 21
(irq
15)
pci4 at ppb3 bus 5
em3 at pci4 dev 0 function 0 "Intel PRO/1000 (82583V)" rev 0x00: apic 2 int 19
(
irq 11), address 00:90:fb:3b:1e:43
uhci0 at pci0 dev 29 function 0 "Intel 82801H USB" rev 0x03: apic 2 int 23
(irq
11)
uhci1 at pci0 dev 29 function 1 "Intel 82801H USB" rev 0x03: apic 2 int 19
(irq
11)
ehci0 at pci0 dev 29 function 7 "Intel 82801H USB" rev 0x03: apic 2 int 23
(irq
11)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb4 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xf3
pci5 at ppb4 bus 1
ichpcib0 at pci0 dev 31 function 0 "Intel 82801HBM LPC" rev 0x03: PM disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801HBM IDE" rev 0x03: DMA, channel
0
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: <512MB CompactFlash Card>
wd0: 1-sector PIO, LBA, 488MB, 1000944 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 31 function 2 "Intel 82801HBM SATA" rev 0x03: DMA, channel
0
configured to native-PCI, channel 1 configured to native-PCI
pciide1: using apic 2 int 18 (irq 6) for native-PCI interrupt
ichiic0 at pci0 dev 31 function 3 "Intel 82801H SMBus" rev 0x03: apic 2 int 17
(
irq 11)
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 512MB DDR2 SDRAM non-parity PC2-5300CL5 SO-DIMM
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
wbsio0 at isa0 port 0x2e/2: W83627DHG rev 0x23
lm1 at wbsio0 port 0xa00/8: W83627DHG
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
mtrr: Pentium Pro MTRR support
rum0 at uhub0 port 2 "Ralink Technology RT2573" rev 2.00/0.01 addr 2
rum0: MAC/BBP RT2573 (rev 0x2573a), RF RT2528, address 00:1f:1f:37:3c:cc
vscsi0 at root
scsibus0 at vscsi0: 256 targets
softraid0 at root
root on wd0e swap on wd0b dump on wd0b
WARNING: / was not properly unmounted
rum0: failed loadfirmware of file rum-rt2573 (error 2)
rum0: timeout waiting for BBP
rum0: timeout waiting for BBP
rum0: timeout waiting for BBP
syncing disks...
OpenBSD 4.9 (HOS) #3: Thu Oct 20 15:31:34 CEST 2011
[email protected]:/usr/src/sys/arch/i386/compile/HOS
cpu0: Intel(R) Atom(TM) CPU N450 @ 1.66GHz ("GenuineIntel" 686-class) 1.67
GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,
DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,
xT
PR,PDCM,MOVBE
real mem = 526528512 (502MB)
avail mem = 508805120 (485MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/21/11, BIOS32 rev. 0 @ 0xf0010,
SMBIOS
rev. 2.6 @ 0xfcdc0 (25 entries)
bios0: vendor American Megatrends Inc. version "080015" date 07/21/2011
acpi0 at bios0: rev 0
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG OEMB HPET ASF! GSCI
acpi0: wakeup devices P0P1(S4) USB0(S4) USB1(S4) USB2(S4) USB3(S4) EUSB(S4)
P0P
4(S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) HDAC(S4) USB4(S4) USB5(S4)
U
SBE(S4) GBEC(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 166MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 1, remapped to apid 2
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-255
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P1)
acpiprt2 at acpi0: bus 2 (P0P4)
acpiprt3 at acpi0: bus 3 (P0P5)
acpiprt4 at acpi0: bus 4 (P0P6)
acpiprt5 at acpi0: bus 5 (P0P7)
acpiprt6 at acpi0: bus -1 (P0P8)
acpiprt7 at acpi0: bus -1 (P0P9)
acpicpu0 at acpi0
acpibtn0 at acpi0: PWRB
bios0: ROM list: 0xc0000/0xda00! 0xce000/0x1000 0xcf000/0x1000
cpu0: unknown Enhanced SpeedStep CPU, msr 0x06130a2406000a24
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 1667 MHz: speeds: 1667, 1000 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel Pineview DMI" rev 0x00
vga1 at pci0 dev 2 function 0 "Intel Pineview Video" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xd0000000, size 0x10000000
inteldrm0 at vga1: apic 2 int 16 (irq 3)
drm0 at inteldrm0
"Intel Pineview Video" rev 0x00 at pci0 dev 2 function 1 not configured
ppb0 at pci0 dev 28 function 0 "Intel 82801H PCIE" rev 0x03: apic 2 int 22
(irq
10)
pci1 at ppb0 bus 2
em0 at pci1 dev 0 function 0 "Intel PRO/1000 (82583V)" rev 0x00: apic 2 int 16
(
irq 3), address 00:90:fb:3b:1e:40
ppb1 at pci0 dev 28 function 1 "Intel 82801H PCIE" rev 0x03: apic 2 int 23
(irq
11)
pci2 at ppb1 bus 3
em1 at pci2 dev 0 function 0 "Intel PRO/1000 (82583V)" rev 0x00: apic 2 int 17
(
irq 10), address 00:90:fb:3b:1e:41
ppb2 at pci0 dev 28 function 2 "Intel 82801H PCIE" rev 0x03: apic 2 int 20
(irq
5)
pci3 at ppb2 bus 4
em2 at pci3 dev 0 function 0 "Intel PRO/1000 (82583V)" rev 0x00: apic 2 int 18
(
irq 6), address 00:90:fb:3b:1e:42
ppb3 at pci0 dev 28 function 3 "Intel 82801H PCIE" rev 0x03: apic 2 int 21
(irq
15)
pci4 at ppb3 bus 5
em3 at pci4 dev 0 function 0 "Intel PRO/1000 (82583V)" rev 0x00: apic 2 int 19
(
irq 11), address 00:90:fb:3b:1e:43
uhci0 at pci0 dev 29 function 0 "Intel 82801H USB" rev 0x03: apic 2 int 23
(irq
11)
uhci1 at pci0 dev 29 function 1 "Intel 82801H USB" rev 0x03: apic 2 int 19
(irq
11)
ehci0 at pci0 dev 29 function 7 "Intel 82801H USB" rev 0x03: apic 2 int 23
(irq
11)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb4 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xf3
pci5 at ppb4 bus 1
ichpcib0 at pci0 dev 31 function 0 "Intel 82801HBM LPC" rev 0x03: PM disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801HBM IDE" rev 0x03: DMA, channel
0
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: <512MB CompactFlash Card>
wd0: 1-sector PIO, LBA, 488MB, 1000944 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 31 function 2 "Intel 82801HBM SATA" rev 0x03: DMA, channel
0
configured to native-PCI, channel 1 configured to native-PCI
pciide1: using apic 2 int 18 (irq 6) for native-PCI interrupt
ichiic0 at pci0 dev 31 function 3 "Intel 82801H SMBus" rev 0x03: apic 2 int 17
(
irq 11)
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 512MB DDR2 SDRAM non-parity PC2-5300CL5 SO-DIMM
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
wbsio0 at isa0 port 0x2e/2: W83627DHG rev 0x23
lm1 at wbsio0 port 0xa00/8: W83627DHG
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
mtrr: Pentium Pro MTRR support
vscsi0 at root
scsibus0 at vscsi0: 256 targets
softraid0 at root
root on wd0e swap on wd0b dump on wd0b
WARNING: / was not properly unmounted
rum0 at uhub0 port 2 "Ralink Technology RT2573" rev 2.00/0.01 addr 2
rum0: MAC/BBP RT2573 (rev 0x2573a), RF RT2528, address 00:1f:1f:37:3c:cc
uvm_fault(0xd0955340, 0x0, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at lacp_linkstate+0x17: movzbl 0x3c(%ebx),%esi
ddb> lacp_linkstate(d18a0880,d146d030,0,d1497d80,d1783f30) at
lacp_linkstate+0x
17
trunk_port_state(d18a0880,0,d146d030,d146d030,d146d000) at
trunk_port_state+0x2
9
dohooks(d1327ed0,0,d146d4f4,81000004,81000004) at dohooks+0x29
if_link_state_change(d146d030,ffffffff,c0,d9baff14,d052b5e7) at
if_link_state_c
hange+0x2d
em_intr(d146d000) at em_intr+0xf8
Xintr_ioapic2() at Xintr_ioapic2+0x6e
--- interrupt ---
cpu_idle_cycle(d0a016c0) at cpu_idle_cycle+0xf
Bad frame pointer: 0xd0aa3e48
