Subject: kern/36349: ALTQ crash on netbsd-4
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <charlie@playlouder.com>
List: netbsd-bugs
Date: 05/16/2007 12:40:00
>Number: 36349
>Category: kern
>Synopsis: altqd panics with certain
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed May 16 12:40:00 +0000 2007
>Originator: charlie@playlouder.com
>Release: NetBSD 4.0_BETA2
>Organization:
Playlouder
>Environment:
System: NetBSD hadrian.playlouder.com 4.0_BETA2 NetBSD 4.0_BETA2 (FW-$Revision: 1.2 $) #1: Thu Apr 26 01:50:11 BST 2007 root@hadrian.playlouder.com:/usr/src/netbsd-4/sys/arch/i386/compile/FW i386
Architecture: i386
Machine: i386
>Description:
I can make netbsd-4 crash with an ALTQ line like this:
filter wm3 consind_cityreach 146.101.246.0 netmask 0xffffffe0 0 0 0 0
which as the manual states is:
filter if_name class_name filter_values
and filter_values:
dst_addr [netmask mask] dport src_addr [netmask mask] sport proto
so it looks legal to me. but panics away!
here is the rest of the file:
16:54 hadrian:~# grep -v ^# /etc/altq.conf
interface wm3 bandwidth 100M hfsc
class hfsc wm3 def_class root pshare 55 default
class hfsc wm3 consind root pshare 45 grate 45M
class hfsc wm3 consind_cityreach consind pshare 20 grate 10M
filter wm3 consind_cityreach 146.101.246.0 netmask 0xffffffe0 0 0 0 0
i have nothing relating to queues in my pf.conf
13:34 hadrian:~% sudo pfctl -sq
No queue in use
>How-To-Repeat:
see above - and wait for some traffic on that filter i think.
bt follows (from identical backup machine)
13:10 trajan:~% sudo gunzip /var/crash/netbsd.1.core.gz
13:11 trajan:~% sudo gdb /netbsd.gdb
GNU gdb 6.5
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386--netbsdelf"...
(gdb) target kvm /var/crash/netbsd.1.core
#0 0xc0511435 in cpu_reboot (howto=0, bootstr=0x0)
at /usr/src/netbsd-4/sys/arch/i386/i386/machdep.c:896
896 dumpsys();
(gdb) bt
#0 0xc0511435 in cpu_reboot (howto=0, bootstr=0x0)
at /usr/src/netbsd-4/sys/arch/i386/i386/machdep.c:896
#1 0xc04700e8 in panic ()
#2 0xc051cf60 in trap ()
#3 0xc010c00e in calltrap ()
#4 0xce756560 in ?? ()
#5 0xce750010 in ?? ()
#6 0xce690030 in ?? ()
#7 0xce750010 in ?? ()
#8 0xc0200010 in pf_anchor_copyout ()
#9 0xc020be43 in db_get_value ()
#10 0xc050de9a in db_stack_trace_print ()
#11 0xc04700bf in panic ()
#12 0xc051cf60 in trap ()
#13 0xc010c00e in calltrap ()
#14 0xce756764 in ?? ()
#15 0xc3360010 in ?? ()
#16 0x00860030 in ?? ()
#17 0xce750010 in ?? ()
#18 0xc3420010 in ?? ()
#19 0x00000000 in ?? ()
(gdb)
>Fix:
>Unformatted:
filter
cvs up today at Wed, 16 May 13:31:47 +0100