Date: Sun, 27 Apr 2008 17:36:39 +0200 From: Henri Hennebert <hlh@restart.be> To: freebsd-net@freebsd.org Subject: 7.0-STABLE - ping6 and tap - kernel crash Message-ID: <48149D87.9070202@restart.be>
next in thread | raw e-mail | index | archive | help
Hello, I encounter a crash during a ping6 on a tap interface. I am running an instance of Freebsd 7.0-RELEASE under qemu. on the host machine: # uname -a FreeBSD morzine.restart.bel 7.0-STABLE FreeBSD 7.0-STABLE #0: Sat Apr 26 17:49:50 CEST 2008 root@morzine.restart.bel:/usr/obj/usr/src/sys/MORZINE i386 # ifconfig -a em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether 00:e0:81:70:6b:68 inet6 fe80::2e0:81ff:fe70:6b68%em0 prefixlen 64 scopeid 0x1 inet 192.168.24.2 netmask 0xffffff00 broadcast 192.168.24.255 inet6 2001:41d0:1:2ad2::1:2 prefixlen 112 media: Ethernet 100baseTX (100baseTX <half-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 inet 127.0.0.1 netmask 0xff000000 tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 00:bd:2c:94:01:00 inet 192.168.22.1 netmask 0xffffff00 broadcast 192.168.22.255 inet6 fe80::2bd:2cff:fe94:100%tap0 prefixlen 64 scopeid 0x3 inet6 2001:41d0:1:2ad2::2:1 prefixlen 112 Opened by PID 1579 [tap0 is connected to the qemu] if I ping6 2001:41d0:1:2ad2::2:fe03 witch is not the ipv6 address off the qemu configuration, after one or 2 minutes, I get: kgdb -c /var/crash/vmcore.42 kernel [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". There is no member named pathname. Reading symbols from ./zfs.ko...Reading symbols from /bootfs/boot/kernel/zfs.ko.symbols...done. done. Loaded symbols for ./zfs.ko Reading symbols from ./if_tap.ko...Reading symbols from /bootfs/boot/kernel/if_tap.ko.symbols...done. done. Loaded symbols for ./if_tap.ko Reading symbols from ./ng_ether.ko...Reading symbols from /bootfs/boot/kernel/ng_ether.ko.symbols...done. done. Loaded symbols for ./ng_ether.ko Reading symbols from ./netgraph.ko...Reading symbols from /bootfs/boot/kernel/netgraph.ko.symbols...done. done. Loaded symbols for ./netgraph.ko Reading symbols from ./sound.ko...Reading symbols from /bootfs/boot/kernel/sound.ko.symbols...done. done. Loaded symbols for ./sound.ko Reading symbols from ./snd_hda.ko...Reading symbols from /bootfs/boot/kernel/snd_hda.ko.symbols...done. done. Loaded symbols for ./snd_hda.ko Reading symbols from ./acpi_video.ko...Reading symbols from /bootfs/boot/kernel/acpi_video.ko.symbols...done. done. Loaded symbols for ./acpi_video.ko Reading symbols from ./acpi.ko...Reading symbols from /bootfs/boot/kernel/acpi.ko.symbols...done. done. Loaded symbols for ./acpi.ko Reading symbols from ./coretemp.ko...Reading symbols from /bootfs/boot/kernel/coretemp.ko.symbols...done. done. Loaded symbols for ./coretemp.ko Reading symbols from ./accf_http.ko...Reading symbols from /bootfs/boot/kernel/accf_http.ko.symbols...done. done. Loaded symbols for ./accf_http.ko Reading symbols from ./daemon_saver.ko...Reading symbols from /bootfs/boot/kernel/daemon_saver.ko.symbols...done. done. Loaded symbols for ./daemon_saver.ko Reading symbols from ./agp.ko...Reading symbols from /bootfs/boot/kernel/agp.ko.symbols...done. done. Loaded symbols for ./agp.ko Reading symbols from ./aio.ko...Reading symbols from /bootfs/boot/kernel/aio.ko.symbols...done. done. Loaded symbols for ./aio.ko Reading symbols from /boot/modules/kqemu.ko...done. Loaded symbols for /boot/modules/kqemu.ko Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x6d8f17e6 fault code = supervisor read, page not present instruction pointer = 0x20:0xa06e4bd3 stack pointer = 0x28:0xf734fc30 frame pointer = 0x28:0xf734fc4c code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 14 (swi4: clock sio) trap number = 12 panic: page fault cpuid = 0 KDB: stack backtrace: db_trace_self_wrapper(a08224e4,f734facc,a05b270f,a083dd24,0,...) at db_trace_self_wrapper+0x26 kdb_backtrace(a083dd24,0,a0804f82,f734fad8,0,...) at kdb_backtrace+0x29 panic(a0804f82,a083f01d,a5535224,1,1,...) at panic+0x10f trap_fatal(a089d000,6d8f1000,1,0,0,...) at trap_fatal+0x333 trap_pfault(81,f734fb74,a05d0bdc,a826e220,a5535000,...) at trap_pfault+0x270 trap(f734fbf0) at trap+0x3fa calltrap() at calltrap+0x6 --- trap 0xc, eip = 0xa06e4bd3, esp = 0xf734fc30, ebp = 0xf734fc4c --- icmp6_error2(a71e8500,1,3,0,a56e9800,...) at icmp6_error2+0xc3 nd6_llinfo_timer(ad2a3140,a5537440,0,f734fcbc,a05ba486,...) at nd6_llinfo_timer+0x158 softclock(0,0,a081e0bf,46b,0,...) at softclock+0x2ba ithread_loop(a55345b0,f734fd38,0,0,0,...) at ithread_loop+0x1ab fork_exit(a05926f0,a55345b0,f734fd38) at fork_exit+0x99 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf734fd70, ebp = 0 --- Uptime: 11m32s Physical memory: 2030 MB Dumping 205 MB: 190 174 158 142 126 110 94 78 62 46 30 14 #0 doadump () at pcpu.h:195 195 pcpu.h: No such file or directory. in pcpu.h (kgdb) gnat show me nothing relevant - any idea ? Henri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48149D87.9070202>