From owner-freebsd-bugs@freebsd.org Tue Dec 29 01:46:03 2015 Return-Path: Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C0531A54638 for ; Tue, 29 Dec 2015 01:46:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A574E1F89 for ; Tue, 29 Dec 2015 01:46:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id tBT1k3VG092340 for ; Tue, 29 Dec 2015 01:46:03 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 205678] [panic] Fatal trap 12: page fault while in kernel mode (in function rtsock_addrmsg) Date: Tue, 29 Dec 2015 01:46:03 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: agatha@rail.net.ru X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter cc Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2015 01:46:03 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D205678 Bug ID: 205678 Summary: [panic] Fatal trap 12: page fault while in kernel mode (in function rtsock_addrmsg) Product: Base System Version: 10.2-RELEASE Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: agatha@rail.net.ru CC: freebsd-amd64@FreeBSD.org CC: freebsd-amd64@FreeBSD.org I've used an openconnect to connect to my work via vpn. tun1: flags=3D8051 metric 0 mtu 1406 options=3D80000 inet 10.21.9.162 --> 10.21.9.162 netmask 0xffffffff nd6 options=3D29 Opened by PID 42635 every 30 minutes this connection disconnecting (for security reasons by server), and reinstalling again by cron. Every 24 hours disconnecting this tunnel causes page fault in kernel in function: rtsock_addrmsg /usr/src/sys/net/rtsock.c:line1345> info.rti_info[RTAX_IFP] =3D ifp->if_addr->ifa_addr; logs contains: Dec 29 03:43:36 rail devd: Processing event '!system=3DIFNET subsystem=3Dtu= n1 type=3DDETACH' Dec 29 03:43:36 rail kernel: Dec 29 03:43:36 rail kernel: Dec 29 03:43:36 rail kernel: Fatal trap 12: page fault while in kernel mode Dec 29 03:43:36 rail devd: Pushing table Dec 29 03:43:36 rail devd: Processing notify event Dec 29 03:43:36 rail devd: Popping table Dec 29 03:45:14 rail syslogd: restart in core.txt: Unread portion of the kernel message buffer: processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 2593 (openconnect) trap number =3D 12 panic: page fault cpuid =3D 0 KDB: stack backtrace: #0 0xffffffff809960c0 at kdb_backtrace+0x60 #1 0xffffffff80959306 at vpanic+0x126 #2 0xffffffff809591d3 at panic+0x43 #3 0xffffffff80d8096b at trap_fatal+0x36b #4 0xffffffff80d80c6d at trap_pfault+0x2ed #5 0xffffffff80d8030a at trap+0x47a #6 0xffffffff80d66682 at calltrap+0x8 #7 0xffffffff80a31767 at rtinit+0x5a7 #8 0xffffffff80a27e88 at tunclose+0x1c8 #9 0xffffffff80838403 at devfs_close+0x313 #10 0xffffffff80ea8861 at VOP_CLOSE_APV+0xa1 #11 0xffffffff80a0bcc3 at vn_close+0x133 #12 0xffffffff80a0ab08 at vn_closefile+0x48 #13 0xffffffff80839cfc at devfs_close_f+0x2c #14 0xffffffff8090e749 at _fdrop+0x29 #15 0xffffffff80910fee at closef+0x21e #16 0xffffffff8090eaf8 at closefp+0x98 #17 0xffffffff80d81287 at amd64_syscall+0x357 Uptime: 23h53m32s my temporary patch: -- info.rti_info[RTAX_IFP] =3D ifp->if_addr->ifa_addr; ++ if ( !sa ) ++ return (EFAULT); ++ ++ info.rti_info[RTAX_IFP] =3D ifp->if_addr->ifa_addr; here is the backtrace: (kgdb) bt #0 doadump (textdump=3D) at pcpu.h:219 #1 0xffffffff80958f62 in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:451 #2 0xffffffff80959345 in vpanic (fmt=3D, ap=3D) at /usr/src/sys/kern/kern_shutdown.c:758 #3 0xffffffff809591d3 in panic (fmt=3D0x0) at /usr/src/sys/kern/kern_shutdown.c:687 #4 0xffffffff80d8096b in trap_fatal (frame=3D, eva=3D) at /usr/src/sys/amd64/amd64/trap.c:851 #5 0xffffffff80d80c6d in trap_pfault (frame=3D0xfffffe0072a68500, usermode=3D) at /usr/src/sys/amd64/amd64/trap.c:674 #6 0xffffffff80d8030a in trap (frame=3D0xfffffe0072a68500) at /usr/src/sys/amd64/amd64/trap.c:440 #7 0xffffffff80d66682 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:236 #8 0xffffffff80a32085 in rtsock_addrmsg (cmd=3D, ifa=3D0xfffff800493bc400, fibnum=3D3) at /usr/src/sys/net/rtsock.c:1345 #9 0xffffffff80a31767 in rtinit (ifa=3D0xfffff800493bc400, cmd=3D2, flags= =3D0) at /usr/src/sys/net/route.c:1701 #10 0xffffffff80a27e88 in tunclose (dev=3D, foo=3D96, = bar=3D3, td=3D0x0) at /usr/src/sys/net/if_tun.c:478 #11 0xffffffff80838403 in devfs_close (ap=3D0xfffffe0072a688e0) at /usr/src/sys/fs/devfs/devfs_vnops.c:618 ---Type to continue, or q to quit--- #12 0xffffffff80ea8861 in VOP_CLOSE_APV (vop=3D, a=3D) at vnode_if.c:535 #13 0xffffffff80a0bcc3 in vn_close (vp=3D0xfffff8005c97c938, flags=3D7, file_cred=3D0xfffff800504b3c00, td=3D0xfffff80012e9e4a0) at vnode_if.h:= 225 #14 0xffffffff80a0ab08 in vn_closefile (fp=3D0xfffff8004cbf0370, td=3D0xfffff80012e9e4a0) at /usr/src/sys/kern/vfs_vnops.c:1566 #15 0xffffffff80839cfc in devfs_close_f (fp=3D0xfffff8004cbf0370, td=3D0x60) at /usr/src/sys/fs/devfs/devfs_vnops.c:637 #16 0xffffffff8090e749 in _fdrop (fp=3D0xfffff8004cbf0370, td=3D0x60) at fi= le.h:343 #17 0xffffffff80910fee in closef (fp=3D, td=3D) at /usr/src/sys/kern/kern_descrip.c:2338 #18 0xffffffff8090eaf8 in closefp (fdp=3D0xfffff80012eff000, fd=3D, fp=3D0xfffff8004cbf0370, td=3D0xfffff80012e= 9e4a0, holdleaders=3D) at /usr/src/sys/kern/kern_descrip.= c:1194 #19 0xffffffff80d81287 in amd64_syscall (td=3D0xfffff80012e9e4a0, traced=3D= 0) at subr_syscall.c:134 #20 0xffffffff80d6696b in Xfast_syscall () at /usr/src/sys/amd64/amd64/exception.S:396 #21 0x00000008031b9f2a in ?? () Previous frame inner to this frame (corrupt stack?) This bug hasnt been occurs in FreeBSD8.3 RELEASE --=20 You are receiving this mail because: You are the assignee for the bug.=