FreeBSD Mail Archives

Date:      Tue, 29 Dec 2015 01:46:03 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-amd64@FreeBSD.org
Subject:   [Bug 205678] [panic] Fatal trap 12: page fault while in kernel mode (in function rtsock_addrmsg)
Message-ID:  <bug-205678-6@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D205678

            Bug ID: 205678
           Summary: [panic] Fatal trap 12: page fault while in kernel mode
                    (in function rtsock_addrmsg)
           Product: Base System
           Version: 10.2-RELEASE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: agatha@rail.net.ru
                CC: freebsd-amd64@FreeBSD.org
                CC: freebsd-amd64@FreeBSD.org

I've used an openconnect to connect to my work via vpn.

tun1: flags=3D8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1406
        options=3D80000<LINKSTATE>
        inet 10.21.9.162 --> 10.21.9.162 netmask 0xffffffff
        nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        Opened by PID 42635

every 30 minutes this connection disconnecting (for security reasons by
server), and reinstalling again by cron.
Every 24 hours disconnecting this tunnel causes page fault in kernel in
function: rtsock_addrmsg
/usr/src/sys/net/rtsock.c:line1345> info.rti_info[RTAX_IFP] =3D
ifp->if_addr->ifa_addr;

logs contains:
Dec 29 03:43:36 rail devd: Processing event '!system=3DIFNET subsystem=3Dtu=
n1
type=3DDETACH'
Dec 29 03:43:36 rail kernel:
Dec 29 03:43:36 rail kernel:
Dec 29 03:43:36 rail kernel: Fatal trap 12: page fault while in kernel mode
Dec 29 03:43:36 rail devd: Pushing table
Dec 29 03:43:36 rail devd: Processing notify event
Dec 29 03:43:36 rail devd: Popping table
Dec 29 03:45:14 rail syslogd: restart

in core.txt:
Unread portion of the kernel message buffer:
processor eflags        =3D interrupt enabled, resume, IOPL =3D 0
current process         =3D 2593 (openconnect)
trap number             =3D 12
panic: page fault
cpuid =3D 0
KDB: stack backtrace:
#0 0xffffffff809960c0 at kdb_backtrace+0x60
#1 0xffffffff80959306 at vpanic+0x126
#2 0xffffffff809591d3 at panic+0x43
#3 0xffffffff80d8096b at trap_fatal+0x36b
#4 0xffffffff80d80c6d at trap_pfault+0x2ed
#5 0xffffffff80d8030a at trap+0x47a
#6 0xffffffff80d66682 at calltrap+0x8
#7 0xffffffff80a31767 at rtinit+0x5a7
#8 0xffffffff80a27e88 at tunclose+0x1c8
#9 0xffffffff80838403 at devfs_close+0x313
#10 0xffffffff80ea8861 at VOP_CLOSE_APV+0xa1
#11 0xffffffff80a0bcc3 at vn_close+0x133
#12 0xffffffff80a0ab08 at vn_closefile+0x48
#13 0xffffffff80839cfc at devfs_close_f+0x2c
#14 0xffffffff8090e749 at _fdrop+0x29
#15 0xffffffff80910fee at closef+0x21e
#16 0xffffffff8090eaf8 at closefp+0x98
#17 0xffffffff80d81287 at amd64_syscall+0x357
Uptime: 23h53m32s

my temporary patch:
-- info.rti_info[RTAX_IFP] =3D ifp->if_addr->ifa_addr;
++        if ( !sa )
++                return (EFAULT);
++
++        info.rti_info[RTAX_IFP] =3D ifp->if_addr->ifa_addr;


here is the backtrace:
(kgdb) bt
#0  doadump (textdump=3D<value optimized out>) at pcpu.h:219
#1  0xffffffff80958f62 in kern_reboot (howto=3D260)
    at /usr/src/sys/kern/kern_shutdown.c:451
#2  0xffffffff80959345 in vpanic (fmt=3D<value optimized out>,
    ap=3D<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:758
#3  0xffffffff809591d3 in panic (fmt=3D0x0)
    at /usr/src/sys/kern/kern_shutdown.c:687
#4  0xffffffff80d8096b in trap_fatal (frame=3D<value optimized out>,
    eva=3D<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:851
#5  0xffffffff80d80c6d in trap_pfault (frame=3D0xfffffe0072a68500,
    usermode=3D<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:674
#6  0xffffffff80d8030a in trap (frame=3D0xfffffe0072a68500)
    at /usr/src/sys/amd64/amd64/trap.c:440
#7  0xffffffff80d66682 in calltrap ()
    at /usr/src/sys/amd64/amd64/exception.S:236
#8  0xffffffff80a32085 in rtsock_addrmsg (cmd=3D<value optimized out>,
    ifa=3D0xfffff800493bc400, fibnum=3D3) at /usr/src/sys/net/rtsock.c:1345
#9  0xffffffff80a31767 in rtinit (ifa=3D0xfffff800493bc400, cmd=3D2, flags=
=3D0)
    at /usr/src/sys/net/route.c:1701
#10 0xffffffff80a27e88 in tunclose (dev=3D<value optimized out>, foo=3D96, =
bar=3D3,
    td=3D0x0) at /usr/src/sys/net/if_tun.c:478
#11 0xffffffff80838403 in devfs_close (ap=3D0xfffffe0072a688e0)
    at /usr/src/sys/fs/devfs/devfs_vnops.c:618
---Type <return> to continue, or q <return> to quit---
#12 0xffffffff80ea8861 in VOP_CLOSE_APV (vop=3D<value optimized out>,
    a=3D<value optimized out>) at vnode_if.c:535
#13 0xffffffff80a0bcc3 in vn_close (vp=3D0xfffff8005c97c938, flags=3D7,
    file_cred=3D0xfffff800504b3c00, td=3D0xfffff80012e9e4a0) at vnode_if.h:=
225
#14 0xffffffff80a0ab08 in vn_closefile (fp=3D0xfffff8004cbf0370,
    td=3D0xfffff80012e9e4a0) at /usr/src/sys/kern/vfs_vnops.c:1566
#15 0xffffffff80839cfc in devfs_close_f (fp=3D0xfffff8004cbf0370, td=3D0x60)
    at /usr/src/sys/fs/devfs/devfs_vnops.c:637
#16 0xffffffff8090e749 in _fdrop (fp=3D0xfffff8004cbf0370, td=3D0x60) at fi=
le.h:343
#17 0xffffffff80910fee in closef (fp=3D<value optimized out>,
    td=3D<value optimized out>) at /usr/src/sys/kern/kern_descrip.c:2338
#18 0xffffffff8090eaf8 in closefp (fdp=3D0xfffff80012eff000,
    fd=3D<value optimized out>, fp=3D0xfffff8004cbf0370, td=3D0xfffff80012e=
9e4a0,
    holdleaders=3D<value optimized out>) at /usr/src/sys/kern/kern_descrip.=
c:1194
#19 0xffffffff80d81287 in amd64_syscall (td=3D0xfffff80012e9e4a0, traced=3D=
0)
    at subr_syscall.c:134
#20 0xffffffff80d6696b in Xfast_syscall ()
    at /usr/src/sys/amd64/amd64/exception.S:396
#21 0x00000008031b9f2a in ?? ()
Previous frame inner to this frame (corrupt stack?)


This bug hasnt been occurs in FreeBSD8.3 RELEASE

--=20
You are receiving this mail because:
You are on the CC list for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-205678-6>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation