[Bug 205678] [panic] Fatal trap 12: page fault while in kernel mode (in function rtsock_addrmsg)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Dec 29 01:46:04 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205678
Bug ID: 205678
Summary: [panic] Fatal trap 12: page fault while in kernel mode
(in function rtsock_addrmsg)
Product: Base System
Version: 10.2-RELEASE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: agatha at rail.net.ru
CC: freebsd-amd64 at FreeBSD.org
CC: freebsd-amd64 at FreeBSD.org
I've used an openconnect to connect to my work via vpn.
tun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1406
options=80000<LINKSTATE>
inet 10.21.9.162 --> 10.21.9.162 netmask 0xffffffff
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Opened by PID 42635
every 30 minutes this connection disconnecting (for security reasons by
server), and reinstalling again by cron.
Every 24 hours disconnecting this tunnel causes page fault in kernel in
function: rtsock_addrmsg
/usr/src/sys/net/rtsock.c:line1345> info.rti_info[RTAX_IFP] =
ifp->if_addr->ifa_addr;
logs contains:
Dec 29 03:43:36 rail devd: Processing event '!system=IFNET subsystem=tun1
type=DETACH'
Dec 29 03:43:36 rail kernel:
Dec 29 03:43:36 rail kernel:
Dec 29 03:43:36 rail kernel: Fatal trap 12: page fault while in kernel mode
Dec 29 03:43:36 rail devd: Pushing table
Dec 29 03:43:36 rail devd: Processing notify event
Dec 29 03:43:36 rail devd: Popping table
Dec 29 03:45:14 rail syslogd: restart
in core.txt:
Unread portion of the kernel message buffer:
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 2593 (openconnect)
trap number = 12
panic: page fault
cpuid = 0
KDB: stack backtrace:
#0 0xffffffff809960c0 at kdb_backtrace+0x60
#1 0xffffffff80959306 at vpanic+0x126
#2 0xffffffff809591d3 at panic+0x43
#3 0xffffffff80d8096b at trap_fatal+0x36b
#4 0xffffffff80d80c6d at trap_pfault+0x2ed
#5 0xffffffff80d8030a at trap+0x47a
#6 0xffffffff80d66682 at calltrap+0x8
#7 0xffffffff80a31767 at rtinit+0x5a7
#8 0xffffffff80a27e88 at tunclose+0x1c8
#9 0xffffffff80838403 at devfs_close+0x313
#10 0xffffffff80ea8861 at VOP_CLOSE_APV+0xa1
#11 0xffffffff80a0bcc3 at vn_close+0x133
#12 0xffffffff80a0ab08 at vn_closefile+0x48
#13 0xffffffff80839cfc at devfs_close_f+0x2c
#14 0xffffffff8090e749 at _fdrop+0x29
#15 0xffffffff80910fee at closef+0x21e
#16 0xffffffff8090eaf8 at closefp+0x98
#17 0xffffffff80d81287 at amd64_syscall+0x357
Uptime: 23h53m32s
my temporary patch:
-- info.rti_info[RTAX_IFP] = ifp->if_addr->ifa_addr;
++ if ( !sa )
++ return (EFAULT);
++
++ info.rti_info[RTAX_IFP] = ifp->if_addr->ifa_addr;
here is the backtrace:
(kgdb) bt
#0 doadump (textdump=<value optimized out>) at pcpu.h:219
#1 0xffffffff80958f62 in kern_reboot (howto=260)
at /usr/src/sys/kern/kern_shutdown.c:451
#2 0xffffffff80959345 in vpanic (fmt=<value optimized out>,
ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:758
#3 0xffffffff809591d3 in panic (fmt=0x0)
at /usr/src/sys/kern/kern_shutdown.c:687
#4 0xffffffff80d8096b in trap_fatal (frame=<value optimized out>,
eva=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:851
#5 0xffffffff80d80c6d in trap_pfault (frame=0xfffffe0072a68500,
usermode=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:674
#6 0xffffffff80d8030a in trap (frame=0xfffffe0072a68500)
at /usr/src/sys/amd64/amd64/trap.c:440
#7 0xffffffff80d66682 in calltrap ()
at /usr/src/sys/amd64/amd64/exception.S:236
#8 0xffffffff80a32085 in rtsock_addrmsg (cmd=<value optimized out>,
ifa=0xfffff800493bc400, fibnum=3) at /usr/src/sys/net/rtsock.c:1345
#9 0xffffffff80a31767 in rtinit (ifa=0xfffff800493bc400, cmd=2, flags=0)
at /usr/src/sys/net/route.c:1701
#10 0xffffffff80a27e88 in tunclose (dev=<value optimized out>, foo=96, bar=3,
td=0x0) at /usr/src/sys/net/if_tun.c:478
#11 0xffffffff80838403 in devfs_close (ap=0xfffffe0072a688e0)
at /usr/src/sys/fs/devfs/devfs_vnops.c:618
---Type <return> to continue, or q <return> to quit---
#12 0xffffffff80ea8861 in VOP_CLOSE_APV (vop=<value optimized out>,
a=<value optimized out>) at vnode_if.c:535
#13 0xffffffff80a0bcc3 in vn_close (vp=0xfffff8005c97c938, flags=7,
file_cred=0xfffff800504b3c00, td=0xfffff80012e9e4a0) at vnode_if.h:225
#14 0xffffffff80a0ab08 in vn_closefile (fp=0xfffff8004cbf0370,
td=0xfffff80012e9e4a0) at /usr/src/sys/kern/vfs_vnops.c:1566
#15 0xffffffff80839cfc in devfs_close_f (fp=0xfffff8004cbf0370, td=0x60)
at /usr/src/sys/fs/devfs/devfs_vnops.c:637
#16 0xffffffff8090e749 in _fdrop (fp=0xfffff8004cbf0370, td=0x60) at file.h:343
#17 0xffffffff80910fee in closef (fp=<value optimized out>,
td=<value optimized out>) at /usr/src/sys/kern/kern_descrip.c:2338
#18 0xffffffff8090eaf8 in closefp (fdp=0xfffff80012eff000,
fd=<value optimized out>, fp=0xfffff8004cbf0370, td=0xfffff80012e9e4a0,
holdleaders=<value optimized out>) at /usr/src/sys/kern/kern_descrip.c:1194
#19 0xffffffff80d81287 in amd64_syscall (td=0xfffff80012e9e4a0, traced=0)
at subr_syscall.c:134
#20 0xffffffff80d6696b in Xfast_syscall ()
at /usr/src/sys/amd64/amd64/exception.S:396
#21 0x00000008031b9f2a in ?? ()
Previous frame inner to this frame (corrupt stack?)
This bug hasnt been occurs in FreeBSD8.3 RELEASE
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-amd64
mailing list