From owner-freebsd-bugs@FreeBSD.ORG Wed Jan 6 23:00:11 2010 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A7B681065694 for ; Wed, 6 Jan 2010 23:00:11 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 7D3428FC28 for ; Wed, 6 Jan 2010 23:00:11 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id o06N0BaK089278 for ; Wed, 6 Jan 2010 23:00:11 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id o06N0BN8089277; Wed, 6 Jan 2010 23:00:11 GMT (envelope-from gnats) Resent-Date: Wed, 6 Jan 2010 23:00:11 GMT Resent-Message-Id: <201001062300.o06N0BN8089277@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Michael Moll Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 952C81065679 for ; Wed, 6 Jan 2010 22:51:06 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 843B58FC08 for ; Wed, 6 Jan 2010 22:51:06 +0000 (UTC) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o06Mp5BA053989 for ; Wed, 6 Jan 2010 22:51:05 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id o06Mp5Mc053988; Wed, 6 Jan 2010 22:51:05 GMT (envelope-from nobody) Message-Id: <201001062251.o06Mp5Mc053988@www.freebsd.org> Date: Wed, 6 Jan 2010 22:51:05 GMT From: Michael Moll To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: kern/142391: bsnmpd triggers kernel panic when a second cloned WLAN interface was created before starting X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jan 2010 23:00:11 -0000 >Number: 142391 >Category: kern >Synopsis: bsnmpd triggers kernel panic when a second cloned WLAN interface was created before starting >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Jan 06 23:00:11 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Michael Moll >Release: 8.0-RELEASE >Organization: >Environment: FreeBSD geode.kvedulv.de 8.0-RELEASE-p1 FreeBSD 8.0-RELEASE-p1 #0: Wed Jan 6 23:12:22 CET 2010 root@buildhost.kvedulv.de:/usr/obj/usr/src/sys/GEODE_DB i386 >Description: I use following rc.conf entries to create a wlan0 interface: wlans_ath0="wlan0" create_args_wlan0="wlanmode hostap mode 11g country DE channel 3 ssid Kvedulv" ifconfig_wlan0="inet 192.168.201.1 netmask 255.255.255.0" ipv6_ifconfig_wlan0="2001:6f8:12f2:2::1/64" bsnmpd is running perfectly with this config. Now let's add a second VAP: root@geode # ifconfig wlan1 create wlandev ath0 wlanmode hostap bssid mode 11g country DE channel 3 ssid IPV6 ifconfig: SIOCS80211: Device busy root@geode # ifconfig wlan1 inet6 2001:6f8:12f2:3::1/64 root@geode # ifconfig wlan1 up root@geode # ifconfig wlan1 wlan1: flags=8843 metric 0 mtu 1500 ether 06:0b:6b:81:d4:5b inet6 2001:6f8:12f2:3::1 prefixlen 64 inet6 fe80::40b:6bff:fe81:d45b%wlan1 prefixlen 64 scopeid 0xb media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid IPV6 channel 3 (2422 Mhz 11g) bssid 06:0b:6b:81:d4:5b regdomain ETSI country DE ecm authmode OPEN privacy OFF txpower 30 scanvalid 60 protmode CTS wme burst dtimperiod 1 -dfs Everything OK, until (re)starting bsnmpd: Fatal trap 12: page fault while in kernel mode fault virtual address = 0x44 fault code = supervisor read, page not present instruction pointer = 0x20:0xc05c9479 stack pointer = 0x28:0xcd0e4afc frame pointer = 0x28:0xcd0e4b6c code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 1721 (bsnmpd) [thread pid 1721 tid 100082 ] Stopped at sysctl_rtsock+0x4f9: movl 0x44(%eax),%eax db> bt Tracing pid 1721 tid 100082 td 0xc24e86c0 sysctl_rtsock(c07f60e0,cd0e4c20,4,cd0e4bac,6,...) at sysctl_rtsock+0x4f9 sysctl_root(cd0e4bac,c24e86c0,1,0,0,...) at sysctl_root+0xc7 userland_sysctl(c24e86c0,cd0e4c18,6,0,bfbfc558,0,0,0,cd0e4c78,0) at userland_sysctl+0x126 __sysctl(c24e86c0,cd0e4cf8,c07e4c78,c24e86c0,297,...) at __sysctl+0x63 syscall(cd0e4d38) at syscall+0x194 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (202, FreeBSD ELF32, __sysctl), eip = 0x281a5177, esp = 0xbfbfc48c, ebp = 0xbfbfc4c8 --- >How-To-Repeat: See example commands in the problem description >Fix: >Release-Note: >Audit-Trail: >Unformatted: