From owner-freebsd-bugs@FreeBSD.ORG Wed Jan 22 08:20:02 2014 Return-Path: Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A2E6B978 for ; Wed, 22 Jan 2014 08:20:02 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8EC071D46 for ; Wed, 22 Jan 2014 08:20:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id s0M8K2c0090293 for ; Wed, 22 Jan 2014 08:20:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id s0M8K2nB090288; Wed, 22 Jan 2014 08:20:02 GMT (envelope-from gnats) Date: Wed, 22 Jan 2014 08:20:02 GMT Message-Id: <201401220820.s0M8K2nB090288@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: =?ISO-2022-JP?B?GyRCPi5MbjQyQDgbKEI=?= Subject: Re: kern/183835: Kernel panic with VIMAGE on insertion of axe USB network interface X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: =?ISO-2022-JP?B?GyRCPi5MbjQyQDgbKEI=?= List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jan 2014 08:20:02 -0000 The following reply was made to PR kern/183835; it has been noted by GNATS. From: =?ISO-2022-JP?B?GyRCPi5MbjQyQDgbKEI=?= To: bug-followup@FreeBSD.org, elakin@infohell.net Cc: Subject: Re: kern/183835: Kernel panic with VIMAGE on insertion of axe USB network interface Date: Wed, 22 Jan 2014 17:15:09 +0900 --001a11339e2e30630504f08ab9f3 Content-Type: text/plain; charset=ISO-8859-1 Hello, I have encountered the same problem Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 01 fault virtual address = 0x18 fault code = supervisor read, page not present instruction pointer = 0x20:0xc0a166d1 stack pointer = 0x28:0xf0527c18 frame pointer = 0x28:0xf0527c3c code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 15 (axe0) [ thread pid 15 tid 100098 ] Stopped at 0xc0a166d1 = if_alloc+0xd1: movl 0x18(%eax),%eax db> bt Tracing pid 15 tid 100098 td 0xc0c13c40 if_alloc(6,c6bd5580,0,cb,0,...) at 0xc0a166d1 = if_alloc+0xd1/frame 0xf0527c3c ue_attach_post_task(c6bd54ac,20,c0e05d52,73,0,...) at 0xc713814e = ue_attach_post_task+0x8e/frame 0xf0527c94 usb_process(c6bd5420,f0527d08,28219a3f,281eaa20,28223508,...) at 0xc07fc4c1 = usb_process+0x131/frame 0xf0527cc4 fork_exit(c07fc390,c6bd5420,f0527d08) at 0xc091fcc3 = fork_exit+0xa3/frame 0xf0527cf4 fork_trampoline() at 0xc0ce78c4 = fork_trampoline+0x8/frame 0xf0527cf4 it seems the page fault occurs at sys/net/if.c line 280 in ifindex_alloc_locked, when accessing V_if_index. looking at if_var.h and vnet.h, V_if_index will be 1) when VIMAGE is not defined, V_if_index => VNET(if_index) => (if_index) 2) when VIMAGE is defined, V_if_index => VNET(if_index) => VNET_VNET(curvnet, if_index) => (*VNET_VNET_PTR((curvnet), if_index)) => _VNET_PTR((curvnet)->vnet_data_base, if_index) => (__typeof(VNET_NAME(if_index))*) (((curvnet)->vnet_data_base) + (uintptr_t)&VNET_NAME(if_index)) => (__typeof(vnet_entry_if_index)*) (((curvnet)->vnet_data_base) + (uintptr_t)&vnet_entry_if_index) and something is wrong in 2). I have not detailed further. --001a11339e2e30630504f08ab9f3 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hello,

I have encountered the same problem

 Fatal trap 12: page fault while in kernel mode
 cpuid =3D 0; apic id =3D 01
 fault virtual address	=3D 0x18
 fault code		=3D supervisor read, page not present
 instruction pointer	=3D 0x20:0xc0a166d1
 stack pointer		=3D 0x28:0xf0527c18
 frame pointer		=3D 0x28:0xf0527c3c
 code segment		=3D base 0x0, limit 0xfffff, type 0x1b
 			=3D DPL 0, pres 1, def32 1, gran 1
 processor eflags	=3D interrupt enabled, resume, IOPL =3D 0
 current process		=3D 15 (axe0)
 [ thread pid 15 tid 100098 ]
 Stopped at	0xc0a166d1 =3D if_alloc+0xd1:	movl	0x18(%eax),%eax
 db> bt
 Tracing pid 15 tid 100098 td 0xc0c13c40
 if_alloc(6,c6bd5580,0,cb,0,...) at 0xc0a166d1 =3D if_alloc+0xd1/frame 0xf05=
 27c3c
 ue_attach_post_task(c6bd54ac,20,c0e05d52,73,0,...) at 0xc713814e =3D ue_att=
 ach_post_task+0x8e/frame 0xf0527c94
 usb_process(c6bd5420,f0527d08,28219a3f,281eaa20,28223508,...) at 0xc07fc4c1=
  =3D usb_process+0x131/frame 0xf0527cc4
 fork_exit(c07fc390,c6bd5420,f0527d08) at 0xc091fcc3 =3D fork_exit+0xa3/fram=
 e 0xf0527cf4
 fork_trampoline() at 0xc0ce78c4 =3D fork_trampoline+0x8/frame 0xf0527cf4
it seems the page fault occurs at sys/net/if.c line 280 in ifindex_all=
 oc_locked,
when accessing V_if_index.

looking at if_var.h and vne=
 t.h, V_if_index will be

 
1) when VIMAGE is not defined,
 V_if_index =3D> VNET(if_index) =
 =3D> (if_index)

2) when VIMAGE is defined,
 V_if_index =3D>=
  VNET(if_index)
 =A0=3D> VNET_VNET(curvnet, if_index)
 =A0=3D> =
 (*VNET_VNET_PTR((curvnet), if_index))

   =3D> _VNET_PTR((curvnet)->vnet_data_base, if_index)
  =3D> (_=
 _typeof(VNET_NAME(if_index))*) (((curvnet)->vnet_data_base) + (uintptr_t=
 )&VNET_NAME(if_index))
  =3D> (__typeof(vnet_entry_if_index)*) ((=
 (curvnet)->vnet_data_base) + (uintptr_t)&vnet_entry_if_index)

 
and something is wrong in 2). I have not detailed further.
--001a11339e2e30630504f08ab9f3--