panic: page fault (using ppp ipv6cp)

From: Yoshihide Sonoda <yshd_at_na.rim.or.jp>
Date: Sat, 11 Oct 2003 13:05:51 +0900 (JST)
Hello,

I upgraded my machine to CURRENT of today. It was paniced at while the
ppp process was making the IPv6 tunnel. When I rebooted it several
times, the problem occurred in the same place (currnet process = ppp).
Now I'm using an older kernel(cvsuped October 2). This older kernel
works fine.

My setting of ppp is as follows.

## ppp.conf

default:
 set log Phase Chat LCP IPCP CCP tun command
 set server /tmp/pppctl "" 0177
 allow users yoshi

tun6:
 set escape 0xff
 set device xxx.xxx.xxx.xxx:6669
 set dial
 set timeout 0 0
 set authname tun0000
 set authkey ********
 enable ipv6cp
 disable ipcp

## rc.conf
ppp_enable="YES"
ppp_profile="tun6"
ppp_mode="ddial"
ipv6_enable="YES"
ipv6_network_interfaces="em0"
ipv6_gateway_enable="YES"
ipv6_static_routes="default"
ipv6_route_default="default -interface tun0"
ipv6_prefix_em0="2001:268:304:9b00"

panic message and backtrace:

Fatal trap 12: page fault while in kernel mode
cpuid = 0; lapic.id = 00000000
fault virtual address   = 0x1
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc058331c
stack pointer           = 0x10:0xe5638a24
frame pointer           = 0x10:0xe5638a90
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 271 (ppp)
panic: from debugger
cpuid = 0; lapic.id = 00000000

(kgdb) bt
#0  doadump () at /usr/src/sys/kern/kern_shutdown.c:240
#1  0xc0501d46 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:372
#2  0xc0502198 in panic () at /usr/src/sys/kern/kern_shutdown.c:550
#3  0xc0444232 in db_panic () at /usr/src/sys/ddb/db_command.c:450
#4  0xc0444192 in db_command (last_cmdp=0xc06fede0, cmd_table=0x0, 
    aux_cmd_tablep=0xc06cfc8c, aux_cmd_tablep_end=0xc06cfc90)
    at /usr/src/sys/ddb/db_command.c:346
#5  0xc04442d5 in db_command_loop () at /usr/src/sys/ddb/db_command.c:472
#6  0xc04472f5 in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_trap.c:73
#7  0xc0662ccc in kdb_trap (type=12, code=0, regs=0xe56389e4)
    at /usr/src/sys/i386/i386/db_interface.c:171
#8  0xc067cd16 in trap_fatal (frame=0xe56389e4, eva=0)
    at /usr/src/sys/i386/i386/trap.c:815
#9  0xc067c9b2 in trap_pfault (frame=0xe56389e4, usermode=0, eva=1)
    at /usr/src/sys/i386/i386/trap.c:734
#10 0xc067c50d in trap (frame=
      {tf_fs = -969277416, tf_es = -964100080, tf_ds = -446496752, tf_edi = 0, tf_esi = 56, tf_ebp = -446461296, tf_isp = -446461424, tf_ebx = -969272576, tf_edx = 0, tf_ecx = -968655616, tf_eax = -968655616, tf_trapno = 12, tf_err = 0, tf_eip = -1067961572, tf_cs = 8, tf_eflags = 66182, tf_esp = -967892080, tf_ss = -446461340}) at /usr/src/sys/i386/i386/trap.c:419
#11 0xc06646c8 in calltrap () at {standard input}:103
#12 0xc0584bd5 in rt_setgate (rt=0xc6437d00, dst=0xc6307a80, gate=0x0)
    at /usr/src/sys/net/route.c:997
#13 0xc0585fef in route_output (m=0xc239d800, so=0xc66b8b00)
    at /usr/src/sys/net/rtsock.c:451
#14 0xc0583073 in raw_usend (so=0x0, flags=0, m=0x0, nam=0x0, control=0x0, 
    td=0xc64f2390) at /usr/src/sys/net/raw_usrreq.c:257
#15 0xc0585865 in rts_send (so=0x0, flags=0, m=0x0, nam=0x0, control=0x0, 
    td=0x0) at /usr/src/sys/net/rtsock.c:241
#16 0xc0541b8d in sosend (so=0xc66b8b00, addr=0x0, uio=0xe5638c6c, 
    top=0xc239d800, control=0x0, flags=0, td=0xc64f2390)
    at /usr/src/sys/kern/uipc_socket.c:714
#17 0xc0530b97 in soo_write (fp=0x0, uio=0xe5638c6c, active_cred=0xc688e980, 
    flags=0, td=0xc64f2390) at /usr/src/sys/kern/sys_socket.c:115
#18 0xc052a5c8 in dofilewrite (td=0xc64f2390, fp=0xc66a9154, fd=0, 
    buf=0xbfbfec80, nbyte=0, offset=0, flags=0) at /usr/src/sys/sys/file.h:249
#19 0xc052a3fe in write (td=0xc64f2390, uap=0xe5638d10)
    at /usr/src/sys/kern/sys_generic.c:330
#20 0xc067d100 in syscall (frame=
      {tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = 2, tf_esi = 2, tf_ebp = -1077941144, tf_isp = -446460556, tf_ebx = 176, tf_edx = -1077941120,---Type <return> to continue, or q <return> to quit---
_eax = 4, tf_trapno = 12, tf_err = 2, tf_eip = 673729887, tf_cs = 31, tf_eflags = 531, tf_esp = -1077941188, tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:1009
#21 0xc066471d in Xint0x80_syscall () at {standard input}:145

---
Yoshihide Sonoda
E-mail: yshd_at_na.rim.or.jp
Received on Fri Oct 10 2003 - 19:05:55 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:24 UTC