From nobody@FreeBSD.org  Fri Sep 21 02:37:54 2001
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id CED7D37B41F
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 21 Sep 2001 02:37:53 -0700 (PDT)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f8L9brf78981;
	Fri, 21 Sep 2001 02:37:53 -0700 (PDT)
	(envelope-from nobody)
Message-Id: <200109210937.f8L9brf78981@freefall.freebsd.org>
Date: Fri, 21 Sep 2001 02:37:53 -0700 (PDT)
From: Boris Staeblow <balu@dva.in-berlin.de>
To: freebsd-gnats-submit@FreeBSD.org
Subject: 4.4R and I4B: loaded NETGRAPH and ifconfig iprX down -> page fault!
X-Send-Pr-Version: www-1.0

>Number:         30704
>Category:       kern
>Synopsis:       4.4R and I4B: loaded NETGRAPH and ifconfig iprX down -> page fault!
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Sep 21 02:40:00 PDT 2001
>Closed-Date:    Sat Oct 27 08:49:20 PDT 2001
>Last-Modified:  Sat Oct 27 08:52:38 PDT 2001
>Originator:     Boris Staeblow
>Release:        4.4-RELEASE
>Organization:
private
>Environment:
FreeBSD 4.4-RELEASE

>Description:
If NETGRAPH is loaded and you 'ifconfig iprX down' an interface
the system will crash always with:


Fatal Trap 12: page fault while in kernel mode
fault virtual address   = 0x31727079
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc017323d
stack pointer           = 0x10:0xd1a58df4
frame pointer           = 0x10:0xd1a58e00
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
precessor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 32457 (ifconfig)
interrupt mask          = net tty
trap number             = 12
panic: page fault

syncing disks...
done

This is reproduceable. The crash will not occur when netgraph is not
loaded / defined in kernel (but I need it for pppoed!).

The system will crash too when the iprX-connection establishes
(to old an current I4B-Versions and Suse-Linux).

The system will always crash if you enter "ifconfig iprX ether x:x:x:x:x:x..."
(it doesn't matter if netgraph is loaded or not in this case).

These bugs where reproduced on a totally different 4.4R machine.
These bugs didn't occur on 4.3R _or_ with the previous i4b-Release in -STABLE.

>How-To-Repeat:
- Install 4.4-Release
- configure i4b
- configure a ipr device in i4b
- load netgraph (netgraph, netgraph-socket, netgraph-ether, netgraph-pppoe)
- ifconfig iprX down to reproduce the crash
- ifconfig iprX ether 1:2:3:4:5:6 to reproduce the crash
>Fix:
workaround: disable or unload netgraph

>Release-Note:
>Audit-Trail:

From: Boris Staeblow <balu@dva.in-berlin.de>
To: freebsd-gnats-submit@FreeBSD.org
Cc:  
Subject: kern/30704: 4.4R and I4B: loaded NETGRAPH and ifconfig iprX down -> page fault!
Date: Fri, 21 Sep 2001 02:37:53 -0700 (PDT)

 >Number:         30704
 >Category:       kern
 >Synopsis:       4.4R and I4B: loaded NETGRAPH and ifconfig iprX down -> page fault!
 >Confidential:   no
 >Severity:       serious
 >Priority:       medium
 >Responsible:    freebsd-bugs
 >State:          open
 >Quarter:        
 >Keywords:       
 >Date-Required:
 >Class:          sw-bug
 >Submitter-Id:   current-users
 >Arrival-Date:   Fri Sep 21 02:40:00 PDT 2001
 >Closed-Date:
 >Last-Modified:
 >Originator:     Boris Staeblow
 >Release:        4.4-RELEASE
 >Organization:
 private
 >Environment:
 FreeBSD 4.4-RELEASE
 
 >Description:
 If NETGRAPH is loaded and you 'ifconfig iprX down' an interface
 the system will crash always with:
 
 
 Fatal Trap 12: page fault while in kernel mode
 fault virtual address   = 0x31727079
 fault code              = supervisor read, page not present
 instruction pointer     = 0x8:0xc017323d
 stack pointer           = 0x10:0xd1a58df4
 frame pointer           = 0x10:0xd1a58e00
 code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, def32 1, gran 1
 precessor eflags        = interrupt enabled, resume, IOPL = 0
 current process         = 32457 (ifconfig)
 interrupt mask          = net tty
 trap number             = 12
 panic: page fault
 
 syncing disks...
 done
 
 This is reproduceable. The crash will not occur when netgraph is not
 loaded / defined in kernel (but I need it for pppoed!).
 
 The system will crash too when the iprX-connection establishes
 (to old an current I4B-Versions and Suse-Linux).
 
 The system will always crash if you enter "ifconfig iprX ether x:x:x:x:x:x..."
 (it doesn't matter if netgraph is loaded or not in this case).
 
 These bugs where reproduced on a totally different 4.4R machine.
 These bugs didn't occur on 4.3R _or_ with the previous i4b-Release in -STABLE.
 
 >How-To-Repeat:
 - Install 4.4-Release
 - configure i4b
 - configure a ipr device in i4b
 - load netgraph (netgraph, netgraph-socket, netgraph-ether, netgraph-pppoe)
 - ifconfig iprX down to reproduce the crash
 - ifconfig iprX ether 1:2:3:4:5:6 to reproduce the crash
 >Fix:
 workaround: disable or unload netgraph
 
 >Release-Note:
 >Audit-Trail:
 >Unformatted:
 
 To Unsubscribe: send mail to majordomo@FreeBSD.org
 with "unsubscribe freebsd-bugs" in the body of the message
State-Changed-From-To: open->closed 
State-Changed-By: hm 
State-Changed-When: Sat Oct 27 08:49:20 PDT 2001 
State-Changed-Why:  
For reasons unknown to me, ether_attach instead of if_attach was called in  
the attach routine for the ipr driver causing several strange effects. This 
is corrected now for both -stable and -current. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=30704 
>Unformatted:
