From nobody@FreeBSD.org  Tue Dec  5 11:29:45 2006
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id A4AD716A407
	for <freebsd-gnats-submit@FreeBSD.org>; Tue,  5 Dec 2006 11:29:45 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [69.147.83.33])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CB0BB43CA6
	for <freebsd-gnats-submit@FreeBSD.org>; Tue,  5 Dec 2006 11:29:06 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id kB5BTjsD099779
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 5 Dec 2006 11:29:45 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id kB5BTjmP099777;
	Tue, 5 Dec 2006 11:29:45 GMT
	(envelope-from nobody)
Message-Id: <200612051129.kB5BTjmP099777@www.freebsd.org>
Date: Tue, 5 Dec 2006 11:29:45 GMT
From: Sunry Chen<sunrychen@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: vpnd caused kernel panic with ppp mode
X-Send-Pr-Version: www-3.0

>Number:         106369
>Category:       ports
>Synopsis:       vpnd caused kernel panic with ppp mode
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Dec 05 11:30:03 GMT 2006
>Closed-Date:    Fri Jun 20 23:52:19 UTC 2008
>Last-Modified:  Fri Jun 20 23:52:19 UTC 2008
>Originator:     Sunry Chen
>Release:        cvsup tag=RELENG_6 on a 2 CPUs box with options SMP, update source everyday
>Organization:
SSTI
>Environment:
FreeBSD my.ssti.edu 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #4: Tue Dec  5 17:
25:21 CST 2006     hplc@my.ssti.edu:/usr/obj/usr/src/sys/MYKERNEL  i386

>Description:
FreeBSD box as the vpnd client, another Linux with kernel 2.4.21 run vpnd as server. They can connect cocorrectly, and can ping each other with no problem, while try to transfer lots of data like browse web site on FreeBSD from Linux currently, FreeBSD box would panic.

---------------------------------------------------------
[root@my /usr/obj/usr/src/sys/MYKERNEL]# kgdb kernel.debug /var/crash/vmcore.1
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefi
ned symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 2; apic id = 06
fault virtual address   = 0x14
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc088b306
stack pointer           = 0x28:0xce30db40
frame pointer           = 0x28:0xce30db6c
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 389 (vpnd)
trap number             = 12
panic: page fault
cpuid = 2
Uptime: 8m56s
Dumping 299 MB (2 chunks)
  chunk 0: 1MB (155 pages) ... ok
  chunk 1: 299MB (76544 pages) 284 268 252 236 220 204 188 172 156 140 124 108 92
76 60 44 28 12

#0  doadump () at pcpu.h:165
165             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) list *0xc088b306
0xc088b306 is at /usr/src/sys/i386/i386/support.s:490.
485             cmpl    %ecx,%eax                       /* overlapping && src < ds
t? */
486             jb      1f
487
488             shrl    $2,%ecx                         /* copy by 32-bit words */
489             cld                                     /* nope, copy forwards */
490             rep
491             movsl
492             movl    20(%esp),%ecx
493             andl    $3,%ecx                         /* any bytes left? */
494             rep
(kgdb) backtrace
#0  doadump () at pcpu.h:165
#1  0xc06759aa in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2  0xc0675cd1 in panic (fmt=0xc08e36f0 "%s")
    at /usr/src/sys/kern/kern_shutdown.c:565
#3  0xc088d3c0 in trap_fatal (frame=0xce30db00, eva=20)
    at /usr/src/sys/i386/i386/trap.c:837
#4  0xc088d0ff in trap_pfault (frame=0xce30db00, usermode=0, eva=20)
    at /usr/src/sys/i386/i386/trap.c:745
#5  0xc088cd59 in trap (frame=
      {tf_fs = -1056636920, tf_es = -835715032, tf_ds = -1065484248, tf_edi = -83
658848, tf_esi = 20, tf_ebp = -835658900, tf_isp = -835658964, tf_ebx = 68, tf_ed
 = 108, tf_ecx = 17, tf_eax = -835658868, tf_trapno = 12, tf_err = 0, tf_eip = -1
64783098, tf_cs = 32, tf_eflags = 66054, tf_esp = 0, tf_ss = -1033708488})
    at /usr/src/sys/i386/i386/trap.c:435
#6  0xc08797ca in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#7  0xc088b306 in generic_bcopy () at /usr/src/sys/i386/i386/support.s:489
Previous frame inner to this frame (corrupt stack?)
(kgdb)
---------------------------------------------------------
>How-To-Repeat:
Try to browse web site on FreeBSD from Linux cocurrently.
>Fix:

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->anders 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Tue Dec 5 20:55:51 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=106369 
Responsible-Changed-From-To: anders->freebsd-ports-bugs 
Responsible-Changed-By: anders 
Responsible-Changed-When: Thu Mar 1 21:59:11 UTC 2007 
Responsible-Changed-Why:  
I dropped maintainership for this port. Sorry I could not help out. 

Please, do report the mentioned problem on vpnd mailinglist, see 
http://vpnd.dotsrc.org/. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=106369 
State-Changed-From-To: open->closed 
State-Changed-By: miwi 
State-Changed-When: Fri Jun 20 23:51:50 UTC 2008 
State-Changed-Why:  
Feedback timeout about a year. If this problem still exists, please feel 
free to follow-up this PR so that we can re-open it and find a solution 
for the problem. Thanks! 


http://www.freebsd.org/cgi/query-pr.cgi?pr=106369 
>Unformatted:
