[Bug 230857] loading carp module panic i386 kernel (VIMAGE related)

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Fri Aug 24 05:43:09 UTC 2018 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230857

            Bug ID: 230857
           Summary: loading carp module panic i386 kernel (VIMAGE related)
           Product: Base System
           Version: CURRENT
          Hardware: i386
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: bugs at FreeBSD.org
          Reporter: olivier at freebsd.org

It's very easy to panic an i386 current by just loading carp module.
I believe there are still lot's of i386 setups (network appliance like Soekris
or VMs) that will be impacted if this bug is still present when 12.0 will be
released.
Set to reproduce is very easy:
1. Download 12-ALPHA2 i386 image and start it
2. Login as root
3. Enter 'kldldoad carp' and system will panic

Thread on the mailing list:
https://lists.freebsd.org/pipermail/freebsd-current/2018-August/070780.html

Panic message:

root at freebsd:~ # kldload carp


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x24ef548c
fault code              = supervisor write, page not present
instruction pointer     = 0x20:0x1541635c
stack pointer           = 0x28:0x14de57f4
frame pointer           = 0x28:0x14de57fc
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 703 (kldload)
[ thread pid 703 tid 100073 ]
Stopped at      vnet_carpstats_init+0x2c:       movl   
%eax,__stop_set_vnet(%ecx,%esi,1)
db> bt
Tracing pid 703 tid 100073 td 0x15152700
vnet_carpstats_init(0,0,1820be1,1e2,17c0321,...) at
vnet_carpstats_init+0x2c/frame 0x14de57fc
vnet_register_sysinit(154182cc,0,1732cd3,e6,0,...) at
vnet_register_sysinit+0xf6/frame 0x14de5828
linker_load_module(0,0,14de5a6c,42e,115a201,...) at
linker_load_module+0xc64/frame 0x14de5a4c
kern_kldload(15152700,11a0b800,14de5a98,0,0,...) at kern_kldload+0xf5/frame
0x14de5a80
sys_kldload(15152700,15152984,180ca39,4,14de5ad4,...) at sys_kldload+0x6e/frame
0x14de5aa8
syscall(14de5ba8,3b,3b,3b,ffbfee90,...) at syscall+0x33f/frame 0x14de5b9c
Xint0x80_syscall() at PTDpde+0x43af/frame 0x14de5b9c
--- syscall (304, FreeBSD ELF32, sys_kldload), eip = 0x200a076f, esp =
0xffbfe7c4, ebp = 0xffbfed18 ---
carp_list() at 0x200a076f

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list