Bug 15742

Summary: Laptop -current panics in in6_ifattach after suspend
Product: Base System Reporter: joe <joe>
Component: kernAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.0-CURRENT   
Hardware: Any   
OS: Any   

Description joe 1999-12-28 12:20:00 UTC 
	After waking up my machine after a APM snooze (zzz) it
	often drops into kernel debug mode.  Here's a backtrace:

Fatal trap 12: page fault while in kernel mode
fault virtual address	= 0x38626bb1
fault code		= supervisor read, page not present
instruction pointer	= 0x8:0xc018f104
stack pointer	        = 0x10:0xcc013d4c
frame pointer	        = 0x10:0xcc013ddc
code segment		= base rx0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 8099 (ifconfig)
interrupt mask		= net 
panic: from debugger
panic: from debugger
Uptime: 21h15m15s

dumping to dev #ad/0x30001, offset 141856
dump ata0: resetting devices .. done
191 190 189 188 187 186 185 184 183 182 181 180 179 178 177 176 175 174 173 172 171 170 169 168 167 166 165 164 163 162 161 160 159 158 157 156 155 154 153 152 151 150 149 148 147 146 145 144 143 142 141 140 139 138 137 136 135 134 133 132 131 130 129 128 127 126 125 124 123 122 121 120 119 118 117 116 115 114 113 112 111 110 109 108 107 106 105 104 103 102 101 100 99 98 97 96 95 94 93 92 91 90 89 88 87 86 85 84 83 82 81 80 79 78 77 76 75 74 73 72 71 70 69 68 67 66 65 64 63 62 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 
---
#0  boot (howto=260) at ../../kern/kern_shutdown.c:303
303			dumppcb.pcb_cr3 = rcr3();
(kgdb) bt
#0  boot (howto=260) at ../../kern/kern_shutdown.c:303
#1  0xc013a169 in panic (fmt=0xc01fff74 "from debugger")
    at ../../kern/kern_shutdown.c:553
#2  0xc011bc89 in db_panic (addr=-1072107260, have_addr=0, count=-1, 
    modif=0xcc013bbc "") at ../../ddb/db_command.c:433
#3  0xc011bc29 in db_command (last_cmdp=0xc0227b78, cmd_table=0xc02279d8, 
    aux_cmd_tablep=0xc0240698) at ../../ddb/db_command.c:333
#4  0xc011bcee in db_command_loop () at ../../ddb/db_command.c:455
#5  0xc011dd7f in db_trap (type=12, code=0) at ../../ddb/db_trap.c:71
#6  0xc01e0ab3 in kdb_trap (type=12, code=0, regs=0xcc013d0c)
    at ../../i386/i386/db_interface.c:157
#7  0xc01ecd14 in trap_fatal (frame=0xcc013d0c, eva=945974193)
    at ../../i386/i386/trap.c:903
#8  0xc01ec9ed in trap_pfault (frame=0xcc013d0c, usermode=0, eva=945974193)
    at ../../i386/i386/trap.c:801
#9  0xc01ec593 in trap (frame={tf_fs = -1071513584, tf_es = -1064108016, 
      tf_ds = -1072496624, tf_edi = -1056696832, tf_esi = -1051426260, 
      tf_ebp = -872333860, tf_isp = -872334024, tf_ebx = -1051426304, 
      tf_edx = 945974033, tf_ecx = -1056696816, tf_eax = -1057219072, 
      tf_trapno = 12, tf_err = 0, tf_eip = -1072107260, tf_cs = 8, 
      tf_eflags = 66054, tf_esp = -1051426304, tf_ss = -1051426260})
    at ../../i386/i386/trap.c:425
#10 0xc018f104 in in6_ifattach (ifp=0xc133cc00, type=3, laddr=0xc1548237 "", 
    noloop=0) at ../../netinet6/in6_ifattach.c:384
#11 0xc018e246 in in6_if_up (ifp=0xc133cc00) at ../../netinet6/in6.c:1781
#12 0xc01754c9 in if_route (ifp=0xc133cc00, flag=1, fam=0)
    at ../../net/if.c:585
#13 0xc01754f7 in if_up (ifp=0xc133cc00) at ../../net/if.c:612
#14 0xc0175868 in ifioctl (so=0xcac0b600, cmd=2149607696, 
    data=0xcc013ebc "ep0", p=0xcbfe1080) at ../../net/if.c:791
#15 0xc014a492 in soo_ioctl (fp=0xc133d2c0, cmd=2149607696, 
    data=0xcc013ebc "ep0", p=0xcbfe1080) at ../../kern/sys_socket.c:140
#16 0xc0147697 in ioctl (p=0xcbfe1080, uap=0xcc013f80) at ../../sys/file.h:171
#17 0xc01ecf72 in syscall (frame={tf_fs = 47, tf_es = 47, tf_ds = 47, 
      tf_edi = 6, tf_esi = 1, tf_ebp = -1077937152, tf_isp = -872333356, 
      tf_ebx = -1077937184, tf_edx = 0, tf_ecx = -1077937168, tf_eax = 54, 
      tf_trapno = 12, tf_err = 2, tf_eip = 134527484, tf_cs = 31, 
      tf_eflags = 659, tf_esp = -1077937228, tf_ss = 47})
    at ../../i386/i386/trap.c:1057
#18 0xc01e13b6 in Xint0x80_syscall ()
#19 0x8048816 in ?? ()
#20 0x8048665 in ?? ()
#21 0x80480f9 in ?? ()
(kgdb)

How-To-Repeat: 
	Suspend the machine, and then wake it up.  After the ethernet
	card gets bound by pccard, the machine drops into kernel
	debug.
Comment 1 sanpei 1999-12-28 13:16:02 UTC 
joe@pavilion.net wrote:
>> >Description:
>> 
>> 	After waking up my machine after a APM snooze (zzz) it
>> 	often drops into kernel debug mode.  Here's a backtrace:
>> 

  I also have this problem.  And if I comment out INET6 options,
there are no problems related syspend/resume.

  I think we need extra code for IPv6 like src/sys/net/if.c 1.81 changes.

http://www.FreeBSD.org/cgi/cvsweb.cgi/src/sys/net/if.c

MIHIRA Yoshiro
P.S.
We also need to patch for atm_nif_detach with IPv6?
Comment 2 Warner Losh freebsd_committer freebsd_triage 1999-12-30 19:01:20 UTC 
State Changed
From-To: open->closed

Yoshinobu Inoue <shin@FreeBSD.org> commited a change that fixed this.
Comment 3 joe freebsd_committer freebsd_triage 2000-01-01 03:38:52 UTC 
State Changed
From-To: closed->open

I don't believe that this has fixed the problem.  I've just got  
a panic with exactly the same backtrace on a kernel that I've confirmed 
has this patch in.
Comment 4 shin freebsd_committer freebsd_triage 2000-01-03 17:51:31 UTC 
State Changed
From-To: open->closed

new patch to netinet6/in6.c is confirmed to fix this problem.