[Openswan Users] kernel 2.4.26 + Openswan 2.1.4 + net-snmp-5.1 = Kernel Oops

Martin Bene martin.bene at icomedias.com
Fri Jul 30 09:30:34 CEST 2004 

Nate Carlson wrote:

>>I'll add my information to the bug.

OK, Oops + snmp strace now available in the bug description.

> Are you still able to ping the box, but none of the network-related
> commands work, and things just aren't stable? That's basically what
> happens to me.

Yep, that about covers it.

Just reproduced with 2.2.0dr2.

Unable to handle kernel NULL pointer dereference at virtual address 000000ec
d08bdcf6
*pde = 00000000
Oops: 0002
CPU: 0
EIP: 0010:[<d08bdcf6>] Not tainted
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010246
eax: 00000000 ebx: cd675f68 ecx: 00000000 edx: cd675f04
esi: 00000000 edi: cd675f14 ebp: cf003000 esp: cd675ef4
ds: 0018 es: 0018 ss: 0018
Process snmpd (pid: 2436, stackpage=cd675000)
Stack: cd675f04 cd675f64 cfe43800 cf154ea0 da0110e9 00000000 00000000 
00000000
        000089f0 cf003000 cd675f54 cd675f54 c021ec5f cf003000 cd675f54 
000089f0
        00000000 000089f0 00000001 00000000 c021ee8a cd675f54 000089f0 
00000020
Call Trace: [<c021ec5f>] [<c021ee8a>] [<c0216576>] [<c0144ef9>]
[<c010729b>]
Code: ff 0d ec 00 00 00 0f 94 c0 84 c0 75 0a b8 fa ff ff ff e9 fd


 >>EIP; d08bdcf6 <[ipsec]ipsec_tunnel_ioctl+146/240> <=====

 >>ebx; cd675f68 <_end+d318d14/104f8e0c>
 >>edx; cd675f04 <_end+d318cb0/104f8e0c>
 >>edi; cd675f14 <_end+d318cc0/104f8e0c>
 >>ebp; cf003000 <_end+eca5dac/104f8e0c>
 >>esp; cd675ef4 <_end+d318ca0/104f8e0c>

Trace; c021ec5f <dev_ifsioc+3cf/440>
Trace; c021ee8a <dev_ioctl+1ba/2a0>
Trace; c0216576 <sock_ioctl+26/30>
Trace; c0144ef9 <sys_ioctl+c9/250>
Trace; c010729b <system_call+33/38>

Code; d08bdcf6 <[ipsec]ipsec_tunnel_ioctl+146/240>
00000000 <_EIP>:
Code; d08bdcf6 <[ipsec]ipsec_tunnel_ioctl+146/240> <=====
    0: ff 0d ec 00 00 00 decl 0xec <=====
Code; d08bdcfc <[ipsec]ipsec_tunnel_ioctl+14c/240>
    6: 0f 94 c0 sete %al
Code; d08bdcff <[ipsec]ipsec_tunnel_ioctl+14f/240>
    9: 84 c0 test %al,%al
Code; d08bdd01 <[ipsec]ipsec_tunnel_ioctl+151/240>
    b: 75 0a jne 17 <_EIP+0x17>
Code; d08bdd03 <[ipsec]ipsec_tunnel_ioctl+153/240>
    d: b8 fa ff ff ff mov $0xfffffffa,%eax
Code; d08bdd08 <[ipsec]ipsec_tunnel_ioctl+158/240>
   12: e9 fd 00 00 00 jmp 114 <_EIP+0x114>


Trace of what snmpdaemon was doing at the time of the crash:

socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 10
open("/proc/net/dev", O_RDONLY|O_LARGEFILE) = 11
fstat64(11, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x40016000
read(11, "Inter-| Receive "..., 4096) = 1933
...
ioctl(10, 0x89f0 <unfinished ...>
+++ killed by SIGSEGV +++

Bye, Martin

More information about the Users mailing list