From owner-freebsd-i386@FreeBSD.ORG Sun Mar 27 22:50:05 2005 Return-Path: Delivered-To: freebsd-i386@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 22ABE16A4CE for ; Sun, 27 Mar 2005 22:50:05 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id B907443D64 for ; Sun, 27 Mar 2005 22:50:04 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j2RMo4Jm069313 for ; Sun, 27 Mar 2005 22:50:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j2RMo426069312; Sun, 27 Mar 2005 22:50:04 GMT (envelope-from gnats) Resent-Date: Sun, 27 Mar 2005 22:50:04 GMT Resent-Message-Id: <200503272250.j2RMo426069312@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-i386@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Dariusz Kulinski Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B49C016A4CE for ; Sun, 27 Mar 2005 22:45:42 +0000 (GMT) Received: from chinatsu.takeda.tk (node-402413e2.sna.onnet.us.uu.net [64.36.19.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id 02AD743D3F for ; Sun, 27 Mar 2005 22:45:42 +0000 (GMT) (envelope-from takeda@chinatsu.takeda.tk) Received: from chinatsu.takeda.tk (takeda@localhost.takeda.tk [127.0.0.1]) by chinatsu.takeda.tk (8.13.1/8.13.1) with ESMTP id j2RMjeJC019732 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Mar 2005 14:45:41 -0800 (PST) (envelope-from takeda@chinatsu.takeda.tk) Received: (from takeda@localhost) by chinatsu.takeda.tk (8.13.1/8.13.1/Submit) id j2RMjeJ1019731; Sun, 27 Mar 2005 14:45:40 -0800 (PST) (envelope-from takeda) Message-Id: <200503272245.j2RMjeJ1019731@chinatsu.takeda.tk> Date: Sun, 27 Mar 2005 14:45:40 -0800 (PST) From: Dariusz Kulinski To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: i386/79288: System crash (with core) X-BeenThere: freebsd-i386@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Dariusz Kulinski List-Id: I386-specific issues for FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Mar 2005 22:50:05 -0000 >Number: 79288 >Category: i386 >Synopsis: System crash (with core) >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Mar 27 22:50:02 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Dariusz Kulinski >Release: FreeBSD 5.3-RELEASE-p5 i386 >Organization: >Environment: System: FreeBSD chinatsu.takeda.tk 5.3-RELEASE-p5 FreeBSD 5.3-RELEASE-p5 #6: Mon Jan 24 15:50:04 PST 2005 root@chinatsu.takeda.tk:/usr/obj/usr/src/sys/CHINATSU i386 >Description: Here is result from console: db> panic panic: from debugger KDB: stack backtrace: kdb_backtrace(c06d09c4,c0725520,c06c3f8d,cbd25a28,cbd25a1c) at kdb_backtrace+0x2e panic(c06c3f8d,cbd25ae0,c0441b92,c04e9d3f,0) at panic+0xb7 db_panic(c04e9d3f,0,ffffffff,cbd25a54,cbd25a50) at db_panic+0x12 db_command(c071bf24,c06ee960,c06ea7fc,c06ea800,cbd25b4c) at db_command+0x2b2 db_command_loop(c04e9d3f,0,2,313200,0) at db_command_loop+0x75 db_trap(c,0,10,cbd25b98,c069e014) at db_trap+0xe5 kdb_trap(c,0,cbd25be4,1,1) at kdb_trap+0x77 trap_fatal(cbd25be4,d15b2c64,c27d2500,0,d15b2c64) at trap_fatal+0x2e4 trap(c1b40018,10,c1820010,0,0) at trap+0x113 calltrap() at calltrap+0x5 --- trap 0xc, eip = 0xc04e9d3f, esp = 0xcbd25c24, ebp = 0xcbd25c44 --- sigtd(c18f68d4,e,81,c18f68d4,cbd25c94) at sigtd+0xaf psignal(c18f68d4,e,c050b0a0,c1b41640,ffffffff) at psignal+0x4b realitexpire(c18f68d4,0,cbd25cb8,2119bc,fb59fafe) at realitexpire+0x60 softclock(0,0,0,0,0) at softclock+0x26e ithread_loop(c14dd580,cbd25d48,0,0,0) at ithread_loop+0x1b8 fork_exit(c04cbd20,c14dd580,cbd25d48) at fork_exit+0x80 fork_trampoline() at fork_trampoline+0x8 --- trap 0x1, eip = 0, esp = 0xcbd25d7c, ebp = 0 --- >From dmesg log: kernel trap 12 with interrupts disabled Fatal trap 12: page fault while in kernel mode fault virtual address = 0xd15b2c64 fault code = supervisor read, page not present instruction pointer = 0x8:0xc04e9d3f stack pointer = 0x10:0xcbd25c24 frame pointer = 0x10:0xcbd25c44 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = resume, IOPL = 0 current process = 27 (swi5: clock sio) panic: from debugger KDB: stack backtrace: Uptime: 25d2h34m36s Dumping 255 MB 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 Dump complete Automatic reboot in 15 seconds - press a key on the console to abort --> Press a key on the console to reboot, --> or switch off the system now. Rebooting... >From kgdb: [chinatsu]:/var/crash# kgdb /usr/obj/usr/src/sys/CHINATSU/kernel.debug vmcore.2 [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". doadump () at pcpu.h:159 (kgdb) bt #0 doadump () at pcpu.h:159 #1 0xc04e6024 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:397 #2 0xc04e63d9 in panic (fmt=0xc06c3f8d "from debugger") at /usr/src/sys/kern/kern_shutdown.c:553 #3 0xc0441c22 in db_panic (addr=-1068589761, have_addr=0, count=-1, modif=0xcbd25a54 "") at /usr/src/sys/ddb/db_command.c:435 #4 0xc0441b92 in db_command (last_cmdp=0xc071bf24, cmd_table=0x0, aux_cmd_tablep=0xc06ea7fc, aux_cmd_tablep_end=0xc06ea800) at /usr/src/sys/ddb/db_command.c:349 #5 0xc0441ca5 in db_command_loop () at /usr/src/sys/ddb/db_command.c:455 #6 0xc0443df5 in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_main.c:221 #7 0xc0503b87 in kdb_trap (type=0, code=0, tf=0xcbd25be4) at /usr/src/sys/kern/subr_kdb.c:418 #8 0xc069e014 in trap_fatal (frame=0xcbd25be4, eva=0) at /usr/src/sys/i386/i386/trap.c:804 #9 0xc069d633 in trap (frame= {tf_fs = -1045168104, tf_es = 16, tf_ds = -1048444912, tf_edi = 0, tf_esi = 0, tf_ebp = -875406268, tf_isp = -875406320, tf_ebx = -1030312432, tf_edx = 8192, tf_ecx = 13, tf_eax = -782554012, tf_trapno = 12, tf_err = 0, tf_eip = -1068589761, tf_cs = 8, tf_eflags = 65666, tf_esp = 0, tf_ss = -1051819632}) at /usr/src/sys/i386/i386/trap.c:247 #10 0xc068ad7a in calltrap () at /usr/src/sys/i386/i386/exception.s:140 #11 0xc1b40018 in ?? () #12 0x00000010 in ?? () #13 0xc1820010 in ?? () #14 0x00000000 in ?? () #15 0x00000000 in ?? () #16 0xcbd25c44 in ?? () #17 0xcbd25c10 in ?? () #18 0xc296ae10 in ?? () #19 0x00002000 in ?? () #20 0x0000000d in ?? () #21 0xd15b2c64 in ?? () #22 0x0000000c in ?? () #23 0x00000000 in ?? () #24 0xc04e9d3f in sigtd (p=0xc18f68d4, sig=14, prop=129) at /usr/src/sys/kern/kern_sig.c:1581 #25 0xc04e9e2b in psignal (p=0x0, sig=14) at /usr/src/sys/kern/kern_sig.c:1634 #26 0xc04f5170 in realitexpire (arg=0xc18f68d4) at /usr/src/sys/kern/kern_time.c:554 #27 0xc04f595e in softclock (dummy=0x0) at /usr/src/sys/kern/kern_timeout.c:259 #28 0xc04cbed8 in ithread_loop (arg=0xc14dd580) at /usr/src/sys/kern/kern_intr.c:547 #29 0xc04cac10 in fork_exit (callout=0xc04cbd20 , arg=0x0, frame=0x0) at /usr/src/sys/kern/kern_fork.c:811 #30 0xc068addc in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:209 (kgdb) frame 24 #24 0xc04e9d3f in sigtd (p=0xc18f68d4, sig=14, prop=129) at /usr/src/sys/kern/kern_sig.c:1581 1581 if (td->td_waitset != NULL && (kgdb) list 1528 1523 p->p_sig = sig; /* XXX to verify code */ 1524 sigexit(td, sig); 1525 } else { 1526 cpu_thread_siginfo(sig, code, &siginfo); 1527 mtx_unlock(&ps->ps_mtx); 1528 SIGADDSET(td->td_sigmask, sig); 1529 PROC_UNLOCK(p); 1530 error = copyout(&siginfo, &td->td_mailbox->tm_syncsig, 1531 sizeof(siginfo)); 1532 PROC_LOCK(p); (kgdb) p td $1 = (struct thread *) 0xc296ae10 (kgdb) p (struct thread *)td $2 = (struct thread *) 0xc296ae10 (kgdb) p td->td_sigmask $3 = {__bits = {159751, 0, 0, 0}} (kgdb) p sig $4 = 14 (kgdb) >How-To-Repeat: No idea, it just happens >Fix: No idea how to fix it >Release-Note: >Audit-Trail: >Unformatted: