Date: Mon, 9 Aug 2010 22:41:15 GMT From: "Oleksandr V. Typlyns'kyi" <astral@kpmedia.ua> To: freebsd-gnats-submit@FreeBSD.org Subject: i386/149479: 8.1-RELEASE kernel panic Message-ID: <201008092241.o79MfF7L009213@www.freebsd.org> Resent-Message-ID: <201008092250.o79Mo1Oh040657@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 149479
>Category: i386
>Synopsis: 8.1-RELEASE kernel panic
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-i386
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Aug 09 22:50:01 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Oleksandr V. Typlyns'kyi
>Release: 8.1-RELEASE
>Organization:
>Environment:
FreeBSD bm5.sm 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Sat Jul 17 15:47:57 EEST 2010 root@bm10.sm:/usr/obj/usr/src/sys/BM i386
>Description:
Unread portion of the kernel message buffer:
kernel trap 12 with interrupts disabled
Fatal trap 12: page fault while in kernel mode
cpuid = 3; apic id = 03
fault virtual address = 0x14
fault code = supervisor read, page not present
instruction pointer = 0x20:0xc0688fef
stack pointer = 0x28:0xe81589d4
frame pointer = 0x28:0xe81589f0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = resume, IOPL = 0
current process = 18657 (httpd)
trap number = 12
panic: page fault
cpuid = 3
Uptime: 7d1h3m30s
Physical memory: 2038 MB
Dumping 258 MB: 243 227 211 195 179 163 147 131 115 99 83 67 51 35 19 3
Reading symbols from /boot/kernel/aio.ko...done.
Loaded symbols for /boot/kernel/aio.ko
#0 doadump () at pcpu.h:246
246 __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) where
#0 doadump () at pcpu.h:246
#1 0xc064d8e7 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:416
#2 0xc064db49 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:590
#3 0xc082c76c in trap_fatal (frame=0xe8158994, eva=20) at /usr/src/sys/i386/i386/trap.c:938
#4 0xc082d061 in trap (frame=0xe8158994) at /usr/src/sys/i386/i386/trap.c:328
#5 0xc080fdfb in calltrap () at /usr/src/sys/i386/i386/exception.s:165
#6 0xc0688fef in turnstile_broadcast (ts=0x0, queue=0) at /usr/src/sys/kern/subr_turnstile.c:832
#7 0xc063da09 in _mtx_unlock_sleep (m=0xc094b950, opts=0, file=0x0, line=0) at /usr/src/sys/kern/kern_mutex.c:675
#8 0xc06ccbd1 in lookup (ndp=0xe8158b5c) at /usr/src/sys/kern/vfs_lookup.c:907
#9 0xc06cd28b in namei (ndp=0xe8158b5c) at /usr/src/sys/kern/vfs_lookup.c:269
#10 0xc06dbad2 in kern_statat_vnhook (td=0xcae82500, flag=512, fd=-100, path=0xbfbfa118 <Address 0xbfbfa118 out of bounds>, pathseg=UIO_USERSPACE, sbp=0xe8158c18, hook=0)
at /usr/src/sys/kern/vfs_syscalls.c:2346
#11 0xc06dbc4c in kern_statat (td=0xcae82500, flag=512, fd=-100, path=0xbfbfa118 <Address 0xbfbfa118 out of bounds>, pathseg=UIO_USERSPACE, sbp=0xe8158c18)
at /usr/src/sys/kern/vfs_syscalls.c:2327
#12 0xc06dbc86 in kern_lstat (td=0xcae82500, path=0xbfbfa118 <Address 0xbfbfa118 out of bounds>, pathseg=UIO_USERSPACE, sbp=0xe8158c18) at /usr/src/sys/kern/vfs_syscalls.c:2400
#13 0xc06dbd2f in lstat (td=0xcae82500, uap=0xe8158cf8) at /usr/src/sys/kern/vfs_syscalls.c:2390
#14 0xc082ccc3 in syscall (frame=0xe8158d38) at /usr/src/sys/i386/i386/trap.c:1111
#15 0xc080fe60 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:261
#16 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)
(kgdb) bt full
#0 doadump () at pcpu.h:246
No locals.
#1 0xc064d8e7 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:416
_giantcnt = Variable "_giantcnt" is not available.
(kgdb) list *0xc0688fef
0xc0688fef is in turnstile_broadcast (/usr/src/sys/kern/subr_turnstile.c:832).
827
828 /*
829 * Transfer the blocked list to the pending list.
830 */
831 mtx_lock_spin(&td_contested_lock);
832 TAILQ_CONCAT(&ts->ts_pending, &ts->ts_blocked[queue], td_lockq);
833 mtx_unlock_spin(&td_contested_lock);
834
835 /*
836 * Give a turnstile to each thread. The last thread gets
(kgdb) list *0xc06cd28b
0xc06cd28b is in namei (/usr/src/sys/kern/vfs_lookup.c:269).
264 VREF(dp);
265 }
266 if (vfslocked)
267 ndp->ni_cnd.cn_flags |= GIANTHELD;
268 ndp->ni_startdir = dp;
269 error = lookup(ndp);
270 if (error) {
271 uma_zfree(namei_zone, cnp->cn_pnbuf);
272 #ifdef DIAGNOSTIC
273 cnp->cn_pnbuf = NULL;
(kgdb) list *0xc06dbad2
0xc06dbad2 is in kern_statat_vnhook (/usr/src/sys/kern/vfs_syscalls.c:2346).
2341
2342 NDINIT_AT(&nd, LOOKUP, ((flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW :
2343 FOLLOW) | LOCKSHARED | LOCKLEAF | AUDITVNODE1 | MPSAFE, pathseg,
2344 path, fd, td);
2345
2346 if ((error = namei(&nd)) != 0)
2347 return (error);
2348 vfslocked = NDHASGIANT(&nd);
2349 error = vn_stat(nd.ni_vp, &sb, td->td_ucred, NOCRED, td);
2350 if (!error) {
(kgdb) list *0xc06dbc4c
0xc06dbc4c is in kern_statat (/usr/src/sys/kern/vfs_syscalls.c:2328).
2323 kern_statat(struct thread *td, int flag, int fd, char *path,
2324 enum uio_seg pathseg, struct stat *sbp)
2325 {
2326
2327 return (kern_statat_vnhook(td, flag, fd, path, pathseg, sbp, NULL));
2328 }
2329
2330 int
2331 kern_statat_vnhook(struct thread *td, int flag, int fd, char *path,
2332 enum uio_seg pathseg, struct stat *sbp,
(kgdb) list *0xc06dbd2f
0xc06dbd2f is in lstat (/usr/src/sys/kern/vfs_syscalls.c:2391).
2386 {
2387 struct stat sb;
2388 int error;
2389
2390 error = kern_lstat(td, uap->path, UIO_USERSPACE, &sb);
2391 if (error == 0)
2392 error = copyout(&sb, uap->ub, sizeof (sb));
2393 return (error);
2394 }
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201008092241.o79MfF7L009213>