Date: Mon, 18 Mar 2002 21:37:16 +0000 (GMT) From: Michael Allman <allman@maths.ox.ac.uk> To: <freebsd-stable@freebsd.org> Subject: 4.5-RELEASE kernel panic Message-ID: <Pine.OSF.4.33.0203182119250.2438-100000@cream-puff.maths.ox.ac.uk>
next in thread | raw e-mail | index | archive | help
Hello All,
Below is an abbreviated kernel debugging session from a kernel panic. I
suspect this is due to a bug in the network routing code. Somehow, a null
pointer got thrown in the works. Could someone more knowledgable of these
things have a look? I can provide more information as requested.
Thanks!
Michael
My system: FreeBSD 4.5-RELEASE on an AMD Athlon 1 GHz, 512 MB RAM, Intel
Etherexpress PRO 100S.
What I found with gdb -k:
panic messages:
---
Fatal trap 12: page fault while in kernel mode
fault virtual address =3D 0x303031f
fault code =3D supervisor read, page not present
instruction pointer =3D 0x8:0xc01b9049
stack pointer =3D 0x10:0xc030cf78
frame pointer =3D 0x10:0xc030cfc8
code segment =3D base 0x0, limit 0xfffff, type 0x1b
=3D DPL 0, pres 1, def32 1, gran 1
processor eflags =3D interrupt enabled, resume, IOPL =3D 0
current process =3D Idle
interrupt mask =3D
trap number =3D 12
****************
(kgdb) bt
#0 dumpsys () at ../../kern/kern_shutdown.c:474
#1 0xc016fbfb in boot (howto=3D260) at ../../kern/kern_shutdown.c:313
#2 0xc016fff5 in panic (fmt=3D0xc030574c "%s") at
=2E./../kern/kern_shutdown.c:582
#3 0xc02b2faf in trap_fatal (frame=3D0xc030cd64, eva=3D48)
at ../../i386/i386/trap.c:956
#4 0xc02b2c5d in trap_pfault (frame=3D0xc030cd64, usermode=3D0, eva=3D48)
at ../../i386/i386/trap.c:849
#5 0xc02b2803 in trap (frame=3D{tf_fs =3D 16, tf_es =3D 16, tf_ds =3D 16,
tf_edi =3D -1070166208, tf_esi =3D 0, tf_ebp =3D -1070543444,
tf_isp =3D -1070543472, tf_ebx =3D -1070432644, tf_edx =3D 6832192,
tf_ecx =3D 8, tf_eax =3D 0, tf_trapno =3D 12, tf_err =3D 0,
tf_eip =3D -1071357192, tf_cs =3D 8, tf_eflags =3D 66050, tf_esp =3D =
0,
tf_ss =3D 0}) at ../../i386/i386/trap.c:448
#6 0xc02462f8 in acquire_lock (lk=3D0xc0327e7c)
at ../../ufs/ffs/ffs_softdep.c:271
#7 0xc024a896 in softdep_fsync_mountdev (vp=3D0xe36db540)
at ../../ufs/ffs/ffs_softdep.c:3986
#8 0xc024ec5a in ffs_fsync (ap=3D0xc030ce20) at
=2E./../ufs/ffs/ffs_vnops.c:134
#9 0xc024d8e7 in ffs_sync (mp=3D0xc198ec00, waitfor=3D2, cred=3D0xc1474500=
,
p=3D0xc0368f40) at vnode_if.h:558
#10 0xc019ffd3 in sync (p=3D0xc0368f40, uap=3D0x0) at
=2E./../kern/vfs_syscalls.c:547
#11 0xc016f9ae in boot (howto=3D256) at ../../kern/kern_shutdown.c:234
#12 0xc016fff5 in panic (fmt=3D0xc030574c "%s") at
=2E./../kern/kern_shutdown.c:582
#13 0xc02b2faf in trap_fatal (frame=3D0xc030cf38, eva=3D50529055)
at ../../i386/i386/trap.c:956
#14 0xc02b2c5d in trap_pfault (frame=3D0xc030cf38, usermode=3D0, eva=3D5052=
9055)
at ../../i386/i386/trap.c:849
#15 0xc02b2803 in trap (frame=3D{tf_fs =3D 16, tf_es =3D 16, tf_ds =3D 16,
tf_edi =3D -1047960544, tf_esi =3D 0, tf_ebp =3D -1070542904,
tf_isp =3D -1070543004, tf_ebx =3D 50529027, tf_edx =3D 0,
tf_ecx =3D -1048122492, tf_eax =3D 6424576, tf_trapno =3D 12, tf_err =
=3D 0,
tf_eip =3D -1071935415, tf_cs =3D 8, tf_eflags =3D 66054,
tf_esp =3D -1047960544, tf_ss =3D 50529027}) at
=2E./../i386/i386/trap.c:448
#16 0xc01b9049 in rtalloc1 (dst=3D0xc1896420, report=3D0, ignflags=3D65792)
at ../../net/route.c:135
#17 0xc01c53e5 in in_addroute (v_arg=3D0xc1896420, n_arg=3D0x0,
head=3D0xc186ea80,
treenodes=3D0xc1e95c00) at ../../netinet/in_rmx.c:121
#18 0xc01b98e8 in rtrequest1 (req=3D11, info=3D0xc030d054, ret_nrt=3D0xc030=
d0b8)
at ../../net/route.c:692
#19 0xc01b9518 in rtrequest (req=3D11, dst=3D0xc030d130, gateway=3D0x0,
netmask=3D0x0,
flags=3D0, ret_nrt=3D0xc030d0b8) at ../../net/route.c:489
#20 0xc01b9097 in rtalloc1 (dst=3D0xc030d130, report=3D1, ignflags=3D256)
at ../../net/route.c:149
#21 0xc01b9004 in rtalloc_ign (ro=3D0xc030d12c, ignore=3D256)
at ../../net/route.c:111
#22 0xc1a22019 in ?? ()
#23 0xc1a22b73 in ?? ()
#24 0xc01c73b7 in ip_input (m=3D0xc1476600) at ../../netinet/ip_input.c:419
#25 0xc01c793b in ipintr () at ../../netinet/ip_input.c:843
#26 0xc02a7d95 in swi_net_next ()
(kgdb) up 16
#16 0xc01b9049 in rtalloc1 (dst=3D0xc1896420, report=3D0, ignflags=3D65792)
at ../../net/route.c:135
135 if (rnh && (rn =3D rnh->rnh_matchaddr((caddr_t)dst, rnh)) &=
&
(kgdb) list
130 int s =3D splnet(), err =3D 0, msgtype =3D RTM_MISS;
131
132 /*
133 * Look up the address in the table for that Address
Family
134 */
135 if (rnh && (rn =3D rnh->rnh_matchaddr((caddr_t)dst, rnh)) &=
&
136 ((rn->rn_flags & RNF_ROOT) =3D=3D 0)) {
137 /*
138 * If we find it and it's not the root node, then
139 * get a refernce on the rtentry associated.
(kgdb) print rnh
$1 =3D (struct radix_node_head *) 0x620800
(kgdb) print dst
$2 =3D (struct sockaddr *) 0xc1896420
(kgdb) print rn
$3 =3D (struct radix_node *) 0x0
(kgdb) print *rnh
cannot read proc at 0
(kgdb) print *dst
$4 =3D {sa_len =3D 0 '\000', sa_family =3D 97 'a',
sa_data =3D "\211=C1\020\002\000\000=A3\001\177\236\000\000\000"}
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.33.0203182119250.2438-100000>