From owner-freebsd-current@FreeBSD.ORG Wed Jun 9 13:45:47 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6158416A4CE for ; Wed, 9 Jun 2004 13:45:47 +0000 (GMT) Received: from server.alexdupre.com (host245-49.pool8288.interbusiness.it [82.88.49.245]) by mx1.FreeBSD.org (Postfix) with ESMTP id 599A743D2D for ; Wed, 9 Jun 2004 13:45:41 +0000 (GMT) (envelope-from ale@FreeBSD.org) Received: from [192.168.0.101] (thunder.alexdupre.com [192.168.0.101]) i59DjTHO056704 for ; Wed, 9 Jun 2004 15:45:30 +0200 (CEST) (envelope-from ale@FreeBSD.org) Message-ID: <40C71479.6050500@FreeBSD.org> Date: Wed, 09 Jun 2004 15:45:29 +0200 From: Alex Dupre User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-current@FreeBSD.org References: <40C6AC62.2070604@FreeBSD.org> <20040609062719.GA63934@xor.obsecurity.org> <40C6B5D8.4000505@FreeBSD.org> <20040609071147.GA65144@xor.obsecurity.org> In-Reply-To: <20040609071147.GA65144@xor.obsecurity.org> X-Enigmail-Version: 0.84.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: kernel panic on smb activity X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jun 2004 13:45:47 -0000 Kris Kennaway wrote: > What backtrace, or which source code line is it faulting at (use > addr2line)? > > P.S. Please try to be proactive with this kind of information Just recompiled my kernel with debug symbols and DDB, these are the relevant info: Fatal trap 12: page fault while in kernel mode fault virtual address = 0xc fault code = supervisor write, page not present instruction pointer = 0x8:0xc05b4805 stack pointer = 0x10:0xd3655a40 frame pointer = 0x10:0xd3655a8c code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 672 (cp) kernel: type 12 trap, code=0 Stopped at m_getm+0xa5: movl $0,0xc(%ecx) db> trace m_getm(c180fe00,508,2,1,c180fe6f) at m_getm+0xa5 mb_put_mem(c1bba718,28163090,508,1,1) at mb_put_mem+0xb9 mb_put_uio(c1bba718,d3655c80,598,0,4000) at mb_put_mem+0xb9 smb_write(c1bba800,4000,d3655c80,d3655b80,c05cce88) at smb_write+0x414 smbfs_writevnode(c1c15208,d3655c80,c1bf7b80,20001,0) at smbfs_writevnode+0x1a1 smbfs_write(d3655be4,20002,c1840dc0,c1626588,1) at smbfs_write+0x41 vn_write(c1845bb0,d3655c80,c1bf7b80,0,c1840dc0) at vn_write+0x1bb dofilewrite(c1840dc0,c1845bb0,4,28163000,598) at dofilewrite+0xec write(c1840dc0,d3655d14,c,4,3) at write+0x7d syscall(2f,2f,2f,28163000,598) at syscall+0x1e0 Xint0x80_syscall() at Xint0x80_syscall+0x1f --- syscall (4, FreeBSD ELF32, write), eip = 0x280cde8f, esp = 0xbfbfea8c, ebp = 0xbfbfead8 --- (kgdb) l *m_getm+0xa5 0xc05b4805 is in m_getm (/usr/src/sys/kern/uipc_mbuf.c:128). 123 if (num > 0) { 124 if ((top = cur = m_getcl(how, type, 0)) == NULL) 125 goto failed; 126 } 127 num--; 128 top->m_len = 0; 129 130 for (i = 0; i < num; i++) { 131 mb = m_getcl(how, type, 0); 132 if (mb == NULL) -- Alex Dupre