From owner-freebsd-bugs@FreeBSD.ORG Tue Sep 9 21:00:36 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1BAA916A4BF for ; Tue, 9 Sep 2003 21:00:36 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id A8D3543FE0 for ; Tue, 9 Sep 2003 21:00:33 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h8A40XUp025739 for ; Tue, 9 Sep 2003 21:00:33 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h8A40X6h025738; Tue, 9 Sep 2003 21:00:33 -0700 (PDT) Resent-Date: Tue, 9 Sep 2003 21:00:33 -0700 (PDT) Resent-Message-Id: <200309100400.h8A40X6h025738@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Mário Freitas Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B0C2D16A4BF for ; Tue, 9 Sep 2003 20:56:41 -0700 (PDT) Received: from unbreakable.homeunix.org (a213-22-141-83.netcabo.pt [213.22.141.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7E9DB43F75 for ; Tue, 9 Sep 2003 20:56:40 -0700 (PDT) (envelope-from sub_0@unbreakable.homeunix.org) Message-Id: <20030910035643.30DCA207B@suzy.unbreakable.homeunix.org> Date: Wed, 10 Sep 2003 04:56:43 +0100 (WEST) From: Mário Freitas To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: kern/56667: kernel panic after executing cdrecord on -CURRENT X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Mário Freitas List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Sep 2003 04:00:36 -0000 >Number: 56667 >Category: kern >Synopsis: kernel panic after executing cdrecord on -CURRENT >Confidential: no >Severity: critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Sep 09 21:00:33 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Mário Freitas >Release: FreeBSD 5.1-CURRENT i386 >Organization: >Environment: System: FreeBSD suzy.unbreakable.homeunix.org 5.1-CURRENT FreeBSD 5.1-CURRENT #0: Tue Sep 9 23:39:24 WEST 2003 sub_0@suzy.unbreakable.homeunix.org:/usr/obj/usr/src/sys/SUZY i386 >Description: This is _very_ similar to kern/56380. After trying to burn a cd with "cdrecord speed=4 dev=0,1,0 image.raw" the kernel panicks. I also couldn't get a crash dump, after typing "panic" in ddb the computer stoped responding(I tried many times without success) so I _hope_ the values below are not wrong: panic: vm_fault_copy_wired: page missing Debugger("panic") Stopped at Debugger+0x45: xchgl %ebx,in_Debugger.0 db> trace Debugger(c03188c6) at Debugger+0x45 panic(c0326d7b,280bf000,7000000,0,0) at panic+0xbb vm_fault_copy_entry(c29cea00,c29ce700,c2afea8c,c2b03b40) at vm_fault_copy_entry+0xf8 vm_map_copy_entry(c29ce700,c29cea00,c2b03b40,c2afea8c,c29cea00,c2afebb8,c2afea8c,c29cea00) at vm_map_copy_entry+0x181 vmspace_fork(c29ce700,c2a0ebc4,c2a0eb58,c2a0e974,ceb15ccc) at vmspace_fork+0x210 vm_forkproc(c2a09850,c2a0eb58,c2a09720,14,c2a0ebc4,0,c0316d36,288,c0389ec0,c0316d36,284) at vm_forkproc+0xa7 fork1(c2a09850,14,0,ceb15ce4,ceb15d40) at fork1+0xaff fork(c2a09850,ceb15d14,0,2,246) at fork+0x18 syscall(2f,2f,2f,1000,10000) at syscall+0x1e7 Xint0x80_syscall() at Xint0x80_syscall+0x1d --- syscall (2, FreeBSD ELF32, fork), eip = 0x28107283, esp = 0xbfbfd70c, ebp = 0xbfbfd738 --- db> show object Object 0xc02d4969: type=250, size=0xe66ce2e850046a00, res=-92183040, ref=28839108, flags=0x1b74 Fatal trap 12: page fault while in kernel mode fault virtual address = 0xf75c4e3 fault code = supervisor read, page not present instruction pointer = 0x8:0xc02ad4bd stack pointer = 0x10:0xceb159e4 frame pointer = 0x10:0xceb159f8 code segment = base 0x0, limit 0xffffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = resume, IOPL = 0 current process = 671 (cdrecord) kernel: type 12 trap, code=0 Stopped at Debugger+0x45: xchgl %ebx,in_Debugger.0 db> show reg cs 0x8 ds 0x10 es 0xc01f0010 fs 0xce1e0018 ss 0x10 eax 0x12 ecx 0x1 edx 0 ebx 0 esp 0xce1efb8c ebp 0xce1efb90 esi 0xc0326d7b edi 0x1 eip 0xc02d4969 Debugger+0x45 efl 0x282 dr0 0 dr1 0 dr2 0 dr3 0 dr4 0xffff4ff0 dr5 0x400 dr6 0xffff4ff0 dr7 0x400 Debugger+0x45: xchgl %ebx,in_Debugger.0 I also executed: objdump -D kernel.debug | grep -B 50 -A 50 c02ad4bd c02ad435: e8 de 02 e9 ff call c013d718 c02ad43a: 83 c4 08 add $0x8,%esp c02ad43d: 8d 76 00 lea 0x0(%esi),%esi c02ad440: 53 push %ebx c02ad441: e8 0e ff ff ff call c02ad354 c02ad446: 83 c4 04 add $0x4,%esp c02ad449: 85 c0 test %eax,%eax c02ad44b: 75 1b jne c02ad468 c02ad44d: ff 73 74 pushl 0x74(%ebx) c02ad450: ff 73 54 pushl 0x54(%ebx) c02ad453: ff 73 54 pushl 0x54(%ebx) c02ad456: ff 73 60 pushl 0x60(%ebx) c02ad459: 68 9e 79 32 c0 push $0xc032799e c02ad45e: e8 b5 02 e9 ff call c013d718 c02ad463: 83 c4 14 add $0x14,%esp c02ad466: 89 f6 mov %esi,%esi c02ad468: 8b 5b 34 mov 0x34(%ebx),%ebx c02ad46b: 85 db test %ebx,%ebx c02ad46d: 75 a9 jne c02ad418 c02ad46f: 8b 5d fc mov 0xfffffffc(%ebp),%ebx c02ad472: c9 leave c02ad473: c3 ret c02ad474 : c02ad474: 55 push %ebp c02ad475: 89 e5 mov %esp,%ebp c02ad477: 56 push %esi c02ad478: 53 push %ebx c02ad479: 8b 5d 08 mov 0x8(%ebp),%ebx c02ad47c: 8b 75 0c mov 0xc(%ebp),%esi c02ad47f: 85 db test %ebx,%ebx c02ad481: 0f 84 f1 00 00 00 je c02ad578 c02ad487: 0f b7 43 6a movzwl 0x6a(%ebx),%eax c02ad48b: 50 push %eax c02ad48c: ff 73 60 pushl 0x60(%ebx) c02ad48f: ff 73 70 pushl 0x70(%ebx) c02ad492: ff 73 58 pushl 0x58(%ebx) c02ad495: ff 73 54 pushl 0x54(%ebx) c02ad498: 0f b6 43 68 movzbl 0x68(%ebx),%eax c02ad49c: 50 push %eax c02ad49d: 53 push %ebx c02ad49e: 68 f3 79 32 c0 push $0xc03279f3 c02ad4a3: e8 90 02 e9 ff call c013d738 c02ad4a8: 83 c4 20 add $0x20,%esp c02ad4ab: ff 73 7c pushl 0x7c(%ebx) c02ad4ae: ff 73 78 pushl 0x78(%ebx) c02ad4b1: ff 73 74 pushl 0x74(%ebx) c02ad4b4: 83 7b 74 00 cmpl $0x0,0x74(%ebx) c02ad4b8: 74 0a je c02ad4c4 c02ad4ba: 8b 43 74 mov 0x74(%ebx),%eax c02ad4bd: 8b 40 60 mov 0x60(%eax),%eax c02ad4c0: eb 07 jmp c02ad4c9 c02ad4c2: 89 f6 mov %esi,%esi c02ad4c4: b8 00 00 00 00 mov $0x0,%eax c02ad4c9: 50 push %eax c02ad4ca: ff 73 64 pushl 0x64(%ebx) c02ad4cd: 68 2f 7a 32 c0 push $0xc0327a2f c02ad4d2: e8 61 02 e9 ff call c013d738 c02ad4d7: 83 c4 18 add $0x18,%esp c02ad4da: 85 f6 test %esi,%esi c02ad4dc: 0f 84 96 00 00 00 je c02ad578 c02ad4e2: 83 05 b0 4f 37 c0 02 addl $0x2,0xc0374fb0 c02ad4e9: be 00 00 00 00 mov $0x0,%esi c02ad4ee: 8b 5b 48 mov 0x48(%ebx),%ebx c02ad4f1: 85 db test %ebx,%ebx c02ad4f3: 74 69 je c02ad55e c02ad4f5: 8d 76 00 lea 0x0(%esi),%esi c02ad4f8: 85 f6 test %esi,%esi c02ad4fa: 75 0c jne c02ad508 c02ad4fc: 68 58 7a 32 c0 push $0xc0327a58 c02ad501: e8 32 02 e9 ff call c013d738 c02ad506: eb 2e jmp c02ad536 c02ad508: 83 fe 06 cmp $0x6,%esi c02ad50b: 75 1f jne c02ad52c c02ad50d: 68 fc 39 30 c0 push $0xc03039fc c02ad512: e8 01 02 e9 ff call c013d718 c02ad517: 68 61 7a 32 c0 push $0xc0327a61 c02ad51c: e8 17 02 e9 ff call c013d738 c02ad521: be 00 00 00 00 mov $0x0,%esi c02ad526: 83 c4 08 add $0x8,%esp c02ad529: eb 0e jmp c02ad539 c02ad52b: 90 nop c02ad52c: 68 de d6 31 c0 push $0xc031d6de c02ad531: e8 e2 01 e9 ff call c013d718 c02ad536: 83 c4 04 add $0x4,%esp c02ad539: 46 inc %esi c02ad53a: 8b 43 24 mov 0x24(%ebx),%eax c02ad53d: ba 00 00 00 00 mov $0x0,%edx c02ad542: 52 push %edx c02ad543: 50 push %eax c02ad544: ff 73 20 pushl 0x20(%ebx) c02ad547: ff 73 1c pushl 0x1c(%ebx) c02ad54a: 68 66 7a 32 c0 push $0xc0327a66 c02ad54f: e8 c4 01 e9 ff call c013d718 c02ad554: 83 c4 14 add $0x14,%esp c02ad557: 8b 5b 08 mov 0x8(%ebx),%ebx c02ad55a: 85 db test %ebx,%ebx c02ad55c: 75 9a jne c02ad4f8 c02ad55e: 85 f6 test %esi,%esi c02ad560: 74 0e je c02ad570 c02ad562: 68 fc 39 30 c0 push $0xc03039fc >How-To-Repeat: Simply try to burn a cd with cdrecord on -CURRENT >Fix: >Release-Note: >Audit-Trail: >Unformatted: