From owner-freebsd-bugs@FreeBSD.ORG Wed Oct 19 07:00:34 2005 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F422216A420 for ; Wed, 19 Oct 2005 07:00:33 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id B788D43D48 for ; Wed, 19 Oct 2005 07:00:33 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j9J70XQw022347 for ; Wed, 19 Oct 2005 07:00:33 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j9J70X3s022346; Wed, 19 Oct 2005 07:00:33 GMT (envelope-from gnats) Date: Wed, 19 Oct 2005 07:00:33 GMT Message-Id: <200510190700.j9J70X3s022346@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Gleb Smirnoff Cc: Subject: Re: kern/87596: [panic] OS crash on a Firefox link click (FreeBSD 6.0-RC1, kernel with options) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Gleb Smirnoff List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Oct 2005 07:00:34 -0000 The following reply was made to PR kern/87596; it has been noted by GNATS. From: Gleb Smirnoff To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/87596: [panic] OS crash on a Firefox link click (FreeBSD 6.0-RC1, kernel with options) Date: Wed, 19 Oct 2005 10:54:47 +0400 Audit-Trail .= ----- Forwarded message from Alex Goncharov ----- kgdb kernel.debug /var/crash/vmcore.0 [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode fault virtual address = 0x1c fault code = supervisor read, page not present instruction pointer = 0x20:0xc063711f stack pointer = 0x28:0xdaa64c1c frame pointer = 0x28:0xdaa64c24 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 712 (firefox-bin) trap number = 12 panic: page fault Uptime: 10h18m38s Dumping 511 MB (2 chunks) chunk 0: 1MB (159 pages) ... ok chunk 1: 511MB (130800 pages) 495 479 463 447 431 (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) 415 399 383 367 351 335 319 303 287 271 255 239 223 207 191 175 159 (CTRL-C to abort) 143 (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) 127 (CTRL-C to abort) 111 95 (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) 79 63 47 31 15 #0 doadump () at pcpu.h:165 165 __asm __volatile("movl %%fs:0,%0" : "=r" (td)); (kgdb) bt #0 doadump () at pcpu.h:165 #1 0xc0637ffa in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399 #2 0xc0638290 in panic (fmt=0xc084e142 "%s") at /usr/src/sys/kern/kern_shutdown.c:555 #3 0xc08077f0 in trap_fatal (frame=0xdaa64bdc, eva=28) at /usr/src/sys/i386/i386/trap.c:831 #4 0xc080755b in trap_pfault (frame=0xdaa64bdc, usermode=0, eva=28) at /usr/src/sys/i386/i386/trap.c:742 #5 0xc0807199 in trap (frame= {tf_fs = -1037959160, tf_es = -626655192, tf_ds = -1067188184, tf_edi = -1037895808, tf_esi = 0, tf_ebp = -626635740, tf_isp = -626635768, tf_ebx = 0, tf_edx = -1047044096, tf_ecx = -1037895808, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -1067224801, tf_cs = 32, tf_eflags = 66178, tf_esp = -1040612096, tf_ss = 0}) at /usr/src/sys/i386/i386/trap.c:432 #6 0xc07f699a in calltrap () at /usr/src/sys/i386/i386/exception.s:139 #7 0xc063711f in uihold (uip=0x0) at pcpu.h:165 #8 0xc0634ebd in crcopy (dest=0xc1f98500, src=0xc1f98500) at /usr/src/sys/kern/kern_prot.c:1930 #9 0xc0634efc in crdup (cr=0xc1f98500) at /usr/src/sys/kern/kern_prot.c:1949 #10 0xc0693c87 in kern_access (td=0xc222f780, path=0x0, pathseg=UIO_USERSPACE, flags=0) at /usr/src/sys/kern/vfs_syscalls.c:1874 #11 0xc0693c69 in access (td=0xc222f780, uap=0x0) at /usr/src/sys/kern/vfs_syscalls.c:1856 #12 0xc0807b07 in syscall (frame= {tf_fs = 134611003, tf_es = 134676539, tf_ds = -1078001605, tf_edi = 142274816, tf_esi = 150592228, tf_ebp = -1077944312, tf_isp = -626635420, tf_ebx = 672962600, tf_edx = 142274816, tf_ecx = 155745584, tf_eax = 33, tf_trapno = 22, tf_err = 2, tf_eip = 679314647, tf_cs = 51, tf_eflags = 658, tf_esp = -1077944340, tf_ss = 59}) at /usr/src/sys/i386/i386/trap.c:976 #13 0xc07f69ef in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:200 #14 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) ----- End forwarded message -----