Date: Wed, 14 Sep 2005 06:10:18 GMT From: Gleb Smirnoff <glebius@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: kern/85816: maxproc=1 in login.conf causes kernel panic when logging into account via ssh Message-ID: <200509140610.j8E6AI03071880@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/85816; it has been noted by GNATS. From: Gleb Smirnoff <glebius@FreeBSD.org> To: bug-followup@FreeBSD.org Cc: Subject: kern/85816: maxproc=1 in login.conf causes kernel panic when logging into account via ssh Date: Wed, 14 Sep 2005 10:09:54 +0400 Attach backtrace to PR's Audit-Trail. ----- Forwarded message from "Jack L." <xxjack12xx@gmail.com> ----- Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x0 fault code = supervisor read, page not present instruction pointer = 0x20:0xc04f96a1 stack pointer = 0x28:0xe1b7dad4 frame pointer = 0x28:0xe1b7db48 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 705 (sshd) trap number = 12 panic: page fault cpuid = 0 Uptime: 51s Dumping 449 MB (2 chunks) chunk 0: 1MB (159 pages) ... ok chunk 1: 449MB (114944 pages) 434 418 402 386 370 354 338 322 306 290 274 258 242 226 210 194 178 162 146 130 114 98 82 66 50 34 18 2 #0 doadump () at pcpu.h:165 165 __asm __volatile("movl %%fs:0,%0" : "=r" (td)); (kgdb) bt full #0 doadump () at pcpu.h:165 No locals. #1 0xc052163d in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399 first_buf_printf = 1 #2 0xc05219ea in panic (fmt=0xc06d19ec "%s") at /usr/src/sys/kern/kern_shutdown.c:555 td = (struct thread *) 0xc1c597d0 bootopt = 260 newpanic = 0 ap = 0xc1c597d0 "<J??`<\225?" buf = "page fault", '\0' <repeats 245 times> #3 0xc06ab9a2 in trap_fatal (frame=0xe1b7da94, eva=0) at /usr/src/sys/i386/i386/trap.c:841 code = 40 type = 12 ss = 40 esp = 0 softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27, ssd_dpl = 0, ssd_p = 1, ssd_xx = 10, ssd_xx1 = 1, ssd_def32 = 1, ssd_gran = 1} #4 0xc06ab69b in trap_pfault (frame=0xe1b7da94, usermode=0, eva=0) at /usr/src/sys/i386/i386/trap.c:752 va = 0 vm = (struct vmspace *) 0x0 map = 0xc1d745dc rv = 1 ftype = 1 '\001' td = (struct thread *) 0xc1c597d0 p = (struct proc *) 0xc1d54a3c #5 0xc06ab287 in trap (frame= {tf_fs = -1068302328, tf_es = -1066205144, tf_ds = -1043070936, tf_edi = 1, tf_esi = -1043067440, tf_ebp = -508044472, tf_isp = -508044608, tf_ebx = -1043698088, tf_edx = -1044015152, tf_ecx = -1047944912, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -1068525919, tf_cs = 32, tf_eflags = 66050, tf_esp = -1068274241, tf_ss = -1044015152}) ---Type <return> to continue, or q <return> to quit--- at /usr/src/sys/i386/i386/trap.c:442 td = (struct thread *) 0xc1c597d0 p = (struct proc *) 0xc1d54a3c sticks = 3228802408 i = 0 ucode = 0 type = 12 code = 0 eva = 0 #6 0xc069673a in calltrap () at /usr/src/sys/i386/i386/exception.s:139 No locals. #7 0xc0530008 in ratecheck (lasttime=0xc1d40dd0, mininterval=0xc1ca6e58) at /usr/src/sys/kern/kern_time.c:723 tv = {tv_sec = -1068367935, tv_usec = -1042986436} delta = {tv_sec = -1043922944, tv_usec = -508044460} rv = 1 #8 0xc05743c3 in unp_discard (fp=0xc1ca6e58) at /usr/src/sys/kern/uipc_usrreq.c:1887 No locals. #9 0xc0572b2b in unp_freerights (rp=0xc1b4ad28, fdcount=1) at /usr/src/sys/kern/uipc_usrreq.c:1272 i = 0 fp = (struct file *) 0x0 #10 0xc0572df7 in unp_externalize (control=0xc1b4ad00, controlp=0xe1b7dc54) at /usr/src/sys/kern/uipc_usrreq.c:1321 td = (struct thread *) 0xc1c597d0 cm = (struct cmsghdr *) 0xc1b4ad18 i = -1068065433 fdp = (int *) 0xe1b7dbc8 rp = (struct file **) 0xc1b4ad24 fp = (struct file *) 0xc1c70000 data = (void *) 0xc1c70000 clen = 16 ---Type <return> to continue, or q <return> to quit--- datalen = 4 error = 40 newfds = 1 f = -1043866020 newlen = 0 #11 0xc0566efe in soreceive (so=0xc1c7dde8, psa=0xe1b7dc50, uio=0xe1b7dc5c, mp0=0x0, controlp=0xe1b7dc54, flagsp=0xe1b7dcbc) at /usr/src/sys/kern/uipc_socket.c:1151 cm = (struct mbuf *) 0xc1b4ad00 cmn = (struct mbuf *) 0x0 cme = (struct mbuf **) 0x0 m = (struct mbuf *) 0xc1b4c000 mp = (struct mbuf **) 0x0 flags = 0 len = 4 error = 0 offset = -508044112 pr = (struct protosw *) 0xc0713660 nextrecord = (struct mbuf *) 0x0 moff = 0 type = 0 orig_resid = 1 #12 0xc056d547 in recvit (td=0xc1c597d0, s=4, mp=0xe1b7dca4, namelenp=0x0) at /usr/src/sys/kern/uipc_syscalls.c:985 auio = {uio_iov = 0xc1a22120, uio_iovcnt = 1, uio_offset = 0, uio_resid = 1, uio_segflg = UIO_USERSPACE, uio_rw = UIO_READ, uio_td = 0xc1c597d0} iov = (struct iovec *) 0x0 i = 0 len = 1 error = 4 m = (struct mbuf *) 0x0 control = (struct mbuf *) 0x0 ctlbuf = 0xe1b7dc6c "\001" ---Type <return> to continue, or q <return> to quit--- fp = (struct file *) 0xc1bc8048 so = (struct socket *) 0xc1c7dde8 fromsa = (struct sockaddr *) 0x0 ktruio = (struct uio *) 0x0 #13 0xc056da2b in recvmsg (td=0x0, uap=0xe1b7dd04) at /usr/src/sys/kern/uipc_syscalls.c:1235 msg = {msg_name = 0x0, msg_namelen = 0, msg_iov = 0xc1a22120, msg_iovlen = 1, msg_control = 0xbfbfdc70, msg_controllen = 16, msg_flags = 0} uiov = (struct iovec *) 0xbfbfdc60 iov = (struct iovec *) 0xc1a22120 error = 0 #14 0xc06abd83 in syscall (frame= {tf_fs = 59, tf_es = -1078001605, tf_ds = -507903941, tf_edi = -1077945188, tf_esi = -1077945136, tf_ebp = -1077945176, tf_isp = -508043932, tf_ebx = 134839184, tf_edx = 0, tf_ecx = 0, tf_eax = 27, tf_trapno = 12, tf_err = 2, tf_eip = 674001611, tf_cs = 51, tf_eflags = 646, tf_esp = -1077945268, tf_ss = 59}) at /usr/src/sys/i386/i386/trap.c:986 params = 0xbfbfdc50 <Address 0xbfbfdc50 out of bounds> callp = (struct sysent *) 0xc0709824 td = (struct thread *) 0xc1c597d0 p = (struct proc *) 0xc1d54a3c orig_tf_eflags = 646 sticks = 0 error = 0 narg = 3 args = {4, -1077945216, 0, 134877184, 12, 0, 0, -1042986436} code = 27 #15 0xc069678f in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:200 No locals. #16 0x0000003b in ?? () No symbol table info available. #17 0xbfbf003b in ?? () No symbol table info available. ---Type <return> to continue, or q <return> to quit--- #18 0xe1ba003b in ?? () No symbol table info available. #19 0xbfbfdc9c in ?? () No symbol table info available. #20 0xbfbfdcd0 in ?? () No symbol table info available. #21 0xbfbfdca8 in ?? () No symbol table info available. #22 0xe1b7dd64 in ?? () No symbol table info available. #23 0x08097b90 in ?? () No symbol table info available. #24 0x00000000 in ?? () No symbol table info available. #25 0x00000000 in ?? () No symbol table info available. #26 0x0000001b in ?? () No symbol table info available. #27 0x0000000c in ?? () No symbol table info available. #28 0x00000002 in ?? () No symbol table info available. #29 0x282c72cb in ?? () No symbol table info available. #30 0x00000033 in ?? () No symbol table info available. #31 0x00000286 in ?? () No symbol table info available. #32 0xbfbfdc4c in ?? () No symbol table info available. #33 0x0000003b in ?? () No symbol table info available. ---Type <return> to continue, or q <return> to quit--- #34 0xd0d0d0d0 in ?? () No symbol table info available. #35 0xd0d0d0d0 in ?? () No symbol table info available. #36 0xd0d0d0d0 in ?? () No symbol table info available. #37 0xd0d0d0d0 in ?? () No symbol table info available. #38 0x1172c000 in ?? () No symbol table info available. #39 0xc0739b60 in ksg_maxid () No symbol table info available. #40 0xc1950c80 in ?? () No symbol table info available. #41 0xe1b7d72c in ?? () No symbol table info available. #42 0xe1b7d710 in ?? () No symbol table info available. #43 0xc1c597d0 in ?? () No symbol table info available. #44 0xc0536dbf in sched_switch (td=0x8097b90, newtd=0xbfbfdcd0, flags=Cannot access memory at address 0xbfbfdcb8 ) at /usr/src/sys/kern/sched_ule.c:1383 ksq = (struct kseq *) 0xbfbfdc9c ke = (struct td_sched *) Cannot access memory at address 0xbfbfdc98 (kgdb) ----- End forwarded message ----- -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200509140610.j8E6AI03071880>