Date: Mon, 05 Dec 2005 15:15:20 +0000 From: Gavin Atkinson <gavin.atkinson@ury.york.ac.uk> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: freebsd-stable@freebsd.org Subject: Re: panic logging out on serial console Message-ID: <1133795720.70431.26.camel@buffy.york.ac.uk> In-Reply-To: <20051205132558.M88299@maildrop.int.zabbadoz.net> References: <20051205113818.I88299@maildrop.int.zabbadoz.net> <1133786693.70431.9.camel@buffy.york.ac.uk> <20051205132558.M88299@maildrop.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2005-12-05 at 13:29 +0000, Bjoern A. Zeeb wrote: > On Mon, 5 Dec 2005, Gavin Atkinson wrote: > > > On Mon, 2005-12-05 at 11:47 +0000, Bjoern A. Zeeb wrote: > >> I had been logged in on serial console and typed 'exit' and the > >> RELENG_6 machine went *kaboom*. I hadn't seen sth like this befire on > >> any of my other machines: > >> > >> i386/RELENG_6 from around 2005-11-17 11:00 UTC. > >> > >> --- 8< 8< 8< --- > >> foo# exit > >> logout > >> > >> Fatal trap 12: page fault while in kernel mode > >> fault virtual address = 0x0 > >> fault code = supervisor read, page not present > >> instruction pointer = 0x20:0x0 > >> stack pointer = 0x28:0xef699954 > >> frame pointer = 0x28:0xef699968 > >> code segment = base 0x0, limit 0xfffff, type 0x1b > >> = DPL 0, pres 1, def32 1, gran 1 > >> processor eflags = interrupt enabled, resume, IOPL = 0 > >> current process = 70703 (getty) > >> trap number = 12 > >> panic: page fault > >> > >> I have the core file and can save it for some days but it won't > >> help a lot unless someone tells me how I can skip the frame with > >> the null pointer in kgdb. > > > > I've never had a problem with backtraces (even when IP=0x0) but don't > > forget you can always look at the stack with > > > > (gdb) x/40xw 0xef699954 > > oh thanks. I'll paste it in for the arguments: (kgdb) x/40xw 0xef699954 0xef699954: * 0xc05b60db 0x00000000 0xc23b5c00 0xc23b4400 0xef699964: 0xc23b5c00 0xef699980 * 0xc0600ec8 0xc23b5cac 0xef699974: 0x00000000 0x00000000 0xc278a900 0xef699998 0xef699984: * 0xc0770a81 0xc23b5c00 0xc23b4400 0x00000003 [snip backtrace] It looks nothing like mine so I'm pretty sure it's a different issue, but I suspect there is enough detail there for someone who knows about the tty/kqueue interaction to have a guess as to what is going on. It does look like one entry on the tty writers knote list has become NULL, so maybe it's a race. I wonder if http://lists.freebsd.org/pipermail/freebsd-hackers/2005-April/011300.html is related? Can you get a process listing out of the core file using "ps -M" and see if it's similar to rwatson's panic? Although in his case, it looks like it panicked in the KNL_ASSERT_LOCK call, which again would be indicative of a race (e.g. in your case the structure may have been cleared between calling KNL_ASSERT_LOCK and list->kl_lock(list->kl_lockarg) ) Gavin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1133795720.70431.26.camel>