Date: Wed, 11 Dec 2013 11:20:13 +0100 From: rank1seeker@gmail.com To: hackers@freebsd.org Subject: Panic at (pickup) process Message-ID: <20131211.102013.482.3@DOMY-PC>
next in thread | raw e-mail | index | archive | help
Yesterday I had a panic:
9.2-RELEASE-p2
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x2d
fault code = supervisor read, page not present
instruction pointer = 0x20:0xc062e35d
stack pointer = 0x28:0xd9d4aad4
frame pointer = 0x28:0xd9d4ab04
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 2989 (pickup)
trap number = 12
panic: page fault
Uptime: 5h2m15s
Physical memory: 502 MB
Dumping 67 MB: 52 36 20 4
No symbol "stopped_cpus" in current context.
No symbol "stoppcbs" in current context.
...
#0 doadump (textdump=1) at pcpu.h:249
249 pcpu.h: No such file or directory.
in pcpu.h
(kgdb) #0 doadump (textdump=1) at pcpu.h:249
#1 0xc065edaf in kern_reboot (howto=260)
at /usr/src/sys/kern/kern_shutdown.c:449
#2 0xc065efe1 in panic (fmt=<value optimized out>)
at /usr/src/sys/kern/kern_shutdown.c:637
#3 0xc08bb30a in trap_fatal (frame=0xd9d4aa94, eva=45)
at /usr/src/sys/i386/i386/trap.c:1044
#4 0xc08bb3f1 in trap_pfault (frame=0xd9d4aa94, usermode=0, eva=45)
at /usr/src/sys/i386/i386/trap.c:896
#5 0xc08bc0a0 in trap (frame=0xd9d4aa94) at
/usr/src/sys/i386/i386/trap.c:555
#6 0xc08a94ec in calltrap () at /usr/src/sys/i386/i386/exception.s:170
#7 0xc062e35d in kqueue_close (fp=0xc3f1ea48, td=0xc3fb6000)
at /usr/src/sys/kern/kern_event.c:1663
#8 0xc0621c86 in _fdrop (fp=0xc3f1ea48, td=0xc3fb6000) at file.h:334
#9 0xc062322d in closef (fp=0xc3f1ea48, td=0xc3fb6000)
at /usr/src/sys/kern/kern_descrip.c:2303
#10 0xc0624334 in fdfree (td=0xc3fb6000)
at /usr/src/sys/kern/kern_descrip.c:2007
#11 0xc0632d09 in exit1 (td=0xc3fb6000, rv=<value optimized out>)
at /usr/src/sys/kern/kern_exit.c:301
#12 0xc0633afa in sys_sys_exit (td=Could not find the frame base for
"sys_sys_exit".
) at /usr/src/sys/kern/kern_exit.c:122
#13 0xc08bb8bb in syscall (frame=0xd9d4ad08) at subr_syscall.c:135
#14 0xc08a9551 in Xint0x80_syscall ()
at /usr/src/sys/i386/i386/exception.s:270
#15 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)
(kgdb)
So I debugged ...
----
(kgdb) up 7
#7 0xc062e35d in kqueue_close (fp=0xc3f1ea48, td=0xc3fb6000) at
/usr/src/sys/kern/kern_event.c:1663
1663 for (i = 0; i < kq->kq_knlistsize; i++) {
(kgdb) l
1658 fdp = kq->kq_fdp;
1659
1660 KASSERT(knlist_empty(&kq->kq_sel.si_note),
1661 ("kqueue's knlist not empty"));
1662
1663 for (i = 0; i < kq->kq_knlistsize; i++) {
1664 while ((kn = SLIST_FIRST(&kq->kq_knlist[i])) !=
NULL) {
1665 if ((kn->kn_status & KN_INFLUX) ==
KN_INFLUX) {
1666 kq->kq_state |= KQ_FLUXWAIT;
1667 msleep(kq, &kq->kq_lock, PSOCK,
"kqclo1", 0);
(kgdb) x/i $eip
0xc062e35d <kqueue_close+187>: testb $0x10,0x2c(%ebx)
(kgdb) p kq
$1 = (struct kqueue *) 0xc3d62480
(kgdb) p *kq
$2 = {kq_lock = {lock_object = {lo_name = 0xc09224a8 "kqueue", lo_flags =
21168128, lo_data = 0, lo_witness = 0x0}, mtx_lock = 3288031232},
kq_refcnt = 1, kq_list = {sle_next = 0x0}, kq_head = {
tqh_first = 0x0, tqh_last = 0xc3d6249c}, kq_count = 0, kq_sel =
{si_tdlist = {tqh_first = 0x0, tqh_last = 0x0}, si_note = {kl_list =
{slh_first = 0x0}, kl_lock = 0xc062dd25 <knlist_mtx_lock>,
kl_unlock = 0xc062dcdc <knlist_mtx_unlock>, kl_assert_locked =
0xc062acdb <knlist_mtx_assert_locked>, kl_assert_unlocked = 0xc062ace0
<knlist_mtx_assert_unlocked>, kl_lockarg = 0xc3d62480},
si_mtx = 0x0}, kq_sigio = 0x0, kq_fdp = 0xc3714800, kq_state = 16,
kq_knlistsize = 256, kq_knlist = 0xc358f000, kq_knhashmask = 0, kq_knhash
= 0x0, kq_task = {ta_link = {stqe_next = 0x0},
ta_pending = 0, ta_priority = 0, ta_func = 0xc062de5e <kqueue_task>,
ta_context = 0xc3d62480}}
----
I have absolutely no idea what is going on here ....
Domagoj
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131211.102013.482.3>