Date: Mon, 26 Sep 2005 22:40:25 +0300 From: Ion-Mihai Tetcu <itetcu@people.tecnik93.com> To: Kris Kennaway <kris@obsecurity.org> Cc: freebsd-stable@freebsd.org Subject: [with trace] Re: 6.0-BETA5 from yesterday panics on kldload nfsserver.ko Message-ID: <20050926224025.059a0e3b@it.buh.tecnik93.com> In-Reply-To: <20050925143111.GA6138@xor.obsecurity.org> References: <20050925162017.36f44a82@it.buh.cameradicommercio.ro> <20050925143111.GA6138@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 25 Sep 2005 10:31:11 -0400
Kris Kennaway <kris@obsecurity.org> wrote:
> On Sun, Sep 25, 2005 at 04:20:17PM +0300, Ion-Mihai Tetcu wrote:
> > This is completely reproducible, unfortunately the core file is
> > corrupted.
> >=20
> > warning: "/usr/crash/vmcore.1": no core file handler recognizes
> > format, using default Can't fetch registers from this type of core
> > file Can't fetch registers from this type of core file
> > #0 0x00000000 in ?? ()
> > (gdb)=20
>=20
> Do you mean gdb or kgdb? You should use the latter.
You're right, of course; old habit, I've used gdb -k and then only
gdb :( Thanks for point it out. Here's a trace:
........
Unread portion of the kernel message buffer:
Fatal trap 12: page fault while in kernel mode
fault virtual address =3D 0x464c457f
fault code =3D supervisor read, page not present
instruction pointer =3D 0x20:0xc04de72a
stack pointer =3D 0x28:0xeb34ba40
frame pointer =3D 0x28:0xeb34ba50
code segment =3D base 0x0, limit 0xfffff, type 0x1b
=3D DPL 0, pres 1, def32 1, gran 1
processor eflags =3D interrupt enabled, resume, IOPL =3D 0
current process =3D 1434 (kldload)
Dumping 1023 MB (2 chunks)
chunk 0: 1MB (159 pages) ... ok
chunk 1: 1023MB (261872 pages) 1007 991 975 959 943 927 911 895 879 863 8=
47 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 =
543 527 511 495 479 463 447 431 415 399 383 367 351 335 319 303 287 271 255=
239 223 207 191 175 159 143 127 111 95 79 63 47 31 15
#0 doadump () at pcpu.h:165
165 pcpu.h: No such file or directory.
in pcpu.h
(kgdb) bt
#0 doadump () at pcpu.h:165
#1 0xc0444367 in db_fncall (dummy1=3D-348866464, dummy2=3D0, dummy3=3D16, =
dummy4=3D0xeb34b858 "=E0=BBa=C0=AF6f=C0\033=B3g=C0")
at /usr/src/sys/ddb/db_command.c:489
#2 0xc0444800 in db_command_loop () at /usr/src/sys/ddb/db_command.c:349
#3 0xc04465b4 in db_trap (type=3D12, code=3D0) at /usr/src/sys/ddb/db_main=
.c:221
#4 0xc04f37c2 in kdb_trap (type=3D0, code=3D0, tf=3D0xeb34ba00) at /usr/sr=
c/sys/kern/subr_kdb.c:473
#5 0xc062fdd4 in trap_fatal (frame=3D0xeb34ba00, eva=3D1179403647) at /usr=
/src/sys/i386/i386/trap.c:832
#6 0xc06300fb in trap_pfault (frame=3D0xeb34ba00, usermode=3D0, eva=3D1179=
403647)
at /usr/src/sys/i386/i386/trap.c:752
#7 0xc0630476 in trap (frame=3D
{tf_fs =3D 8, tf_es =3D 40, tf_ds =3D 40, tf_edi =3D 0, tf_esi =3D 27=
264, tf_ebp =3D -348865968, tf_isp =3D -348866004, tf_ebx =3D -1017933824, =
tf_edx =3D 1179403647, tf_ecx =3D 0, tf_eax =3D 27264, tf_trapno =3D 12, tf=
_err =3D 0, tf_eip =3D -1068636374, tf_cs =3D 32, tf_eflags =3D 66178, tf_e=
sp =3D -1067038549, tf_ss =3D -1067051490})
at /usr/src/sys/i386/i386/trap.c:442
#8 0xc061dfda in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#9 0xc04de72a in sysctl_find_oidname (name=3D0x6a80 <Address 0x6a80 out of=
bounds>, list=3D0x464c457f)
at /usr/src/sys/kern/kern_sysctl.c:77
#10 0xc04de77e in sysctl_register_oid (oidp=3D0xc3539000) at /usr/src/sys/k=
ern/kern_sysctl.c:105
#11 0xc04c5d2d in linker_file_register_sysctls (lf=3D0x6a80) at /usr/src/sy=
s/kern/kern_linker.c:255
#12 0xc04c825b in linker_load_module (kldname=3D0xc3244a20 "/boot/kernel/nf=
sserver.ko", modname=3D0x0,
parent=3D0x0, verinfo=3D0x0, lfpp=3D0xeb34bcc0) at /usr/src/sys/kern/ke=
rn_linker.c:366
#13 0xc04c881f in kldload (td=3D0xc26c5c80, uap=3D0x6a80) at /usr/src/sys/k=
ern/kern_linker.c:785
#14 0xc063087d in syscall (frame=3D
{tf_fs =3D 59, tf_es =3D 59, tf_ds =3D 59, tf_edi =3D 0, tf_esi =3D -=
1077941040, tf_ebp =3D -1077941096, tf_isp =3D -348865180, tf_ebx =3D 0, tf=
_edx =3D -1, tf_ecx =3D 1, tf_eax =3D 304, tf_trapno =3D 12, tf_err =3D 2, =
tf_eip =3D 671900319, tf_cs =3D 51, tf_eflags =3D 531, tf_esp =3D -10779411=
56, tf_ss =3D 59}) at /usr/src/sys/i386/i386/trap.c:986
#15 0xc061e02f in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s=
:200
#16 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)
(kgdb) l *0xc04de72a
0xc04de72a is in sysctl_find_oidname (/usr/src/sys/kern/kern_sysctl.c:80).
75 static struct sysctl_oid *
76 sysctl_find_oidname(const char *name, struct sysctl_oid_list *list)
77 {
78 struct sysctl_oid *oidp;
79
80 SLIST_FOREACH(oidp, list, oid_link) {
81 if (strcmp(oidp->oid_name, name) =3D=3D 0) {
82 return (oidp);
83 }
84 }
> > The only exotic thing is that I'm using ULE.
> >=20
> > This was a complete clean build (rm -rf /usr/src/* &&
> > cvsup .........).
>=20
> But did you rebuild the nfsserver module? e.g. you are not using
> MODULES_OVERRIDE, and the module and kernel have the same date?
Yup. It was a buildword/buildkernel/........... procedure. (upgrading
from beta 3 or 4) (and I build all modules).
--=20
IOnut
Unregistered ;) FreeBSD "user"
"Intellectual Property" is nowhere near as valuable as "Intellect"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050926224025.059a0e3b>