From owner-freebsd-bugs Sun Dec 26 10:20:11 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 9D2F514ED7 for ; Sun, 26 Dec 1999 10:20:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id KAA61928; Sun, 26 Dec 1999 10:20:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from hunahpu.sics.se (hunahpu.sics.se [193.10.66.220]) by hub.freebsd.org (Postfix) with ESMTP id 122CD14F74 for ; Sun, 26 Dec 1999 10:14:57 -0800 (PST) (envelope-from root@hunahpu.sics.se) Received: (from root@localhost) by hunahpu.sics.se (8.9.3/8.9.3) id TAA00330; Sun, 26 Dec 1999 19:14:56 +0100 (CET) (envelope-from root) Message-Id: <199912261814.TAA00330@hunahpu.sics.se> Date: Sun, 26 Dec 1999 19:14:56 +0100 (CET) From: assar@sics.se To: FreeBSD-gnats-submit@freebsd.org Cc: assar@sics.se X-Send-Pr-Version: 3.2 Subject: kern/15707: bad trap in mprotect Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 15707 >Category: kern >Synopsis: bad trap in mprotect >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Dec 26 10:20:01 PST 1999 >Closed-Date: >Last-Modified: >Originator: Assar Westerlund >Release: FreeBSD 4.0-CURRENT i386 >Organization: none >Environment: current as of yesterday kernel configuration file: ---------------------------------------------------------------------- # # HUNAHPU- based on GENERIC -- Generic machine with WD/AHx/NCR/BTx family disks # # For more information on this file, please read the handbook section on # Kernel Configuration Files: # # http://www.freebsd.org/handbook/kernelconfig-config.html # # The handbook is also available locally in /usr/share/doc/handbook # if you've installed the doc distribution, otherwise always see the # FreeBSD World Wide Web server (http://www.FreeBSD.ORG/) for the # latest information. # # An exhaustive list of options and more detailed explanations of the # device lines is also present in the ./LINT configuration file. If you are # in doubt as to the purpose or necessity of a line, check first in LINT. # # $FreeBSD: src/sys/i386/conf/GENERIC,v 1.219 1999/12/23 05:32:53 wpaul Exp $ machine i386 cpu I686_CPU ident HUNAHPU maxusers 32 makeoptions DEBUG=-g #Build kernel with gdb(1) debug symbols options INET #InterNETworking options INET6 #IPv6 communications protocols options FFS #Berkeley Fast Filesystem options FFS_ROOT #FFS usable as root device [keep this!] options SOFTUPDATES options MFS #Memory Filesystem options MD_ROOT #MD is a potential root device options NFS #Network Filesystem options NFS_ROOT #NFS usable as root device, "NFS" req'ed options MSDOSFS #MSDOS Filesystem options CD9660 #ISO 9660 Filesystem options CD9660_ROOT #CD-ROM usable as root. "CD9660" req'ed options PROCFS #Process filesystem options COMPAT_43 #Compatible with BSD 4.3 [KEEP THIS!] options SCSI_DELAY=15000 #Be pessimistic about Joe SCSI device options UCONSOLE #Allow users to grab the console options USERCONFIG #boot -c editor options VISUAL_USERCONFIG #visual boot -c editor options KTRACE #ktrace(1) syscall trace support options SYSVSHM #SYSV-style shared memory options SYSVMSG #SYSV-style message queues options SYSVSEM #SYSV-style semaphores # To make an SMP kernel, the next two are needed options SMP # Symmetric MultiProcessor Kernel options APIC_IO # Symmetric (APIC) I/O # Optionally these may need tweaked, (defaults shown): #options NCPU=2 # number of CPUs #options NBUS=4 # number of busses #options NAPIC=1 # number of IO APICs #options NINTR=24 # number of INTs controller isa0 controller eisa0 controller pci0 # Floppy drives controller fdc0 at isa? port IO_FD1 irq 6 drq 2 device fd0 at fdc0 drive 0 device fd1 at fdc0 drive 1 # ATA and ATAPI devices controller ata0 at isa? port IO_WD1 irq 14 controller ata1 at isa? port IO_WD2 irq 15 controller ata2 device atadisk0 # ATA disk drives device atapicd0 # ATAPI CDROM drives device atapifd0 # ATAPI floppy drives device atapist0 # ATAPI tape drives options ATA_STATIC_ID #Static device numbering #options ATA_ENABLE_ATAPI_DMA #Enable DMA on ATAPI devices # SCSI Controllers # A single entry for any of these controllers (ahb, ahc, amd, ncr, etc...) is # sufficient for any number of installed devices. #controller ahb0 # EISA AHA1742 family #controller ahc0 # AHA2940 and onboard AIC7xxx devices #controller amd0 # AMD 53C974 (Teckram DC-390(T)) #controller dpt0 # DPT Smartcache - See LINT for options! #controller isp0 # Qlogic family #controller ncr0 # NCR/Symbios Logic #controller sym0 # NCR/Symbios Logic (newer chipsets) # #controller adv0 at isa? port ? irq ? #controller adw0 #controller bt0 at isa? port ? irq ? #controller aha0 at isa? port ? irq ? #controller aic0 at isa? port ? irq ? # SCSI peripherals # Only one of each of these is needed, they are dynamically allocated. #controller scbus0 # SCSI bus (required) #device da0 # Direct Access (disks) #device sa0 # Sequential Access (tape etc) #device cd0 # CD #device pass0 # Passthrough device (direct SCSI access) # RAID controllers #device amr0 # AMI MegaRAID #device mlx0 # Mylex DAC960 family # atkbdc0 controls both the keyboard and the PS/2 mouse controller atkbdc0 at isa? port IO_KBD device atkbd0 at atkbdc? irq 1 device psm0 at atkbdc? irq 12 device vga0 at isa? port ? conflicts # splash screen/screen saver pseudo-device splash # syscons is the default console driver, resembling an SCO console device sc0 at isa? # Enable this and PCVT_FREEBSD for pcvt vt220 compatible console driver #device vt0 at isa? #options XSERVER # support for X server #options FAT_CURSOR # start with block cursor # If you have a ThinkPAD, uncomment this along with the rest of the PCVT lines #options PCVT_SCANSET=2 # IBM keyboards are non-std # Floating point support - do not disable. device npx0 at nexus? port IO_NPX irq 13 # Power management support (see LINT for more options) device apm0 at nexus? disable flags 0x20 # Advanced Power Management # PCCARD (PCMCIA) support #controller card0 #device pcic0 at isa? #device pcic1 at isa? # Serial (COM) ports device sio0 at isa? port IO_COM1 flags 0x10 irq 4 device sio1 at isa? port IO_COM2 irq 3 device sio2 at isa? disable port IO_COM3 irq 5 device sio3 at isa? disable port IO_COM4 irq 9 # Parallel port device ppc0 at isa? port? flags 0x40 irq 7 controller ppbus0 # Parallel port bus (required) device lpt0 # Printer device plip0 # TCP/IP over parallel device ppi0 # Parallel port interface device #controller vpo0 # Requires scbus and da0 # PCI Ethernet NICs. device de0 # DEC/Intel DC21x4x (``Tulip'') device fxp0 # Intel EtherExpress PRO/100B (82557, 82558) device tx0 # SMC 9432TX (83c170 ``EPIC'') device vx0 # 3Com 3c590, 3c595 (``Vortex'') # PCI Ethernet NICs that use the common MII bus controller code. controller miibus0 # MII bus support device dc0 # DEC/Intel 21143 and various workalikes device rl0 # RealTek 8129/8139 device sf0 # Adaptec AIC-6915 (``Starfire'') device sis0 # Silicon Integrated Systems SiS 900/SiS 7016 device ste0 # Sundance ST201 (D-Link DFE-550TX) device tl0 # Texas Instruments ThunderLAN device vr0 # VIA Rhine, Rhine II device wb0 # Winbond W89C840F device xl0 # 3Com 3c90x (``Boomerang'', ``Cyclone'') # ISA Ethernet NICs. device ed0 at isa? port 0x280 irq 10 iomem 0xd8000 device ex0 at isa? port? irq? # NOTE: This removes the isa attachment so that the pccard unit numbers # come out right. device ep0 # WaveLAN/IEEE 802.11 wireless NICs. Note: the WaveLAN/IEEE really # exists only as a PCMCIA device, so there is no ISA attatement needed # and resources will always be dynamically assigned by the pccard code. #device wi0 # The probe order of these is presently determined by i386/isa/isa_compat.c. #device ie0 at isa? port 0x300 irq 10 iomem 0xd0000 #device fe0 at isa? port 0x300 irq ? #device le0 at isa? port 0x300 irq 5 iomem 0xd0000 #device lnc0 at isa? port 0x280 irq 10 drq 0 #device cs0 at isa? port 0x300 irq ? #device sn0 at isa? port 0x300 irq 10 # requires PCCARD (PCMCIA) support to be activated #device xe0 at isa? port? irq ? # Pseudo devices - the number indicates how many units to allocated. pseudo-device loop # Network loopback pseudo-device ether # Ethernet support pseudo-device sl 1 # Kernel SLIP pseudo-device ppp 1 # Kernel PPP pseudo-device tun # Packet tunnel. pseudo-device pty # Pseudo-ttys (telnet etc) pseudo-device md # Memory "disks" # The `bpf' pseudo-device enables the Berkeley Packet Filter. # Be aware of the administrative consequences of enabling this! pseudo-device bpf #Berkeley packet filter # USB support #controller uhci0 # UHCI PCI->USB interface #controller ohci0 # OHCI PCI->USB interface #controller usb0 # USB Bus (required) #device ugen0 # Generic #device uhid0 # "Human Interface Devices" #device ukbd0 # Keyboard #device ulpt0 # Printer #controller umass0 # Disks/Mass storage - Requires scbus and da0 #device ums0 # Mouse ##################################################################### # DEBUGGING OPTIONS # # Enable the kernel debugger. # options DDB # # Don't drop into DDB for a panic. Intended for unattended operation # where you may want to drop to DDB from the console, but still want # the machine to recover from a panic # options DDB_UNATTENDED # # If using GDB remote mode to debug the kernel, there's a non-standard # extension to the remote protocol that can be used to use the serial # port as both the debugging port and the system console. It's non- # standard and you're on your own if you enable it. See also the # "remotechat" variables in the FreeBSD specific version of gdb. # options GDB_REMOTE_CHAT # # KTRACE enables the system-call tracing facility ktrace(2). # options KTRACE #kernel tracing # # The INVARIANTS option is used in a number of source files to enable # extra sanity checking of internal structures. This support is not # enabled by default because of the extra time it would take to check # for these conditions, which can only occur as a result of # programming errors. # options INVARIANTS # # The INVARIANT_SUPPORT option makes us compile in support for # verifying some of the internal structures. It is a prerequisite for # 'INVARIANTS', as enabling 'INVARIANTS' will make these functions be # called. The intent is that you can set 'INVARIANTS' for single # source files (by changing the source file or specifying it on the # command line) if you have 'INVARIANT_SUPPORT' enabled. # options INVARIANT_SUPPORT # # The DIAGNOSTIC option is used to enable extra debugging information # from some parts of the kernel. As this makes everything more noisy, # it is disabled by default. # options DIAGNOSTIC ##################################################################### # DEBUGGING OPTIONS # # Enable the kernel debugger. # options DDB # # Don't drop into DDB for a panic. Intended for unattended operation # where you may want to drop to DDB from the console, but still want # the machine to recover from a panic # options DDB_UNATTENDED # # If using GDB remote mode to debug the kernel, there's a non-standard # extension to the remote protocol that can be used to use the serial # port as both the debugging port and the system console. It's non- # standard and you're on your own if you enable it. See also the # "remotechat" variables in the FreeBSD specific version of gdb. # options GDB_REMOTE_CHAT # # KTRACE enables the system-call tracing facility ktrace(2). # options KTRACE #kernel tracing # # The INVARIANTS option is used in a number of source files to enable # extra sanity checking of internal structures. This support is not # enabled by default because of the extra time it would take to check # for these conditions, which can only occur as a result of # programming errors. # options INVARIANTS # # The INVARIANT_SUPPORT option makes us compile in support for # verifying some of the internal structures. It is a prerequisite for # 'INVARIANTS', as enabling 'INVARIANTS' will make these functions be # called. The intent is that you can set 'INVARIANTS' for single # source files (by changing the source file or specifying it on the # command line) if you have 'INVARIANT_SUPPORT' enabled. # options INVARIANT_SUPPORT # # The DIAGNOSTIC option is used to enable extra debugging information # from some parts of the kernel. As this makes everything more noisy, # it is disabled by default. # options DIAGNOSTIC ---------------------------------------------------------------------- dmesg: ---------------------------------------------------------------------- Copyright (c) 1992-1999 The FreeBSD Project. Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. FreeBSD 4.0-CURRENT #2: Sat Dec 25 22:24:31 CET 1999 root@hunahpu.sics.se:/usr/src/sys/compile/HUNAHPU Timecounter "i8254" frequency 1193182 Hz CPU: Pentium Pro (199.31-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x617 Stepping = 7 Features=0xfbff real memory = 134217728 (131072K bytes) config> di lnc0 No such device: lnc0 Invalid command or syntax. Type `?' for help. config> di le0 No such device: le0 Invalid command or syntax. Type `?' for help. config> di ie0 No such device: ie0 Invalid command or syntax. Type `?' for help. config> di fe0 No such device: fe0 Invalid command or syntax. Type `?' for help. config> di ex0 config> di ed0 config> di cs0 No such device: cs0 Invalid command or syntax. Type `?' for help. config> q avail memory = 126779392 (123808K bytes) Programming 24 pins in IOAPIC #0 FreeBSD/SMP: Multiprocessor motherboard cpu0 (BSP): apic id: 1, version: 0x00040011, at 0xfee00000 cpu1 (AP): apic id: 0, version: 0x00040011, at 0xfee00000 io0 (APIC): apic id: 2, version: 0x00170011, at 0xfec00000 Preloaded elf kernel "kernel" at 0xc0342000. Preloaded userconfig_script "/boot/kernel.conf" at 0xc034209c. Pentium Pro MTRR support enabled md0: Malloc disk npx0: on motherboard npx0: INT 16 interface pcib0: on motherboard pci0: on pcib0 isab0: at device 7.0 on pci0 isa0: on isab0 ata-pci0: at device 7.1 on pci0 ata-pci0: Busmastering DMA supported ata0 at 0x01f0 irq 14 on ata-pci0 vga-pci0: irq 2 at device 12.0 on pci0 fdc0: at port 0x3f0-0x3f7 irq 6 drq 2 on isa0 fdc0: FIFO enabled, 8 bytes threshold fd0: <1440-KB 3.5" drive> on fdc0 drive 0 ata-isa0: already registered as ata0 atkbdc0: at port 0x60-0x6f on isa0 atkbd0: irq 1 on atkbdc0 vga0: at port 0x3b0-0x3df iomem 0xa0000-0xbffff on isa0 sc0: on isa0 sc0: VGA <16 virtual consoles, flags=0x200> sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0 sio0: type 16550A sio1 at port 0x2f8-0x2ff irq 3 on isa0 sio1: type 16550A sio2: not probed (disabled) sio3: not probed (disabled) ppc0 at port 0x378-0x37f irq 7 flags 0x40 on isa0 ppc0: Generic chipset (EPP/NIBBLE) in COMPATIBLE mode plip0: on ppbus 0 lpt0: on ppbus 0 lpt0: Interrupt-driven port ppi0: on ppbus 0 ed0: not probed (disabled) ex0: not probed (disabled) ep0: <3Com 3C509-Combo EtherLink III> at port 0x300-0x30f irq 9 on isa0 ep0: Ethernet address 00:a0:24:77:5d:eb ep0: supplying EUI64: 00:a0:24:ff:fe:77:5d:eb APIC_IO: Testing 8254 interrupt delivery APIC_IO: routing 8254 via pin 2 SMP: AP CPU #1 Launched! ad0: ATA-3 disk at ata0 as master ad0: 775MB (1587600 sectors), 1575 cyls, 16 heads, 63 S/T, 512 B/S ad0: 16 secs/int, 1 depth queue, DMA Mounting root from ufs:/dev/ad0s1a WARNING: / was not properly dismounted ep0: starting DAD for fe80:0002::02a0:24ff:fe77:5deb ep0: DAD complete for fe80:0002::02a0:24ff:fe77:5deb - no duplicates found ---------------------------------------------------------------------- >Description: this panic was caused while running an electric fenced program under gdb. Current directory is /usr/src/sys/compile/HUNAHPU/ GNU gdb 4.18 Copyright 1998 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-unknown-freebsd"... (kgdb) cd /var/crash Working directory /var/crash (canonically /usr/crash). (kgdb) exec-file kernel.9 (kgdb) core-file vmcore.9 SMP 2 cpus IdlePTD 3489792 initial pcb at 2d3640 panicstr: page fault panic messages: --- Fatal trap 12: page fault while in kernel mode mp_lock = 01000002; cpuid = 1; lapic.id = 00000000 fault virtual address = 0xcc962bb8 fault code = supervisor read, page not present instruction pointer = 0x8:0xc0229790 stack pointer = 0x10:0xc875df08 frame pointer = 0x10:0xc875df1c code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 47908 (arlad) interrupt mask = none <- SMP: XXX trap number = 12 panic: page fault mp_lock = 01000002; cpuid = 1; lapic.id = 00000000 boot() called on cpu#1 syncing disks... 11 done Uptime: 20h7m54s dumping to dev #ad/0x20001, offset 0 dump ata0: resetting devices .. done 128 127 126 125 124 123 122 121 120 119 118 117 116 115 114 113 112 111 110 109 108 107 106 105 104 103 102 101 100 99 98 97 96 95 94 93 92 91 90 89 88 87 86 85 84 83 82 81 80 79 78 77 76 75 74 73 72 71 70 69 68 67 66 65 64 63 62 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 --- #0 boot (howto=256) at ../../kern/kern_shutdown.c:303 (kgdb) bt #0 boot (howto=256) at ../../kern/kern_shutdown.c:303 #1 0xc01423b9 in panic (fmt=0xc02a8dcf "page fault") at ../../kern/kern_shutdown.c:553 #2 0xc026a6ac in trap_fatal (frame=0xc875dec8, eva=3432393656) at ../../i386/i386/trap.c:908 #3 0xc026a31d in trap_pfault (frame=0xc875dec8, usermode=0, eva=3432393656) at ../../i386/i386/trap.c:801 #4 0xc0269ef7 in trap (frame={tf_fs = -931856360, tf_es = -1072496624, tf_ds = -942800880, tf_edi = 715091968, tf_esi = -942784384, tf_ebp = -931799268, tf_isp = -931799308, tf_ebx = -862573648, tf_edx = -928955492, tf_ecx = 715083776, tf_eax = -929682688, tf_trapno = 12, tf_err = 0, tf_eip = -1071474800, tf_cs = 8, tf_eflags = 66054, tf_esp = -942803456, tf_ss = -1070906348}) at ../../i386/i386/trap.c:425 #5 0xc0229790 in vm_map_protect (map=0xc7ce4080, start=715083776, end=715091968, new_prot=0 '\000', set_max=0) at ../../vm/vm_map.c:959 #6 0xc022c661 in mprotect (p=0xc7cdf680, uap=0xc875df80) at ../../vm/vm_mmap.c:563 #7 0xc026a952 in syscall (frame={tf_fs = -1071316945, tf_es = 47, tf_ds = 47, tf_edi = 726413168, tf_esi = 755155100, tf_ebp = 726518952, tf_isp = -931799084, tf_ebx = 755155120, tf_edx = 755155140, tf_ecx = 715091968, tf_eax = 74, tf_trapno = 12, tf_err = 2, tf_eip = 672540064, tf_cs = 31, tf_eflags = 519, tf_esp = 726518924, tf_ss = 47}) at ../../i386/i386/trap.c:1057 #8 0xc02580f1 in Xint0x80_syscall () cannot read proc at 0 >How-To-Repeat: run a large program with efence for a while. >Fix: no fix known :-( >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message