From owner-freebsd-hackers@FreeBSD.ORG Tue Feb 19 15:17:08 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1469016A475 for ; Tue, 19 Feb 2008 15:17:08 +0000 (UTC) (envelope-from mcj@bluetonic.org) Received: from ik-out-1112.google.com (ik-out-1112.google.com [66.249.90.179]) by mx1.freebsd.org (Postfix) with ESMTP id 336FC13C4EB for ; Tue, 19 Feb 2008 15:17:06 +0000 (UTC) (envelope-from mcj@bluetonic.org) Received: by ik-out-1112.google.com with SMTP id c21so751811ika.3 for ; Tue, 19 Feb 2008 07:17:05 -0800 (PST) Received: by 10.150.156.9 with SMTP id d9mr2520318ybe.116.1203432750307; Tue, 19 Feb 2008 06:52:30 -0800 (PST) Received: from ico.bluetonic.org ( [70.245.112.92]) by mx.google.com with ESMTPS id a38sm13520593rnc.6.2008.02.19.06.52.25 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 19 Feb 2008 06:52:28 -0800 (PST) Message-Id: <35B9ADBA-9AA3-4C61-98D7-3AE22B77CD53@bluetonic.org> From: Carey Jones To: freebsd-hackers@freebsd.org Mime-Version: 1.0 (Apple Message framework v919.2) Date: Tue, 19 Feb 2008 08:52:24 -0600 X-Mailer: Apple Mail (2.919.2) Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Help debugging kernel dump? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Feb 2008 15:17:08 -0000 I have been getting occasional reboots on my FreeBSD 6-STABLE machine. I haven't figured out a pattern on it yet, but the most recent crash was during some pretty heavy NFS usage, and I see nfsd in the dump, so perhaps that has something to do with it. Could anyone assist in deciphering the cause of this? This is the first time it's crashed on me once I enabled debugging, so I can't say for sure whether or not this is common to all of them. Thanks, -c mcj@ark ~ % uname -a FreeBSD ark.bluetonic.org 6.3-STABLE FreeBSD 6.3-STABLE #4: Wed Jan 23 19:10:47 CST 2008 root@ark.bluetonic.org:/usr/obj/usr/src/sys/ARK i386 root@ark ...src/sys/ARK # kgdb kernel.debug /var/crash/vmcore.0 kgdb: kvm_nlist(_stopped_cpus): kgdb: kvm_nlist(_stoppcbs): [GDB will not be able to debug user-mode threads: /usr/lib/ libthread_db.so: Unde fined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". Unread portion of the kernel message buffer: panic: free: address 0xca0f6300(0xca0f6000) has not been allocated. Uptime: 18h38m31s Dumping 1279 MB (2 chunks) chunk 0: 1MB (159 pages) ... ok chunk 1: 1279MB (327408 pages) 1263 1247 1231 1215 1199 1183 1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943 927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 383 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15 #0 doadump () at pcpu.h:165 165 __asm __volatile("movl %%fs:0,%0" : "=r" (td)); (kgdb) backtrace #0 doadump () at pcpu.h:165 #1 0xc0553a74 in boot (howto=260) at /usr/src/sys/kern/ kern_shutdown.c:409 #2 0xc0553da6 in panic ( fmt=0xc0744037 "free: address %p(%p) has not been allocated.\n") at /usr/src/sys/kern/kern_shutdown.c:565 #3 0xc0545ab5 in free (addr=0xca0f6300, mtp=0x0) at /usr/src/sys/kern/kern_malloc.c:374 #4 0xc06701f3 in nfssvc_nfsd (td=0x0) at /usr/src/sys/nfsserver/nfs_syscalls.c:544 #5 0xc066f455 in nfssvc (td=0xc522e300, uap=0xed9ced04) at /usr/src/sys/nfsserver/nfs_syscalls.c:181 #6 0xc0711332 in syscall (frame= {tf_fs = 59, tf_es = 59, tf_ds = 59, tf_edi = 0, tf_esi = 0, tf_ebp = -1077941464, tf_isp = -308482716, tf_ebx = 0, tf_edx = -1077936144, tf_ecx = 2, tf_eax = 155, tf_trapno = 12, tf_err = 2, tf_eip = 671902679, tf_cs = 51, tf_eflags = 582, tf_esp = -1077941492, tf_ss = 59}) at /usr/src/sys/i386/i386/trap.c:984 #7 0xc06fb5ef in Xint0x80_syscall () at /usr/src/sys/i386/i386/ exception.s:200 #8 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) (kgdb)