Date: Tue, 15 Jul 2008 22:33:21 +0300 From: Kostik Belousov <kostikbel@gmail.com> To: john@basicnets.co.uk Cc: Kris Kennaway <kris@freebsd.org>, freebsd-stable@freebsd.org, 'Jeremy Chadwick' <koitsu@freebsd.org> Subject: Re: Fresh 7.0 Install: Fatal Trap 12 panic when put under load Message-ID: <20080715193321.GX17123@deviant.kiev.zoral.com.ua> In-Reply-To: <20080715201915.8m5j3k1lw00k4gck@mail.basicnets.co.uk> References: <854CADB9D95147CAB10BC35887A8E5DC@emea.hubersuhner.net> <20080715102135.GA18082@eos.sc1.parodius.com> <B23D0848E1304F719FEBDC3EDC54B914@emea.hubersuhner.net> <487C8486.1040904@FreeBSD.org> <20080715201915.8m5j3k1lw00k4gck@mail.basicnets.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
--WO51hmseaWODELnE Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 15, 2008 at 08:19:15PM +0100, john@basicnets.co.uk wrote: >=20 >=20 > > Please collect kgdb/ddb backtraces. >=20 > kgdb backtrace: >=20 > server251# kgdb -c /var/crash/vmcore.0 > kgdb: couldn't find a suitable kernel image > server251# kgdb /boot/kernel/kernel /var/crash/vmcore.0 > kgdb: kvm_read: invalid address (0xffffff00010e5468) > [GDB will not be able to debug user-mode threads: =20 > /usr/lib/libthread_db.so: Unde > fined symbol "ps_pglobal_lookup"] > GNU gdb 6.1.1 [FreeBSD] > Copyright 2004 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and you = are > welcome to change it and/or distribute copies of it under certain=20 > conditions. > Type "show copying" to see the conditions. > There is absolutely no warranty for GDB.=9A Type "show warranty" for deta= ils. > This GDB was configured as "amd64-marcel-freebsd". >=20 > Unread portion of the kernel message buffer: >=20 > Fatal trap 12: page fault while in kernel mode > cpuid =3D 0; apic id =3D 00 > fault virtual address=9A=9A =3D 0x6400000000 > fault code=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A =3D supervisor read ins= truction, page not present > instruction pointer=9A=9A=9A=9A =3D 0x8:0x6400000000 > stack pointer=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A =3D 0x10:0xffffffffb1d7f590 > frame pointer=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A =3D 0x10:0xffffff0035d2dcc0 > code segment=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A =3D base 0x0, limit 0xfffff= , type 0x1b > =3D DPL 0, pres 1, long 1, def32 0, gran 1 > processor eflags=9A=9A=9A=9A=9A=9A=9A =3D interrupt enabled, resume, IOPL= =3D 0 > current process=9A=9A=9A=9A=9A=9A=9A=9A =3D 88622 (make) > trap number=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A =3D 12 > panic: page fault > cpuid =3D 0 > Uptime: 5h57m22s > Physical memory: 4082 MB > Dumping 444 MB: 429 413 397 381 365 349 333 317 301 285 269 253 237 =20 > 221 205 189 > 173 157 141 125 109 93 77 61 45 29 13 >=20 > #0=9A doadump () at pcpu.h:194 > 194=9A=9A=9A=9A pcpu.h: No such file or directory. > in pcpu.h > (kgdb) > (kgdb) list *0x6400000000 > No source file for address 0x6400000000. > (kgdb) backtrace > #0=9A doadump () at pcpu.h:194 > #1=9A 0xffffff0004742440 in ?? () > #2=9A 0xffffffff80477699 in boot (howto=3D260) > at /usr/src/sys/kern/kern_shutdown.c:409 > #3=9A 0xffffffff80477a9d in panic (fmt=3D0x104 <Address 0x104 out of boun= ds>) > at /usr/src/sys/kern/kern_shutdown.c:563 > #4=9A 0xffffffff8072ed44 in trap_fatal (frame=3D0xffffff00048ee000, > eva=3D18446742974275512528) at /usr/src/sys/amd64/amd64/trap.c:724 > #5=9A 0xffffffff8072f115 in trap_pfault (frame=3D0xffffffffb1d7f4e0, user= mode=3D0) > at /usr/src/sys/amd64/amd64/trap.c:641 > #6=9A 0xffffffff8072fa58 in trap (frame=3D0xffffffffb1d7f4e0) > at /usr/src/sys/amd64/amd64/trap.c:410 > #7=9A 0xffffffff807156be in calltrap () > at /usr/src/sys/amd64/amd64/exception.S:169 > #8=9A 0x0000006400000000 in ?? () > #9=9A 0xffffffff8067d3ee in uma_zalloc_arg (zone=3D0xffffff00bfed07e0,=20 > udata=3D0x0, > flags=3D-256) at /usr/src/sys/vm/uma_core.c:1835 =46rom the frame #9, please do p *zone I am esp. interested in the value of the uz_ctor member. It seems that it becomes corrupted, it value should be 0, as this seems to be ffs inode zone. I suspect that gdb would show 0x6400000000 instead. That may be kernel memory corruption, but might be a bad memory as well (double bit inversion ?). > #10 0xffffffff80661ecf in ffs_vget (mp=3D0xffffff00047f4978, ino=3D478845= 12, > flags=3D2, vpp=3D0xffffffffb1d7f728) at uma.h:277 > #11 0xffffffff8066d010 in ufs_lookup (ap=3D0xffffffffb1d7f780) > at /usr/src/sys/ufs/ufs/ufs_lookup.c:573 > #12 0xffffffff804dfa89 in vfs_cache_lookup (ap=3DVariable "ap" is not=20 > available. > ) at vnode_if.h:83 > #13 0xffffffff8077235f in VOP_LOOKUP_APV (vop=3D0xffffffff809e7de0, > a=3D0xffffffffb1d7f840) at vnode_if.c:99 > ---Type <return> to continue, or q <return> to quit--- > #14 0xffffffff804e6394 in lookup (ndp=3D0xffffffffb1d7f950) at vnode_if.h= :57 > #15 0xffffffff804e7228 in namei (ndp=3D0xffffffffb1d7f950) > at /usr/src/sys/kern/vfs_lookup.c:219 > #16 0xffffffff804f4717 in kern_stat (td=3D0xffffff00048ee000, > path=3D0x8006f7040 <Address 0x8006f7040 out of bounds>, =20 > pathseg=3DVariable "path > seg" is not available. > ) > at /usr/src/sys/kern/vfs_syscalls.c:2109 > #17 0xffffffff804f4987 in stat (td=3DVariable "td" is not available. > ) at /usr/src/sys/kern/vfs_syscalls.c:2093 > #18 0xffffffff8072f397 in syscall (frame=3D0xffffffffb1d7fc70) > at /usr/src/sys/amd64/amd64/trap.c:852 > #19 0xffffffff807158cb in Xfast_syscall () > at /usr/src/sys/amd64/amd64/exception.S:290 > #20 0x000000000043127c in ?? () > Previous frame inner to this frame (corrupt stack?) >=20 > I really don't understand this -any advice you can give would =20 > really be appreciated. --WO51hmseaWODELnE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkh8+4AACgkQC3+MBN1Mb4jrngCfVEDFuknqixexu6mj40q3TN8h Z9cAnAuPDNe2Ui02MkOkEJCB2LbSmzDH =NmtF -----END PGP SIGNATURE----- --WO51hmseaWODELnE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080715193321.GX17123>