From owner-freebsd-bugs  Sat Dec 23 09:40:04 1995
Return-Path: owner-bugs
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id JAA23220
          for bugs-outgoing; Sat, 23 Dec 1995 09:40:04 -0800 (PST)
Received: (from gnats@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id JAA23180
          Sat, 23 Dec 1995 09:40:02 -0800 (PST)
Resent-Date: Sat, 23 Dec 1995 09:40:02 -0800 (PST)
Resent-Message-Id: <199512231740.JAA23180@freefall.freebsd.org>
Resent-From: gnats (GNATS Management)
Resent-To: freebsd-bugs
Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, scrappy@hub.org
Received: from hub.org (hub.org [199.166.238.138])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id JAA22969
          for <FreeBSD-gnats-submit@freebsd.org>; Sat, 23 Dec 1995 09:35:54 -0800 (PST)
Received: (from root@localhost) by hub.org (8.7.3/8.7.3) id MAA08962; Sat, 23 Dec 1995 12:35:46 -0500 (EST)
Message-Id: <199512231735.MAA08962@hub.org>
Date: Sat, 23 Dec 1995 12:35:46 -0500 (EST)
From: "Marc G. Fournier" <scrappy@hub.org>
Reply-To: scrappy@hub.org
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.2
Subject: kern/911: Stopped at      statfs+0x51:    movl    0x14(%eax),%eax
Sender: owner-bugs@freebsd.org
Precedence: bulk


>Number:         911
>Category:       kern
>Synopsis:       Stopped at      statfs+0x51:    movl    0x14(%eax),%eax
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Dec 23 09:40:01 PST 1995
>Last-Modified:
>Originator:     Marc G. Fournier
>Organization:
>Release:        FreeBSD 2.1-CURRENT i386
>Environment:


FreeBSD 2.2-CURRENT #2: Fri Dec 22 00:24:59 EST 1995
    scrappy@freebsd.hub.org:/usr/src/sys/compile/freebsd
CPU: i386DX (386-class CPU)
real memory  = 8781824 (8576K bytes)
avail memory = 7159808 (6992K bytes)
DEVFS: ready for devices
Probing for devices on the ISA bus:
vt0 at 0x60-0x6f irq 1 on motherboard
vt0: mda, mono, 8 scr, mf2-kbd, [R3.20-b24]
sio0 not found at 0x3f8
sio1 at 0x2f8-0x2ff irq 3 on isa
sio1: type 16450
lpt0 at 0x3bc-0x3c3 irq 7 on isa
lpt0: Interrupt-driven port
lp0: TCP/IP capable interface
fdc0 at 0x3f0-0x3f7 irq 6 drq 2 on isa
fdc0: NEC 765
fd0: 1.44MB 3.5in
wdc0 at 0x1f0-0x1f7 irq 14 on isa
wdc0: unit 0 (wd0): <Maxtor 7345 AT>
wd0: 329MB (675450 sectors), 790 cyls, 15 heads, 57 S/T, 512 B/S
1 3C5x9 board(s) on ISA found at 0x300
ep0 at 0x300-0x30f irq 10 on isa
ep0: aui/bnc[*BNC*] address 00:a0:24:0a:5a:fe irq 10
npx0 on motherboard
npx0: 387 emulator
devfs ready to run
WARNING: / was not properly dismounted.

>Description:

----[ DDB Output ]----

Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x14
fault code		= supervisor read, page not present
instruction pointer	= 0x8:0xf0129a99
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 1771 (find)
interrupt mask		=
kernel: type 12 trap, code=0
Stopped at	statfs+0x51:	movl	0x14(%eax),%eax

Trace:
	statfs(f05d6200,efbfff8c,0,e000) at statfs+0x51
	syscall(27,efbf0027,e000,e000,efbfdcfc) at syscall+0xf3
	Base user frame pointer: 0xefbfdcfc

----[ kgdb Output ]----

Script started on Sat Dec 23 12:19:26 1995
freebsd# kgdb kernel /var/crash/vmcore.0
GDB is free software and you are welcome to distribute copies of it
 under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for details.
GDB 4.13 (i386-unknown-freebsd), 
Copyright 1994 Free Software Foundation, Inc...
IdlePTD 1d2000
current pcb at 1a3b1c
panic: from debugger
#0  boot (howto=260) at ../../i386/i386/machdep.c:914
Source file is more recent than executable.
914					dumppcb.pcb_ptd = rcr3();
(kgdb) list
909			cngetc();
910		} else {
911			if (howto & RB_DUMP) {
912				if (!cold) {
913					savectx(&dumppcb, 0);
914					dumppcb.pcb_ptd = rcr3();
915					dumpsys();
916				}
917	
918				if (PANIC_REBOOT_WAIT_TIME != 0) {
(kgdb) where
#0  boot (howto=260) at ../../i386/i386/machdep.c:914
#1  0xf0112135 in panic (fmt=0xf01011a8 "from debugger")
    at ../../kern/subr_prf.c:124
#2  0xf01011c5 in db_panic (dummy1=-266959981, dummy2=0, dummy3=1, 
    dummy4=0xefbffbd0 "") at ../../ddb/db_command.c:395
#3  0xf01010ae in db_command (last_cmdp=0xf0194b54, cmd_table=0xf01949b4)
    at ../../ddb/db_command.c:288
#4  0xf010122d in db_command_loop () at ../../ddb/db_command.c:417
#5  0xf0103b88 in db_trap (type=3, code=0) at ../../ddb/db_trap.c:73
#6  0xf016816a in kdb_trap (type=3, code=0, regs=0xefbffccc)
    at ../../i386/i386/db_interface.c:136
#7  0xf01726dc in trap (frame={tf_es = 16, tf_ds = -266797040, 
      tf_edi = -266777772, tf_esi = 0, tf_ebp = -272630512, 
      tf_isp = -266959981, tf_ebx = 256, tf_edx = -266960027, tf_ecx = 1920, 
      tf_eax = -1, tf_trapno = 3, tf_err = 0, tf_eip = -266959981, 
      tf_cs = -272695288, tf_eflags = 582, tf_esp = -266960043, 
      tf_ss = -267312917}) at ../../i386/i386/trap.c:397
#8  0xf0168a1d in calltrap ()
#9  0xf0168393 in Debugger (msg=0xf01120eb "panic")
    at ../../i386/i386/db_interface.c:277
#10 0xf011212f in panic (fmt=0xf01011a8 "from debugger")
    at ../../kern/subr_prf.c:122
#11 0xf01011c5 in db_panic (dummy1=-267216231, dummy2=0, dummy3=-1, 
---Type <return> to continue, or q <return> to quit---
    dummy4=0xefbffd68 "") at ../../ddb/db_command.c:395
#12 0xf01010ae in db_command (last_cmdp=0xf0194b54, cmd_table=0xf01949b4)
    at ../../ddb/db_command.c:288
#13 0xf010122d in db_command_loop () at ../../ddb/db_command.c:417
#14 0xf0103b88 in db_trap (type=12, code=0) at ../../ddb/db_trap.c:73
#15 0xf016816a in kdb_trap (type=12, code=0, regs=0xefbffebc)
    at ../../i386/i386/db_interface.c:136
#16 0xf0172e63 in trap_fatal (frame=0xefbffebc) at ../../i386/i386/trap.c:750
#17 0xf01729e0 in trap_pfault (frame=0xefbffebc, usermode=0)
    at ../../i386/i386/trap.c:676
#18 0xf017262f in trap (frame={tf_es = -261554160, tf_ds = -266797040, 
      tf_edi = -262315520, tf_esi = -262521312, tf_ebp = -272629924, 
      tf_isp = -267216231, tf_ebx = -262521344, tf_edx = -262424832, 
      tf_ecx = 27, tf_eax = 0, tf_trapno = 12, tf_err = -267255808, 
      tf_eip = -267216231, tf_cs = -262537208, tf_eflags = 66118, 
      tf_esp = -262521344, tf_ss = -262521312}) at ../../i386/i386/trap.c:317
#19 0xf0168a1d in calltrap ()
#20 0xf0129a99 in statfs (p=0xf05d6200, uap=0xefbfff94, retval=0xefbfff8c)
    at ../../kern/vfs_syscalls.c:415
#21 0xf01730eb in syscall (frame={tf_es = 39, tf_ds = -272695257, 
      tf_edi = 57344, tf_esi = 57344, tf_ebp = -272638724, 
      tf_isp = -272629788, tf_ebx = 0, tf_edx = 57420, tf_ecx = 32768, 
      tf_eax = 157, tf_trapno = 0, tf_err = 582, tf_eip = 134453589, 
---Type <return> to continue, or q <return> to quit---
      tf_cs = 31, tf_eflags = 582, tf_esp = -272639004, tf_ss = 39})
    at ../../i386/i386/trap.c:914
#22 0xf0168a6d in Xsyscall ()
#23 0x2a93 in ?? ()
#24 0x2ae3 in ?? ()
#25 0x17ea in ?? ()
#26 0x310a in ?? ()
#27 0x10d3 in ?? ()
---[ Steps taken to get to statfs function removed... ]----
(kgdb) down
#20 0xf0129a99 in statfs (p=0xf05d6200, uap=0xefbfff94, retval=0xefbfff8c)
    at ../../kern/vfs_syscalls.c:415
415		error = VFS_STATFS(mp, sp, p);
(kgdb) list
410		if (error)
411			return (error);
412		mp = nd.ni_vp->v_mount;
413		sp = &mp->mnt_stat;
414		vrele(nd.ni_vp);
415		error = VFS_STATFS(mp, sp, p);
416		if (error)
417			return (error);
418		sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
419		return (copyout((caddr_t)sp, (caddr_t)uap->buf, sizeof(*sp)));
(kgdb) quit

Script done on Sat Dec 23 12:26:53 1995

>How-To-Repeat:

	

>Fix:
	
	

>Audit-Trail:
>Unformatted: