From owner-freebsd-bugs Sun Aug 17 11:00:04 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id LAA12673 for bugs-outgoing; Sun, 17 Aug 1997 11:00:04 -0700 (PDT) Received: (from gnats@localhost) by hub.freebsd.org (8.8.5/8.8.5) id LAA12660; Sun, 17 Aug 1997 11:00:01 -0700 (PDT) Resent-Date: Sun, 17 Aug 1997 11:00:01 -0700 (PDT) Resent-Message-Id: <199708171800.LAA12660@hub.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, scrappy@hub.org Received: from hub.org (hub.org [207.107.138.200]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA12117 for ; Sun, 17 Aug 1997 10:52:30 -0700 (PDT) Received: (from root@localhost) by hub.org (8.8.5/8.7.5) id NAA00930; Sun, 17 Aug 1997 13:52:29 -0400 (EDT) Message-Id: <199708171752.NAA00930@hub.org> Date: Sun, 17 Aug 1997 13:52:29 -0400 (EDT) From: "Marc G. Fournier" Reply-To: scrappy@hub.org To: FreeBSD-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: 3.2 Subject: kern/4324: panic: page fault in sosend() Sender: owner-freebsd-bugs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >Number: 4324 >Category: kern >Synopsis: panic: page fault in sosend() >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Aug 17 11:00:00 PDT 1997 >Last-Modified: >Originator: Marc G. Fournier >Organization: Hub.Org Networking Services >Release: FreeBSD 2.2.2-RELEASE i386 >Environment: Copyright (c) 1992-1997 FreeBSD Inc. Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. FreeBSD 2.2.2-RELEASE #0: Tue Aug 5 07:23:55 EDT 1997 scrappy@hub.org:/usr/src/sys/compile/hub_org CPU: Pentium (167.05-MHz 586-class CPU) Origin = "GenuineIntel" Id = 0x52c Stepping=12 Features=0x1bf real memory = 134217728 (131072K bytes) avail memory = 129912832 (126868K bytes) Probing for devices on PCI bus 0: chip0 rev 2 on pci0:0 chip1 rev 1 on pci0:7:0 chip2 rev 0 on pci0:7:1 ncr0 rev 1 int a irq 11 on pci0:9 (ncr0:0:0): "QUANTUM FIREBALL1280S 630C" type 0 fixed SCSI 2 sd0(ncr0:0:0): Direct-Access sd0(ncr0:0:0): 10.0 MB/s (100 ns, offset 8) 1222MB (2503872 512 byte sectors) (ncr0:1:0): "QUANTUM LPS340S 020B" type 0 fixed SCSI 2 sd1(ncr0:1:0): Direct-Access sd1(ncr0:1:0): 10.0 MB/s (100 ns, offset 8) 327MB (670506 512 byte sectors) (ncr0:2:0): "QUANTUM LP240S GM240S01X 4.6" type 0 fixed SCSI 2 sd2(ncr0:2:0): Direct-Access sd2(ncr0:2:0): 10.0 MB/s (100 ns, offset 8) 234MB (479350 512 byte sectors) (ncr0:3:0): "QUANTUM LP240S GM240S01X 6.4" type 0 fixed SCSI 2 sd3(ncr0:3:0): Direct-Access sd3(ncr0:3:0): 10.0 MB/s (100 ns, offset 8) 234MB (479350 512 byte sectors) ncr1 rev 2 int a irq 9 on pci0:10 (ncr1:0:0): "SEAGATE ST32151N 0284" type 0 fixed SCSI 2 sd4(ncr1:0:0): Direct-Access sd4(ncr1:0:0): 10.0 MB/s (100 ns, offset 8) 2049MB (4197405 512 byte sectors) (ncr1:1:0): "CONNER CFP1060S 1.05GB 243F" type 0 fixed SCSI 2 sd5(ncr1:1:0): Direct-Access sd5(ncr1:1:0): 10.0 MB/s (100 ns, offset 8) 1013MB (2074880 512 byte sectors) (ncr1:4:0): "UNISYS U0531 ST3600N 8374" type 0 fixed SCSI 2 sd6(ncr1:4:0): Direct-Access sd6(ncr1:4:0): 10.0 MB/s (100 ns, offset 8) 500MB (1025920 512 byte sectors) vx0 <3COM 3C905 Fast Etherlink XL PCI> rev 0 int a irq 5 on pci0:11 mii[*mii*]: disable 'auto select' with DOS util! address 00:60:97:72:57:bf Probing for devices on the ISA bus: sc0 at 0x60-0x6f irq 1 on motherboard sc0: VGA color <16 virtual consoles, flags=0x0> sio0 at 0x3f8-0x3ff irq 4 on isa sio0: type 16550A sio1 at 0x2f8-0x2ff irq 3 on isa sio1: type 16550A fdc0 at 0x3f0-0x3f7 irq 6 drq 2 on isa fdc0: NEC 72065B fd0: 1.44MB 3.5in wdc0 at 0x1f0-0x1f7 irq 14 on isa wdc0: unit 0 (wd0): wd0: 1623MB (3324384 sectors), 3298 cyls, 16 heads, 63 S/T, 512 B/S npx0 on motherboard npx0: INT 16 interface ccd0-3: Concatenated disk drivers WARNING: / was not properly dismounted. >Description: System has been installed for over 2 weeks...suddenly, three times in one day (so far), she panics. The two core dumps that I go show the exact same thing: current pcb at 19acc8 panic: page fault #0 boot (howto=256) at ../../kern/kern_shutdown.c:243 243 dumppcb.pcb_cr3 = rcr3(); (kgdb) where #0 boot (howto=256) at ../../kern/kern_shutdown.c:243 #1 0xf010ea72 in panic (fmt=0xf01791cf "page fault") at ../../kern/kern_shutdown.c:367 #2 0xf0179d36 in trap_fatal (frame=0xefbffe50) at ../../i386/i386/trap.c:742 #3 0xf0179824 in trap_pfault (frame=0xefbffe50, usermode=0) at ../../i386/i386/trap.c:653 #4 0xf01794ff in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -272630076, tf_esi = -2147483648, tf_ebp = -272630096, tf_isp = -272630152, tf_ebx = 0, tf_edx = 2147483647, tf_ecx = -1073610720, tf_eax = 0, tf_trapno = 12, tf_err = 2, tf_eip = -267245203, tf_cs = 8, tf_eflags = 66178, tf_esp = 0, tf_ss = 7395}) at ../../i386/i386/trap.c:311 #5 0xf012296d in sosend (so=0xf1797100, addr=0x0, uio=0xefbfff38, top=0x0, control=0x0, flags=0) at ../../kern/uipc_socket.c:421 #6 0xf0118015 in soo_write (fp=0xf17ae380, uio=0xefbfff38, cred=0xf0fd4500) at ../../kern/sys_socket.c:82 #7 0xf0115b1a in writev (p=0xf0ea0c00, uap=0xefbfff94, retval=0xefbfff84) at ../../kern/sys_generic.c:349 #8 0xf0179f73 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 15, tf_esi = 15, tf_ebp = -272639008, tf_isp = -272629788, tf_ebx = 14, tf_edx = 211840, tf_ecx = 210816, tf_eax = 121, tf_trapno = 22, tf_err = 7, tf_eip = 134723233, tf_cs = 31, tf_eflags = 518, tf_esp = -272639052, tf_ss = 39}) at ../../i386/i386/trap.c:890 #9 0x807b6a1 in ?? () #10 0xce2e in ?? () #11 0x17a57 in ?? () #12 0x1095 in ?? () (kgdb) up 5 #5 0xf012296d in sosend (so=0xf1591100, addr=0x0, uio=0xefbfff38, top=0x0, control=0x0, flags=0) at ../../kern/uipc_socket.c:421 421 mlen = MHLEN; (kgdb) list 416 if (flags & MSG_EOR) 417 top->m_flags |= M_EOR; 418 } else do { 419 if (top == 0) { 420 MGETHDR(m, M_WAIT, MT_DATA); 421 mlen = MHLEN; 422 m->m_pkthdr.len = 0; 423 m->m_pkthdr.rcvif = (struct ifnet *)0; 424 } else { 425 MGET(m, M_WAIT, MT_DATA); (kgdb) print mlen $1 = 100 >How-To-Repeat: >Fix: >Audit-Trail: >Unformatted: