From owner-freebsd-current@FreeBSD.ORG Fri Dec 16 20:25:51 2005 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9C02416A41F; Fri, 16 Dec 2005 20:25:51 +0000 (GMT) (envelope-from mistry.7@osu.edu) Received: from mail.united-ware.com (am-productions.biz [69.61.164.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 32FA943D49; Fri, 16 Dec 2005 20:25:33 +0000 (GMT) (envelope-from mistry.7@osu.edu) Received: from [192.168.1.100] (am-productions.biz [69.61.164.22]) (authenticated bits=0) by mail.united-ware.com (8.13.4/8.13.4) with ESMTP id jBGKSXBJ031856 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Fri, 16 Dec 2005 15:28:39 -0500 (EST) (envelope-from mistry.7@osu.edu) From: Anish Mistry To: John Baldwin Date: Fri, 16 Dec 2005 15:27:19 -0500 User-Agent: KMail/1.8.3 References: <200512161237.15148.mistry.7@osu.edu> <200512161511.10903.jhb@freebsd.org> In-Reply-To: <200512161511.10903.jhb@freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1386866.TTEqWZtIAv"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200512161527.34667.mistry.7@osu.edu> X-Spam-Status: No, score=-8.4 required=5.0 tests=ALL_TRUSTED, BAYES_00, BIZ_TLD, MYFREEBSD2,MYFREEBSD3 autolearn=failed version=3.1.0 X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on mail.united-ware.com X-Virus-Scanned: ClamAV 0.87/1210/Thu Dec 15 10:23:22 2005 on mail.united-ware.com X-Virus-Status: Clean Cc: freebsd-current@freebsd.org Subject: Re: Reproducable Panic on CURRENT and 6.0-RELEASE X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Dec 2005 20:25:51 -0000 --nextPart1386866.TTEqWZtIAv Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Friday 16 December 2005 03:11 pm, you wrote: > On Friday 16 December 2005 12:37 pm, Anish Mistry wrote: > > Here is the offending program/code. The interesting program is > > avidemux_2.1_branch_anish/avidemux/avidemux2. > > (It is compiled for CURRENT, and I left all the object code stuff > > in so it's a bit large 21MB) > > http://am-productions.biz/docs/avidemux_2.1_branch_anish.tgz > > > > First you'll need to compile spidermonkey to be threadsafe so add > > the following to your lang/spidermonkey/Makefile before > > installing it: LIB_DEPENDS=3D nspr4.1:${PORTSDIR}/devel/nspr > > MAKE_ARGS+=3D JS_THREADSAFE=3DYES LDFLAGS=3D"-L${LOCALBASE}/lib > > -lpthread -lm" > > CFLAGS+=3D -I${LOCALBASE}/include/nspr > > > > Once a threadsafe spidermonkey is installed to kill the machine > > you'll need to: > > cd avidemux_2.1_branch_anish/avidemux > > ./avidemux2 --run new-features-test.js > > > > On CURRENT: > > kernel trap 12 with interrupts disabled > > > > Fatal trap 12: page fault while in kernel mode > > fault virtual address =3D 0x68 > > fault code =3D supervisor read, page not present > > instruction pointer =3D 0x20:0xc04e6f36 > > stack pointer =3D 0x28:0xcc9edb3c > > frame pointer =3D 0x28:0xcc9edbb0 > > code segment =3D base 0x0, limit 0xfffff, type 0x1b > > =3D DPL 0, pres 1, def32 1, gran 1 > > processor eflags =3D resume, IOPL =3D 0 > > current process =3D 798 (gdb) > > trap number =3D 12 > > panic: page fault > > > > #0 doadump () at pcpu.h:165 > > #1 0xc04bb7eb in boot (howto=3D260) > > at /usr/src/sys/kern/kern_shutdown.c:399 > > #2 0xc04bb353 in panic (fmt=3D0xc06069a7 "%s") > > at /usr/src/sys/kern/kern_shutdown.c:555 > > #3 0xc05e91ba in trap_fatal (frame=3D0xcc9edafc, eva=3D104) > > at /usr/src/sys/i386/i386/trap.c:862 > > #4 0xc05e96d9 in trap (frame=3D > > {tf_fs =3D 8, tf_es =3D 40, tf_ds =3D 40, tf_edi =3D -1032878460, > > tf_esi =3D 1, tf_ebp =3D -862004304, tf_isp =3D -862004440, tf_ebx =3D > > -1033297504, tf_edx =3D -1033987232, tf_ecx =3D 4, tf_eax =3D 0, > > tf_trapno =3D 12, tf_err =3D 0, tf_eip =3D -1068601546, tf_cs =3D 32, > > tf_eflags =3D 65687, tf_esp =3D -1032878356, tf_ss =3D -1067380424}) > > at /usr/src/sys/i386/i386/trap.c:273 > > #5 0xc05db6fa in calltrap () > > at /usr/src/sys/i386/i386/exception.s:137 > > #6 0xc04e6f36 in kern_ptrace (td=3D0xc25e9b60, req=3D10, pid=3D1, > > addr=3D0x0, data=3D17) > > at /usr/src/sys/kern/sys_process.c:802 > > On HEAD this is: > p->p_xthread->td_flags &=3D ~TDF_XSIG; > > If two threads called kern_ptrace() with the same PID and this > could happen. Hmm, I have no idea how p_xthread is supposed to not > be racey here in fact. It would be helpful to know what PTRACE > action it it is trying to do and maybe a KTR trace of the various > ptrace events leading up to this condition. I have no idea what > thread you are supposed to act on if p_xthread is NULL either. How would I do this? My kdb/ddb skills are prettymuch limited to=20 getting a backtrace. > > > #7 0xc04e71f0 in ptrace (td=3D0xc25e9b60, uap=3D0xcc9edd04) > > at /usr/src/sys/kern/sys_process.c:433 > > #8 0xc05e9ca6 in syscall (frame=3D > > {tf_fs =3D 59, tf_es =3D 59, tf_ds =3D 59, tf_edi =3D 136221752, > > tf_esi =3D 796, tf_ebp =3D -1077943184, tf_isp =3D -862003868, tf_ebx = =3D > > 796, tf_edx =3D 674587084, tf_ecx =3D 674505768, tf_eax =3D 26, > > tf_trapno =3D 12, tf_err =3D 2, tf_eip =3D 673978987, tf_cs =3D 51, > > tf_eflags =3D 518, tf_esp =3D -1077943208, tf_ss =3D 59}) > > at /usr/src/sys/i386/i386/trap.c:1008 > > ---Type to continue, or q to quit--- > > #9 0xc05db74f in Xint0x80_syscall () > > at /usr/src/sys/i386/i386/exception.s:190 > > #10 0x00000033 in ?? () > > > > > > http://am-productions.biz/docs/littleguy-dmesg.gz > > http://am-productions.biz/docs/littleguy-pciconf.gz > > > > > > > > From my previous email to questions with the info on 6.0-RELEASE: > > I'm getting the following panic, which I can reproduce easily.=20 > > Let me know what other information I should provide. The > > backtrace seems really short for some reason. I get the panic > > when running a multi-threaded application I'm > > developing/modifying. > > > > kernel trap 12 with interrupts disabled > > > > Fatal trap 12: page fault while in kernel mode > > fault virtual address =3D 0x48 > > fault code =3D supervisor write, page not present > > instruction pointer =3D 0x20:0xc0510cb3 > > stack pointer =3D 0x28:0xe9aebb74 > > frame pointer =3D 0x28:0xe9aebbf8 > > code segment =3D base 0x0, limit 0xfffff, type 0x1b > > =3D DPL 0, pres 1, def32 1, gran 1 > > processor eflags =3D resume, IOPL =3D 0 > > current process =3D 7848 (gdb) > > [thread pid 7848 tid 100184 ] > > Stopped at kern_ptrace+0x11e3: andl =20 > > $0xfffbffff,0x48(%eax) db> bt > > Tracing pid 7848 tid 100184 td 0xc4302180 > > kern_ptrace(c4302180,a,1ea6,0,11) at kern_ptrace+0x11e3 > > ptrace(c4302180,e9aebd04,10,418,4) at ptrace+0x56 > > syscall(3b,3b,3b,bfbfe580,1ea6) at syscall+0x13d > > Xint0x80_syscall() at Xint0x80_syscall+0x1f > > --- syscall (26, FreeBSD ELF32, ptrace), eip =3D 0x283360e7, esp =3D > > 0xbfbfe3bc, ebp > > =3D 0xbfbfe3d8 --- > > > > > > > > Full panic and backtrace, and alltrace: > > http://am-productions.biz/docs/bigguy-panic.gz > > http://am-productions.biz/docs/bigguy-dmesg.gz > > http://am-productions.biz/docs/bigguy-pciconf.gz > > Kernel config: > > http://am-productions.biz/docs/BIGGUY.gz > > > > > > I have firewire console access to the CURRENT system, and serial > > console access for the 6.0-RELEASE. > > > > Thanks, =2D-=20 Anish Mistry --nextPart1386866.TTEqWZtIAv Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQBDoyM2xqA5ziudZT0RAslwAKCH12JtBe80VgBXA14EIjbATnxL5ACgpU57 5FKCFjdb3Md2Kzy6fH1lJ8k= =lh5N -----END PGP SIGNATURE----- --nextPart1386866.TTEqWZtIAv--