kern/63649: nfsd crashes system
Edmond Baroud
neo at admin.fido.ca
Mon Mar 8 09:50:10 PST 2004
The following reply was made to PR kern/63649; it has been noted by GNATS.
From: Edmond Baroud <neo at admin.fido.ca>
To: Kris Kennaway <kris at obsecurity.org>
Cc: freebsd-gnats-submit at FreeBSD.org
Subject: Re: kern/63649: nfsd crashes system
Date: Mon, 8 Mar 2004 12:49:16 -0500
Hi Kris,
I was able to reproduce the problem, but I'm no developper so when it comes to
using gdb I suck :)I'm sure nobody wants me to send 2 x 1G core files, so
could you please tell me what gdb options you want me to submit?
Updates on debugging/investigation:
- The crash only happens when mounting Joliette extensions Level "1". Tried
Level 3 and Rockridge and both worked well, no crash!.
- I have 2 core files now, one from (nfsd), and the other from (nfsd) AND
(g_up)? see below:
--8<--cut-here--8<--
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x1c
fault code = supervisor write, page not present
instruction pointer = 0x8:0xc05889f5
stack pointer = 0x10:0xdf5848ac
frame pointer = 0x10:0xdf5848bc
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 427 (nfsd)
trap number = 12
panic: page fault
cpuid = 0;
syncing disks, buffers remaining... 246 246 239 panic: bremfree: removing a
buffer not on a queue
cpuid = 0;
Uptime: 4m30s
kernel trap 12 with interrupts disabled
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x24
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc05b4ade
stack pointer = 0x10:0xde2f5ab8
frame pointer = 0x10:0xde2f5adc
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = resume, IOPL = 0
current process = 3 (g_up)
trap number = 12
panic: page fault
cpuid = 0;
Uptime: 4m30s
Dumping 1016 MB
16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 256 272 288 304 320 336
352 368 384 400 416 432 448 464 480 496 512 528 544 560 576 592 608 624 640
656 672 688 704 720 736 752 768 784 800 816 832 848 864 880 896 912 928 944
960 976 992 1008
---
Reading symbols from /boot/kernel/fade_saver.ko...(no debugging symbols
found)...done.
Loaded symbols for /boot/kernel/fade_saver.ko
Reading symbols
from /usr/src/sys/i386/compile/NEO/modules/usr/src/sys/modules/linux/linux.ko.debug...done.
Loaded symbols
for /usr/src/sys/i386/compile/NEO/modules/usr/src/sys/modules/linux/linux.ko.debug
#0 0xc059113b in doadump ()
(kgdb) list *0xc05b4ade
No source file for address 0xc05b4ade.
(kgdb) up 10
#10 0xc0591a0e in panic ()
(kgdb) q
--8<--cut-here--8<--
Some debugging I tried from the gdb instruction page:
1)
root at neo:src/sys/NEO/ > pwd
/usr/obj/usr/src/sys/NEO
root at neo:src/sys/NEO/ > gdb -k kernel.debug /var/crash/vmcore.0
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
/var/crash/vmcore.0: Unknown error: 0.
(kgdb) q
2)
root at neo:src/sys/NEO/ > gdb -k /boot/kernel/kernel /var/crash/vmcore.0
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...(no debugging symbols
found)...
panic: page fault
panic messages:
---
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x1c
fault code = supervisor write, page not present
instruction pointer = 0x8:0xc05889f5
stack pointer = 0x10:0xdf5878ac
frame pointer = 0x10:0xdf5878bc
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 427 (nfsd)
trap number = 12
panic: page fault
cpuid = 0;
syncing disks, buffers remaining... 7068 7068 7065 7064 7064 7064 7064 7064
7064 7064 7064 7064 7064 7064 7064 7064 7064 7064 7064 7064 7064 7064 7064
giving up on 6944 buffers
Uptime: 3m45s
Dumping 1016 MB
16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 256 272 288 304 320 336
352 368 384 400 416 432 448 464 480 496 512 528 544 560 576 592 608 624 640
656 672 688 704 720 736 752 768 784 800 816 832 848 864 880 896 912 928 944
960 976 992 1008
---
Reading symbols from /boot/kernel/fade_saver.ko...(no debugging symbols
found)...done.
Loaded symbols for /boot/kernel/fade_saver.ko
Reading symbols
from /usr/src/sys/i386/compile/NEO/modules/usr/src/sys/modules/linux/linux.ko.debug...done.
Loaded symbols
for /usr/src/sys/i386/compile/NEO/modules/usr/src/sys/modules/linux/linux.ko.debug
#0 0xc059113b in doadump ()
(kgdb) list *0xc05889f5
No source file for address 0xc05889f5.
(kgdb) backtrace
#0 0xc059113b in doadump ()
#1 0xc0591697 in boot ()
#2 0xc0591a0e in panic ()
#3 0xc07437dc in trap_fatal ()
#4 0xc0743482 in trap_pfault ()
#5 0xc07430ad in trap ()
#6 0xc07307c8 in calltrap ()
#7 0xc05e9856 in vput ()
#8 0xc06ac8dc in nfsrv_readdirplus ()
#9 0xc06b1bba in nfssvc_nfsd ()
#10 0xc06b158d in nfssvc ()
#11 0xc0743b20 in syscall ()
#12 0xc073081d in Xint0x80_syscall ()
---Can't read userspace from dump, or kernel process---
(kgdb) up 10
#10 0xc06b158d in nfssvc ()
(kgdb) list
1 {standard input}: No such file or directory.
in {standard input}
(kgdb) q
On March 6, 2004 03:52 am, Kris Kennaway wrote:
> On Tue, Mar 02, 2004 at 11:30:18AM -0800, Edmond Baroud wrote:
> > The following reply was made to PR kern/63649; it has been noted by
> > GNATS.
> >
> > From: Edmond Baroud <neo at admin.fido.ca>
> > To: freebsd-gnats-submit at FreeBSD.org
> > Cc:
> > Subject: Re: kern/63649: nfsd crashes system
> > Date: Tue, 2 Mar 2004 14:28:20 -0500
> >
> > I have rebooted my box to test othet stuff and gived this nfs mount a
> > try and I couldn't reproduce the problem. The only change I can see was
> > in /etc/exports:
> > /cdrom -ro
> > instead of:
> > /cdrom -ro -mapall=nobody
> >
> > If you guys need more info/logs let me know.
>
> Please verify that you do not have stale kernel modules installed, and
> obtain a debugging traceback as described in
>
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kernel
>debug.html
>
> If you're unable to reproduce this, the PR should probably just be closed.
>
> Kris
More information about the freebsd-bugs
mailing list