Kernel dump crash

Glenn Camilleri glenncam at gmail.com
Tue Mar 16 12:41:02 UTC 2010


Hi,



I have some processes and programs that are custom made to run on FreeBSD. I
suspect some poor implementation of tcp in these programs, but don’t have
the real proof.



This is the info I got from the crash dump:



root at scat /usr/obj/usr/src/sys/SMP # uname -a

FreeBSD scat.setcom 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30
UTC 2007     root at dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/SMP  i386





root at scat /usr/obj/usr/src/sys/SMP # kgdb kernel.debug /home/dump/vmcore.0

[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so:
Undefined symbol "ps_pglobal_lookup"]

GNU gdb 6.1.1 [FreeBSD]

Copyright 2004 Free Software Foundation, Inc.

GDB is free software, covered by the GNU General Public License, and you are

welcome to change it and/or distribute copies of it under certain
conditions.

Type "show copying" to see the conditions.

There is absolutely no warranty for GDB.  Type "show warranty" for details.

This GDB was configured as "i386-marcel-freebsd".



Unread portion of the kernel message buffer:





Fatal trap 12: page fault while in kernel mode

cpuid = 0; apic id = 00

fault virtual address   = 0x8

fault code              = supervisor read, page not present

instruction pointer     = 0x20:0xc06e0d3c

stack pointer           = 0x28:0xe3832910

frame pointer           = 0x28:0xe3832a2c

code segment            = base 0x0, limit 0xfffff, type 0x1b

                        = DPL 0, pres 1, def32 1, gran 1

processor eflags        = interrupt enabled, resume, IOPL = 0

current process         = 12 (swi1: net)

trap number             = 12

panic: page fault

cpuid = 0

Uptime: 6h41m17s

Dumping 1014 MB (2 chunks)

  chunk 0: 1MB (159 pages) ... ok

  chunk 1: 1014MB (259552 pages) 998 982 966 950 934 918 902 886 870 854 838
822 806 790 774 758 742 726 710 694 678 662 646 630 614 598 582 566 550 534
518 502 486 470 454 438 422 406 390 374 358 342 326 310 294 278 262 246 230
214 198 182 166 150 134 118 102 86 70 54 38 22 6



#0  doadump () at pcpu.h:165

165             __asm __volatile("movl %%fs:0,%0" : "=r" (td));

(kgdb) where

#0  doadump () at pcpu.h:165

#1  0xc067550a in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409

#2  0xc0675831 in panic (fmt=0xc08e46e1 "%s") at
/usr/src/sys/kern/kern_shutdown.c:565

#3  0xc088e29c in trap_fatal (frame=0xe38328d0, eva=8) at
/usr/src/sys/i386/i386/trap.c:837

#4  0xc088dfdb in trap_pfault (frame=0xe38328d0, usermode=0, eva=8) at
/usr/src/sys/i386/i386/trap.c:745

#5  0xc088dc15 in trap (frame=

      {tf_fs = -969277432, tf_es = -1066532824, tf_ds = -969277400, tf_edi =
0, tf_esi = -975366656, tf_ebp = -477943252, tf_isp = -477943556, tf_ebx =
4, tf_edx = -975366656, tf_ecx = -975366572, tf_eax = 0, tf_trapno = 12,
tf_err = 0, tf_eip = -1066529476, tf_cs = 32, tf_eflags = 66178, tf_esp = 0,
tf_ss = 4})

    at /usr/src/sys/i386/i386/trap.c:435

#6  0xc0879d4a in calltrap () at /usr/src/sys/i386/i386/exception.s:139

#7  0xc06e0d3c in bpf_mtap2 (bp=0x0, data=0x0, dlen=4, m=0xc5dd1600) at
/usr/src/sys/net/bpf.c:1374

#8  0xc06e95bb in if_simloop (ifp=0xc51b3800, m=0xc5dd1600, af=2, hlen=0) at
/usr/src/sys/net/if_loop.c:284

#9  0xc06e954c in looutput (ifp=0xc51b3800, m=0xc5dd1600, dst=0xe3832aac,
rt=0xc5440c60) at /usr/src/sys/net/if_loop.c:234

#10 0xc0717a34 in ip_output (m=0xc5dd1600, opt=0xc51b3800, ro=0xe3832aa8,
flags=0, imo=0x0, inp=0xc61e85a0) at /usr/src/sys/netinet/ip_output.c:777

#11 0xc0720c0e in tcp_output (tp=0xc63871d0) at
/usr/src/sys/netinet/tcp_output.c:1080

#12 0xc071eeed in tcp_input (m=0xc63ae100, off0=20) at
/usr/src/sys/netinet/tcp_input.c:2471

#13 0xc0715a89 in ip_input (m=0xc63ae100) at
/usr/src/sys/netinet/ip_input.c:785

#14 0xc06ef243 in netisr_processqueue (ni=0xc09e6878) at
/usr/src/sys/net/netisr.c:236

#15 0xc06ef442 in swi_net (dummy=0x0) at /usr/src/sys/net/netisr.c:349

#16 0xc065fe99 in ithread_execute_handlers (p=0xc4ed0860, ie=0xc4f25600) at
/usr/src/sys/kern/kern_intr.c:682

#17 0xc065ffa9 in ithread_loop (arg=0xc4f11140) at
/usr/src/sys/kern/kern_intr.c:765

#18 0xc065ec4d in fork_exit (callout=0xc065ff54 <ithread_loop>,
arg=0xc4f11140, frame=0xe3832d38) at /usr/src/sys/kern/kern_fork.c:821

#19 0xc0879dac in fork_trampoline () at
/usr/src/sys/i386/i386/exception.s:208

(kgdb)





Can you kindly advise ?



BR,

Glenn Camilleri

-- 
Best Regards,
Glenn Camilleri


More information about the freebsd-hackers mailing list