kern/56667: kernel panic after executing cdrecord on -CURRENT
Mário Freitas
sub_0 at netcabo.pt
Tue Sep 9 21:00:36 PDT 2003
>Number: 56667
>Category: kern
>Synopsis: kernel panic after executing cdrecord on -CURRENT
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Sep 09 21:00:33 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Mário Freitas
>Release: FreeBSD 5.1-CURRENT i386
>Organization:
>Environment:
System: FreeBSD suzy.unbreakable.homeunix.org 5.1-CURRENT FreeBSD 5.1-CURRENT #0: Tue Sep 9 23:39:24 WEST 2003 sub_0 at suzy.unbreakable.homeunix.org:/usr/obj/usr/src/sys/SUZY i386
>Description:
This is _very_ similar to kern/56380.
After trying to burn a cd with "cdrecord speed=4 dev=0,1,0 image.raw" the
kernel panicks.
I also couldn't get a crash dump, after typing "panic" in ddb the computer
stoped responding(I tried many times without success) so I _hope_ the values
below are not wrong:
panic: vm_fault_copy_wired: page missing
Debugger("panic")
Stopped at Debugger+0x45: xchgl %ebx,in_Debugger.0
db> trace
Debugger(c03188c6) at Debugger+0x45
panic(c0326d7b,280bf000,7000000,0,0) at panic+0xbb
vm_fault_copy_entry(c29cea00,c29ce700,c2afea8c,c2b03b40) at vm_fault_copy_entry+0xf8
vm_map_copy_entry(c29ce700,c29cea00,c2b03b40,c2afea8c,c29cea00,c2afebb8,c2afea8c,c29cea00) at vm_map_copy_entry+0x181
vmspace_fork(c29ce700,c2a0ebc4,c2a0eb58,c2a0e974,ceb15ccc) at vmspace_fork+0x210
vm_forkproc(c2a09850,c2a0eb58,c2a09720,14,c2a0ebc4,0,c0316d36,288,c0389ec0,c0316d36,284) at vm_forkproc+0xa7
fork1(c2a09850,14,0,ceb15ce4,ceb15d40) at fork1+0xaff
fork(c2a09850,ceb15d14,0,2,246) at fork+0x18
syscall(2f,2f,2f,1000,10000) at syscall+0x1e7
Xint0x80_syscall() at Xint0x80_syscall+0x1d
--- syscall (2, FreeBSD ELF32, fork), eip = 0x28107283, esp = 0xbfbfd70c, ebp = 0xbfbfd738 ---
db> show object
Object 0xc02d4969: type=250, size=0xe66ce2e850046a00, res=-92183040, ref=28839108, flags=0x1b74
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0xf75c4e3
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc02ad4bd
stack pointer = 0x10:0xceb159e4
frame pointer = 0x10:0xceb159f8
code segment = base 0x0, limit 0xffffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = resume, IOPL = 0
current process = 671 (cdrecord)
kernel: type 12 trap, code=0
Stopped at Debugger+0x45: xchgl %ebx,in_Debugger.0
db> show reg
cs 0x8
ds 0x10
es 0xc01f0010
fs 0xce1e0018
ss 0x10
eax 0x12
ecx 0x1
edx 0
ebx 0
esp 0xce1efb8c
ebp 0xce1efb90
esi 0xc0326d7b
edi 0x1
eip 0xc02d4969 Debugger+0x45
efl 0x282
dr0 0
dr1 0
dr2 0
dr3 0
dr4 0xffff4ff0
dr5 0x400
dr6 0xffff4ff0
dr7 0x400
Debugger+0x45: xchgl %ebx,in_Debugger.0
I also executed:
objdump -D kernel.debug | grep -B 50 -A 50 c02ad4bd
c02ad435: e8 de 02 e9 ff call c013d718 <db_printf>
c02ad43a: 83 c4 08 add $0x8,%esp
c02ad43d: 8d 76 00 lea 0x0(%esi),%esi
c02ad440: 53 push %ebx
c02ad441: e8 0e ff ff ff call c02ad354 <vm_object_in_map>
c02ad446: 83 c4 04 add $0x4,%esp
c02ad449: 85 c0 test %eax,%eax
c02ad44b: 75 1b jne c02ad468 <vm_object_check+0x60>
c02ad44d: ff 73 74 pushl 0x74(%ebx)
c02ad450: ff 73 54 pushl 0x54(%ebx)
c02ad453: ff 73 54 pushl 0x54(%ebx)
c02ad456: ff 73 60 pushl 0x60(%ebx)
c02ad459: 68 9e 79 32 c0 push $0xc032799e
c02ad45e: e8 b5 02 e9 ff call c013d718 <db_printf>
c02ad463: 83 c4 14 add $0x14,%esp
c02ad466: 89 f6 mov %esi,%esi
c02ad468: 8b 5b 34 mov 0x34(%ebx),%ebx
c02ad46b: 85 db test %ebx,%ebx
c02ad46d: 75 a9 jne c02ad418 <vm_object_check+0x10>
c02ad46f: 8b 5d fc mov 0xfffffffc(%ebp),%ebx
c02ad472: c9 leave
c02ad473: c3 ret
c02ad474 <vm_object_print_static>:
c02ad474: 55 push %ebp
c02ad475: 89 e5 mov %esp,%ebp
c02ad477: 56 push %esi
c02ad478: 53 push %ebx
c02ad479: 8b 5d 08 mov 0x8(%ebp),%ebx
c02ad47c: 8b 75 0c mov 0xc(%ebp),%esi
c02ad47f: 85 db test %ebx,%ebx
c02ad481: 0f 84 f1 00 00 00 je c02ad578 <vm_object_print_static+0x104>
c02ad487: 0f b7 43 6a movzwl 0x6a(%ebx),%eax
c02ad48b: 50 push %eax
c02ad48c: ff 73 60 pushl 0x60(%ebx)
c02ad48f: ff 73 70 pushl 0x70(%ebx)
c02ad492: ff 73 58 pushl 0x58(%ebx)
c02ad495: ff 73 54 pushl 0x54(%ebx)
c02ad498: 0f b6 43 68 movzbl 0x68(%ebx),%eax
c02ad49c: 50 push %eax
c02ad49d: 53 push %ebx
c02ad49e: 68 f3 79 32 c0 push $0xc03279f3
c02ad4a3: e8 90 02 e9 ff call c013d738 <db_iprintf>
c02ad4a8: 83 c4 20 add $0x20,%esp
c02ad4ab: ff 73 7c pushl 0x7c(%ebx)
c02ad4ae: ff 73 78 pushl 0x78(%ebx)
c02ad4b1: ff 73 74 pushl 0x74(%ebx)
c02ad4b4: 83 7b 74 00 cmpl $0x0,0x74(%ebx)
c02ad4b8: 74 0a je c02ad4c4 <vm_object_print_static+0x50>
c02ad4ba: 8b 43 74 mov 0x74(%ebx),%eax
c02ad4bd: 8b 40 60 mov 0x60(%eax),%eax
c02ad4c0: eb 07 jmp c02ad4c9 <vm_object_print_static+0x55>
c02ad4c2: 89 f6 mov %esi,%esi
c02ad4c4: b8 00 00 00 00 mov $0x0,%eax
c02ad4c9: 50 push %eax
c02ad4ca: ff 73 64 pushl 0x64(%ebx)
c02ad4cd: 68 2f 7a 32 c0 push $0xc0327a2f
c02ad4d2: e8 61 02 e9 ff call c013d738 <db_iprintf>
c02ad4d7: 83 c4 18 add $0x18,%esp
c02ad4da: 85 f6 test %esi,%esi
c02ad4dc: 0f 84 96 00 00 00 je c02ad578 <vm_object_print_static+0x104>
c02ad4e2: 83 05 b0 4f 37 c0 02 addl $0x2,0xc0374fb0
c02ad4e9: be 00 00 00 00 mov $0x0,%esi
c02ad4ee: 8b 5b 48 mov 0x48(%ebx),%ebx
c02ad4f1: 85 db test %ebx,%ebx
c02ad4f3: 74 69 je c02ad55e <vm_object_print_static+0xea>
c02ad4f5: 8d 76 00 lea 0x0(%esi),%esi
c02ad4f8: 85 f6 test %esi,%esi
c02ad4fa: 75 0c jne c02ad508 <vm_object_print_static+0x94>
c02ad4fc: 68 58 7a 32 c0 push $0xc0327a58
c02ad501: e8 32 02 e9 ff call c013d738 <db_iprintf>
c02ad506: eb 2e jmp c02ad536 <vm_object_print_static+0xc2>
c02ad508: 83 fe 06 cmp $0x6,%esi
c02ad50b: 75 1f jne c02ad52c <vm_object_print_static+0xb8>
c02ad50d: 68 fc 39 30 c0 push $0xc03039fc
c02ad512: e8 01 02 e9 ff call c013d718 <db_printf>
c02ad517: 68 61 7a 32 c0 push $0xc0327a61
c02ad51c: e8 17 02 e9 ff call c013d738 <db_iprintf>
c02ad521: be 00 00 00 00 mov $0x0,%esi
c02ad526: 83 c4 08 add $0x8,%esp
c02ad529: eb 0e jmp c02ad539 <vm_object_print_static+0xc5>
c02ad52b: 90 nop
c02ad52c: 68 de d6 31 c0 push $0xc031d6de
c02ad531: e8 e2 01 e9 ff call c013d718 <db_printf>
c02ad536: 83 c4 04 add $0x4,%esp
c02ad539: 46 inc %esi
c02ad53a: 8b 43 24 mov 0x24(%ebx),%eax
c02ad53d: ba 00 00 00 00 mov $0x0,%edx
c02ad542: 52 push %edx
c02ad543: 50 push %eax
c02ad544: ff 73 20 pushl 0x20(%ebx)
c02ad547: ff 73 1c pushl 0x1c(%ebx)
c02ad54a: 68 66 7a 32 c0 push $0xc0327a66
c02ad54f: e8 c4 01 e9 ff call c013d718 <db_printf>
c02ad554: 83 c4 14 add $0x14,%esp
c02ad557: 8b 5b 08 mov 0x8(%ebx),%ebx
c02ad55a: 85 db test %ebx,%ebx
c02ad55c: 75 9a jne c02ad4f8 <vm_object_print_static+0x84>
c02ad55e: 85 f6 test %esi,%esi
c02ad560: 74 0e je c02ad570 <vm_object_print_static+0xfc>
c02ad562: 68 fc 39 30 c0 push $0xc03039fc
>How-To-Repeat:
Simply try to burn a cd with cdrecord on -CURRENT
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list