kern/92440: Kernel fault in knote when getty opens a serial port

Paul Marciano pm940 at yahoo.com
Fri Jan 27 16:40:10 PST 2006 

>Number:         92440
>Category:       kern
>Synopsis:       Kernel fault in knote when getty opens a serial port
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jan 28 00:40:03 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Paul Marciano
>Release:        5.4-RELEASE
>Organization:
>Environment:
FreeBSD  5.4-RELEASE FreeBSD 5.4-RELEASE #15: Thu Jan 26 18:06:53 PST 2006     pm at hazard.none.com:/usr/src/sys/i386/compile/HAZARD  i386

>Description:
My systems all use serial consoles.  Upon logging out of a shell session I observed a kernel fault.  This has been reported before, I believe, but I couldn't find a PR.

(http://adam.kungfoohampster.com/lists/freebsd-stable/msg11259.shtml)

It is imperative that my serial consoles remain reliable.

db> c

Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x1c
fault code              = supervisor write, page not present
instruction pointer     = 0x8:0xc0514443
stack pointer           = 0x10:0xd621e984
frame pointer           = 0x10:0xd621e990
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 308 (getty)
[thread pid 308 tid 30109 ]
Stopped at      knote+0x27:     cmpxchgl        %ecx,0x1c(%edx)
db> tr
Tracing pid 308 tid 30109 td 0xc1cddc00
knote(c1acaa98,0,0,c1cddc00,d621e9c0) at knote+0x27
ttwwakeup(c1acaa00) at ttwwakeup+0xc8
comstart(c1acaa00) at comstart+0x2f5
comparam(c1acaa00,c1acaaa4,c1acaa00,3,0) at comparam+0x253
sioopen(c0784878,3,2000,c1cddc00,c0775060) at sioopen+0x1df
spec_open(d621ea80,d621eb3c,c058baa5,d621ea80,180) at spec_open+0x2b6
spec_vnoperate(d621ea80) at spec_vnoperate+0x13
vn_open_cred(d621ebe4,d621ece4,c08,c193dd80,0) at vn_open_cred+0x419
vn_open(d621ebe4,d621ece4,c08,0,c066b40f) at vn_open+0x1e
kern_open(c1cddc00,804f8e0,0,3,bfbfee18) at kern_open+0xe7
open(c1cddc00,d621ed14,3,0,292) at open+0x18
syscall(2f,2f,2f,804f8e0,0) at syscall+0x2ab
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (5, FreeBSD ELF32, open), eip = 0x280d26bb, esp = 0xbfbfedec, ebp 
= 0xbfbfee18 ---
db> ps
  pid   proc     uid  ppid  pgrp  flag   stat  wmesg    wchan  cmd
  308 c1d84388    0     1     1 0004000 [CPU 0] getty
   63 c1bd4000    0     0     0 0000204 [SLPQ - 0xd5047d18][SLP] schedcpu
   62 c1bd41c4    0     0     0 0000204 [SLPQ - 0xc0793e2c][SLP] nfsiod 3
   61 c1bd4388    0     0     0 0000204 [SLPQ - 0xc0793e28][SLP] nfsiod 2
   60 c1a081c4    0     0     0 0000204 [SLPQ - 0xc0793e24][SLP] nfsiod 1
   59 c1a08388    0     0     0 0000204 [SLPQ - 0xc0793e20][SLP] nfsiod 0
   58 c1a0854c    0     0     0 0000204 [SLPQ syncer 0xc078794c][SLP] syncer
   57 c1a08710    0     0     0 0000204 [SLPQ vlruwt 0xc1a08710][SLP] vnlru
   56 c1a088d4    0     0     0 0000204 [SLPQ psleep 0xc078b78c][SLP] bufdaemon
   55 c1a08a98    0     0     0 0000204 [RUNQ] idlepoll
   54 c1a08c5c    0     0     0 000020c [SLPQ pgzero 0xc079a794][SLP] pagezero
   53 c1a08e20    0     0     0 0000204 [SLPQ psleep 0xc079a7e8][SLP] vmdaemon
   52 c1a49000    0     0     0 0000204 [SLPQ psleep 0xc079a7a4][SLP] 
pagedaemon
   51 c1a491c4    0     0     0 0000204 [IWAIT] swi0: sio
   50 c1a49388    0     0     0 0000204 [SLPQ usbevt 0xc19fba10][SLP] usb4
   49 c1a4954c    0     0     0 0000204 [SLPQ usbevt 0xc1a4c210][SLP] usb3
   48 c1a49710    0     0     0 0000204 [SLPQ usbevt 0xc1a42210][SLP] usb2
   47 c1a498d4    0     0     0 0000204 [SLPQ usbevt 0xc1a3b210][SLP] usb1
   46 c1999a98    0     0     0 0000204 [SLPQ usbtsk 0xc077f910][SLP] usbtask
   45 c1999c5c    0     0     0 0000204 [SLPQ usbevt 0xc1a11210][SLP] usb0
    9 c1999e20    0     0     0 0000204 [SLPQ actask 0xc0890bec][SLP] 
acpi_task2
    8 c1a03000    0     0     0 0000204 [SLPQ actask 0xc0890bec][SLP] 
acpi_task1
    7 c1a031c4    0     0     0 0000204 [SLPQ actask 0xc0890bec][SLP] 
acpi_task0
    6 c1a03388    0     0     0 0000204 [SLPQ - 0xc19eaac0][SLP] thread taskq
   44 c1a0354c    0     0     0 0000204 [IWAIT] swi6:+
   43 c1a03710    0     0     0 0000204 [IWAIT] swi6: acpitaskq
   42 c1a038d4    0     0     0 0000204 [IWAIT] swi6: task queue
    5 c1a03a98    0     0     0 0000204 [SLPQ - 0xc19eac80][SLP] kqueue taskq
   41 c1a03c5c    0     0     0 0000204 [IWAIT] swi3: cambio
   40 c1a03e20    0     0     0 0000204 [IWAIT] swi2: camnet
   39 c1a08000    0     0     0 0000204 [IWAIT] swi6:+
   38 c198954c    0     0     0 0000204 [SLPQ - 0xc077f200][SLP] yarrow
    4 c1989710    0     0     0 0000204 [SLPQ - 0xc0781dc8][SLP] g_down
    3 c19898d4    0     0     0 0000204 [SLPQ - 0xc0781dc4][SLP] g_up
    2 c1989a98    0     0     0 0000204 [SLPQ - 0xc0781dbc][SLP] g_event
   37 c1989c5c    0     0     0 0000204 [IWAIT] swi4: vm
   36 c1989e20    0     0     0 000020c [RUNQ] swi5: clock sio
   35 c1999000    0     0     0 0000204 [RUNQ] swi1: net
   34 c19991c4    0     0     0 0000204 [IWAIT] irq0: clk
   33 c1999388    0     0     0 0000204 [IWAIT] irq23: uhci0 ehci0
   32 c199954c    0     0     0 0000204 [IWAIT] irq22:
   31 c1999710    0     0     0 0000204 [IWAIT] irq21:
   30 c19998d4    0     0     0 0000204 [IWAIT] irq20: ste0
   29 c19471c4    0     0     0 0000204 [IWAIT] irq19: ste1 uhci1
   28 c1947388    0     0     0 0000204 [IWAIT] irq18: ste2 uhci2
   27 c194754c    0     0     0 0000204 [IWAIT] irq17:
   26 c1947710    0     0     0 0000204 [IWAIT] irq16: ste3 uhci3
   25 c19478d4    0     0     0 0000204 [IWAIT] irq15: ata1
   24 c1947a98    0     0     0 0000204 [IWAIT] irq14: ata0
   23 c1947c5c    0     0     0 0000204 [IWAIT] irq13:
   22 c1947e20    0     0     0 0000204 [IWAIT] irq12: psm0
   21 c1989000    0     0     0 0000204 [IWAIT] irq11:
   20 c19891c4    0     0     0 0000204 [IWAIT] irq10:
   19 c1989388    0     0     0 0000204 [IWAIT] irq9: acpi0
   18 c193f000    0     0     0 0000204 [IWAIT] irq8: rtc
   17 c193f1c4    0     0     0 0000204 [IWAIT] irq7: ppc0
   16 c193f388    0     0     0 0000204 [IWAIT] irq6:
   15 c193f54c    0     0     0 0000204 [IWAIT] irq5:
   14 c193f710    0     0     0 0000204 [IWAIT] irq4: sio0
   13 c193f8d4    0     0     0 0000204 [IWAIT] irq3: sio1
   12 c193fa98    0     0     0 0000204 [IWAIT] irq1: atkbd0
   11 c193fc5c    0     0     0 000020c [Can run] idle
    1 c193fe20    0     0     1 0004200 [SLPQ wait 0xc193fe20][SLP] init
   10 c1947000    0     0     0 0000204 [SLPQ ktrace 0xc0785b78][SLP] ktrace
    0 c0781ec0    0     0     0 0000200 [SLPQ sched 0xc0781ec0][SLP] swapper
db>
db> thread
[thread pid 308 tid 30109 ]
knote+0x27:     cmpxchgl        %ecx,0x1c(%edx)

db> show registers
cs                 0x8
ds                0x10
es          0xc1bf0010
fs          0xc1cd0018
ss                0x10
eax                0x4
ecx         0xc1cddc00
edx                  0
ebx         0xc1acaa00
esp         0xd621e984
ebp         0xd621e990
esi         0xc1a76800
edi         0xc1acaa00
eip         0xc0514443  knote+0x27
efl            0x10246
dr0                  0
dr1                  0
dr2                  0
dr3                  0
dr4         0xffff0ff0
dr5              0x400
dr6         0xffff0ff0
dr7              0x400
knote+0x27:     cmpxchgl        %ecx,0x1c(%edx)
db>
>How-To-Repeat:

Unknown.

>Fix:

None.

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list