kern/96657: Panic : FreeBSD 5.3-RELEASE-p5

Kouji Ito kouji at cty-net.ne.jp
Tue May 2 12:40:40 UTC 2006 

>Number:         96657
>Category:       kern
>Synopsis:       Panic : FreeBSD 5.3-RELEASE-p5
>Confidential:   no
>Severity:       critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue May 02 12:40:13 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Kouji Ito
>Release:        FreeBSD 5.3-RELEASE-p5
>Organization:
>Environment:
FreeBSD 5.3-RELEASE-p5 SMP kernel
Intel Xeon 2.8Ghz x 2
Mem 2GB

>Description:
The problem that is already revised please teach a revised source code.
Which version will be good if I update a version of a kernel?
5.3-RELEASE-p29 or 5.5-PRERELEASE.
Thank you.

#0  doadump () at pcpu.h:159
#1  0xc060d61f in boot (howto=260) at ../../../kern/kern_shutdown.c:397
#2  0xc060d975 in panic (fmt=0xc08023df "%s") at ../../../kern/kern_shutdown.c:553
#3  0xc07bb018 in trap_fatal (frame=0xe59aabc0, eva=8) at ../../../i386/i386/trap.c:809
#4  0xc07ba715 in trap (frame=
      {tf_fs = -1009319912, tf_es = 32899088, tf_ds = -239796208, tf_edi = -1064472272, tf_esi = -1003314816, tf_ebp = -442848244, tf_isp = -442848276, tf_ebx = -1009257696, tf_edx = 0, tf_ecx = -1064454104, tf_eax = -997162656, tf_trapno = 12, tf_err = 2, tf_eip = -1067277058, tf_cs = 8, tf_eflags = 65666, tf_esp = 0, tf_ss = -1009257696}) at ../../../i386/i386/trap.c:247
#5  0xc07a8bca in calltrap () at ../../../i386/i386/exception.s:140
#6  0xc3d70018 in ?? ()
#7  0x01f60010 in ?? ()
#8  0xf1b50010 in ?? ()
#9  0xc08d7130 in proctree_lock ()
#10 0xc432a180 in ?? ()
#11 0xe59aac0c in ?? ()
#12 0xe59aabec in ?? ()
#13 0xc3d7f320 in ?? ()
#14 0x00000000 in ?? ()
#15 0xc08db828 in sleepq_chains ()
#16 0xc4908160 in ?? ()
#17 0x0000000c in ?? ()
#18 0x00000002 in ?? ()
#19 0xc062a4fe in sleepq_add (sq=0xc432a180, wchan=0xc08d7130, lock=0xc08d633c, wmesg=0x0, flags=1)
    at ../../../kern/subr_sleepqueue.c:294
#20 0xc05e8fab in cv_wait (cvp=0xc08d7130, mp=0xc08d633c) at ../../../kern/kern_condvar.c:127
#21 0xc0613814 in _sx_xlock (sx=0xc08d7100, file=0x0, line=0) at ../../../kern/kern_sx.c:175
#22 0xc05f6569 in kern_wait (td=0xc3d7f320, pid=-1, status=0xe59aac94, options=0, rusage=0xe59aac98)
    at ../../../kern/kern_exit.c:583
#23 0xc05f646b in wait4 (td=0xc3d7f320, uap=0xe59aad14) at ../../../kern/kern_exit.c:558
#24 0xc07bb32b in syscall (frame=
      {tf_fs = -1078001617, tf_es = -1078001617, tf_ds = -1078001617, tf_edi = -1077940476, tf_esi = -1077940488, tf_ebp = -1077940760, tf_isp = -442847884, tf_ebx = 0, tf_edx = 0, tf_ecx = 3, tf_eax = 7, tf_trapno = 3841, tf_err = 2, tf_eip = 134553095, tf_cs = 31, tf_eflags = 642, tf_esp = -1077940788, tf_ss = 47})
    at ../../../i386/i386/trap.c:1001
#25 0xc07a8c1f in Xint0x80_syscall () at ../../../i386/i386/exception.s:201
#26 0xbfbf002f in ?? ()
#27 0xbfbf002f in ?? ()
#28 0xbfbf002f in ?? ()
#29 0xbfbfef04 in ?? ()
#30 0xbfbfeef8 in ?? ()
#31 0xbfbfede8 in ?? ()
#32 0xe59aad74 in ?? ()
#33 0x00000000 in ?? ()
#34 0x00000000 in ?? ()
#35 0x00000003 in ?? ()
#36 0x00000007 in ?? ()
#37 0x00000f01 in ?? ()
#38 0x00000002 in ?? ()
#39 0x08051e07 in ?? ()
#40 0x0000001f in ?? ()
#41 0x00000282 in ?? ()
#42 0xbfbfedcc in ?? ()
#43 0x0000002f in ?? ()
#44 0x00000000 in ?? ()
#45 0x00000000 in ?? ()
#46 0x00000000 in ?? ()
#47 0x00000000 in ?? ()
#48 0x9cecd000 in ?? ()
#49 0xc3d7ee20 in ?? ()
#50 0xc3d7f320 in ?? ()
#51 0xe59aab90 in ?? ()
#52 0xe59aab78 in ?? ()
#53 0xc3d7f4b0 in ?? ()
#54 0xc061dc57 in sched_switch (td=0xbfbfeef8, newtd=0x0, flags=Cannot access memory at address 0xbfbfedf8
) at ../../../kern/sched_4bsd.c:865
Previous frame inner to this frame (corrupt stack?)

(kgdb) fr 19
#19 0xc062a4fe in sleepq_add (sq=0xc432a180, wchan=0xc08d7130, lock=0xc08d633c, wmesg=0x0, flags=1)
    at ../../../kern/subr_sleepqueue.c:294
294                     LIST_INSERT_HEAD(&sq->sq_free, td->td_sleepqueue, sq_hash);
(kgdb) print *td
$1 = {td_proc = 0xc3d7ee20, td_ksegrp = 0xc3d86bd0, td_plist = {tqe_next = 0x0, tqe_prev = 0xc3d7ee30},
  td_kglist = {tqe_next = 0x0, tqe_prev = 0xc3d86bdc}, td_slpq = {tqe_next = 0xc3e65320,
    tqe_prev = 0xc432a180}, td_lockq = {tqe_next = 0x0, tqe_prev = 0x0}, td_runq = {tqe_next = 0x0,
    tqe_prev = 0x0}, td_selq = {tqh_first = 0x0, tqh_last = 0x0}, td_sleepqueue = 0x0,
  td_turnstile = 0xc3d84180, td_tid = 100002, td_flags = 16842754, td_inhibitors = 0, td_pflags = 0,
  td_dupfd = 0, td_wchan = 0xc08d7130, td_wmesg = 0xc081d6e1 "proctree", td_lastcpu = 3 '\003',
  td_oncpu = 2 '\002', td_locks = 0, td_blocked = 0x0, td_ithd = 0x0, td_lockname = 0x0, td_contested = {
    lh_first = 0x0}, td_sleeplocks = 0x0, td_intr_nesting_level = 0, td_pinned = 0, td_mailbox = 0x0,
  td_ucred = 0xc3d7c480, td_standin = 0x0, td_prticks = 0, td_upcall = 0x0, td_sticks = 35622,
  td_uuticks = 0, td_usticks = 0, td_intrval = 0, td_oldsigmask = {__bits = {0, 0, 0, 0}}, td_sigmask = {
    __bits = {2658963540, 4294967295, 4294967295, 4294967295}}, td_siglist = {__bits = {0, 0, 0, 0}},
  td_waitset = 0x0, td_umtx = {tqe_next = 0x0, tqe_prev = 0x0}, td_generation = 4501037, td_sigstk = {
    ss_sp = 0x0, ss_size = 0, ss_flags = 4}, td_kflags = 0, td_xsig = 0, td_profil_addr = 0,
  td_profil_ticks = 0, td_base_pri = 92 '\\', td_priority = 92 '\\', td_pcb = 0xe59aada0,
  td_state = TDS_RUNNING, td_retval = {0, 0}, td_slpcallout = {c_links = {sle = {sle_next = 0x0}, tqe = {
        tqe_next = 0x0, tqe_prev = 0xd7db9f80}}, c_time = 1804, c_arg = 0xc3d7f320, c_func = 0,
    c_flags = 8}, td_frame = 0xe59aad48, td_kstack_obj = 0xc103bd68, td_kstack = 3852111872,
  td_kstack_pages = 2, td_altkstack_obj = 0x0, td_altkstack = 0, td_altkstack_pages = 0, td_critnest = 2,
  td_md = {md_savecrit = 582}, td_sched = 0xc3d7f474}
(kgdb) print *td->td_proc
$2 = {p_list = {le_next = 0xc3d88000, le_prev = 0xc3d7ec5c}, p_ksegrps = {tqh_first = 0xc3d86bd0,
    tqh_last = 0xc3d86bd4}, p_threads = {tqh_first = 0xc3d7f320, tqh_last = 0xc3d7f328}, p_suspended = {
    tqh_first = 0x0, tqh_last = 0xc3d7ee38}, p_ucred = 0xc3d7c480, p_fd = 0xc3d7b200, p_fdtol = 0x0,
  p_stats = 0xe59e5000, p_limit = 0xc3d7b400, p_upages_obj = 0xc103b084, p_sigacts = 0xc3d8e000,
  p_flag = 16896, p_sflag = 1, p_state = PRS_NORMAL, p_pid = 1, p_hash = {le_next = 0x0,
    le_prev = 0xc52273d4}, p_pglist = {le_next = 0x0, le_prev = 0xc4341748}, p_pptr = 0xc08d1f40,
  p_sibling = {le_next = 0xc3d88000, le_prev = 0xc3d7ecbc}, p_children = {lh_first = 0xc5227388}, p_mtx = {
    mtx_object = {lo_class = 0xc087321c, lo_name = 0xc081d5f5 "process lock",
      lo_type = 0xc081d5f5 "process lock", lo_flags = 4390912, lo_list = {tqe_next = 0x0, tqe_prev = 0x0},
      lo_witness = 0x0}, mtx_lock = 4, mtx_recurse = 0}, p_oppid = 0, p_vmspace = 0xc3d90000,
  p_swtime = 32936782, p_realtimer = {it_interval = {tv_sec = 0, tv_usec = 0}, it_value = {tv_sec = 0,
      tv_usec = 0}}, p_runtime = {sec = 340, frac = 8148196458464447526}, p_uu = 24177737,
  p_su = 273887461, p_iu = 1, p_uticks = 3147, p_sticks = 35622, p_iticks = 0, p_profthreads = 0,
  p_maxthrwaits = 0, p_traceflag = 0, p_tracevp = 0x0, p_tracecred = 0x0, p_textvp = 0xc4396108,
  p_siglist = {__bits = {0, 0, 0, 0}}, p_lock = 0 '\0', p_sigiolst = {slh_first = 0x0}, p_sigparent = 20,
  p_sig = 0, p_code = 0, p_stops = 0, p_stype = 0, p_step = 0 '\0', p_pfsflags = 0 '\0', p_nlminfo = 0x0,
  p_aioinfo = 0x0, p_singlethread = 0x0, p_suspcount = 0, p_xthread = 0x0, p_boundary_count = 0,
  p_magic = 3203398350, p_comm = "init\000er", '\0' <repeats 12 times>, p_pgrp = 0xc4341740,
  p_sysent = 0xc08b34a0, p_args = 0xc432d460, p_cpulimit = 9223372036854775807, p_nice = 0 '\0',
  p_xstat = 0, p_klist = {kl_lock = 0xc3d7ee8c, kl_list = {slh_first = 0x0}}, p_numthreads = 1,
  p_numksegrps = 1, p_md = {md_ldt = 0xc432d440}, p_itcallout = {c_links = {sle = {sle_next = 0x0}, tqe = {
        tqe_next = 0x0, tqe_prev = 0x0}}, c_time = 0, c_arg = 0x0, c_func = 0, c_flags = 8},
  p_uarea = 0xe59e5000, p_acflag = 0, p_ru = 0x0, p_peers = 0x0, p_leader = 0xc3d7ee20, p_emuldata = 0x0,
  p_label = 0x0, p_sched = 0xc3d7efe4}
(kgdb) print td->td_sleepqueue
$3 = (struct sleepqueue *) 0x0
(kgdb) fr 4
#4  0xc07ba715 in trap (frame=
      {tf_fs = -1009319912, tf_es = 32899088, tf_ds = -239796208, tf_edi = -1064472272, tf_esi = -1003314816, tf_ebp = -442848244, tf_isp = -442848276, tf_ebx = -1009257696, tf_edx = 0, tf_ecx = -1064454104, tf_eax = -997162656, tf_trapno = 12, tf_err = 2, tf_eip = -1067277058, tf_cs = 8, tf_eflags = 65666, tf_esp = 0, tf_ss = -1009257696}) at ../../../i386/i386/trap.c:247
247                             trap_fatal(&frame, eva);
(kgdb) list
242                      */
243                     eva = rcr2();
244                     if (td->td_critnest == 0)
245                             enable_intr();
246                     else
247                             trap_fatal(&frame, eva);
248             }
249
250     #ifdef  DEVICE_POLLING
251             if (poll_in_trap)
(kgdb) print td->td_critnest
$4 = 2

>How-To-Repeat:
I dont know.
>Fix:
I dont know.
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list