kern/117150: USB zyd device under moderate load panics system

"John Merryweather Cooper" <John Merryweather Cooper john_m_cooper at
Sat Oct 13 01:40:02 PDT 2007

>Number:         117150
>Category:       kern
>Synopsis:       USB zyd device under moderate load panics system
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Oct 13 08:40:01 UTC 2007
>Originator:     John Merryweather Cooper
>Release:        FreeBSD 7.0-PRERELEASE amd64

System: FreeBSD 7.0-PRERELEASE #13: Fri Oct 12 02:08:13 PDT 2007
    root at


USB zyd device triggers core dumps reliably (every time) under moderate load.  See below for details.


1) plug in USB zyd device;
2) run moderate traffice through it (# cd /usr/src && make update)

borgdemon3# kgdb kernel.debug /var/crash/vmcore.0
[GDB will not be able to debug user-mode threads: /usr/lib/ Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd".
Cannot access memory at address 0x1030000

Unread portion of the kernel message buffer:

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address   = 0x2734
fault code              = supervisor write data, page not present
instruction pointer     = 0x8:0xffffffff808a84fa
stack pointer           = 0x10:0xffffffffab8dfaf0
frame pointer           = 0x10:0xffffffffab8dfb30
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 23 (irq22: ohci0 ehci0)
trap number             = 12
panic: page fault
cpuid = 1
Uptime: 33m34s
Physical memory: 1973 MB
Dumping 138 MB: 123 107 91 75 59 43 27 11

#0  doadump () at pcpu.h:194
194             __asm __volatile("movq %%gs:0,%0" : "=r" (td));




