FreeBSD -STABLE servers repeatedly crashing.
Kris Kennaway
kris at obsecurity.org
Wed Jul 6 16:16:42 GMT 2005
On Wed, Jul 06, 2005 at 06:10:20PM +0200, Blaz Zupan wrote:
> On Wed, 6 Jul 2005, Kris Kennaway wrote:
> >Please obtain the backtrace with kgdb.
>
> Here you go:
> #9 0xc1fa0018 in ?? ()
> #10 0xc2a40010 in ?? ()
> #11 0x00000010 in ?? ()
> #12 0xc2216000 in ?? ()
> #13 0xc0686a2c in tcbinfo ()
> #14 0xe4b6cb90 in ?? ()
> #15 0xe4b6cb68 in ?? ()
> #16 0xc1fac480 in ?? ()
> #17 0xc1fadbb4 in ?? ()
> #18 0xc1fadb00 in ?? ()
> #19 0x00000000 in ?? ()
> #20 0x0000000c in ?? ()
> #21 0x00000000 in ?? ()
> #22 0xc04eda6b in propagate_priority (td=0xc2216000) at
> /usr/src5/sys/kern/subr_turnstile.c:243
> #23 0xc04ee225 in turnstile_wait (ts=0xc1fadb00, lock=0xc0686a2c,
> owner=0xc2216000)
> at /usr/src5/sys/kern/subr_turnstile.c:556
> #24 0xc04c5ced in _mtx_lock_sleep (m=0xc0686a2c, td=0xc1fac480, opts=0,
> file=0x0, line=0)
> at /usr/src5/sys/kern/kern_mutex.c:552
> #25 0xc0559ad8 in tcp_usr_rcvd (so=0x0, flags=0) at
> /usr/src5/sys/netinet/tcp_usrreq.c:602
Interesting, this seems to finger the TCP code. Are you compiling
your kernel with -O2 though (this causes bogus stack frames like you
have here)? If so, recompile with -O and try to obtain another trace.
CC'ing rwatson.
Kris
> #26 0xc0506103 in soreceive (so=0xc27bf798, psa=0x0, uio=0xe4b6cc88,
> mp0=0x0, controlp=0x0, flagsp=0x0)
> at /usr/src5/sys/kern/uipc_socket.c:1395
> #27 0xc04f4bd9 in soo_read (fp=0x0, uio=0xe4b6cc88, active_cred=0xc2884a80,
> flags=0, td=0xc1fac480)
> at /usr/src5/sys/kern/sys_socket.c:91
> #28 0xc04ee865 in dofileread (td=0xc1fac480, fp=0xc2e17bb0, fd=10, buf=0x0,
> nbyte=4096, offset=Unhandled dwarf expression opcode 0x93
> ) at file.h:233
> #29 0xc04ee72f in read (td=0xc1fac480, uap=0xe4b6cd14) at
> /usr/src5/sys/kern/sys_generic.c:107
> #30 0xc05f4fe7 in syscall (frame=
> {tf_fs = 47, tf_es = 47, tf_ds = -1078001617, tf_edi = 10, tf_esi =
> 300, tf_ebp = -1077942168, tf_isp = -457781900, tf_ebx = 134822152,
> tf_edx = 0, tf_ecx = 10, tf_eax = 3, tf_trapno = 0, tf_err = 2,
> tf_eip = 672556795, tf_cs = 31, tf_eflags = 658, tf_esp =
> -1077942212, tf_ss = 47}) at /usr/src5/sys/i386/i386/trap.c:1009
> #31 0xc05e288f in Xint0x80_syscall () at
> /usr/src5/sys/i386/i386/exception.s:201
> #32 0x0000002f in ?? ()
> #33 0x0000002f in ?? ()
> #34 0xbfbf002f in ?? ()
> #35 0x0000000a in ?? ()
> #36 0x0000012c in ?? ()
> #37 0xbfbfe868 in ?? ()
> #38 0xe4b6cd74 in ?? ()
> #39 0x08093908 in ?? ()
> #40 0x00000000 in ?? ()
> #41 0x0000000a in ?? ()
> #42 0x00000003 in ?? ()
> #43 0x00000000 in ?? ()
> #44 0x00000002 in ?? ()
> #45 0x281666fb in ?? ()
> #46 0x0000001f in ?? ()
> #47 0x00000292 in ?? ()
> #48 0xbfbfe83c in ?? ()
> #49 0x0000002f in ?? ()
> #50 0x00000000 in ?? ()
> #51 0x00000000 in ?? ()
> #52 0x00000000 in ?? ()
> #53 0x00000000 in ?? ()
> #54 0x2c75b000 in ?? ()
> #55 0xc22de000 in ?? ()
> #56 0xc1fac480 in ?? ()
> #57 0xe4b6ccac in ?? ()
> #58 0xe4b6cc94 in ?? ()
> #59 0xc1f26000 in ?? ()
> #60 0xc04ded13 in sched_switch (td=0x12c, newtd=0x8093908, flags=Cannot
> access memory at address 0xbfbfe878
> ) at /usr/src5/sys/kern/sched_4bsd.c:881
> Previous frame inner to this frame (corrupt stack?)
> (kgdb) quit
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050706/4443adf2/attachment.bin
More information about the freebsd-stable
mailing list