I think I have seen this twice already with 17 June kernel. Otherwise the kernel seems to be more stable (no vm specific panics) but I cannot be sure as holidays just started so load dropped considerably. kernel and crash dump are ftp://ftp.clinet.fi/pub/FreeBSD/crashdumps/*.89.gz hsu#news.clinet.fi Sat 3: gdb -k kernel.89 vmcore.89 GDB is free software and you are welcome to distribute copies of it under certain conditions; type "show copying" to see the conditions. There is absolutely no warranty for GDB; type "show warranty" for details. GDB 4.13 (i386-unknown-freebsd), Copyright 1994 Free Software Foundation, Inc... IdlePTD 26a000 current pcb at 221684 panic: page fault #0 boot (howto=256) at ../../i386/i386/machdep.c:940 940 dumppcb.pcb_cr3 = rcr3(); (kgdb) bt #0 boot (howto=256) at ../../i386/i386/machdep.c:940 #1 0xf0117546 in panic (fmt=0xf01cbe6c "page fault") at ../../kern/subr_prf.c:127 #2 0xf01cc9da in trap_fatal (frame=0xefbffef0) at ../../i386/i386/trap.c:745 #3 0xf01cc4cc in trap_pfault (frame=0xefbffef0, usermode=0) at ../../i386/i386/trap.c:656 #4 0xf01cc19b in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = 0, tf_esi = -215522560, tf_ebp = -272629960, tf_isp = -272629992, tf_ebx = -215686656, tf_edx = 14751796, tf_ecx = -215522560, tf_eax = 0, tf_trapno = 12, tf_err = 2, tf_eip = -267337695, tf_cs = 8, tf_eflags = 66118, tf_esp = -266342168, tf_ss = -215522560}) at ../../i386/i386/trap.c:319 #5 0xf01c4271 in calltrap () #6 0xf010bde4 in exit (p=0xf3276300, uap=0xefbfff94, retval=0xefbfff84) at ../../kern/kern_exit.c:96 #7 0xf01ccc85 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 0, tf_esi = -1, tf_ebp = -272640756, tf_isp = -272629788, tf_ebx = 134758496, tf_edx = 0, tf_ecx = 1, tf_eax = 1, tf_trapno = 12, tf_err = 7, tf_eip = 134711469, tf_cs = 31, tf_eflags = 658, tf_esp = -272640776, tf_ss = 39}) at ../../i386/i386/trap.c:895 #8 0xf01c42c5 in Xsyscall () Cannot access memory at address 0xefbfd50c. (kgdb) up #1 0xf0117546 in panic (fmt=0xf01cbe6c "page fault") at ../../kern/subr_prf.c:127 127 boot(bootopt); (kgdb) list 122 123 #if defined(DDB) 124 if (debugger_on_panic) 125 Debugger ("panic"); 126 #endif 127 boot(bootopt); 128 } 129 130 /* 131 * Warn that a system table is full. (kgdb) up #2 0xf01cc9da in trap_fatal (frame=0xefbffef0) at ../../i386/i386/trap.c:745 745 panic(trap_msg[type]); (kgdb) up #3 0xf01cc4cc in trap_pfault (frame=0xefbffef0, usermode=0) at ../../i386/i386/trap.c:656 656 trap_fatal(frame); (kgdb) up #4 0xf01cc19b in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = 0, tf_esi = -215522560, tf_ebp = -272629960, tf_isp = -272629992, tf_ebx = -215686656, tf_edx = 14751796, tf_ecx = -215522560, tf_eax = 0, tf_trapno = 12, tf_err = 2, tf_eip = -267337695, tf_cs = 8, tf_eflags = 66118, tf_esp = -266342168, tf_ss = -215522560}) at ../../i386/i386/trap.c:319 319 (void) trap_pfault(&frame, FALSE); (kgdb) up #5 0xf01c4271 in calltrap () (kgdb) up #6 0xf010bde4 in exit (p=0xf3276300, uap=0xefbfff94, retval=0xefbfff84) at ../../kern/kern_exit.c:96 96 exit1(p, W_EXITCODE(uap->rval, 0)); (kgdb) list 91 int rval; 92 } */ *uap; 93 int *retval; 94 { 95 96 exit1(p, W_EXITCODE(uap->rval, 0)); 97 /* NOTREACHED */ 98 } 99 100 /* (kgdb) print uap $1 = (struct rexit_args *) 0x0 (kgdb) print p $2 = (struct proc *) 0xf3276300 (kgdb) print *p $3 = {p_forw = 0xf024b84c, p_back = 0x0, p_list = {le_next = 0x0, le_prev = 0xf02454d8}, p_cred = 0xf31a93c0, p_fd = 0xf3074400, p_stats = 0xf7196258, p_limit = 0xf020c52c, p_vmspace = 0xf324e200, p_sigacts = 0xf7196128, p_flag = 24582, p_stat = 5 '\005', p_pad1 = "\001\001", p_pid = 14861, p_pglist = {le_next = 0x0, le_prev = 0xf32e4e34}, p_pptr = 0xf32e4e00, p_sibling = {le_next = 0x0, le_prev = 0xf32e4e48}, p_children = {lh_first = 0x0}, p_oppid = 0, p_dupfd = 0, p_estcpu = 2245, p_cpticks = 1990, p_pctcpu = 4, p_wchan = 0x0, p_wmesg = 0xf012c775 "biowait", p_swtime = 1, p_slptime = 0, p_realtimer = { it_interval = {tv_sec = 0, tv_usec = 0}, it_value = {tv_sec = 0, tv_usec = 0}}, p_rtime = {tv_sec = 0, tv_usec = 34136}, p_uticks = 2, p_sticks = 1980, p_iticks = 12, p_traceflag = 0, p_tracep = 0x0, p_siglist = 0, p_textvp = 0xf30ab500, p_lock = 0 '\000', p_pad2 = "\000\000", p_locks = 0, p_simple_locks = 0, p_hash = { le_next = 0x0, le_prev = 0xe11834}, p_sigmask = 0, p_sigignore = 4294967295, p_sigcatch = 20483, p_priority = 16 '\020', p_usrpri = 127 '\177', p_nice = 0 '\000', p_comm = "cc\000e\000\000r\000\000\000\000\000\000\000\000\000", p_pgrp = 0xf31a9380, p_sysent = 0xf01ff8c0, p_rtprio = {type = 1, prio = 0}, p_addr = 0xf7196000, p_md = {md_flags = 0, md_regs = 0xefbfffbc}, p_xstat = 0, p_acflag = 0, p_ru = 0xf3467700} (kgdb) up #7 0xf01ccc85 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 0, tf_esi = -1, tf_ebp = -272640756, tf_isp = -272629788, tf_ebx = 134758496, tf_edx = 0, tf_ecx = 1, tf_eax = 1, tf_trapno = 12, tf_err = 7, tf_eip = 134711469, tf_cs = 31, tf_eflags = 658, tf_esp = -272640776, tf_ss = 39}) at ../../i386/i386/trap.c:895 895 error = (*callp->sy_call)(p, args, rval); (kgdb) print p $4 = (struct proc *) 0xf3276300 (kgdb) print args $5 = {0, 1, 134328416, 134344720, 134344716, -272629828, 2, 0} (kgdb) print rval $6 = {0, 0} (kgdb) down #6 0xf010bde4 in exit (p=0xf3276300, uap=0xefbfff94, retval=0xefbfff84) at ../../kern/kern_exit.c:96 96 exit1(p, W_EXITCODE(uap->rval, 0)); (kgdb) list 91 int rval; 92 } */ *uap; 93 int *retval; 94 { 95 96 exit1(p, W_EXITCODE(uap->rval, 0)); 97 /* NOTREACHED */ 98 } 99 100 /* (kgdb) print uap $7 = (struct rexit_args *) 0x0 (kgdb) This might be a compiler optimization ghost. I'm compiling with -O. Fix: I do not know. How-To-Repeat: I do not know
>Number: 1345 >Category: kern >Synopsis: kernel page fault, NULL pointer dereference in exit() >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Jun 22 05:20:00 PDT 1996 >Last-Modified: >Originator: Heikki Suonsivu >Organization: Clinet, Espoo, Finland >Release: FreeBSD 2.2-CURRENT i386 >Environment: >Description: I think I have seen this twice already with 17 June kernel. Otherwise the kernel seems to be more stable (no vm specific panics) but I cannot be sure as holidays just started so load dropped considerably. kernel and crash dump are ftp://ftp.clinet.fi/pub/FreeBSD/crashdumps/*.89.gz I got another instance of this: ftp://ftp.clinet.fi/pub/FreeBSD/crashdumps/*.90.gz -- Heikki Suonsivu, T{ysikuu 10 C 83/02210 Espoo/FINLAND, hsu@clinet.fi mobile +358-40-5519679 work +358-0-4375360 fax -4555276 home -8031121
State Changed From-To: open->feedback Confirm Status
State Changed From-To: feedback->closed Originator Confirmed Closure