Re: Panic on amd64 (and i386?)

From: Walery <orm_vartis_at_bk.ru>
Date: Sun, 23 Jul 2006 21:49:23 +0400
Hello Ceri,

Sunday, July 23, 2006, 4:40:37 PM, you wrote:

CD> With yesterday's -HEAD, while doing a simultaneous
CD> 'portupgrade -a' and a 'make buildworld', with the source and object
CD> trees for the buildworld on a NFS mount from a 6-STABLE server.

CD> Kernel config is GENERIC, plus:

CD> device          cpufreq
CD> device          puc
CD> device          sound
CD> device          snd_via8233

CD> makeoptions     DEBUG=-g
CD> options         KDB_UNATTENDED

CD> This is probably reproducable, as I also experienced a panic yesterday
CD> while doing the same thing, but I didn't have dumps configured then.

CD> Ceri

CD> -----

CD> quinch# uname -a
CD> FreeBSD quinch.private.submonkey.net 7.0-CURRENT FreeBSD
CD> 7.0-CURRENT #4: Sat Jul 22 18:06:40 BST 2006    
CD> root_at_quinch.private.submonkey.net:/usr/obj/usr/src/sys/QUINCH  amd64

CD> quinch# kgdb kernel.debug /var/crash/vmcore.0
CD> [GDB will not be able to debug user-mode threads:
CD> /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
CD> GNU gdb 6.1.1 [FreeBSD]
CD> Copyright 2004 Free Software Foundation, Inc.
CD> GDB is free software, covered by the GNU General Public License, and you are
CD> welcome to change it and/or distribute copies of it under certain conditions.
CD> Type "show copying" to see the conditions.
CD> There is absolutely no warranty for GDB.  Type "show warranty" for details.
CD> This GDB was configured as "amd64-marcel-freebsd".

CD> Unread portion of the kernel message buffer:


CD> Fatal trap 12: page fault while in kernel mode
CD> cpuid = 0; apic id = 00
CD> fault virtual address   = 0x48
CD> fault code              = supervisor read, page not present
CD> instruction pointer     = 0x8:0xffffffff80437e89
CD> stack pointer           = 0x10:0xffffffff95320750
CD> frame pointer           = 0x10:0xffffffff95320780
CD> code segment            = base 0x0, limit 0xfffff, type 0x1b
CD>                         = DPL 0, pres 1, long 1, def32 0, gran 1
CD> processor eflags        = interrupt enabled, resume, IOPL = 0
CD> current process         = 79501 (script)
CD> trap number             = 12
CD> panic: page fault
CD> cpuid = 0
CD> Uptime: 18h46m56s
CD> Physical memory: 499 MB
CD> Dumping 156 MB: 141 125 109 93 77 61 45 29 13

CD> #0  doadump () at pcpu.h:172
CD> 172             __asm __volatile("movq %%gs:0,%0" : "=r" (td));
CD> (kgdb) list *0xffffffff80437e89
CD> 0xffffffff80437e89 is in _mtx_lock_flags
CD> (/usr/src/sys/kern/kern_mutex.c:279).
CD> 274     void
CD> 275     _mtx_lock_flags(struct mtx *m, int opts, const char *file, int line)
CD> 276     {
CD> 277
CD> 278             MPASS(curthread != NULL);
CD> 279             KASSERT(LOCK_CLASS(&m->mtx_object) == &lock_class_mtx_sleep,
CD> 280                 ("mtx_lock() of spin mutex %s _at_ %s:%d", m->mtx_object.lo_name,
CD> 281                 file, line));
CD> 282             WITNESS_CHECKORDER(&m->mtx_object, opts | LOP_NEWORDER | LOP_EXCLUSIVE,
CD> 283                 file, line);
CD> (kgdb) backtrace
CD> #0  doadump () at pcpu.h:172
CD> #1  0xffffffff804419c9 in boot (howto=260) at
CD> /usr/src/sys/kern/kern_shutdown.c:409
CD> #2  0xffffffff8044145b in panic (fmt=0xffffffff806b262c "%s")
CD>     at /usr/src/sys/kern/kern_shutdown.c:565
CD> #3  0xffffffff806445ba in trap_fatal (frame=0xc, eva=18446742974411974672)
CD>     at /usr/src/sys/amd64/amd64/trap.c:690
CD> #4  0xffffffff80644903 in trap_pfault (frame=0xffffffff953206a0, usermode=0)
CD>     at /usr/src/sys/amd64/amd64/trap.c:609
CD> #5  0xffffffff80644b54 in trap (frame=
CD>       {tf_rdi = 56, tf_rsi = 0, tf_rdx = -2140004967, tf_rcx =
CD> 419, tf_r8 = 1, tf_r9 = -1099297576944, tf_rax = -1099297576944,
CD> tf_rbx = 56, tf_rbp = -1791883392, tf_r10 = 0, tf_r11 =
CD> -2142509056, tf_r12 = 0, tf_r13 = 419, tf_r14 = -2140004967,
CD> tf_r15 = 1, tf_trapno = 12, tf_addr = 72, tf_flags = 582, tf_err =
CD> 0, tf_rip = -2143060343, tf_cs = 8, tf_rflags = 66178, tf_rsp =
CD> -1791883424, tf_ss = 16}) at /usr/src/sys/amd64/amd64/trap.c:383
CD> #6  0xffffffff8062fccb in calltrap () at
CD> /usr/src/sys/amd64/amd64/exception.S:168
CD> #7  0xffffffff80437e89 in _mtx_lock_flags (m=0x38, opts=0, 
CD>     file=0xffffffff80721d99 "/usr/src/sys/kern/vfs_mount.c", line=419) at pcpu.h:169
CD> #8  0xffffffff804a87fe in vfs_ref (mp=0x0) at
CD> /usr/src/sys/kern/vfs_mount.c:419
CD> #9  0xffffffff804a53b4 in vop_stdgetwritemount (ap=0xffffffff953207f0)
CD>     at /usr/src/sys/kern/vfs_default.c:356
CD> #10 0xffffffff8069d547 in VOP_GETWRITEMOUNT_APV
CD> (vop=0xffffff000cc22810, a=0xffffffff953207f0)
CD>     at vnode_if.c:1823
CD> #11 0xffffffff804bcfca in vn_start_write (vp=0xffffff000b9683b0, mpp=0xffffffff95320858, flags=1)
CD>     at vnode_if.h:951
CD> #12 0xffffffff804bd4ed in vn_close (vp=0xffffff000b9683b0,
CD> flags=3, file_cred=0xffffff0014d80300, 
CD>     td=0xffffff000cc22810) at /usr/src/sys/kern/vfs_vnops.c:284
CD> #13 0xffffffff804be88a in vn_closefile (fp=0xffffff0012d40168, td=0xffffff000cc22810)
CD>     at /usr/src/sys/kern/vfs_vnops.c:870
CD> #14 0xffffffff8041a851 in fdrop_locked (fp=0xffffff0012d40168,
CD> td=0xffffff000cc22810) at file.h:296
CD> #15 0xffffffff8041ac84 in closef (fp=0xffffff0012d40168, td=0xffffff000cc22810)
CD>     at /usr/src/sys/kern/kern_descrip.c:1979
CD> #16 0xffffffff8041c369 in fdfree (td=0xffffff000cc22810) at
CD> /usr/src/sys/kern/kern_descrip.c:1653
CD> #17 0xffffffff80426016 in exit1 (td=0xffffff000cc22810, rv=0) at
CD> /usr/src/sys/kern/kern_exit.c:280
CD> #18 0xffffffff80426e1e in sys_exit (td=0x38, uap=0x0) at
CD> /usr/src/sys/kern/kern_exit.c:101
CD> #19 0xffffffff80645437 in syscall (frame=
CD>       {tf_rdi = 0, tf_rsi = 34365169976, tf_rdx = 34366229216,
CD> tf_rcx = 10, tf_r8 = 0, tf_r9 = 0, tf_rax = 1, tf_rbx = 0, tf_rbp
CD> = 30, tf_r10 = 0, tf_r11 = 2, tf_r12 = 140737488348832, tf_r13 =
CD> 30, tf_r14 = 0, tf_r15 = 1153657258, tf_trapno = 12, tf_addr =
CD> 34367975632, tf_flags = 0, tf_err = 2, tf_rip = 34367821068, tf_cs
CD> = 43, tf_rflags = 514, tf_rsp = 140737488346568, tf_ss = 35})
CD>     at /usr/src/sys/amd64/amd64/trap.c:825
CD> #20 0xffffffff8062fe68 in Xfast_syscall () at
CD> /usr/src/sys/amd64/amd64/exception.S:270
CD> #21 0x00000008007b550c in ?? ()
CD> Previous frame inner to this frame (corrupt stack?)

Sorry, my english is bad :(

pcpu.h is broken?

My system is i386 HEAD, see KERNCONF in attached kernel.txt, dmesg in
dmesg.txt, kldstat in kldstat.txt, version pcpu.h is  1.46.

Panic on pcpu.h:166 on my i386-box  on high load (make -j3 buildworld + xmms music +
glxgears full screen):

[orm_at_xxx.ru]/usr/obj/usr/home/cvs-snap/freebsd/current/src/sys/ORM_MODULES> sudo kgdb kernel.debug  /var/crash/vmcore.0
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".
Ready to go.  Enter 'tr' to connect to the remote target
with /dev/cuad0, 'tr /dev/cuad1' to connect to a different port
or 'trf portno' to connect to the remote target with the firewire
interface.  portno defaults to 5556.

Type 'getsyms' after connection to load kld symbols.

If you're debugging a local system, you can use 'kldsyms' instead
to load the kld symbols.  That's a less obnoxious interface.

Unread portion of the kernel message buffer:
kernel trap 12 with interrupts disabled


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x2c
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc0531cbb
stack pointer           = 0x28:0xdeaceb7c
frame pointer           = 0x28:0xdeaceba4
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = resume, IOPL = 0
current process         = 34653 (xmms)
trap number             = 12
panic: page fault
cpuid = 0
Uptime: 50m34s
Physical memory: 499 MB
Dumping 108 MB: 93 77 61 45 29 13

#0  doadump () at pcpu.h:166
166             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb)
(kgdb) where
#0  doadump () at pcpu.h:166
During symbol reading, Incomplete CFI data; unspecified registers at 0xc0501ba3.
#1  0xc0502219 in boot (howto=0x104) at /usr/home/cvs-snap/freebsd/current/src/sys/kern/kern_shutdown.c:409
#2  0xc0502614 in panic (fmt=0xc06c4e57 "%s") at /usr/home/cvs-snap/freebsd/current/src/sys/kern/kern_shutdown.c:565
#3  0xc06a24fc in trap_fatal (frame=0xdeaceb3c, eva=0x0)
    at /usr/home/cvs-snap/freebsd/current/src/sys/i386/i386/trap.c:869
#4  0xc06a1aae in trap (frame=
      {tf_fs = 0xc4170008, tf_es = 0xc0720028, tf_ds = 0xdeac0028, tf_edi = 0xc4172b40, tf_esi = 0xc4172b40, tf_ebp = 0xdeaceba4, tf_isp = 0xdeaceb68, tf_ebx = 0xc4172d20, tf_edx = 0xaf, tf_ecx = 0x0, tf_eax = 0x0, tf_trapno = 0xc, tf_err = 0x0, tf_eip = 0xc0531cbb, tf_cs = 0x20, tf_eflags = 0x10082, tf_esp = 0xc4172b40, tf_ss = 0xaf})
    at /usr/home/cvs-snap/freebsd/current/src/sys/i386/i386/trap.c:279
#5  0xc068a69a in calltrap () at /usr/home/cvs-snap/freebsd/current/src/sys/i386/i386/exception.s:138
#6  0xc0531cbb in propagate_priority (td=0xc4172b40)
    at /usr/home/cvs-snap/freebsd/current/src/sys/kern/subr_turnstile.c:246
#7  0xc053285c in turnstile_wait (lock=0xc4173068, owner=0x0, queue=0x0)
    at /usr/home/cvs-snap/freebsd/current/src/sys/kern/subr_turnstile.c:677
#8  0xc04f719a in _mtx_lock_sleep (m=0xc4173068, tid=0xc4172d20, opts=0x0, file=0x0, line=0x0)
    at /usr/home/cvs-snap/freebsd/current/src/sys/kern/kern_mutex.c:563
#9  0xc0510fcc in thread_single (mode=0x0) at /usr/home/cvs-snap/freebsd/current/src/sys/kern/kern_thread.c:837
#10 0xc04e6219 in fork1 (td=0xc4172d20, flags=0x14, pages=0x0, procp=0xdeacec7c)
    at /usr/home/cvs-snap/freebsd/current/src/sys/kern/kern_fork.c:275
#11 0xc04e5d99 in fork (td=0xc4172d20, uap=0xdeaced04)
    at /usr/home/cvs-snap/freebsd/current/src/sys/kern/kern_fork.c:98
#12 0xc06a2933 in syscall (frame=
      {tf_fs = 0x825003b, tf_es = 0xbf3f003b, tf_ds = 0xbf3f003b, tf_edi = 0xac44, tf_esi = 0x286b1fa0, tf_ebp = 0xbf2f7e28, tf_isp = 0xdeaced64, tf_ebx = 0x285ba954, tf_edx = 0x0, tf_ecx = 0x82041b0, tf_eax = 0x2, tf_trapno = 0xc, tf_err = 0x2, tf_eip = 0x2861c563, tf_cs = 0x33, tf_eflags = 0x282, tf_esp = 0xbf2f7dcc, tf_ss = 0x3b})
    at /usr/home/cvs-snap/freebsd/current/src/sys/i386/i386/trap.c:1015
#13 0xc068a6ef in Xint0x80_syscall () at /usr/home/cvs-snap/freebsd/current/src/sys/i386/i386/exception.s:191
#14 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)
 


orm_vartiS
aка Валера.
E-mail: orm_vartis NOSPAM <atNOSPAM> NOSPAM bk <dotNOSPAM> ru
ICQ UIN: 174977614.
Received on Sun Jul 23 2006 - 15:49:39 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:58 UTC