GENERIC HEAD from Jan 11 09:07 UTC, vmcore.142
GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-CURRENT #3: Tue Jan 11 10:14:27 CET 2005
pho@current.osted.lan:/usr/src/sys/i386/compile/PHO
WARNING: WITNESS option enabled, expect reduced performance.
ACPI APIC Table: <A M I OEMAPIC >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.14-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf13 Stepping = 3
Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM>
real memory = 267583488 (255 MB)
avail memory = 252448768 (240 MB)
:
mount root from ufs:/dev/ad0s1a
freebsd4_sigreturn: eflags = 0x0
freebsd4_sigreturn: eflags = 0x0
_
freebsd4_sigreturn: eflags = 0x0
freebsd4_sigreturn: eflags = 0x0
sigreturn: eflags = 0x0
sigreturn: eflags = 0x0
:
sigreturn: eflags = 0x0
kernel trap 12 with interrupts disabled
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xcf75bc78
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc0614dbb
stack pointer = 0x10:0xcf301cbc
frame pointer = 0x10:0xcf301cd0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = resume, IOPL = 0
current process = 35328 (syscall)
[thread pid 35328 tid 100197 ]
Stopped at psignal+0x97: testl %eax,0(%esi,%edx,4)
db> where
Tracing pid 35328 tid 100197 td 0xc1c87a10
psignal(c1e283f0,1,0,c1c87a10,c1ece9d8) at psignal+0x97
kill(c1c87a10,cf301d14,2,0,292) at kill+0xd8
syscall(2f,2f,2f,2804f6c0,bfbfeaa4) at syscall+0x128
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (37, FreeBSD ELF32, kill), eip = 0x280c0907, esp = 0xbfbfe6fc, ebp = 0xbfbfe718 ---
db> call doadump
Dumping 255 MB
16 32 48 64 80 96 112 128 144 160 176 192 208 224 240
Dump complete
0
db> reset
(kgdb) bt
#0 doadump () at pcpu.h:159
#1 0xc0461ca6 in db_fncall (dummy1=0xc07ae085, dummy2=0x0, dummy3=0xcf301b94, dummy4=0xcf301b2c "`\0330Ï\004")
at ../../../ddb/db_command.c:531
#2 0xc046203c in db_command_loop () at ../../../ddb/db_command.c:349
#3 0xc0463a68 in db_trap (type=0xc, code=0x0) at ../../../ddb/db_main.c:228
#4 0xc062a57e in kdb_trap (type=0xc, code=0x0, tf=0xcf301c7c) at ../../../kern/subr_kdb.c:421
#5 0xc07c0ba8 in trap_fatal (frame=0xcf301c7c, eva=0xcf75bc78) at ../../../i386/i386/trap.c:801
#6 0xc07c10a0 in trap (frame=
{tf_fs = 0xc0600018, tf_es = 0xc08e0010, tf_ds = 0x10, tf_edi = 0x0, tf_esi = 0xcf75bc78, tf_ebp = 0xcf301cd0, tf_isp = 0xcf301ca8, tf_ebx = 0xc20cccf0, tf_edx = 0x0, tf_ecx = 0x0, tf_eax = 0x1, tf_trapno = 0xc, tf_err = 0x0, tf_eip = 0xc0614dbb, tf_cs = 0x8, tf_eflags = 0x10046, tf_esp = 0xc20cccf0, tf_ss = 0x0}) at ../../../i386/i386/trap.c:244
#7 0xc07afafa in calltrap () at ../../../i386/i386/exception.s:139
#8 0xc0600018 in ithread_add_handler (ithread=0x0, name=---Can't read userspace from dump, or kernel process---
) at ../../../kern/kern_intr.c:288
#9 0xc061529c in kill (td=0x0, uap=0xcf301d14) at ../../../kern/kern_sig.c:1393
#10 0xc07c15b0 in syscall (frame=
{tf_fs = 0x2f, tf_es = 0x2f, tf_ds = 0x2f, tf_edi = 0x2804f6c0, tf_esi = 0xbfbfeaa4, tf_ebp = 0xbfbfe718, tf_isp = 0xcf301d74, tf_ebx = 0x6, tf_edx = 0x804a2e0, tf_ecx = 0x7, tf_eax = 0x25, tf_trapno = 0xc, tf_err = 0x2, tf_eip = 0x280c0907, tf_cs = 0x1f, tf_eflags = 0x292, tf_esp = 0xbfbfe6fc, tf_ss = 0x2f}) at ../../../i386/i386/trap.c:951
#11 0xc07afb4f in Xint0x80_syscall () at ../../../i386/i386/exception.s:200
#12 0x0000002f in ?? ()
:
#39 0xc1528170 in ?? ()
#40 0xc0623503 in sched_switch (td=0xbfbfeaa4, newtd=0x6, flags=---Can't read userspace from dump, or kernel process---
) at ../../../kern/sched_4bsd.c:963
Previous frame inner to this frame (corrupt stack?)
(kgdb) l *0xc0614dbb
0xc0614dbb is in psignal (../../../kern/kern_sig.c:1582).
1577 * way to deliver signal.
1578 */
1579 signal_td = NULL;
1580 mtx_lock_spin(&sched_lock);
1581 FOREACH_THREAD_IN_PROC(p, td) {
1582 if (td->td_waitset != NULL &&
1583 SIGISMEMBER(*(td->td_waitset), sig)) {
1584 mtx_unlock_spin(&sched_lock);
1585 return (td);
1586 }
(kgdb) frame 8
#8 0xc0600018 in ithread_add_handler (ithread=0x0, name=---Can't read userspace from dump, or kernel process---
) at ../../../kern/kern_intr.c:288
288 TAILQ_FOREACH(temp_ih, &ithread->it_handlers, ih_next)
(kgdb) info loc
ih = (struct intrhand *) 0xc20cccf0
temp_ih = (struct intrhand *) 0x0
(kgdb) l
283 goto fail;
284 if (!(ih->ih_flags & IH_FAST) && (temp_ih->ih_flags & IH_FAST))
285 goto fail;
286 }
287
288 TAILQ_FOREACH(temp_ih, &ithread->it_handlers, ih_next)
289 if (temp_ih->ih_pri > ih->ih_pri)
290 break;
291 if (temp_ih == NULL)
292 TAILQ_INSERT_TAIL(&ithread->it_handlers, ih, ih_next);
(kgdb) frame 9
#9 0xc061529c in kill (td=0x0, uap=0xcf301d14) at ../../../kern/kern_sig.c:1393
1393 psignal(p, uap->signum);
(kgdb) inf loc
p = (struct proc *) 0xc1e283f0
error = 0x0
(kgdb) l
1388 if ((p = zpfind(uap->pid)) == NULL)
1389 return (ESRCH);
1390 }
1391 error = p_cansignal(td, p, uap->signum);
1392 if (error == 0 && uap->signum)
1393 psignal(p, uap->signum);
1394 PROC_UNLOCK(p);
1395 return (error);
1396 }
1397 switch (uap->pid) {
(kgdb) p *(struct proc *)0xc1e283f0
$1 = {p_list = {le_next = 0xc2cde5e8, le_prev = 0xc08f0d44}, p_ksegrps = {tqh_first = 0xc17d2ae0, tqh_last = 0xc17d2ae4}, p_threads = {
tqh_first = 0xc20cccf0, tqh_last = 0xc20cccf8}, p_suspended = {tqh_first = 0x0, tqh_last = 0xc1e28408}, p_ucred = 0xc1ae0300,
p_fd = 0xc238b200, p_fdtol = 0x0, p_stats = 0xc1dfa000, p_limit = 0xc2200400, p_sigacts = 0xc1ecc000, p_flag = 0x2, p_sflag = 0x0,
p_state = PRS_NORMAL, p_pid = 0x8a2c, p_hash = {le_next = 0xc16299d8, le_prev = 0xc15110b0}, p_pglist = {le_next = 0xc17d05e8,
le_prev = 0xc1ecea28}, p_pptr = 0xc1ece9d8, p_sibling = {le_next = 0xc17d05e8, le_prev = 0xc1ecea3c}, p_children = {lh_first = 0x0},
p_mtx = {mtx_object = {lo_class = 0xc088ce04, lo_name = 0xc082beed "process lock", lo_type = 0xc082beed "process lock",
lo_flags = 0x430000, lo_list = {tqe_next = 0xc1e28650, tqe_prev = 0xc1e28270}, lo_witness = 0xc0901e00}, mtx_lock = 0xc1c87a10,
mtx_recurse = 0x0}, p_oppid = 0x0, p_vmspace = 0xc2cdf5dc, p_swtime = 0x29, p_realtimer = {it_interval = {tv_sec = 0x0, tv_usec = 0x0},
it_value = {tv_sec = 0x0, tv_usec = 0x0}}, p_rux = {rux_runtime = {sec = 0x0, frac = 0xdea648b2dd3a64}, rux_uticks = 0x0,
rux_sticks = 0x1, rux_iticks = 0x0, rux_uu = 0x0, rux_su = 0x0, rux_iu = 0x0}, p_crux = {rux_runtime = {sec = 0x0, frac = 0x0},
rux_uticks = 0x0, rux_sticks = 0x0, rux_iticks = 0x0, rux_uu = 0x0, rux_su = 0x0, rux_iu = 0x0}, p_profthreads = 0x0,
p_maxthrwaits = 0x0, p_traceflag = 0x0, p_tracevp = 0x0, p_tracecred = 0x0, p_textvp = 0xc1d4f678, p_siglist = {__bits = {0x0, 0x0, 0x0,
0x0}}, p_lock = 0x0, p_sigiolst = {slh_first = 0x0}, p_sigparent = 0x14, p_sig = 0x0, p_code = 0x0, p_stops = 0x0, p_stype = 0x0,
p_step = 0x0, p_pfsflags = 0x0, p_nlminfo = 0x0, p_aioinfo = 0x0, p_singlethread = 0x0, p_suspcount = 0x0, p_xthread = 0x0,
p_boundary_count = 0x0, p_magic = 0xbeefface, p_comm = "syscall", '\0' <repeats 12 times>, p_pgrp = 0xc1753780, p_sysent = 0xc08cdf00,
p_args = 0xc23fa280, p_cpulimit = 0x7fffffffffffffff, p_nice = 0x0, p_xstat = 0x0, p_klist = {kl_lock = 0xc1e28458, kl_list = {
slh_first = 0x0}}, p_numthreads = 0x1, p_numksegrps = 0x1, p_md = {md_ldt = 0xc2b29a80}, p_itcallout = {c_links = {sle = {
sle_next = 0x0}, tqe = {tqe_next = 0x0, tqe_prev = 0x0}}, c_time = 0x0, c_arg = 0x0, c_func = 0, c_flags = 0x8}, p_acflag = 0x1,
p_ru = 0x0, p_peers = 0x0, p_leader = 0xc1e283f0, p_emuldata = 0x0, p_label = 0x0, p_sched = 0xc1e285e8}
(kgdb) p *(struct thread *)0xc1c87a10
$2 = {td_proc = 0xc1ece9d8, td_ksegrp = 0xc17d2300, td_plist = {tqe_next = 0x0, tqe_prev = 0xc1ece9e8}, td_kglist = {tqe_next = 0x0,
tqe_prev = 0xc17d230c}, td_slpq = {tqe_next = 0x0, tqe_prev = 0xcc6b2c2c}, td_lockq = {tqe_next = 0x0, tqe_prev = 0xcf1dec8c},
td_runq = {tqe_next = 0x0, tqe_prev = 0xc17d2314}, td_selq = {tqh_first = 0x0, tqh_last = 0x0}, td_sleepqueue = 0xc1dbdba0,
td_turnstile = 0xc22d2900, td_tid = 0x18765, td_flags = 0x1010000, td_inhibitors = 0x0, td_pflags = 0x0, td_dupfd = 0x0, td_wchan = 0x0,
td_wmesg = 0x0, td_lastcpu = 0x0, td_oncpu = 0x0, td_locks = 0xfffa, td_blocked = 0x0, td_ithd = 0x0, td_lockname = 0x0, td_contested = {
lh_first = 0x0}, td_sleeplocks = 0xc093e218, td_intr_nesting_level = 0x0, td_pinned = 0x0, td_mailbox = 0x0, td_ucred = 0xc1ae0300,
td_standin = 0x0, td_upcall = 0x0, td_sticks = 0x0, td_uuticks = 0x0, td_usticks = 0x0, td_intrval = 0x0, td_oldsigmask = {__bits = {0x0,
0x0, 0x0, 0x0}}, td_sigmask = {__bits = {0x1, 0x0, 0x0, 0x0}}, td_siglist = {__bits = {0x0, 0x0, 0x0, 0x0}}, td_waitset = 0x0,
td_umtxq = 0x0, td_generation = 0xaf, td_sigstk = {ss_sp = 0x0, ss_size = 0x0, ss_flags = 0x4}, td_kflags = 0x0, td_xsig = 0x0,
td_profil_addr = 0x0, td_profil_ticks = 0x0, td_base_pri = 0xb7, td_priority = 0xb7, td_pcb = 0xcf301da0, td_state = TDS_RUNNING,
td_retval = {0x0, 0x804a2e0}, td_slpcallout = {c_links = {sle = {sle_next = 0x0}, tqe = {tqe_next = 0x0, tqe_prev = 0xc65ba350}},
c_time = 0x2383256, c_arg = 0xc1c87a10, c_func = 0, c_flags = 0x8}, td_frame = 0xcf301d48, td_kstack_obj = 0xc1ba2948,
td_kstack = 0xcf300000, td_kstack_pages = 0x2, td_altkstack_obj = 0x0, td_altkstack = 0x0, td_altkstack_pages = 0x0, td_critnest = 0x2,
td_md = {md_savecrit = 0x246}, td_sched = 0xc1c87b5c}