~/FreeBSD/www/x.48a.html

GENERIC HEAD from Jan 25 17:49 UTC +  mpsafe_vfs = 1, vmcore.155

GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD 6.0-CURRENT #1: Wed Jan 26 11:11:16 CET 2005
    pho@current.osted.lan:/usr/src/sys/i386/compile/PHO
WARNING: WITNESS option enabled, expect reduced performance.
ACPI APIC Table: <A M I  OEMAPIC >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.14-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0xf13  Stepping = 3
  Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM>
real memory  = 267583488 (255 MB)
avail memory = 252379136 (240 MB)
:
mount root from ufs:/dev/ad0s1a
WARNING: / was not properly dismounted
ffrrefeefrebrebseesdebd4bs4_sd_sd4si4_ig_sgrsireigetgrtureurretnntu::ur  rneen:f: l eaefgflsla ag=gs s 0 =x= 0 00x
x0f0lfar
:
 x0
0x0
sigretusring:r eetfulrang:s  e=f l0axg0s
= 0x0
kernel trap 12 with interrupts disabled


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0xcf11ac7c
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc0616855
stack pointer           = 0x10:0xcf224ca0
frame pointer           = 0x10:0xcf224cb0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = resume, IOPL = 0
current process         = 62405 (syscall)
[thread pid 62405 tid 100175 ]
Stopped at      sigtd+0x85:     andl    0(%ebx,%edx,4),%eax
db> where
Tracing pid 62405 tid 100175 td 0xc1b61730
sigtd(c1ac99d8,9,81) at sigtd+0x85
psignal(c1ac99d8,9) at psignal+0x63
kill(c1b61730,cf224d14,2,2,296) at kill+0x98
syscall(2f,2f,2f,2804f6c0,bfbfeb0c) at syscall+0x213
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (37, FreeBSD ELF32, kill), eip = 0x280b7973, esp = 0xbfbfe76c, ebp = 0xbfbfe788 ---
db> call doadump
Dumping 255 MB
 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240
Dump complete
0xf
db> reset

(kgdb) bt
#0  doadump () at pcpu.h:159
#1  0xc0465bce in db_fncall (dummy1=0x0, dummy2=0x0, dummy3=0x0, dummy4=0xcf224af0 "\034K\"Ït)zÀ\bK\"Ï\fK\"Ï\220\a")
    at ../../../ddb/db_command.c:531
#2  0xc04659dc in db_command (last_cmdp=0xc08cee64, cmd_table=0x0, aux_cmd_tablep=0xc084e1e0, aux_cmd_tablep_end=0xc084e1fc)
    at ../../../ddb/db_command.c:349
#3  0xc0465aa4 in db_command_loop () at ../../../ddb/db_command.c:455
#4  0xc046762d in db_trap (type=0xc, code=0x0) at ../../../ddb/db_main.c:228
#5  0xc062cce0 in kdb_trap (type=0xc, code=0x0, tf=0xcf224c60) at ../../../kern/subr_kdb.c:421
#6  0xc07bf1b9 in trap_fatal (frame=0xcf224c60, eva=0xcf11ac7c) at ../../../i386/i386/trap.c:801
#7  0xc07be915 in trap (frame=
      {tf_fs = 0x18, tf_es = 0xcf220010, tf_ds = 0xc0600010, tf_edi = 0xc1b603f0, tf_esi = 0xc1b61730, tf_ebp = 0xcf224cb0, tf_isp = 0xcf224c8c, tf_ebx = 0xcf11ac7c, tf_edx = 0x0, tf_ecx = 0x8, tf_eax = 0x100, tf_trapno = 0xc, tf_err = 0x0, tf_eip = 0xc0616855, tf_cs = 0x8, tf_eflags = 0x10006, tf_esp = 0x0, tf_ss = 0x0}) at ../../../i386/i386/trap.c:244
#8  0xc07ad09a in calltrap () at ../../../i386/i386/exception.s:139
#9  0x00000018 in ?? ()
#10 0xcf220010 in ?? ()
#11 0xc0600010 in idle_proc (dummy=0xc1ac99d8) at ../../../kern/kern_idle.c:112
#12 0xc0616973 in psignal (p=0xc1ac99d8, sig=0x9) at ../../../kern/kern_sig.c:1636
#13 0xc06160a4 in kill (td=0xc1b61730, uap=0xcf224d14) at ../../../kern/kern_sig.c:1394
#14 0xc07bf487 in syscall (frame=
      {tf_fs = 0x2f, tf_es = 0x2f, tf_ds = 0x2f, tf_edi = 0x2804f6c0, tf_esi = 0xbfbfeb0c, tf_ebp = 0xbfbfe788, tf_isp = 0xcf224d74, tf_ebx = 0x0, tf_edx = 0x7, tf_ecx = 0x7, tf_eax = 0x25, tf_trapno = 0xc, tf_err = 0x2, tf_eip = 0x280b7973, tf_cs = 0x1f, tf_eflags = 0x296, tf_esp = 0xbfbfe76c, tf_ss = 0x2f}) at ../../../i386/i386/trap.c:951
#15 0xc07ad0ef in Xint0x80_syscall () at ../../../i386/i386/exception.s:200
#16 0x0000002f in ?? ()
#17 0x0000002f in ?? ()
:
#43 0xc1aca450 in ?? ()
#44 0xc0625183 in sched_switch (td=0xbfbfeb0c, newtd=0x0, flags=---Can't read userspace from dump, or kernel process---

) at ../../../kern/sched_4bsd.c:963
Previous frame inner to this frame (corrupt stack?)
(kgdb) l *0xc0616855
0xc0616855 is in sigtd (../../../kern/kern_sig.c:1583).
1578             * way to deliver signal.
1579             */
1580            signal_td = NULL;
1581            mtx_lock_spin(&sched_lock);
1582            FOREACH_THREAD_IN_PROC(p, td) {
1583                  if (td->td_waitset != NULL &&
1584                      SIGISMEMBER(*(td->td_waitset), sig)) {
1585                            mtx_unlock_spin(&sched_lock);
1586                            return (td);
1587                  }
(kgdb) f 12
#12 0xc0616973 in psignal (p=0xc1ac99d8, sig=0x9) at ../../../kern/kern_sig.c:1636
1636            td = sigtd(p, sig, prop);
(kgdb) l
1631            prop = sigprop(sig);
1632
1633            /*
1634             * Find a thread to deliver the signal to.
1635             */
1636            td = sigtd(p, sig, prop);
1637
1638            tdsignal(td, sig, SIGTARGET_P);
1639    }
1640
(kgdb) p p
$7 = (struct proc *) 0xc1ac99d8
(kgdb) p *p
$5 = {p_list = {le_next = 0xc1b603f0, le_prev = 0xc1ae71f8}, p_ksegrps = {tqh_first = 0xc156f420, tqh_last = 0xc156f424}, p_threads = {
    tqh_first = 0xc1aca5c0, tqh_last = 0xc1aca5c8}, p_suspended = {tqh_first = 0x0, tqh_last = 0xc1ac99f0}, p_ucred = 0xc1a89b00,
  p_fd = 0xc1b04600, p_fdtol = 0x0, p_stats = 0xc184fe00, p_limit = 0xc1ad6b00, p_sigacts = 0xc1b6c000, p_flag = 0x2, p_sflag = 0x0,
  p_state = PRS_NORMAL, p_pid = 0xf3c6, p_hash = {le_next = 0x0, le_prev = 0xc1511318}, p_pglist = {le_next = 0x0, le_prev = 0xc1ae7248},
  p_pptr = 0xc1b603f0, p_sibling = {le_next = 0x0, le_prev = 0xc1ae7254}, p_children = {lh_first = 0x0}, p_mtx = {mtx_object = {
      lo_class = 0xc0886228, lo_name = 0xc0824f21 "process lock", lo_type = 0xc0824f21 "process lock", lo_flags = 0x430000, lo_list = {
        tqe_next = 0xc1ac9c38, tqe_prev = 0xc1ac9858}, lo_witness = 0xc09072a0}, mtx_lock = 0xc1b61730, mtx_recurse = 0x0}, p_oppid = 0x0,
  p_vmspace = 0xc1b76bb8, p_swtime = 0x1, p_realtimer = {it_interval = {tv_sec = 0x0, tv_usec = 0x0}, it_value = {tv_sec = 0x0,
      tv_usec = 0x0}}, p_rux = {rux_runtime = {sec = 0x0, frac = 0x13e52aa4d488ca0}, rux_uticks = 0x0, rux_sticks = 0x0, rux_iticks = 0x0,
    rux_uu = 0x0, rux_su = 0x12f9, rux_iu = 0x0}, p_crux = {rux_runtime = {sec = 0x0, frac = 0x0}, rux_uticks = 0x0, rux_sticks = 0x0,
    rux_iticks = 0x0, rux_uu = 0x0, rux_su = 0x0, rux_iu = 0x0}, p_profthreads = 0x0, p_maxthrwaits = 0x0, p_traceflag = 0x0,
  p_tracevp = 0x0, p_tracecred = 0x0, p_textvp = 0xc1cafaf8, p_siglist = {__bits = {0x0, 0x0, 0x0, 0x0}}, p_lock = 0x0, p_sigiolst = {
    slh_first = 0x0}, p_sigparent = 0x14, p_sig = 0x0, p_code = 0x0, p_stops = 0x0, p_stype = 0x0, p_step = 0x0, p_pfsflags = 0x0,
  p_nlminfo = 0x0, p_aioinfo = 0x0, p_singlethread = 0x0, p_suspcount = 0x0, p_xthread = 0x0, p_boundary_count = 0x0, p_magic = 0xbeefface,
  p_comm = "syscall", '\0' <repeats 12 times>, p_pgrp = 0xc1addd00, p_sysent = 0xc08c7400, p_args = 0xc1b0b0c0,
  p_cpulimit = 0x7fffffffffffffff, p_nice = 0x0, p_xstat = 0x0, p_klist = {kl_lock = 0xc1ac9a40, kl_list = {slh_first = 0x0}},
  p_numthreads = 0x1, p_numksegrps = 0x1, p_md = {md_ldt = 0xc1b0ba20}, p_itcallout = {c_links = {sle = {sle_next = 0x0}, tqe = {
        tqe_next = 0x0, tqe_prev = 0x0}}, c_time = 0x0, c_arg = 0x0, c_func = 0, c_flags = 0x8}, p_acflag = 0x1, p_ru = 0x0, p_peers = 0x0,
  p_leader = 0xc1ac99d8, p_emuldata = 0x0, p_label = 0x0, p_sched = 0xc1ac9bd0}
(kgdb) p *(struct thread *)0xc1aca5c0
$6 = {td_proc = 0xc1ac99d8, td_ksegrp = 0xc156f420, td_plist = {tqe_next = 0x0, tqe_prev = 0xc1ac99e8}, td_kglist = {tqe_next = 0x0,
    tqe_prev = 0xc156f42c}, td_slpq = {tqe_next = 0x0, tqe_prev = 0xc1664b80}, td_lockq = {tqe_next = 0x0, tqe_prev = 0xcf224c74},
  td_runq = {tqe_next = 0x0, tqe_prev = 0x0}, td_selq = {tqh_first = 0x0, tqh_last = 0x0}, td_sleepqueue = 0x0, td_turnstile = 0xc1754b40,
  td_tid = 0x1871c, td_flags = 0x8, td_inhibitors = 0x6, td_pflags = 0x0, td_dupfd = 0x0, td_wchan = 0xcf11ac60,
  td_wmesg = 0xc07e18d7 "sigwait", td_lastcpu = 0x0, td_oncpu = 0xff, td_locks = 0xfffe, td_blocked = 0x0, td_ithd = 0x0,
  td_lockname = 0x0, td_contested = {lh_first = 0x0}, td_sleeplocks = 0x0, td_intr_nesting_level = 0x0, td_pinned = 0x0, td_mailbox = 0x0,
  td_ucred = 0xc1a89b00, td_standin = 0x0, td_upcall = 0x0, td_sticks = 0x0, td_uuticks = 0x0, td_usticks = 0x0, td_intrval = 0x0,
  td_oldsigmask = {__bits = {0x0, 0x0, 0x0, 0x0}}, td_sigmask = {__bits = {0x0, 0x0, 0x0, 0x0}}, td_siglist = {__bits = {0x0, 0x0, 0x0,
      0x0}}, td_waitset = 0xcf11ac7c, td_umtxq = 0x0, td_generation = 0xd, td_sigstk = {ss_sp = 0x0, ss_size = 0x0, ss_flags = 0x4},
  td_kflags = 0x0, td_xsig = 0x0, td_profil_addr = 0x0, td_profil_ticks = 0x0, td_base_pri = 0x68, td_priority = 0x68, td_pcb = 0xcf11ada0,
  td_state = TDS_INHIBITED, td_retval = {0x0, 0x0}, td_slpcallout = {c_links = {sle = {sle_next = 0xc1b6183c}, tqe = {
        tqe_next = 0xc1b6183c, tqe_prev = 0xc65be400}}, c_time = 0x1313a6c, c_arg = 0xc1aca5c0, c_func = 0xc06327b4 <sleepq_timeout>,
    c_flags = 0x8}, td_frame = 0xcf11ad48, td_kstack_obj = 0xc1aa6ce4, td_kstack = 0xcf119000, td_kstack_pages = 0x2,
  td_altkstack_obj = 0x0, td_altkstack = 0x0, td_altkstack_pages = 0x0, td_critnest = 0x1, td_md = {md_savecrit = 0x246},
  td_sched = 0xc1aca70c}