cons141.html

GENERIC HEAD from Jul 8 14:53 UTC, vmcore.404
Fixed in src/sys/netinet/if_ether.c,v 1.139 2005/08/11 08:25:48 glebius

GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD 6.0-CURRENT #3: Fri Jul  8 17:09:52 CEST 2005
    pho@current.osted.lan:/usr/src/sys/i386/compile/PHO
WARNING: WITNESS option enabled, expect reduced performance.
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.14-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0xf13  Stepping = 3
  Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM>
real memory  = 267583488 (255 MB)
avail memory = 252223488 (240 MB)
:
Trying to mount root from ufs:/dev/ad0s1a
rl0: link state changed to DOWN


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0xdeadc0dc
fault code              = supervisor write, page not present
instruction pointer     = 0x20:0xc07e92c5
stack pointer           = 0x28:0xcc9dcbe8
frame pointer           = 0x28:0xcc9dcc3c
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 37 (swi1: net)
[thread pid 37 tid 100036 ]
Stopped at      memcpy+0x1d:    repe movsb      (%esi),%es:(%edi)
db> where
Tracing pid 37 tid 100036 td 0xc1590d80
memcpy(c1689400,c1f11400,c1781900,c17f08c4,c1e9b458) at memcpy+0x1d
in_arpinput(c1e9b400,c1e9b400,cc9dccd4,c069e3e6,c1e9b400) at in_arpinput+0x5b6
arpintr(c1e9b400) at arpintr+0xca
netisr_processqueue(c099fcb8) at netisr_processqueue+0x6e
swi_net(0) at swi_net+0xbe
ithread_loop(c1574480,cc9dcd38,c1574480,c061bfcc,0) at ithread_loop+0x11c
fork_exit(c061bfcc,c1574480,cc9dcd38) at fork_exit+0xa0
fork_trampoline() at fork_trampoline+0x8
--- trap 0x1, eip = 0, esp = 0xcc9dcd6c, ebp = 0 ---
db> show alllocks
Process 2116 (udp) thread 0xc1846a80 (100112)
exclusive sleep mutex inp (udpinp) r = 0 (0xc17ed9b4) locked @ netinet/udp_usrreq.c:762
Process 2115 (udp) thread 0xc2191900 (100185)
exclusive sleep mutex inp (udpinp) r = 0 (0xc17ee798) locked @ netinet/udp_usrreq.c:762
Process 2113 (udp) thread 0xc21dcc00 (100192)
exclusive sx user map r = 0 (0xc2b4a620) locked @ vm/vm_map.c:2997
Process 2112 (udp) thread 0xc218f900 (100195)
exclusive sleep mutex inp (udpinp) r = 0 (0xc17ee4c8) locked @ netinet/udp_usrreq.c:762
Process 2111 (udp) thread 0xc21c3000 (100155)
exclusive sleep mutex vm object (standard object) r = 0 (0xc1dfb318) locked @ vm/vnode_pager.c:1206
exclusive sx user map r = 0 (0xc21bfe54) locked @ vm/vm_map.c:2997
Process 2107 (thr1) thread 0xc21aa780 (100160)
exclusive sleep mutex vm object (standard object) r = 0 (0xc210e738) locked @ vm/vm_object.c:449
exclusive sx user map r = 0 (0xc1a14d28) locked @ vm/vm_map.c:2997
Process 2106 (thr1) thread 0xc23d9a80 (100182)
exclusive sx user map r = 0 (0xc21bf9a4) locked @ vm/vm_map.c:2997
Process 2105 (thr1) thread 0xc21c4480 (100174)
exclusive sx user map r = 0 (0xc21bfbfc) locked @ vm/vm_map.c:2997
Process 2104 (thr1) thread 0xc2b49300 (100212)
exclusive sx user map r = 0 (0xc2b4aad0) locked @ vm/vm_map.c:2997
Process 2097 (tcp) thread 0xc184f480 (100128)
shared sx proctree r = 0 (0xc09509e0) locked @ kern/kern_fork.c:277
Process 2095 (tcp) thread 0xc21a9600 (100139)
exclusive sx allproc r = 0 (0xc09509a0) locked @ kern/kern_fork.c:286
shared sx proctree r = 0 (0xc09509e0) locked @ kern/kern_fork.c:277
Process 2089 (swap) thread 0xc184e000 (100109)
exclusive sx user map r = 0 (0xc21bf3c8) locked @ vm/vm_map.c:2997
Process 2087 (swap) thread 0xc21aa180 (100132)
exclusive sleep mutex vm object (standard object) r = 0 (0xc282d840) locked @ vm/vm_fault.c:295
exclusive sx user map r = 0 (0xc21d9044) locked @ vm/vm_map.c:2997
Process 2077 (swap) thread 0xc23d9780 (100184)
exclusive sx user map r = 0 (0xc218c29c) locked @ vm/vm_map.c:2997
Process 678 (top) thread 0xc17abd80 (100088)
exclusive sx sysctl lock r = 0 (0xc0950f60) locked @ kern/kern_sysctl.c:1335
Process 271 (syslogd) thread 0xc17a9300 (100073)
exclusive sx user map r = 0 (0xc1546ad0) locked @ vm/vm_map.c:2997
db> call doadump
Dumping 254 MB (2 chunks)
  chunk 0: 1MB (159 pages) ... ok
  chunk 1: 255MB (65072 pages) 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15 ... ok

Dump complete
= 0xf
db> reset

#26 0xc0696c10 in ether_output (ifp=0xc07e92c5, m=0xc1f11400, dst=0x20, rt0=0x0) at ../../../net/if_ethersubr.c:284
#27 0xc06b766a in in_arpinput (m=0xc1e9b400) at ../../../netinet/if_ether.c:736
#28 0xc06b70a6 in arpintr (m=0xc1e9b400) at ../../../netinet/if_ether.c:505
#29 0xc069e3e6 in netisr_processqueue (ni=0xc099fcb8) at ../../../net/netisr.c:235
#30 0xc069e5ca in swi_net (dummy=0x0) at ../../../net/netisr.c:348
#31 0xc061c0e8 in ithread_loop (arg=0xc1574480) at ../../../kern/kern_intr.c:545
#32 0xc061b518 in fork_exit (callout=0xc061bfcc <ithread_loop>, arg=0xc1574480, frame=0xcc9dcd38) at ../../../kern/kern_fork.c:789
#33 0xc07d8aac in fork_trampoline () at ../../../i386/i386/exception.s:208
(kgdb) f 26
#26 0xc0696c10 in ether_output (ifp=0xc07e92c5, m=0xc1f11400, dst=0x20, rt0=0x0) at ../../../net/if_ethersubr.c:284
284             (void)memcpy(&eh->ether_type, &type,
(kgdb) l
279              */
280             M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT);
281             if (m == NULL)
282                     senderr(ENOBUFS);
283             eh = mtod(m, struct ether_header *);
284             (void)memcpy(&eh->ether_type, &type,
285                     sizeof(eh->ether_type));
286             (void)memcpy(eh->ether_dhost, edst, sizeof (edst));
287             if (hdrcmplt)
288                     (void)memcpy(eh->ether_shost, esrc,
(kgdb) p m
$1 = (struct mbuf *) 0xc1f11400
(kgdb) p *m
can not access 0xdeadc0d0, invalid address (0xdeadc0d0)
can not access 0xdeadc0d0, invalid address (0xdeadc0d0)
can not access 0xdeadc0d0, invalid address (0xdeadc0d0)
can not access 0xdeadc0d0, invalid address (0xdeadc0d0)
:
(kgdb) up
#27 0xc06b766a in in_arpinput (m=0xc1e9b400) at ../../../netinet/if_ether.c:736
736                             (*ifp->if_output)(ifp, la->la_hold, rt_key(rt), rt);
(kgdb) info loc
ah = (struct arphdr *) 0xc1e9b450
ifp = (struct ifnet *) 0xc1689400
th = (struct iso88025_header *) 0xc099e408
trld = (struct iso88025_sockaddr_dl_data *) 0xc065086e
la = (struct llinfo_arp *) 0xc18470a0
rt = (struct rtentry *) 0xc17f08c4
ifa = (struct ifaddr *) 0x0
ia = (struct in_ifaddr *) 0x0
sdl = (struct sockaddr_dl *) 0xc1781910
sa = {sa_len = 0x10, sa_family = 0x6b, sa_data = "bÀ\224\000\232À\001\000\000\000\035&\205À"}
isaddr = {s_addr = 0x201a8c0}
itaddr = {s_addr = 0x301a8c0}
myaddr = {s_addr = 0x301a8c0}
enaddr = (u_int8_t *) 0xc16850ab ""
op = 0x2
rif_len = 0xc0957d00
req_len = 0x0
bridged = 0x0
(kgdb) p *la
$3 = {la_le = {le_next = 0xc16c1be0, le_prev = 0xc222d640}, la_rt = 0xc17f08c4, la_hold = 0xc1f11400, la_preempt = 0x5, la_asked = 0x0}
(kgdb)