sorecieve panic
Paul Herman
pherman at frenchfries.net
Sat Jun 18 09:55:39 PDT 2005
Hey there,
got this just today from a 1.3.2-DEVELOPMENT kernel from Thursday
(after all spl()s were converted to critical sections.)
Is so_pru_rcvoob() not getting the message?
-Paul.
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x0
fault code = supervisor write, page not present
instruction pointer = 0x8:0xc0591520
stack pointer = 0x10:0xcc50a858
frame pointer = 0x10:0xcc50a8c0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 325 (named)
current thread = pri 38 (CRIT)
panic: from debugger
Uptime: 19h3m39s
dumping to dev #ad/0x30001, offset 789504
dump ata0: resetting devices .. done
126 125 124 123 122 121 120 119 118 117 116 115 114 113 112 111 110 109 108 107 106 105 104 103 102 101 100 99 98 97 96 95 94 93 92 91 90 89 88 87 86 85 84 83 82 81 80 79 78 77 76 75 74 73 72 71 70 69 68 67 66 65 64 63 62 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
---
#0 dumpsys () at /u01/src/sys/kern/kern_shutdown.c:508
508 if (dumping++) {
dumpsys () at /u01/src/sys/kern/kern_shutdown.c:508
508 if (dumping++) {
(kgdb) bt
#0 dumpsys () at /u01/src/sys/kern/kern_shutdown.c:508
#1 0xc02ad432 in boot (howto=260) at /u01/src/sys/kern/kern_shutdown.c:341
#2 0xc02ad8e7 in panic (fmt=0xc0504079 "from debugger") at /u01/src/sys/kern/kern_shutdown.c:620
#3 0xc0169953 in db_panic (addr=-1068840374, have_addr=0, count=-1, modif=0xcc50a8f0 "") at /u01/src/sys/ddb/db_command.c:449
#4 0xc01698ca in db_command (last_cmdp=0xc05be430, cmd_table=0x0, aux_cmd_tablep=0xc0561f3c, aux_cmd_tablep_end=0xc0561f54)
at /u01/src/sys/ddb/db_command.c:345
#5 0xc01699c8 in db_command_loop () at /u01/src/sys/ddb/db_command.c:471
#6 0xc016c69c in db_trap (type=3, code=0) at /u01/src/sys/ddb/db_trap.c:72
#7 0xc04ac6f4 in kdb_trap (type=3, code=0, regs=0xcc50aa10) at /u01/src/sys/i386/i386/db_interface.c:161
#8 0xc04c0637 in trap (frame=
{tf_fs = 24, tf_es = 16, tf_ds = -867172336, tf_edi = 1, tf_esi = -1068411066, tf_ebp = -867128744, tf_isp = -867128772, tf_ebx = 256, tf_edx = 2815, tf_ecx = 0, tf_eax = 18, tf_trapno = 3, tf_err = 0, tf_eip = -1068840374, tf_cs = 8, tf_eflags = 658, tf_esp = -1068338150, tf_ss = -1068417312}) at /u01/src/sys/i386/i386/trap.c:732
#9 0xc04ad9cf in calltrap () at /u01/src/sys/i386/i386/exception.s:776
#10 0x00000018 in ?? ()
#11 0x00000010 in ?? ()
#12 0xcc500010 in ?? ()
#13 0x00000001 in ?? ()
#14 0xc0515746 in ?? ()
#15 0xcc50aa58 in ?? ()
#16 0xcc50aa3c in ?? ()
#17 0x00000100 in ?? ()
#18 0x00000aff in ?? ()
#19 0x00000000 in ?? ()
#20 0x00000012 in ?? ()
#21 0x00000003 in ?? ()
#22 0x00000000 in ?? ()
#23 0xc04aca4a in Debugger (msg=0x0) at cpufunc.h:68
#24 0xc02ad8df in panic (fmt=0xc0515746 "receive 1") at /u01/src/sys/kern/kern_shutdown.c:618
#25 0xc02dc65b in soreceive (so=0xcbda1b20, psa=0xcc50ab58, uio=0xcc50aba8, mp0=0x0, controlp=0xcc50ab5c, flagsp=0xcc50ab60)
at /u01/src/sys/kern/uipc_socket.c:838
#26 0xc02e047c in kern_recvmsg (s=20, sa=0x0, auio=0xcc50aba8, control=0x0, flags=0x0, res=0x0) at socketops.h:81
#27 0xc02e07f0 in recvmsg (uap=0xcc50ac24) at /u01/src/sys/kern/uipc_syscalls.c:891
#28 0xc04c0f8f in syscall2 (frame=
{tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = 136403200, tf_esi = 135898880, tf_ebp = -1077937512, tf_isp = -867127948, tf_ebx = -1077937776, tf_edx = 4096, tf_ecx = 135898880, tf_eax = 27, tf_trapno = 0, tf_err = 2, tf_eip = 673144372, tf_cs = 31, tf_eflags = 642, tf_esp = -1077937860, tf_ss = 47}) at /u01/src/sys/i386/i386/trap.c:1328
#29 0xc04ada5a in Xint0x80_syscall () at /u01/src/sys/i386/i386/exception.s:854
#30 0x0000002f in ?? ()
#31 0x0000002f in ?? ()
#32 0x0000002f in ?? ()
#33 0x08215900 in ?? ()
#34 0x0819a700 in ?? ()
---Type <return> to continue, or q <return> to quit---q
Quit
(kgdb) up 25
#25 0xc02dc65b in soreceive (so=0xcbda1b20, psa=0xcc50ab58, uio=0xcc50aba8, mp0=0x0, controlp=0xcc50ab5c, flagsp=0xcc50ab60)
at /u01/src/sys/kern/uipc_socket.c:838
838 KASSERT(m != 0 || !so->so_rcv.sb_cc, ("receive 1"));
(kgdb) list
833 if (m == 0 || (((flags & MSG_DONTWAIT) == 0 &&
834 so->so_rcv.sb_cc < uio->uio_resid) &&
835 (so->so_rcv.sb_cc < so->so_rcv.sb_lowat ||
836 ((flags & MSG_WAITALL) && uio->uio_resid <= so->so_rcv.sb_hiwat)) &&
837 m->m_nextpkt == 0 && (pr->pr_flags & PR_ATOMIC) == 0)) {
838 KASSERT(m != 0 || !so->so_rcv.sb_cc, ("receive 1"));
839 if (so->so_error) {
840 if (m)
841 goto dontblock;
842 error = so->so_error;
(kgdb) print m
$1 = (struct mbuf *) 0x0
(kgdb) print *so
$2 = {so_type = 2, so_options = 1028, so_linger = 0, so_state = 256, so_pcb = 0xcbe0bec0, so_proto = 0xc059c4d4, so_head = 0x0,
so_incomp = {tqh_first = 0x0, tqh_last = 0xcbda1b34}, so_comp = {tqh_first = 0x0, tqh_last = 0xcbda1b3c}, so_list = {
tqe_next = 0x0, tqe_prev = 0x0}, so_qlen = 0, so_incqlen = 0, so_qlimit = 0, so_timeo = 0, so_error = 0, so_sigio = 0x0,
so_oobmark = 0, so_aiojobq = {tqh_first = 0x0, tqh_last = 0xcbda1b60}, so_rcv = {sb_cc = 72, sb_hiwat = 42080, sb_mbcnt = 768,
sb_mbmax = 262144, sb_lowat = 1, sb_mb = 0x0, sb_lastmbuf = 0x0, sb_lastrecord = 0xc0dbb200, sb_sel = {si_pid = 0, si_note = {
slh_first = 0x0}, si_mlist = {tqh_first = 0x0, tqh_last = 0xcbda1b90}, si_flags = 0}, sb_flags = 1, sb_timeo = 0},
so_snd = {sb_cc = 0, sb_hiwat = 9216, sb_mbcnt = 0, sb_mbmax = 73728, sb_lowat = 2048, sb_mb = 0x0, sb_lastmbuf = 0x0,
sb_lastrecord = 0x0, sb_sel = {si_pid = 0, si_note = {slh_first = 0x0}, si_mlist = {tqh_first = 0x0, tqh_last = 0xcbda1bc8},
si_flags = 0}, sb_flags = 0, sb_timeo = 0}, so_upcall = 0, so_upcallarg = 0x0, so_cred = 0xc0d26cc8, so_gencnt = 83,
so_emuldata = 0x0, so_accf = 0x0}
(kgdb)
More information about the Bugs
mailing list