From nobody@FreeBSD.org  Mon Dec 24 22:34:35 2007
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B161E16A418
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 24 Dec 2007 22:34:35 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 9D83113C45A
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 24 Dec 2007 22:34:35 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id lBOMY4FA006919
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 24 Dec 2007 22:34:04 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id lBOMY4iI006918;
	Mon, 24 Dec 2007 22:34:04 GMT
	(envelope-from nobody)
Message-Id: <200712242234.lBOMY4iI006918@www.freebsd.org>
Date: Mon, 24 Dec 2007 22:34:04 GMT
From: nrg milk <nrgmilk@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: snp causes kernel  panic: page fault
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         119003
>Category:       kern
>Synopsis:       kernel  panic: page fault
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kib
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 24 22:40:00 UTC 2007
>Closed-Date:    Mon Feb 25 14:40:17 UTC 2008
>Last-Modified:  Mon Feb 25 14:40:17 UTC 2008
>Originator:     nrg milk
>Release:        7.0-PRERELEASE
>Organization:
null
>Environment:
FreeBSD  7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #3: Sun Dec 23 11:24:17 JST 2007     root@:/usr/obj/usr/src/sys/ULE  i386

FreeBSD www.vixi.us 7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #1: Mon Dec 24 04:10:38 JST 2007     root@www.vixi.us:/usr/obj/usr/src/sys/ULE  amd64
>Description:
reboots suddenly. 
this log is i386 vmware machine.
However, neither the log nor the message appear from amd64. 

Dec 25 07:19:03  kernel: Fatal trap 12: page fault while in kernel mode
Dec 25 07:19:03  kernel: cpuid = 0; apic id = 00
Dec 25 07:19:03  kernel: fault virtual address  = 0x24
Dec 25 07:19:03  kernel: fault code             = supervisor read, page not present
Dec 25 07:19:03  kernel: instruction pointer    = 0x20:0xc42dc241
Dec 25 07:19:03  kernel: stack pointer          = 0x28:0xdd80ab34
Dec 25 07:19:03  kernel: frame pointer          = 0x28:0xdd80ab88
Dec 25 07:19:03  kernel: code segment           = base 0x0, limit 0xfffff, type 0x1b
Dec 25 07:19:03  kernel: = DPL 0, pres 1, def32 1, gran 1
Dec 25 07:19:03  kernel: processor eflags       = interrupt enabled, resume, IOPL = 0
Dec 25 07:19:03  kernel: current process                = 2998 (csh)
Dec 25 07:19:03  kernel: trap number            = 12
Dec 25 07:19:03  kernel: panic: page fault
Dec 25 07:19:03  kernel: cpuid = 0
Dec 25 07:19:03  kernel: Uptime: 13m26s
Dec 25 07:19:03  kernel: Physical memory: 755 MB
Dec 25 07:19:03  kernel: Dumping 125 MB: 110 94 78 62 46 30 14
Dec 25 07:19:03  kernel: Dump complete
Dec 25 07:19:03  kernel: Automatic reboot in 15 seconds - press a key on the console to abort
Dec 25 07:19:03  kernel: Rebooting...

>How-To-Repeat:
ssh login target.
and

# watch ttyp0
>Fix:


>Release-Note:
>Audit-Trail:

From: Remko Lodder <remko@FreeBSD.org>
To: nrg milk <nrgmilk@gmail.com>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/119003: kernel  panic: page fault
Date: Mon, 24 Dec 2007 23:54:55 +0100

 nrg milk wrote:
 > FreeBSD  7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #3: Sun Dec 23 11:24:17 JST 2007     root@:/usr/obj/usr/src/sys/ULE  i386
 > 
 > FreeBSD www.vixi.us 7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #1: Mon Dec 24 04:10:38 JST 2007     root@www.vixi.us:/usr/obj/usr/src/sys/ULE  amd64
 >> Description:
 > reboots suddenly. 
 > this log is i386 vmware machine.
 > However, neither the log nor the message appear from amd64. 
 
 Hello,
 
 Thanks for the ticket but sadly it's worthless as is. Can you please
 obtain additional information from the dump as mentioned in
 http://www.freebsd.org/doc/en/books/developers-handbook/kerneldebug.html?
 That way we can see what is going on and possibly fix this.
 
 Please(!) reply all when you are responding to this message.
 
 Thanks for using FreeBSD and that you are willing to help resolve issues!
 
 -- 
 /"\   Best regards,                      | remko@FreeBSD.org
 \ /   Remko Lodder                       | remko@EFnet
  X    http://www.evilcoder.org/          |
 / \   ASCII Ribbon Campaign              | Against HTML Mail and News
State-Changed-From-To: open->feedback 
State-Changed-By: remko 
State-Changed-When: Mon Dec 24 23:09:33 UTC 2007 
State-Changed-Why:  
I requested feedback / additional information, reflect that in the 
ticket. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119003 
Responsible-Changed-From-To: freebsd-bugs->kib 
Responsible-Changed-By: kib 
Responsible-Changed-When: Tue Dec 25 15:10:07 UTC 2007 
Responsible-Changed-Why:  
Try the rev. 1.207 of the sys/dev/snp/snp.c. I believe it shall fix 
the problem. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119003 

From: nrgmilk@gmail.com
To: bug-followup@FreeBSD.org, nrgmilk@gmail.com
Cc:  
Subject: Re: kern/119003: kernel panic: page fault
Date: Sat, 29 Dec 2007 18:10:22 +1100

 Hello.
 I tried there things.
 
 # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
 # x86
 # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
 
 Unread portion of the kernel message buffer:
 
 
 Fatal trap 12: page fault while in kernel mode
 cpuid = 0; apic id = 00
 fault virtual address   = 0x24
 fault code              = supervisor read, page not present
 instruction pointer     = 0x20:0xc4199241
 stack pointer           = 0x28:0xdf2f4b34
 frame pointer           = 0x28:0xdf2f4b88
 code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, def32 1, gran 1
 processor eflags        = interrupt enabled, resume, IOPL = 0
 current process         = 1566 (csh)
 trap number             = 12
 panic: page fault
 cpuid = 0
 Uptime: 1h1m11s
 Physical memory: 755 MB
 Dumping 127 MB: 112 96 80 64 48 32 16
 
 #0  doadump () at pcpu.h:195
 195     pcpu.h: No such file or directory.
         in pcpu.h
 (kgdb) where
 #0  doadump () at pcpu.h:195
 #1  0xc0753d57 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
 #2  0xc0754019 in panic (fmt=Variable "fmt" is not available.
 ) at /usr/src/sys/kern/kern_shutdown.c:563
 #3  0xc0a67f3c in trap_fatal (frame=0xdf2f4af4, eva=36) at
 /usr/src/sys/i386/i386/trap.c:899
 #4  0xc0a681a0 in trap_pfault (frame=0xdf2f4af4, usermode=0, eva=36)
     at /usr/src/sys/i386/i386/trap.c:812
 #5  0xc0a68b22 in trap (frame=0xdf2f4af4) at /usr/src/sys/i386/i386/trap.c:490
 #6  0xc0a4f4bb in calltrap () at /usr/src/sys/i386/i386/exception.s:139
 #7  0xc4199241 in ?? ()
 Previous frame inner to this frame (corrupt stack?)
 (kgdb) list
 139             call    trap
 140             add     $4, %esp
 141
 142             /*
 143              * Return via doreti to handle ASTs.
 144              */
 145             MEXITCOUNT
 146             jmp     doreti
 147
 148     /*
 
 # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
 # amd64
 # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
 
 Unread portion of the kernel message buffer:
 
 
 Fatal trap 12: page fault while in kernel mode
 cpuid = 0; apic id = 00
 fault virtual address   = 0x48
 fault code              = supervisor read data, page not present
 instruction pointer     = 0x8:0xffffffffaece343e
 stack pointer           = 0x10:0xffffffffaeb57940
 frame pointer           = 0x10:0xffffffffaeb57a00
 code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, long 1, def32 0, gran 1
 processor eflags        = interrupt enabled, resume, IOPL = 0
 current process         = 31394 (csh)
 trap number             = 12
 panic: page fault
 cpuid = 0
 Uptime: 13h19m45s
 Physical memory: 3443 MB
 Dumping 412 MB: 397 381 365 349 333 317 301 285 269 253 237 221 205
 189 173 157 141 125 109 93 77 61 45 29 13
 
 #0  doadump () at pcpu.h:194
 194     pcpu.h: No such file or directory.
         in pcpu.h
 (kgdb) where
 #0  doadump () at pcpu.h:194
 #1  0x0000000000000004 in ?? ()
 #2  0xffffffff804777b0 in boot (howto=260) at
 /usr/src/sys/kern/kern_shutdown.c:409
 #3  0xffffffff80477bcd in panic (fmt=0x104 <Address 0x104 out of bounds>)
     at /usr/src/sys/kern/kern_shutdown.c:563
 #4  0xffffffff8074d684 in trap_fatal (frame=0xffffff00651fb000,
 eva=18446742974862451816)
     at /usr/src/sys/amd64/amd64/trap.c:724
 #5  0xffffffff8074da55 in trap_pfault (frame=0xffffffffaeb57890, usermode=0)
     at /usr/src/sys/amd64/amd64/trap.c:641
 #6  0xffffffff8074e3fb in trap (frame=0xffffffffaeb57890) at
 /usr/src/sys/amd64/amd64/trap.c:410
 #7  0xffffffff8073419e in calltrap () at
 /usr/src/sys/amd64/amd64/exception.S:169
 #8  0xffffffffaece343e in ?? ()
 #9  0xffffff00d7fdee78 in ?? ()
 #10 0x0000000000000050 in ?? ()
 #11 0x0000000000000000 in ?? ()
 #12 0xffffffffaeb57b00 in ?? ()
 #13 0xffffff000138fc00 in ?? ()
 #14 0xffffff001a4d1468 in ?? ()
 #15 0xffffff00d7fdc700 in ?? ()
 #16 0xffffffff8046f8b3 in proc_dtor (mem=Variable "mem" is not available.
 ) at /usr/src/sys/kern/kern_proc.c:164
 #17 0x0000000000000003 in ?? ()
 #18 0x00000000802c7415 in ?? ()
 #19 0xffffffff804bfa57 in ttyioctl (dev=Variable "dev" is not available.
 ) at /usr/src/sys/kern/tty.c:3286
 #20 0x0000000000000022 in ?? ()
 #21 0xffffff001a693200 in ?? ()
 #22 0xffffffff8044699c in giant_write (dev=0x4,
 uio=0xffffffffaeb57b00, ioflag=0)
     at /usr/src/sys/kern/kern_conf.c:373
 #23 0xffffffff8040daba in devfs_write_f (fp=0xffffff006883e960,
 uio=0xffffffffaeb57b00, cred=Variable "cred" is not available.
 )
     at /usr/src/sys/fs/devfs/devfs_vnops.c:1304
 #24 0xffffffff804ad6e8 in dofilewrite (td=0xffffff00651fb000, fd=17,
 fp=0xffffff006883e960,
     auio=0xffffffffaeb57b00, offset=Variable "offset" is not available.
 ) at file.h:254
 #25 0xffffffff804ad9ee in kern_writev (td=0xffffff00651fb000, fd=17,
 auio=0xffffffffaeb57b00)
     at /usr/src/sys/kern/sys_generic.c:401
 #26 0xffffffff804ada6c in write (td=0xffffff001aa9fae2, uap=0x57ad42)
     at /usr/src/sys/kern/sys_generic.c:317
 #27 0xffffffff8074dcda in syscall (frame=0xffffffffaeb57c70) at
 /usr/src/sys/amd64/amd64/trap.c:852
 #28 0xffffffff807343ab in Xfast_syscall () at
 /usr/src/sys/amd64/amd64/exception.S:290
 #29 0x00000008009cb7dc in ?? ()
 Previous frame inner to this frame (corrupt stack?)
 (kgdb) list
 290             call    syscall
 291             movq    PCPU(CURPCB),%rax
 292             testq   $PCB_FULLCTX,PCB_FLAGS(%rax)
 293             jne     3f
 294     1:      /* Check for and handle AST's on return to userland */
 295             cli
 296             movq    PCPU(CURTHREAD),%rax
 297             testl   $TDF_ASTPENDING | TDF_NEEDRESCHED,TD_FLAGS(%rax)
 298             je      2f
 299             sti
 
 EOF

From: nrgmilk@gmail.com
To: bug-followup@FreeBSD.org, nrgmilk@gmail.com
Cc:  
Subject: Re: kern/119003: kernel panic: page fault
Date: Sun, 30 Dec 2007 00:29:08 +1100

 sorry.
 output result of the following commands.
 
 kgdb /usr/obj/usr/src/sys/ULE/kernel.debug /var/crash/vmcore.0
 
 
 > nrg milk wrote:
 > > FreeBSD 7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #3: Sun Dec 23 11:24:17 JST 2007 root@:/usr/obj/usr/src/sys/ULE i386
 > >
 > > FreeBSD www.vixi.us 7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #1: Mon Dec 24 04:10:38 JST 2007 root@www.vixi.us:/usr/obj/usr/src/sys/ULE amd64
 > > > Description:
 > > reboots suddenly.
 > > this log is i386 vmware machine.
 > > However, neither the log nor the message appear from amd64.
 >
 > Hello,
 >
 > Thanks for the ticket but sadly it's worthless as is. Can you please
 > obtain additional information from the dump as mentioned in
 > http://www.freebsd.org/doc/en/books/developers-handbook/kerneldebug.html?
 > That way we can see what is going on and possibly fix this.
 >
 > Please(!) reply all when you are responding to this message.
 >
 > Thanks for using FreeBSD and that you are willing to help resolve issues!
 >
 > --
 > /"\ Best regards, | remko@FreeBSD.org
 > \ / Remko Lodder | remko@EFnet
 > X http://www.evilcoder.org/ |
 > / \ ASCII Ribbon Campaign | Against HTML Mail and News
State-Changed-From-To: feedback->closed 
State-Changed-By: kib 
State-Changed-When: Mon Feb 25 14:39:00 UTC 2008 
State-Changed-Why:  
I believe this is fixed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119003 
>Unformatted:
