From nobody@FreeBSD.org  Fri Aug  9 15:22:16 2002
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 279FF37B400
	for <freebsd-gnats-submit@FreeBSD.org>; Fri,  9 Aug 2002 15:22:16 -0700 (PDT)
Received: from www.freebsd.org (www.FreeBSD.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DEB1843E75
	for <freebsd-gnats-submit@FreeBSD.org>; Fri,  9 Aug 2002 15:22:15 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.4/8.12.4) with ESMTP id g79MMFOT079053
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 9 Aug 2002 15:22:15 -0700 (PDT)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.4/8.12.4/Submit) id g79MMFqD079052;
	Fri, 9 Aug 2002 15:22:15 -0700 (PDT)
Message-Id: <200208092222.g79MMFqD079052@www.freebsd.org>
Date: Fri, 9 Aug 2002 15:22:15 -0700 (PDT)
From: Max Clark <max@clarksys.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Kernel Panic after cvsup'ing 8/9/02
X-Send-Pr-Version: www-1.0

>Number:         41492
>Category:       kern
>Synopsis:       Kernel Panic after cvsup'ing 8/9/02
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Aug 09 15:30:01 PDT 2002
>Closed-Date:    Sat Aug 10 05:38:42 PDT 2002
>Last-Modified:  Sat Aug 10 05:38:42 PDT 2002
>Originator:     Max Clark
>Release:        4.6 (tracking stable with cvsup)
>Organization:
ClarkSys
>Environment:
>Description:
      Fatal trap 12: page fault while in kernel mode
mp_lock = 01000002; cpuid = 1; lapic.id = 00000000
fault virtual address	= 0x0
fault code		= supervisor read, page not present
instruction pointer	= 0x8:0xc0191f64
stack pointer		= 0x10:0xff80fdac
frame pointer		= 0x10:0xff80fdb4
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= idel
interrupt mask		= net tty <- SMP: XXX
kernel: type 12 trap, code=0
stopped at	m_freem+0x1c:	cmpl	$0,0(%ebx)
>How-To-Repeat:
I haven't been able to narrow the event to a specific event other than I cvsup'd this morring after this issue (http://www.freebsd.org/cgi/query-pr.cgi?pr=41459) was resolved.

My mylex raid controller doesn't seem to be a valid dump device so I am unsure what else to do. I've loaded DDB into the kernel and get to a db> prompt. Any guidance would be appreciated.
>Fix:
      
>Release-Note:
>Audit-Trail:

From: Ian Dowse <iedowse@maths.tcd.ie>
To: Max Clark <max@clarksys.com>
Cc: freebsd-gnats-submit@FreeBSD.org, luigi@FreeBSD.org
Subject: Re: kern/41492: Kernel Panic after cvsup'ing 8/9/02 
Date: Sat, 10 Aug 2002 01:51:23 +0100

 In message <200208092222.g79MMFqD079052@www.freebsd.org>, Max Clark writes:
 >
 >stopped at	m_freem+0x1c:	cmpl	$0,0(%ebx)
 >>How-To-Repeat:
 >I haven't been able to narrow the event to a specific event other than I cvsup
 >'d this morring after this issue (http://www.freebsd.org/cgi/query-pr.cgi?pr=4
 >1459) was resolved.
 
 Try the following patch. A recent commit broke the long-standing
 assumption that it is safe to pass NULL into m_freem().
 
 Ian
 
 Index: uipc_mbuf.c
 ===================================================================
 RCS file: /home/iedowse/CVS/src/sys/kern/uipc_mbuf.c,v
 retrieving revision 1.51.2.17
 diff -u -r1.51.2.17 uipc_mbuf.c
 --- uipc_mbuf.c	9 Aug 2002 02:11:08 -0000	1.51.2.17
 +++ uipc_mbuf.c	10 Aug 2002 00:47:30 -0000
 @@ -703,7 +703,7 @@
  {
  	int s = splimp();
  
 -        if (mcl_pool_now < mcl_pool_max && m->m_next == NULL &&
 +        if (mcl_pool_now < mcl_pool_max && m && m->m_next == NULL &&
              (m->m_flags & (M_PKTHDR|M_EXT)) == (M_PKTHDR|M_EXT) &&
              m->m_type == MT_DATA && M_EXT_WRITABLE(m) ) {
  		if (m->m_pkthdr.aux) {
 

From: Brad Johnson <bjohnson@got.wedgie.org>
To: freebsd-gnats-submit@FreeBSD.org
Cc: max@clarksys.com
Subject: Re: kern/41492: Kernel Panic after cvsup'ing 8/9/02
Date: Fri, 9 Aug 2002 23:40:41 -0400 (EDT)

 Hi...
 
 I experienced a very similar error after cvsup'ing on 8/9/02. However, my
 message was slightly different and might not be related:
 
 Fatal trap 12: page fault while in kernel mode
 fault virtual address = 0x0
 fault code = supervisor read, page not present
 instruction pointer = 0x8:0xc016e580
 stack pointer = 0x10:0xcdb17d08
 frame pointer = 0x10:0xcdb17d10
 code sgement = base 0x0, limit 0xfffff, type 0x1b
  		DPL 0, pres 1, def32 1, gran 1
 processor eflags = interrupt enabled, resume, IOPL = 0
 current process = 85 (sendmail)
 interrupt mask = net tty
 trap number = 12
 panic: page fault
 
 Now... here's the odd thing; I'm not running sendmail. My /etc/rc.conf
 looks like this:
 
 linux_enable="YES"
 sshd_enable="YES"
 pccard_enable="YES"
 ifconfig_ep0="DHCP"
 hostname="bjohnson.mydomain.com"
 pccard_ifconfig="DHCP"
 sendmail_enable="NONE"
 portmap_enable="NO"
 firewall_enable="YES"
 firewall_type="open"
 
 So I'm not sure how sendmail is even starting. But this is where it gets
 even more bizarre. If I comment out the firewall_enable and firewall_type
 lines, the system boots fine. 
 
 And yes, I have option IPFIREWALL in my kernel conf.
 
 Something this random could easily be a memory-related error, I guess.
 Might Max and I have similar problems?
 
 Again, I'm on the 4.6 STABLE branch and just cvsup'ed today.
 
 Thanks,
 Brad Johnson
 
State-Changed-From-To: open->closed 
State-Changed-By: iedowse 
State-Changed-When: Sat Aug 10 05:38:08 PDT 2002 
State-Changed-Why:  

Fixed in revision 1.51.2.18 of uipc_mbuf.c. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=41492 
>Unformatted:
