Subject: kern/32806: panic in uvm_map_replace1 asking for a backtrace in a core file
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <jmmv@netbsd.org>
List: netbsd-bugs
Date: 02/12/2006 16:10:00
>Number: 32806
>Category: kern
>Synopsis: panic in uvm_map_replace1 asking for a backtrace in a core file
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Feb 12 16:10:00 +0000 2006
>Originator: Julio M. Merino Vidal
>Release: NetBSD 3.99.15
>Organization:
>Environment:
System: NetBSD dawn.home.network 3.99.15 NetBSD 3.99.15 (DAWN) #63: Sat Feb 11 19:17:52 CET 2006 jmmv@dawn.home.network:/var/obj/usr/src/sys/arch/i386/compile/DAWN i386
Architecture: i386
Machine: i386
>Description:
digikam 0.8.1 is crashing on my machine. In an attempt to debug it,
I tried to ask for its backtrace, which resulted in the machine
panic'ing when it reached frame 13 or so. This is 100% reproduceable
and lets a local regular user crash the machine at will with a
properly prepared core image.
The message was:
panic: uvm_map_replace1
The following is the kernel's back trace that drove to the failure:
(gdb) bt
#0 0x3fefc000 in ?? ()
#1 0xc02c56da in cpu_reboot (howto=256, bootstr=0x0)
at /usr/src/sys/arch/i386/i386/machdep.c:769
#2 0xc014f020 in db_sync_cmd (addr=0, have_addr=0, count=-1070595678,
modif=0xcb8758ec "à»AÀ\003Y\207Ë\001") at /usr/src/sys/ddb/db_command.c:798
#3 0xc014ea57 in db_command (last_cmdp=0xc03db964, cmd_table=0xc0357e00)
at /usr/src/sys/ddb/db_command.c:503
#4 0xc014e766 in db_command_loop () at /usr/src/sys/ddb/db_command.c:294
#5 0xc01518a4 in db_trap (type=6, code=0) at /usr/src/sys/ddb/db_trap.c:101
#6 0xc02c2d5a in kdb_trap (type=6, code=0, regs=0xcb875b30)
at /usr/src/sys/arch/i386/i386/db_interface.c:225
#7 0xc02cdecc in trap (frame=0xcb875b30)
at /usr/src/sys/arch/i386/i386/trap.c:290
#8 0xc010af95 in calltrap ()
#9 0xc029510e in sys_sync (l=0xcae8b948, v=0x0, retval=0x0)
at /usr/src/sys/kern/vfs_syscalls.c:651
#10 0xc0293664 in vfs_shutdown () at x86/intr.h:163
#11 0xc02c56ee in cpu_reboot (howto=256, bootstr=0x0)
at /usr/src/sys/arch/i386/i386/machdep.c:755
#12 0xc014f020 in db_sync_cmd (addr=0, have_addr=0, count=-1070595678,
modif=0xcb875c30 "à»AÀG\\\207Ë\001") at /usr/src/sys/ddb/db_command.c:798
#13 0xc014ea57 in db_command (last_cmdp=0xc03db964, cmd_table=0xc0357e00)
at /usr/src/sys/ddb/db_command.c:503
---Type <return> to continue, or q <return> to quit---
#14 0xc014e766 in db_command_loop () at /usr/src/sys/ddb/db_command.c:294
#15 0xc01518a4 in db_trap (type=6, code=0) at /usr/src/sys/ddb/db_trap.c:101
#16 0xc02c2d5a in kdb_trap (type=6, code=0, regs=0xcb875e74)
at /usr/src/sys/arch/i386/i386/db_interface.c:225
#17 0xc02cdecc in trap (frame=0xcb875e74)
at /usr/src/sys/arch/i386/i386/trap.c:290
#18 0xc010af95 in calltrap ()
#19 0xc02a20fe in sync_fsync (v=0xcb875f14)
at /usr/src/sys/miscfs/syncfs/sync_vnops.c:162
#20 0xc029c140 in VOP_FSYNC (vp=0xcb90b9f4, cred=0xcae80f6c, flags=8, offlo=0,
offhi=0, l=0xcae8b948) at /usr/src/sys/kern/vnode_if.c:722
#21 0xc02a1dcb in sched_sync (v=0xcae8b948) at /usr/src/sys/sys/proc.h:394
(gdb)
I can provide binaries for the applications involved. Unfortunately,
I can't find a way to generate a core dump from digikam's crash.
>How-To-Repeat:
Install digikam 0.8.1 (I can also provide the update for the package,
as the version in pkgsrc is still 0.7.0). Add a collection of files
and it will probably crash. (I can also provide those faulting
pictures, if needed.) When KCrash appears on screen, click the
backtrace tab and see the machine panic.
Alternatively start digikam from within gdb and, when it has
crashed, do a 'bt' and get the panic.
>Fix:
>Unformatted: