Subject: port-amiga/2934: kernel panic during a halt or reboot (/dev/reload)
To: None <gnats-bugs@gnats.netbsd.org, bernd@arresum.inka.de>
From: Bernd Ernesti <bernd@arresum.inka.de>
List: netbsd-bugs
Date: 11/12/1996 20:39:15 
>Number:         2934
>Category:       port-amiga
>Synopsis:       kernel panic during a halt or reboot (/dev/reload)
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    gnats-admin (GNATS administrator)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Nov 12 11:50:02 1996
>Last-Modified:
>Originator:     Bernd Ernesti
>Organization:
	
>Release:        NetBSD-current 27/10/96
>Environment:
	
System: NetBSD arresum 1.2B NetBSD 1.2B (VEEGO) #203: Fri Nov 1 19:50:30 MET 1996 bernd@arresum:/home/source/src/sys/arch/amiga/compile/VEEGO amiga


>Description:
The kernel panic during a halt or reboot.
All file system are umounted till it comes to the / fs. (I have options DEBUG
in the kernel).

- halt:

I only get two panics from about 30-40 halts.
It was a halt and not a shutdown -h now.
This is the trace from the kernel Debugger:
_Debugger
_panic
_panictrap
_trapmmufault
_trap
opaop_mask
_coredump (6ae300) +134
_sigexit (6ae300,b,1,2,8) +2e
_postsig (b) + 78
_userret (6ae300,1300c,405,5e2) +38
_trapmmufault (88,5e2,13008,25bdf80,6ae300) +438
_trap (8,5e2,13008) +334
opaop_mask

>How-To-Repeat:
	The halt panic is not reproduceable but the reboot panic (via
	cp /netbsd /dev/reload is reproduceable.
	I get this panic after i updated from 1.2 to -current.
>Fix:
>Audit-Trail:
>Unformatted:
>ps

pid proc addr uid ppid prog flag stat em comm wchan
[..]
 23 0x6ae300 0x25ba00 0 0 23 0004 2 netbsd mount_mfs thrd_sleep 0x163500

An uncomplet savecore is available (it only dumps 52-39).


-reboot:

I replaced /sbin/reboot with:
main(){system("cp /netbsd /dev/reload");}
so that shutdown -r reboots into netbsd. The same happens if I
do that cp in a shell.
This is an uncomplette DDB output:
_trap
opaop_mask
_vrele
_vclean
_vgone
_vflush
_ffs_flushfile
_ffs_unmount
_dounmount
_vfs_unmountall
_bootsync
_kernel_reload

I found a core from syslogd in / after i boot netbsd:

gdb /usr/obj/usr.sbin/syslogd/syslog syslogd.core
#0  0x80074e2 in end ()
(gdb) where
#0  0x80074e2 in end ()
#1  0x3804 in fprintlog ()
#2  0x8006068 in end ()
#3  0x3850 in wallmsg ()
#4  0x37f4 in fprintlog ()
#5  0x343e in logmsg ()
#6  0x314c in printsys ()
#7  0x2e3a in main ()

This is the dmesg output of this panic:

loading kernel 1256248+69432+195672+177480
syncing disks... unmounting /var/spool/ftp/pub/cdrom (/dev/cd0a)...
unmounting /kern (kernfs)...
unmounting /proc (procfs)...
unmounting /root/amiga/dh2 (/dev/sd0m)...
unmounting /root/amiga/dh1 (/dev/sd0l)...
unmounting /root/amiga/dfue (/dev/sd0k)...
unmounting /root/amiga/work (/dev/sd0j)...
unmounting /root/amiga/sys (/dev/sd0i)...
unmounting /mod (/dev/sd1d)...
unmounting /home/source (/dev/sd2d)...
unmounting /home/temp (/dev/sd0h)...
unmounting /home/work (/dev/sd0g)...
unmounting /home (/dev/sd0f)...
unmounting /usr (/dev/sd0d)...
unmounting /tmp (mfs:23)...
unmounting /var (/dev/sd0e)...
unmounting / (/dev/sd0a)...
trap: bad kernel access at 54 pc d1e20
trap type 8, code = 545, v = 54
pid = 5867, pc = 000D1E20, ps = 2004, sfc = 0001, dfc = 0001
Registers:
             0        1        2        3        4        5        6        7
dreg: 0000001B 00008500 00000008 006E8680 00000002 00000000 00000014 00000000
areg: 0264FC7C 00138880 00724D00 00000000 001663F0 0069EC00 0264FC68 0DFFFBE4

Kernel stack (0264FAD8):
64FAD8: 0012A876 0264FBAC 00000080 0012A810 00000008 00000545 00000054 00000001
64FAF8: 0264FB58 0012AC86 00000008 00000545 00000054 0264FBAC 0012A9C5 00000054
64FB18: 000D1E20 00000545 00000008 00000000 00000000 00000000 00000054 00736400
64FB38: 00000000 001663F0 0069EC00 00000011 00000000 00736400 00000001 00825A00
64FB58: 0264FB98 0012B29C 00000008 00000545 00000054 0264FBAC 00736400 00000000
64FB78: 00000000 00000008 006E8680 00000002 00000000 00000014 00000000 00724D00
64FB98: 0264FC68 000021BA 00000008 00000545 00000054 0000001B 00008500 00000008
64FBB8: 006E8680 00000002 00000000 00000014 00000000 0264FC7C 00138880 00724D00
64FBD8: 00000000 001663F0 0069EC00 0264FC68 0DFFFBE4 00000000 2004000D 1E207008
64FBF8: 0264FC38 05450005 00450005 00000054 0264FC2C 00000008 00724D00 0264FC2C
64FC18: 00043168 00A99674 00002004 00A99674 00724D00 00000008 006E8680 00724D00
64FC38: 00724D1C 0264FC84 000D1FC8 0264FC60 00000008 00000008 006E8680 00000002
64FC58: 00000000 00000014 00724D00 00000001 0264FC84 00046FF8 0264FC7C 00724D00
64FC78: 00000001 00138D44 00724D00 0264FCB8 0004729C 00724D00 00000000 00724D00
64FC98: 00724D00 00138D70 00724D00 00000004 FFFFFFFF 00000000 00138DC8 00724D00
64FCB8: 0264FCD8 000473D6 00724D00 00000008 00724D00 0069EC00 001663F0 0069EC00

A savecore and syslogd.core from this panic is available:

-rw-r--r--   1 root  wheel   1670976 Nov 10 19:05 netbsd.2
-rw-r--r--   1 root  wheel  52429332 Nov 10 19:05 netbsd.2.core
-rw-r-----   1 root  wheel    221540 Nov 10 19:01 syslogd.core