I've had 3 kernel panics today where the last log entry was
SymUIAgent[69]: SymUIAgent log mgr - plug-in 'AppF' got error 21 flushing.
I am runing Norton Internet Security 5 Ver 5.6(25) under OSX 10.9.1 on an iMac.
Anyone have any ideas why this is happening, and what AppF is?
I just had this panic today, and when I Google it, it points to a possible Norton 10 problem. Let me know if you need me to resend it in another format.
Thanks,
Gary Foote
From the log it looks you are using NAV 12.6 (or NIS 5.6), under MacOS 10.9.x. This is a release version of 10.9 correct (not a Developer Preview)? I'm not sure if you might have an NTFS formatted drive, but there may be an OS panic associated with those.
Can you include the link you found about NAV 10? Since SymAPComm is not in the panic backtrace it's hard to see its involvement.
The version of Norton I'm running comes from my a link on COMCAST, my ISP provider.
Here's the panic link I found, but upon closer examination, it is old and therefore may not still be pertinent.
I'm attaching another panic dump that corresponds with the problem mentioned in my original post. It seems to have a reference to com.symantec.kext.SymAPComm too. If you don't think it is related, can you point me at an area to explore next?
Thanks,
Gary
Sorry for the delay in responding. It is interesting that the older panic in NAV 10 was also a kauth_cred_ref panic, but since there's no follow-up on that post, I can't conclude much. Your earlier panic was due to a page fault, which is a more common type.
The fact that SymAPComm is listed as a loaded kernel extension is not really significant, since that should always be true when AutoProtect is enabled. In the page fault case, where it was the most recently loaded (also not surprising, since it loads later than most system kexts), we can see from the load address and size that it is not in the backtrace for the panic. This means it wasn't a direct cause, though it's impossible to rule out that it indirectly contributed somehow.
In the kauth_cred_ref panic, there's no load address for SymAPComm, so it's harder to conclude anything there. While SymAPComm does use kauth, I don't see any case of it taking a reference on a kauth credential.
I'm not sure what to suggest as far as next steps. Can you associate any particular user activity with the panic, or any other recent software installs or upgrades?
<script id="ncoEventScript" type="text/javascript">// function DOMContentLoaded(browserID, tabId, isTop, url) { var object = document.getElementById("cosymantecnisbfw"); if(null != object) { object.DOMContentLoaded(browserID, tabId, isTop, url);} }; function Nav(BrowserID, TabID, isTop, isBool, url) { var object = document.getElementById("cosymantecnisbfw"); if(null != object) object.Nav(BrowserID, TabID, isTop, isBool, url); }; function NavigateComplete(BrowserID, TabID, isTop, url) { var object = document.getElementById("cosymantecnisbfw"); if(null != object) object.NavigateComplete(BrowserID, TabID, isTop, url); } function Submit(browserID, tabID, target, url) { var object = document.getElementById("cosymantecnisbfw"); if(null != object) object.Submit(browserID, tabID, target, url); }; // </script>I've had 3 kernel panics today where the last log entry was
SymUIAgent[69]: SymUIAgent log mgr - plug-in 'AppF' got error 21 flushing.
I am runing Norton Internet Security 5 Ver 5.6(25) under OSX 10.9.1 on an iMac.
Anyone have any ideas why this is happening, and what AppF is?