Date: Sat, 24 Dec 2005 17:00:47 +0100 From: "Martin P. Hansen" <mph@lima.dyndns.dk> To: freebsd-current@freebsd.org Subject: if_dc.c causes page fault while in kernel mode; coredump; reproducible Message-ID: <20051224160047.GA40553@echobase.hoth.dk>
next in thread | raw e-mail | index | archive | help
--SUOF0GtieIMvvwua
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I'm currently experiencing periodic page faults with my FreeBSD
when shutting down (power-down). I've experienced this behavior in
6.0-RELEASE (GENERIC) and in 6.0-STABLE (GENERIC) cvsup'ed 2005-12-22
14:19.
Not beeing a kernelhacker myself I've come to the conclusion that
something in the dc driver is freed to soon or perhaps a lock isn't
held. It might have something to do with ACPI as the powerdown is close.
I've got two crashdumps for 6.0-RELEASE and three for 6.0-STABLE and
it seems to be reproducible. To reproduce I set up a machine to
ping my FreeBSD box and tell the FreeBSD box ``shutdown -p now''.
All suggestions are welcome.
uname -a:
FreeBSD mph 6.0-STABLE FreeBSD 6.0-STABLE #0: Thu Dec 22 13:38:15 CET 2005
mph@mph:/usr/obj/usr/src/sys/GENERIC i386
The crashdump header looks like this:
Fatal trap 12: page fault while in kernel mode
fault virtual address =3D 0x18
fault code =3D supervisor write, page not present
instruction pointer =3D 0x20:0xc073d480
stack pointer =3D 0x28:0xd5865cb4
frame pointer =3D 0x28:0xd5865ccc
code segment =3D base 0x0, limit 0xfffff, type 0x1b
=3D DPL 0, pres 1, def32 1, gran 1
processor eflags =3D interrupt enabled, resume, IOPL =3D 0
current process =3D 28 (irq17: pcm0 dc0)
trap number =3D 12
panic: page fault
The crash happens at
0xc073d480 is in dc_rxeof (/usr/src/sys/pci/if_dc.c:2779)
2774 * If we are on an architecture with alignment prob=
lems, or
2775 * if the allocation fails, then use m_devget and l=
eave the
2776 * existing buffer in the receive ring.
2777 */
2778 if (dc_quick && dc_newbuf(sc, i, 1) =3D=3D 0) {
2779 m->m_pkthdr.rcvif =3D ifp;
2780 m->m_pkthdr.len =3D m->m_len =3D total_len;
2781 DC_INC(i, DC_RX_LIST_CNT);
2782 } else
2783 #endif
(kgdb) print m
$1 =3D (struct mbuf *) 0x0
(kgdb) print sc->dc_cdata.dc_rx_prod
$2 =3D 43
Unread portion of the kernel message buffer:
<118>Shutting down daemon processes:
<118>.
<118>Shutting down local daemons:
<118>.
<118>Writing entropy file:
<118>.
<118>Terminated
<118>.
<118>Dec 22 17:55:14 mph syslogd: exiting on signal 15
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...2 1 1 0 0 0 done
All buffers synced.
Uptime: 3h34m52s
--=20
Martin P. Hansen
--SUOF0GtieIMvvwua
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
iD8DBQFDrXCvOxWv3QTcu8YRAsvmAJ9W1I03L/GNpWBFJizdpg1siEUr+ACeK+YO
6Yfsj8ecwWbezJoyLRYVMb4=
=4Q09
-----END PGP SIGNATURE-----
--SUOF0GtieIMvvwua--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051224160047.GA40553>