Date: Tue, 12 Aug 1997 14:45:23 -0700 From: Julian Elischer <julian@whistle.com> To: hackers@freebsd.org Subject: krnel panic in 2.2.2+ (continued) Message-ID: <33F0D972.398A68D@whistle.com>
next in thread | raw e-mail | index | archive | help
eek I need to read better!
#12 0xf01718bf in trap (frame={tf_es = -272695280, tf_ds = -272695280,
tf_edi = 33816576, tf_esi = -266607784, tf_ebp = -272630516,
tf_isp = -272630580, tf_ebx = 8, tf_edx = 0, tf_ecx = -260173824,
tf_eax = -266606616, tf_trapno = 12, tf_err = -227409918,
tf_eip = -266923108, tf_cs = -266862584, tf_eflags = 65543,
tf_esp = -267325485, tf_ss = -260173824}) at
../../i386/i386/trap.c:311
#13 0xf017139c in nortqr ()
#14 0xf010eb25 in tsleep (ident=0xf272f698, priority=4,
wmesg=0xf015bead "swread", timo=2000) at ../../kern/kern_synch.c:361
#15 0xf015c380 in swap_pager_getpages (object=0xf07e9080, m=0xefbffe54,
count=2, reqpage=1) at ../../vm/swap_pager.c:1032
#16 0xf01670f7 in vm_pager_get_pages (object=0xf07e9080, m=0xefbffe54,
count=2, reqpage=1) at ../../vm/vm_pager.c:188
#17 0xf015da16 in vm_fault (map=0xf07e3d00, vaddr=4022325248,
fault_type=3 '\003', change_wiring=0) at ../../vm/vm_fault.c:426
#18 0xf0171b78 in trap_pfault (frame=0xefbffed4, usermode=0)
at ../../i386/i386/trap.c:633
#19 0xf01718bf in trap (frame={tf_es = -260177904, tf_ds = 16,
tf_edi = -272639468, tf_esi = -272629956, tf_ebp = -272629952,
tf_isp = -272630020, tf_ebx = 4, tf_edx = 6, tf_ecx = 1,
tf_eax = -272639464, tf_trapno = 12, tf_err = 2, tf_eip =
-266924675,
tf_cs = -272695288, tf_eflags = 66050, tf_esp = -260108800,
tf_ss = -272629884}) at ../../i386/i386/trap.c:311
#20 0xf0170d7d in generic_copyout ()
#21 0xf01075ff in wait4 (p=0xf07e1000, uap=0xefbfff94,
retval=0xefbfff84)
at ../../kern/kern_exit.c:357
#22 0xf0172333 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 3,
tf_esi = 0, tf_ebp = -272639532, tf_isp = -272629788,
tf_ebx = 134705248, tf_edx = 0, tf_ecx = 0, tf_eax = 7, tf_trapno
= 12,
tf_err = 7, tf_eip = 134489121, tf_cs = 31, tf_eflags = 534,
tf_esp = -272639556, tf_ss = 39}) at ../../i386/i386/trap.c:890
#23 0x8042421 in ?? ()
Cannot access memory at address 0xefbfd9d8.
(kgdb) disassemble nortqr
Dump of assembler code for function nortqr:
0xf017137c <nortqr>: movl 0xf01a0564,%edi
0xf0171382 <nortqr+6>: bsfl %edi,%ebx
0xf0171385 <nortqr+9>: je 0xf01713ae <idqr>
0xf0171387 <nortqr+11>: btrl %ebx,%edi
0xf017138a <nortqr+14>: leal 0xf01be318(,%ebx,8),%eax
0xf0171391 <nortqr+21>: movl %eax,%esi
0xf0171393 <nortqr+23>: movl (%eax),%ecx
0xf0171395 <nortqr+25>: movl (%ecx),%edx
0xf0171397 <nortqr+27>: movl %edx,(%eax)
0xf0171399 <nortqr+29>: movl 0x4(%ecx),%eax
0xf017139c <nortqr+32>: movl %eax,0x4(%edx) <--------------
0xf017139f <nortqr+35>: cmpl (%ecx),%esi
0xf01713a1 <nortqr+37>: je 0xf01713a6 <nortqr+42>
0xf01713a3 <nortqr+39>: btsl %ebx,%edi
0xf01713a6 <nortqr+42>: movl %edi,0xf01a0564
0xf01713ac <nortqr+48>: jmp 0xf01713e2 <swtch_com>
End of assembler dump.
or: in the .s file:
nortqr:
movl _whichqs,%edi
2:
/* XXX - bsf is sloow */
bsfl %edi,%ebx /* find a full q */
jz idqr /* if none, idle */
/* XX update whichqs? */
btrl %ebx,%edi /* clear q full status */
leal _qs(,%ebx,8),%eax /* select q */
movl %eax,%esi
movl P_FORW(%eax),%ecx /* unlink from front of process q */
movl P_FORW(%ecx),%edx
movl %edx,P_FORW(%eax)
movl P_BACK(%ecx),%eax
movl %eax,P_BACK(%edx) <---------------------
cmpl P_FORW(%ecx),%esi /* q empty */
je 3f
btsl %ebx,%edi /* nope, set to indicate not
empty *
/
3:
movl %edi,_whichqs /* update q status */
jmp swtch_com
(kgdb) info reg
eax 0x0 0
ecx 0x0 0
edx 0x0 0
ebx 0x8 8
esp 0xefbffa6c 0xefbffa6c
ebp 0xefbffd0c 0xefbffd0c
esi 0xf01be358 -266607784
edi 0x2040000 33816576
eip 0xf0169961 0xf0169961
eflags 0x0 0
cs 0x0 0
ss 0x0 0
ds 0x0 0
es 0x0 0
#12 0xf01718bf in trap (frame={tf_es = -272695280, tf_ds = -272695280,
tf_edi = 33816576, tf_esi = -266607784, tf_ebp = -272630516,
tf_isp = -272630580, tf_ebx = 8, tf_edx = 0, tf_ecx = -260173824,
tf_eax = -266606616, tf_trapno = 12, tf_err = -227409918,
tf_eip = -266923108, tf_cs = -266862584, tf_eflags = 65543,
tf_esp = -267325485, tf_ss = -260173824}) at
../../i386/i386/trap.c:311
311 (void) trap_pfault(&frame, FALSE);
(kgdb) x/x -227409918
0xf2720002 <end+39184826>: Cannot access memory at address
0xf2720002.
0xf017139c <nortqr+32>: movl %eax,0x4(%edx) <--------------
edx == 0
so fault address SHOULD be 4
the panic MESSAGE has the right address.. (0x4)
Aug 12 08:27 Critical: /kernel: Fatal trap 12: page fault while in
kernel
mode
Aug 12 08:27 Critical: /kernel: fault virtual address = 0x4
Aug 12 08:27 Critical: /kernel: fault code = supervisor
write,
page not present
Aug 12 08:27 Critical: /kernel: instruction pointer = 0x8:0xf017139c
Aug 12 08:27 Critical: /kernel: stack pointer =
0x10:0xefbffce0
Aug 12 08:27 Critical: /kernel: frame pointer =
0x10:0xefbffd0c
Aug 12 08:27 Critical: /kernel: code segment = base 0x0,
limit
0xfffff, type 0x1b
Aug 12 08:27 Critical: /kernel: = DPL 0, pres 1,
def32 1, gran 1
Aug 12 08:27 Critical: /kernel: processor eflags = resume, IOPL =
0
Aug 12 08:27 Critical: /kernel: current process = Idle
Aug 12 08:27 Critical: /kernel: interrupt mask = net tty bio
Aug 12 08:27 Critical: /kernel: panic: page fault
Aug 12 08:27 Critical: /kernel:
Aug 12 08:27 Critical: /kernel: syncing disks...
more info to come...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?33F0D972.398A68D>