Date: Mon, 17 Nov 2003 21:35:37 -0800 (PST) From: Paul Herman <pherman@frenchfries.net> To: freebsd-stable@freebsd.org Subject: panic in 4.9-STABLE Message-ID: <20031118053537.A49E04AF6@frenchfries.net>
next in thread | raw e-mail | index | archive | help
I've seen this (double) page fault happen every now and then for
quite some time, so I don't think this is new. panic happens when
lots of interrupts are happening, not necessarily on the wi0
interface. Anyone know what's going on here?
4.9-STABLE from a couple of weeks ago.
-Paul.
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x30
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc035ff60
stack pointer = 0x10:0xc04729f8
frame pointer = 0x10:0xc0472a00
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = Idle
interrupt mask = net tty bio cam
trap number = 12
panic: page fault
[...]
(kgdb) bt
#0 dumpsys () at /u01/src/sys/kern/kern_shutdown.c:487
#1 0xc023d05b in boot (howto=260) at /u01/src/sys/kern/kern_shutdown.c:316
#2 0xc023d499 in panic (fmt=0xc046962c "%s") at /u01/src/sys/kern/kern_shutdown.c:595
#3 0xc03d2ffb in trap_fatal (frame=0xc04729b8, eva=48) at /u01/src/sys/i386/i386/trap.c:974
#4 0xc03d2ca9 in trap_pfault (frame=0xc04729b8, usermode=0, eva=48) at /u01/src/sys/i386/i386/trap.c:867
#5 0xc03d284f in trap (frame={tf_fs = -1071251440, tf_es = 6750224, tf_ds = -1069088752, tf_edi = 0, tf_esi = -1056606464,
tf_ebp = -1069078016, tf_isp = -1069078044, tf_ebx = -1068836260, tf_edx = 6867008, tf_ecx = -860387712, tf_eax = 0,
tf_trapno = 12, tf_err = 0, tf_eip = -1070203040, tf_cs = 8, tf_eflags = 66050, tf_esp = -1056606464, tf_ss = -1056606464})
at /u01/src/sys/i386/i386/trap.c:466
#6 0xc035ff60 in acquire_lock (lk=0xc04ada5c) at /u01/src/sys/ufs/ffs/ffs_softdep.c:266
#7 0xc0364060 in softdep_update_inodeblock (ip=0xc1057700, bp=0xc37bbe04, waitfor=0) at /u01/src/sys/ufs/ffs/ffs_softdep.c:3813
#8 0xc035f095 in ffs_update (vp=0xccb78680, waitfor=0) at /u01/src/sys/ufs/ffs/ffs_inode.c:106
#9 0xc03674de in ffs_sync (mp=0xc0ff3200, waitfor=2, cred=0xc0b2c880, p=0xc04f4620) at /u01/src/sys/ufs/ffs/ffs_vfsops.c:1025
#10 0xc026ddf7 in sync (p=0xc04f4620, uap=0x0) at /u01/src/sys/kern/vfs_syscalls.c:577
#11 0xc023cdf6 in boot (howto=256) at /u01/src/sys/kern/kern_shutdown.c:235
#12 0xc023d499 in panic (fmt=0xc046962c "%s") at /u01/src/sys/kern/kern_shutdown.c:595
#13 0xc03d2ffb in trap_fatal (frame=0xc0472b90, eva=12) at /u01/src/sys/i386/i386/trap.c:974
#14 0xc03d2ca9 in trap_pfault (frame=0xc0472b90, usermode=0, eva=12) at /u01/src/sys/i386/i386/trap.c:867
#15 0xc03d284f in trap (frame={tf_fs = -1055850480, tf_es = 16, tf_ds = 999948304, tf_edi = -7, tf_esi = 0, tf_ebp = -1069077540,
tf_isp = -1069077572, tf_ebx = -1062000640, tf_edx = 1, tf_ecx = 0, tf_eax = 7, tf_trapno = 12, tf_err = 0,
tf_eip = -1071276043, tf_cs = 8, tf_eflags = 66050, tf_esp = -1062000640, tf_ss = -1057378304})
at /u01/src/sys/i386/i386/trap.c:466
#16 0xc0259ff5 in m_copydata (m=0xc0b35900, off=14, len=-7, cp=0xc0f9b1f6 "% G\223") at /u01/src/sys/kern/uipc_mbuf.c:984
#17 0xc0218f9b in wi_start (ifp=0xc0f9b000) at /u01/src/sys/dev/wi/if_wi.c:2319
#18 0xc021b6e7 in wihap_data_input (sc=0xc0f9b000, rxfrm=0xc0472cb4, m=0xc0b31100) at /u01/src/sys/net/if_var.h:289
#19 0xc0216361 in wi_rxeof (sc=0xc0f9b000) at /u01/src/sys/dev/wi/if_wi.c:799
#20 0xc021665a in wi_intr (xsc=0xc0f9b000) at /u01/src/sys/dev/wi/if_wi.c:935
#21 0xc023b23e in add_interrupt_randomness (vsc=0xc04f34e4) at /u01/src/sys/kern/kern_random.c:247
#22 0xc03c9ed6 in cpu_idle () at /u01/src/sys/i386/i386/machdep.c:1000
(kgdb) up 16
#16 0xc0259ff5 in m_copydata (m=0xc0b35900, off=14, len=-7, cp=0xc0f9b1f6 "%§G\223") at /u01/src/sys/kern/uipc_mbuf.c:984
984 }
(kgdb) list
979 KASSERT(m != NULL, ("m_copydata, offset > size of mbuf chain"));
980 if (off < m->m_len)
981 break;
982 off -= m->m_len;
983 m = m->m_next;
984 }
985 while (len > 0) {
986 KASSERT(m != NULL, ("m_copydata, length > size of mbuf chain"));
987 count = min(m->m_len - off, len);
988 bcopy(mtod(m, caddr_t) + off, cp, count);
(kgdb) print m
$1 = (struct mbuf *) 0x0
(kgdb) up
#17 0xc0218f9b in wi_start (ifp=0xc0f9b000) at /u01/src/sys/dev/wi/if_wi.c:2319
2319 m_copydata(m0, sizeof(struct ether_header),
(kgdb) list
2314 tx_frame.wi_type = eh->ether_type;
2315
2316 if (sc->wi_ptype == WI_PORTTYPE_AP && sc->wi_use_wep) {
2317 /* Do host encryption. */
2318 bcopy(&tx_frame.wi_dat[0], &sc->wi_txbuf[4], 8);
2319 m_copydata(m0, sizeof(struct ether_header),
2320 m0->m_pkthdr.len - sizeof(struct ether_header),
2321 (caddr_t)&sc->wi_txbuf[12]);
2322 wi_do_hostencrypt(sc, &sc->wi_txbuf[0],
2323 tx_frame.wi_dat_len);
(kgdb) print *m0
$2 = {m_hdr = {mh_next = 0x0, mh_nextpkt = 0x0, mh_data = 0xc0b32800 "\001", mh_len = 7, mh_type = 1, mh_flags = 515}, M_dat = {
MH = {MH_pkthdr = {rcvif = 0xc0f9b000, len = 7, header = 0x0, csum_flags = 0, csum_data = 3, tags = {slh_first = 0x0}},
MH_dat = {MH_ext = {ext_buf = 0xc0b32800 "\001", ext_free = ³0, ext_size = 2048, ext_ref = 0},
MH_databuf = "\000(À\000\000\000\000\000\b\000\000\000\000\000\000E\000\005Ü<\225
[...]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031118053537.A49E04AF6>