From owner-freebsd-current@FreeBSD.ORG Fri Feb 13 18:22:03 2009 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 32DB51065672 for ; Fri, 13 Feb 2009 18:22:03 +0000 (UTC) (envelope-from gallatin@cs.duke.edu) Received: from duke.cs.duke.edu (duke.cs.duke.edu [152.3.140.1]) by mx1.freebsd.org (Postfix) with ESMTP id CCACE8FC17 for ; Fri, 13 Feb 2009 18:22:02 +0000 (UTC) (envelope-from gallatin@cs.duke.edu) Received: from [172.31.193.10] (cpe-075-177-134-250.nc.res.rr.com [75.177.134.250]) (authenticated bits=0) by duke.cs.duke.edu (8.14.2/8.14.2) with ESMTP id n1DIM1X5025675 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 13 Feb 2009 13:22:02 -0500 (EST) X-DKIM: Sendmail DKIM Filter v2.5.3 duke.cs.duke.edu n1DIM1X5025675 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cs.duke.edu; s=mail; t=1234549322; bh=TZmJ7wdyLNCRm8KM/5vTQfY47O3ztMtcoiGOTHJFmuU=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=tBPtprh5kMf5 ltdtrmuUQxvDNfMNU+IQMKzSagBh+rkq38SvuXmuo7J01VHB6ft1Z1X0i55YsStS03d vKdNfkZMLQ3foJ68DXNYkoMKX9epE052UdujZCjGsMCCs+Tjqk8BtH9ss0IewJ1AAZZ 4SUNz294olOCOBpRSwXXmOUc8= Message-ID: <4995BA43.5020108@cs.duke.edu> Date: Fri, 13 Feb 2009 13:21:55 -0500 From: Andrew Gallatin User-Agent: Thunderbird 2.0.0.16 (X11/20080724) MIME-Version: 1.0 To: Artem Belevich References: <4995A792.5050003@cs.duke.edu> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: current@freebsd.org Subject: Re: Dtrace panic'ed X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Feb 2009 18:22:03 -0000 Artem Belevich wrote: >> --- trap 0xc, rip = 0xffffffff80e33187, rsp = 0xfffffffe4004aa70, rbp = >> 0xfffffffe4004aa80 --- >> cyclic_disable_xcall() at cyclic_disable_xcall+0x7 >> smp_rendezvous_action() at smp_rendezvous_action+0xb3 >> Xrendezvous() at Xrendezvous+0x64 > > It seems to be the same issue that few other folks including myself > have seen. Search -current archives around October for 'hotkernel in > the subject. Ah, I see. > By the way, if you dump stack tracess for all processes, do you see > any of them in smp_tlb_shootdown ? No idea. I've rebooted, and am poking around in gdb. I thought that getting backtraces for everything from gdb was i386 specific, and I'm on amd64. I'm pretty weak on amd64 assembly language, but I think I know enough to think that this very weird. In my case, I'm also seeing a 0x20 faulting address, and the instruction pointer is here: push %rbp mov (%rdi),%rax mov %rsp,%rbp --> mov 0x20(%rax),%rax mov 0x30(%rax),%rdi mov 0x18(%rax),%r11 If I look at the caller: (kgdb) p/x local_func_arg $2 = 0xffffffff226567c0 That matches %rdi. in the cyclic_disable_xcall() function. Then if I then dereference this, I get something which is non-null. (kgdb) p/x *(long *)0xffffffff226567c0 $3 = 0xffffffff22656820 I was expecting it to be 0, given the faulting address of 0x20. But it wasn't. Drew