Date: Wed, 14 May 2003 13:51:16 +0200 From: Jonas Bulow <jonas@bulow.mine.nu> To: Peter Jeremy <peterjeremy@optushome.com.au> Cc: freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: Kernel panic on FreeBSD 4.8-STABLE Message-ID: <3EC22DB4.70409@bulow.mine.nu> In-Reply-To: <20030514100716.GA4410@cirb503493.alcatel.com.au> References: <3EC10790.50809@bulow.mine.nu> <20030514100716.GA4410@cirb503493.alcatel.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
Peter Jeremy wrote:
> On Tue, May 13, 2003 at 04:56:16PM +0200, Jonas Bulow wrote:
>
>>I need some help to understand a backtrace.
>
>
>>Fatal trap 9: general protection fault while in kernel mode
>>instruction pointer = 0x8:0xc023ceeb
>>stack pointer = 0x10:0xcf7d9ea4
>>frame pointer = 0x10:0xcf7d9ec0
>>code segment = base 0x0, limit 0xfffff, type 0x1b
>> = DPL 0, pres 1, def32 1, gran 1
>>processor eflags = resume, IOPL = 0
>>current process = Idle
>>interrupt mask = net tty bio cam
>>trap number = 9
>>panic: general protection fault
>
> ...
>
>>#17 0xc023d6fb in trap (frame={tf_fs = 16, tf_es = 134938640, tf_ds =
>>-982253552, tf_edi = -971835344, tf_esi = 32,
>> tf_ebp = -813850944, tf_isp = -813850992, tf_ebx = -1070885216,
>>tf_edx = -812732416, tf_ecx = -831483840,
>> tf_eax = 336283586, tf_trapno = 9, tf_err = 32, tf_eip =
>>-1071395093, tf_cs = 8, tf_eflags = 65670, tf_esp = -1072211888,
>> tf_ss = -831471360}) at /usr/src/sys/i386/i386/trap.c:636
>>#18 0xc023ceeb in sw1a ()
>>#19 0xc0174ff1 in tsleep (ident=0xce70c100, priority=288,
>>wmesg=0xc02530a5 "wait", timo=0) at /usr/src/sys/kern/kern_synch.c:479
>
>
> #18 is the underlying problem. sw1a() is in /sys/i386/i386/swtch.s
> and you might like to disassemble the code around 0xc023ceeb to see
> exactly where it is dying. GPF is a catch-all category so it's
> difficult to know exactly why you're getting it without knowing the
> actual instruction it dies on.
This is beyond my skills. :-) Does the disassemble say anything usefull?
(kgdb) disassemble 0xc023ceeb
Dump of assembler code for function sw1a:
0xc023ce72 <sw1a>: call 0xc0174a50 <chooseproc>
0xc023ce77 <sw1a+5>: test %eax,%eax
0xc023ce79 <sw1a+7>: je 0xc023cd80 <idle>
0xc023ce7f <sw1a+13>: mov %eax,%ecx
0xc023ce81 <sw1a+15>: xor %eax,%eax
0xc023ce83 <sw1a+17>: andl $0xfffffffd,0xc029855c
0xc023ce8a <sw1a+24>: mov 0x168(%ecx),%edx
0xc023ce90 <sw1a+30>: mov %cr3,%ebx
0xc023ce93 <sw1a+33>: cmp 0x0(%edx),%ebx
0xc023ce96 <sw1a+36>: je 0xc023ce9e <sw1a+44>
0xc023ce98 <sw1a+38>: mov 0x0(%edx),%ebx
0xc023ce9b <sw1a+41>: mov %ebx,%cr3
0xc023ce9e <sw1a+44>: xor %esi,%esi
0xc023cea0 <sw1a+46>: cmpl $0x0,0x250(%edx)
0xc023cea7 <sw1a+53>: je 0xc023ceb8 <sw1a+70>
0xc023cea9 <sw1a+55>: bts %esi,0xc02b9728
0xc023ceb0 <sw1a+62>: mov 0x250(%edx),%edi
0xc023ceb6 <sw1a+68>: jmp 0xc023ced4 <sw1a+98>
0xc023ceb8 <sw1a+70>: mov %edx,%ebx
0xc023ceba <sw1a+72>: add $0x2ff0,%ebx
0xc023cec0 <sw1a+78>: mov %ebx,0xc02984e8
0xc023cec6 <sw1a+84>: btr %esi,0xc02b9728
0xc023cecd <sw1a+91>: jae 0xc023ceee <sw1a+124>
0xc023cecf <sw1a+93>: mov $0xc0298550,%edi
0xc023ced4 <sw1a+98>: mov 0xc0298558,%ebx
0xc023ceda <sw1a+104>: mov 0x0(%edi),%eax
0xc023cedd <sw1a+107>: mov %eax,0x0(%ebx)
0xc023cee0 <sw1a+110>: mov 0x4(%edi),%eax
0xc023cee3 <sw1a+113>: mov %eax,0x4(%ebx)
0xc023cee6 <sw1a+116>: mov $0x20,%esi
0xc023ceeb <sw1a+121>: ltr %si
0xc023ceee <sw1a+124>: mov 0x60(%ecx),%ebx
0xc023cef1 <sw1a+127>: xor %eax,%eax
0xc023cef3 <sw1a+129>: bts %eax,0x80(%ebx)
0xc023cefa <sw1a+136>: mov 0x14(%edx),%ebx
0xc023cefd <sw1a+139>: mov 0x10(%edx),%esp
0xc023cf00 <sw1a+142>: mov 0xc(%edx),%ebp
0xc023cf03 <sw1a+145>: mov 0x8(%edx),%esi
0xc023cf06 <sw1a+148>: mov 0x4(%edx),%edi
0xc023cf09 <sw1a+151>: mov 0x18(%edx),%eax
0xc023cf0c <sw1a+154>: mov %eax,(%esp,1)
0xc023cf0f <sw1a+157>: mov %edx,0xc02984d8
0xc023cf15 <sw1a+163>: mov %ecx,0xc02984d0
End of assembler dump.
Regards,
jonas
>
> Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EC22DB4.70409>