Date: Thu, 15 Apr 1999 11:32:17 -0700 (PDT) From: "Stephen R. Whiteley" <stevew@srware.com> To: freebsd-bugs@freebsd.org Subject: possible kernel VM bug Message-ID: <199904151832.LAA00305@srware.com>
next in thread | raw e-mail | index | archive | help
Attention kernel VM system gurus,
I want to report a possible (probable) kernel bug.
I am working on a fairly large application (16.7Mb with -g). When I use
gdb, I get a kernel panic. This will just about always happen when I
re-run the program, presumably as it tries to re-read the symbols, but
is not limited to that case. I have had only one non-gdb panic in months.
The problem started about the time I cvsupped 2.2.8 (from 2.2.6), however
there is uncertainty since the application has changed, and grown,
considerably since then. I can say, however, that there was no such
problem when I used FBSD 2.1.6 or before (going back to 1.1.15). I use FBSD
almost exclusively for software development. There have been no hardware
changes in the 2.2.6-2.2.8 era.
The machine is a P-Pro 200MHz with 32M, Adaptec scsi, 80Mb swap. It seems
to work corectly other than the present problem.
I resently set up the kernel core dump feature, which yielded the
backtrace below. This is the consistent pattern.
I have no experience with the kernel or kernel debugging, but I will attempt
to track this down when I have time, since the process would be educational.
I would appreaciate any suggestions, and I won't complain if someone spoils
my fun by providing a fix.
Steve Whiteley
Whiteley Research Inc.
stevew@srware.com
(kgdb) symbol-file kernel.debug
Reading symbols from kernel.debug...done.
(kgdb) exec-file /var/crash/kernel.0
(kgdb) core-file /var/crash/vmcore.0
IdlePTD 219000
current pcb at 1fd6a8
panic: rlist_free: free start overlaps already freed area
#0 boot (howto=256) at ../../kern/kern_shutdown.c:266
266 dumppcb.pcb_cr3 = rcr3();
(kgdb) bt
#0 boot (howto=256) at ../../kern/kern_shutdown.c:266
#1 0xf0112992 in panic (
fmt=0xf011943f "rlist_free: free start overlaps already freed area")
at ../../kern/kern_shutdown.c:400
#2 0xf0119562 in rlist_free (rlh=0xf020a160, start=0, end=7)
at ../../kern/subr_rlist.c:162
#3 0xf01ad657 in swap_pager_freeswapspace (object=0xf06fb680, from=0, to=7)
at ../../vm/swap_pager.c:410
#4 0xf01adcff in swap_pager_copy (srcobject=0xf06fb680, srcoffset=0,
dstobject=0xf06f1f80, dstoffset=0, offset=0) at ../../vm/swap_pager.c:693
#5 0xf01b5d47 in vm_object_collapse (object=0xf06f1f80)
at ../../vm/vm_object.c:1022
#6 0xf01b0115 in vm_fault (map=0xf069a000, vaddr=827392, fault_type=3 '\003',
fault_flags=8) at ../../vm/vm_fault.c:712
#7 0xf01c5f72 in trap_pfault (frame=0xefbfffbc, usermode=1)
at ../../i386/i386/trap.c:662
#8 0xf01c5b07 in trap (frame={tf_es = -272695257, tf_ds = -272695257,
tf_edi = 835720, tf_esi = 911936, tf_ebp = -272640260,
tf_isp = -272629788, tf_ebx = 871, tf_edx = 0, tf_ecx = 165649,
tf_eax = 920704, tf_trapno = 12, tf_err = 7, tf_eip = 165823,
tf_cs = 31, tf_eflags = 66050, tf_esp = -272640476, tf_ss = 39})
at ../../i386/i386/trap.c:248
#9 0x287bf in ?? ()
#10 0x32319 in ?? ()
#11 0x534cd in ?? ()
#12 0x2bdd5 in ?? ()
#13 0x563f0 in ?? ()
#14 0x565bb in ?? ()
#15 0x358dd in ?? ()
#16 0x1095 in ?? ()
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904151832.LAA00305>