Date: Tue, 23 Oct 2001 12:07:43 +0930 From: Greg Lehey <grog@FreeBSD.org> To: Bjarne Wichmann Petersen <mekanix@privat.dk> Cc: freebsd-stable@freebsd.org Subject: Re: [HARD CRASH] gdb output - what is it saying? Message-ID: <20011023120743.B27668@wantadilla.lemis.com> In-Reply-To: <20011022200156.PTLK23247.fepA.post.tele.dk@there>; from mekanix@privat.dk on Mon, Oct 22, 2001 at 10:04:46PM %2B0200 References: <20011018125533.OPYG1982.fepF.post.tele.dk@there> <01101913591302.00703@proxy.the-i-pa.com> <20011021181228.FFZX2863.fepZ.post.tele.dk@there> <20011022200156.PTLK23247.fepA.post.tele.dk@there>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday, 22 October 2001 at 22:04:46 +0200, Bjarne Wichmann Petersen wrote:
> I've included the latest gdb-out. I have no clue to what it all means, so if
> someone with a clue would help me locate what is causing my 4.4-STABLE to
> crash I'd be very happy.
If I could read it, it would help. You shouldn't wrap computer
output. If you follow up, please send the output as it comes, and
make the output in hex.
> (kgdb) symbol-file kernel.debug
> Reading symbols from kernel.debug...done.
> (kgdb) exec-file /var/crash/kernel.4
> (kgdb) core-file /var/crash/vmcore.4
>
> (kgdb) where
You've had two traps in a row, separated by an interrupt. Both traps
are in timer code.
(rearranging)
> at ../../i386/i386/trap.c:849
> #16 0xc0357ca7 in trap (frame={tf_fs = 16, tf_es = 16, tf_ds = 16, tf_edi =
> -880967808,
> tf_esi = -880967900, tf_ebp = -880967916, tf_isp = -880967952, tf_ebx =
> -1058816640,
> tf_edx = -1069680192, tf_ecx = -1069680192, tf_eax = 1381192787,
> tf_trapno = 12,
> tf_err = 0, tf_eip = 1381192787, tf_cs = 8, tf_eflags = 66178, tf_esp =
> -1071952601,
> tf_ss = -1058816640}) at ../../i386/i386/trap.c:448
Here's the first one. You've had a trap 12 (page fault in kernel
mode). The IP register (instruction pointer) was pointing to
1381192787. It's a lot easier to read this if you set your
output-radix to 16, where the address will show as 0x52535453. This
is not only not a valid kernel address, it represents the text "STSR",
which suggests to me that something has been overwriting the stack.
It's not worth looking at this frame any more.
> #17 0x52535453 in ?? ()
I'm not sure what this is, but clearly the stack has been trashed
(recognize that address?).
> #18 0xc01c6472 in gettimeofday (p=0xcb684ea0, uap=0xcb7d7f80) at
> ../../kern/kern_time.c:307
This should be a call to microtime(). Somehow it didn't get there.
> #19 0xc03586c1 in syscall2 (frame={tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi
> = 137846784,
> tf_esi = 46815, tf_ebp = -1077938116, tf_isp = -880967724, tf_ebx =
> 842094169,
> tf_edx = -1077938308, tf_ecx = 678132992, tf_eax = 116, tf_trapno = 0,
> tf_err = 2,
> tf_eip = 677671868, tf_cs = 31, tf_eflags = 643, tf_esp = -1077938160,
> tf_ss = 47})
> at ../../i386/i386/trap.c:1155
> #20 0xc0349ce5 in Xint0x80_syscall ()
> #21 0x8068b2c in ?? ()
> #22 0x8064540 in ?? ()
> #23 0x8061f7d in ?? ()
Clock interrupt. So far, so good.
> #9 0xc035cbb7 in clkintr (frame={cf_vec = 0, cf_ppl = 0, cf_fs = 16, cf_es =
> 16,
> cf_ds = 16, cf_edi = -880968264, cf_esi = -880968260, cf_ebp =
> -880968248,
> -880968308, cf_ebx = -881756544, cf_edx = -880968264, cf_ecx =
> -881756544,
> cf_eax = -881982624, 0, 0, cf_eip = -1071714030, cf_cs = 8, cf_eflags =
> 582,
> cf_esp = -1055106048, cf_ss = 0}) at ../../i386/isa/clock.c:216
> #10 0xc01ef112 in vfs_msync (mp=0xc11c5c00, flags=2) at
> ../../kern/vfs_subr.c:2536
> #11 0xc01f00e0 in sync (p=0xc043d760, uap=0x0) at
> ../../kern/vfs_syscalls.c:544
> #12 0xc01c0bd2 in boot (howto=256) at ../../kern/kern_shutdown.c:234
> #13 0xc01c11c0 in poweroff_wait (junk=0xc03cb42c, howto=-1069764785)
> at ../../kern/kern_shutdown.c:581
> #14 0xc0358416 in trap_fatal (frame=0xcb7d7ec4, eva=1381192787)
> at ../../i386/i386/trap.c:956
> #15 0xc03580e9 in trap_pfault (frame=0xcb7d7ec4, usermode=0, eva=1381192787)
> #0 dumpsys () at ../../kern/kern_shutdown.c:473
> #1 0xc01c0df3 in boot (howto=260) at ../../kern/kern_shutdown.c:313
> #2 0xc01c11c0 in poweroff_wait (junk=0xc03cb42c, howto=-1069764785)
> at ../../kern/kern_shutdown.c:581
> #3 0xc0358416 in trap_fatal (frame=0xcb7d7cc4, eva=1381192787)
> at ../../i386/i386/trap.c:956
> #4 0xc03580e9 in trap_pfault (frame=0xcb7d7cc4, usermode=0, eva=1381192787)
> at ../../i386/i386/trap.c:849
Second trap. Same address as the first.
> #5 0xc0357ca7 in trap (frame={tf_fs = 16, tf_es = 16, tf_ds = 16, tf_edi =
> -1058817060,
> tf_esi = -1058816548, tf_ebp = -880968424, tf_isp = -880968464, tf_ebx
> = -1058817152,
> tf_edx = -1058817024, tf_ecx = 0, tf_eax = 1381192787, tf_trapno = 12,
> tf_err = 0,
> tf_eip = 1381192787, tf_cs = 8, tf_eflags = 66050, tf_esp = -1071951411,
> tf_ss = -1058817152}) at ../../i386/i386/trap.c:448
> #6 0x52535453 in ?? ()
Recognize this bogus address again?
> #7 0xc01b5224 in tco_forward (force=0) at ../../kern/kern_clock.c:761
This should be a call to sync_other_counter().
> #8 0xc01b49b4 in hardclock (frame=0xcb7d7d58) at ../../kern/kern_clock.c:236
This is a puzzling dump. Have you any specialized timer hardware or
software on your machine? Is the dump repeatable?
Greg
--
See complete headers for address and phone numbers
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011023120743.B27668>