Date: Sun, 12 May 1996 00:23:30 +0300 (EET DST) From: Heikki Suonsivu <hsu@clinet.fi> To: FreeBSD-gnats-submit@freebsd.org Subject: kern/1190: panic: page fault (wild pointer?) Message-ID: <199605112123.AAA07283@katiska.clinet.fi> Resent-Message-ID: <199605112130.OAA19409@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 1190 >Category: kern >Synopsis: panic: page fault (wild pointer?) >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat May 11 14:30:01 PDT 1996 >Last-Modified: >Originator: Heikki Suonsivu >Organization: Clinet, Espoo, Finland >Release: FreeBSD 2.2-CURRENT i386 >Environment: News server, P90, sup beginning of May (kernel is compiled May 5, probably supped within couple of days from that). >Description: ftp://ftp.clinet.fi/pub/FreeBSD/crashdumps/*.69.gz GDB is free software and you are welcome to distribute copies of it under certain conditions; type "show copying" to see the conditions. There is absolutely no warranty for GDB; type "show warranty" for details. GDB 4.13 (i386-unknown-freebsd), Copyright 1994 Free Software Foundation, Inc... IdlePTD 263000 current pcb at 21a5c8 panic: page fault #0 boot (howto=256) at ../../i386/i386/machdep.c:931 931 dumppcb.pcb_ptd = rcr3(); (kgdb) bt #0 boot (howto=256) at ../../i386/i386/machdep.c:931 #1 0xf01171e6 in panic (fmt=0xf01c530c "page fault") at ../../kern/subr_prf.c:127 #2 0xf01c5e66 in trap_fatal (frame=0xefbffee8) at ../../i386/i386/trap.c:740 #3 0xf01c5958 in trap_pfault (frame=0xefbffee8, usermode=0) at ../../i386/i386/trap.c:651 #4 0xf01c563b in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -2147483648, tf_esi = -272646144, tf_ebp = -272629964, tf_isp = -272630000, tf_ebx = -264867152, tf_edx = -227449244, tf_ecx = -123129856, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -266583618, tf_cs = 8, tf_eflags = 66118, tf_esp = -265439216, tf_ss = 697}) at ../../i386/i386/trap.c:319 #5 0xf01be321 in calltrap () #6 0xf01bb30d in vm_pageout_scan () at ../../vm/vm_pageout.c:704 #7 0xf01bb770 in vm_pageout () at ../../vm/vm_pageout.c:898 #8 0xf0108386 in kproc_start (udata=0xf01fecb0) at ../../kern/init_main.c:255 #9 0xf0108324 in main (framep=0xefbfffb8) at ../../kern/init_main.c:205 (kgdb) up #1 0xf01171e6 in panic (fmt=0xf01c530c "page fault") at ../../kern/subr_prf.c:127 127 boot(bootopt); (kgdb) up #2 0xf01c5e66 in trap_fatal (frame=0xefbffee8) at ../../i386/i386/trap.c:740 740 panic(trap_msg[type]); (kgdb) up #3 0xf01c5958 in trap_pfault (frame=0xefbffee8, usermode=0) at ../../i386/i386/trap.c:651 651 trap_fatal(frame); (kgdb) up #4 0xf01c563b in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -2147483648, tf_esi = -272646144, tf_ebp = -272629964, tf_isp = -272630000, tf_ebx = -264867152, tf_edx = -227449244, tf_ecx = -123129856, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -266583618, tf_cs = 8, tf_eflags = 66118, tf_esp = -265439216, tf_ss = 697}) at ../../i386/i386/trap.c:319 319 (void) trap_pfault(&frame, FALSE); (kgdb) up #5 0xf01be321 in calltrap () (kgdb) up #6 0xf01bb30d in vm_pageout_scan () at ../../vm/vm_pageout.c:704 704 if (m->object->ref_count && (kgdb) list 699 TAILQ_REMOVE(&vm_page_queue_active, m, pageq); 700 TAILQ_INSERT_TAIL(&vm_page_queue_active, m, pageq); 701 m = next; 702 continue; 703 } 704 if (m->object->ref_count && 705 ((m->flags & PG_REFERENCED) || 706 pmap_is_referenced(VM_PAGE_TO_PHYS(m))) ) { 707 pmap_clear_reference(VM_PAGE_TO_PHYS(m)); 708 m->flags &= ~PG_REFERENCED; (kgdb) print m $1 = (struct vm_page *) 0xf03672b0 (kgdb) print *m $2 = {pageq = {tqe_next = 0x0, tqe_prev = 0xf2716664}, hashq = { tqe_next = 0xefbfc000, tqe_prev = 0xf02fed30}, listq = {tqe_next = 0x0, tqe_prev = 0x0}, object = 0x1d4000, pindex = 4029710864, phys_addr = 0, queue = 4, flags = 3398, wire_count = 62077, hold_count = 12288, act_count = 3 '\003', busy = 0 '\000', valid = 48 '0', dirty = 44 ','} (kgdb) print m->object $3 = (struct vm_object *) 0x1d4000 (kgdb) print *m->object Cannot access memory at address 0x1d4000. (kgdb) >How-To-Repeat: I do not know. The last sup increased panic frequency (but it has not deadlocked since the upgrade). Most of the panics have been silent, no crash dump. >Fix: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605112123.AAA07283>