From owner-freebsd-hackers Tue Aug 12 14:53:02 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id OAA23595 for hackers-outgoing; Tue, 12 Aug 1997 14:53:02 -0700 (PDT) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA23584 for ; Tue, 12 Aug 1997 14:52:56 -0700 (PDT) Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id OAA27962 for ; Tue, 12 Aug 1997 14:47:43 -0700 (PDT) Received: from current1.whistle.com(207.76.205.22) via SMTP by alpo.whistle.com, id smtpd027959; Tue Aug 12 21:47:42 1997 Message-ID: <33F0D972.398A68D@whistle.com> Date: Tue, 12 Aug 1997 14:45:23 -0700 From: Julian Elischer Organization: Whistle Communications X-Mailer: Mozilla 3.0Gold (X11; I; FreeBSD 2.2-CURRENT i386) MIME-Version: 1.0 To: hackers@freebsd.org Subject: krnel panic in 2.2.2+ (continued) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk eek I need to read better! #12 0xf01718bf in trap (frame={tf_es = -272695280, tf_ds = -272695280, tf_edi = 33816576, tf_esi = -266607784, tf_ebp = -272630516, tf_isp = -272630580, tf_ebx = 8, tf_edx = 0, tf_ecx = -260173824, tf_eax = -266606616, tf_trapno = 12, tf_err = -227409918, tf_eip = -266923108, tf_cs = -266862584, tf_eflags = 65543, tf_esp = -267325485, tf_ss = -260173824}) at ../../i386/i386/trap.c:311 #13 0xf017139c in nortqr () #14 0xf010eb25 in tsleep (ident=0xf272f698, priority=4, wmesg=0xf015bead "swread", timo=2000) at ../../kern/kern_synch.c:361 #15 0xf015c380 in swap_pager_getpages (object=0xf07e9080, m=0xefbffe54, count=2, reqpage=1) at ../../vm/swap_pager.c:1032 #16 0xf01670f7 in vm_pager_get_pages (object=0xf07e9080, m=0xefbffe54, count=2, reqpage=1) at ../../vm/vm_pager.c:188 #17 0xf015da16 in vm_fault (map=0xf07e3d00, vaddr=4022325248, fault_type=3 '\003', change_wiring=0) at ../../vm/vm_fault.c:426 #18 0xf0171b78 in trap_pfault (frame=0xefbffed4, usermode=0) at ../../i386/i386/trap.c:633 #19 0xf01718bf in trap (frame={tf_es = -260177904, tf_ds = 16, tf_edi = -272639468, tf_esi = -272629956, tf_ebp = -272629952, tf_isp = -272630020, tf_ebx = 4, tf_edx = 6, tf_ecx = 1, tf_eax = -272639464, tf_trapno = 12, tf_err = 2, tf_eip = -266924675, tf_cs = -272695288, tf_eflags = 66050, tf_esp = -260108800, tf_ss = -272629884}) at ../../i386/i386/trap.c:311 #20 0xf0170d7d in generic_copyout () #21 0xf01075ff in wait4 (p=0xf07e1000, uap=0xefbfff94, retval=0xefbfff84) at ../../kern/kern_exit.c:357 #22 0xf0172333 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 3, tf_esi = 0, tf_ebp = -272639532, tf_isp = -272629788, tf_ebx = 134705248, tf_edx = 0, tf_ecx = 0, tf_eax = 7, tf_trapno = 12, tf_err = 7, tf_eip = 134489121, tf_cs = 31, tf_eflags = 534, tf_esp = -272639556, tf_ss = 39}) at ../../i386/i386/trap.c:890 #23 0x8042421 in ?? () Cannot access memory at address 0xefbfd9d8. (kgdb) disassemble nortqr Dump of assembler code for function nortqr: 0xf017137c : movl 0xf01a0564,%edi 0xf0171382 : bsfl %edi,%ebx 0xf0171385 : je 0xf01713ae 0xf0171387 : btrl %ebx,%edi 0xf017138a : leal 0xf01be318(,%ebx,8),%eax 0xf0171391 : movl %eax,%esi 0xf0171393 : movl (%eax),%ecx 0xf0171395 : movl (%ecx),%edx 0xf0171397 : movl %edx,(%eax) 0xf0171399 : movl 0x4(%ecx),%eax 0xf017139c : movl %eax,0x4(%edx) <-------------- 0xf017139f : cmpl (%ecx),%esi 0xf01713a1 : je 0xf01713a6 0xf01713a3 : btsl %ebx,%edi 0xf01713a6 : movl %edi,0xf01a0564 0xf01713ac : jmp 0xf01713e2 End of assembler dump. or: in the .s file: nortqr: movl _whichqs,%edi 2: /* XXX - bsf is sloow */ bsfl %edi,%ebx /* find a full q */ jz idqr /* if none, idle */ /* XX update whichqs? */ btrl %ebx,%edi /* clear q full status */ leal _qs(,%ebx,8),%eax /* select q */ movl %eax,%esi movl P_FORW(%eax),%ecx /* unlink from front of process q */ movl P_FORW(%ecx),%edx movl %edx,P_FORW(%eax) movl P_BACK(%ecx),%eax movl %eax,P_BACK(%edx) <--------------------- cmpl P_FORW(%ecx),%esi /* q empty */ je 3f btsl %ebx,%edi /* nope, set to indicate not empty * / 3: movl %edi,_whichqs /* update q status */ jmp swtch_com (kgdb) info reg eax 0x0 0 ecx 0x0 0 edx 0x0 0 ebx 0x8 8 esp 0xefbffa6c 0xefbffa6c ebp 0xefbffd0c 0xefbffd0c esi 0xf01be358 -266607784 edi 0x2040000 33816576 eip 0xf0169961 0xf0169961 eflags 0x0 0 cs 0x0 0 ss 0x0 0 ds 0x0 0 es 0x0 0 #12 0xf01718bf in trap (frame={tf_es = -272695280, tf_ds = -272695280, tf_edi = 33816576, tf_esi = -266607784, tf_ebp = -272630516, tf_isp = -272630580, tf_ebx = 8, tf_edx = 0, tf_ecx = -260173824, tf_eax = -266606616, tf_trapno = 12, tf_err = -227409918, tf_eip = -266923108, tf_cs = -266862584, tf_eflags = 65543, tf_esp = -267325485, tf_ss = -260173824}) at ../../i386/i386/trap.c:311 311 (void) trap_pfault(&frame, FALSE); (kgdb) x/x -227409918 0xf2720002 : Cannot access memory at address 0xf2720002. 0xf017139c : movl %eax,0x4(%edx) <-------------- edx == 0 so fault address SHOULD be 4 the panic MESSAGE has the right address.. (0x4) Aug 12 08:27 Critical: /kernel: Fatal trap 12: page fault while in kernel mode Aug 12 08:27 Critical: /kernel: fault virtual address = 0x4 Aug 12 08:27 Critical: /kernel: fault code = supervisor write, page not present Aug 12 08:27 Critical: /kernel: instruction pointer = 0x8:0xf017139c Aug 12 08:27 Critical: /kernel: stack pointer = 0x10:0xefbffce0 Aug 12 08:27 Critical: /kernel: frame pointer = 0x10:0xefbffd0c Aug 12 08:27 Critical: /kernel: code segment = base 0x0, limit 0xfffff, type 0x1b Aug 12 08:27 Critical: /kernel: = DPL 0, pres 1, def32 1, gran 1 Aug 12 08:27 Critical: /kernel: processor eflags = resume, IOPL = 0 Aug 12 08:27 Critical: /kernel: current process = Idle Aug 12 08:27 Critical: /kernel: interrupt mask = net tty bio Aug 12 08:27 Critical: /kernel: panic: page fault Aug 12 08:27 Critical: /kernel: Aug 12 08:27 Critical: /kernel: syncing disks... more info to come...