From owner-freebsd-scsi Tue Dec 3 17: 1:28 2002 Delivered-To: freebsd-scsi@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F10DF37B401 for ; Tue, 3 Dec 2002 17:01:26 -0800 (PST) Received: from msgbas1x.cos.agilent.com (msgbas1x.cos.agilent.com [192.25.240.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5EBFF43E4A for ; Tue, 3 Dec 2002 17:01:26 -0800 (PST) (envelope-from ctuffli@rose.agilent.com) Received: from relcos2.cos.agilent.com (relcos2.cos.agilent.com [130.29.152.237]) by msgbas1x.cos.agilent.com (Postfix) with ESMTP id 5D3EA13559 for ; Tue, 3 Dec 2002 17:29:54 -0700 (MST) Received: from rtl.rose.agilent.com (rtl.rose.agilent.com [130.30.179.189]) by relcos2.cos.agilent.com (Postfix) with ESMTP id E6B6272A for ; Tue, 3 Dec 2002 17:29:50 -0700 (MST) Received: from mail.rose.agilent.com (mailsrv@bellhop [130.30.179.19]) by rtl.rose.agilent.com (8.9.3 (PHNE_18979)/8.9.3 SMKit7.1.0) with ESMTP id QAA23569 for ; Tue, 3 Dec 2002 16:29:49 -0800 (PST) Received: from thegrail (anu.rose.agilent.com [156.140.225.186]) by mail.rose.agilent.com (Netscape Messaging Server 3.6) with ESMTP id AAA629D for ; Tue, 3 Dec 2002 16:29:46 -0800 Received: by thegrail (Postfix, from userid 1001) id 7AA9B849BE; Tue, 3 Dec 2002 16:25:33 -0800 (PST) Date: Tue, 3 Dec 2002 16:25:33 -0800 From: Chuck Tuffli To: freebsd-scsi@freebsd.org Subject: decoding a double fault Message-ID: <20021204002532.GB23841@thegrail.rose.agilent.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-scsi@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm developing a CAM driver that works with 4.7-RELEASE and am running into a double fault. The driver is a KLD which loads and then detects a device on the loop. After detecting the device, I ran llama# camcontrol rescan 0:0:0 at which point the system double faults and prints the following on the console Fatal double fault: eip = 0xc0354952 esp = 0xc8b8a000 ebp = 0xc8b8a078 panic: double fault Debugger("panic") 0xc0354952 is the 3rd instruction into the function alltraps (i386/i386/exception.s:222) .globl _alltraps .type _alltraps,@function _alltraps: pushal pushl %ds pushl %es pushl %fs alltraps_with_regs_pushed: The backtrace looks like (kgdb) bt #0 Debugger (msg=0xc03aec3b "panic") at ../../i386/i386/db_interface.c:319 #1 0xc0211ea0 in panic (fmt=0xc03d9cc3 "double fault") at ../../kern/kern_shutdown.c:593 #2 0xc03637c7 in dblfault_handler () at ../../i386/i386/trap.c:1004 and the contents of common_tss in frame #2 are (kgdb) p/x common_tss $1 = {tss_link = 0x0, tss_esp0 = 0xc8b8dff0, tss_ss0 = 0x10, tss_esp1 = 0x0, tss_ss1 = 0x0, tss_esp2 = 0x0, tss_ss2 = 0x0, tss_cr3 = 0x0, tss_eip = 0xc0354952, tss_eflags = 0x10803, tss_eax = 0x0, tss_ecx = 0x0, tss_edx = 0xc8b8a080, tss_ebx = 0xc7e1bee0, tss_esp = 0xc8b8a000, tss_ebp = 0xc8b8a078, tss_esi = 0xc, tss_edi = 0x0, tss_es = 0x10, tss_cs = 0x8, tss_ss = 0x10, tss_ds = 0x10, tss_fs = 0x10, tss_gs = 0x2f, tss_ldt = 0x0, tss_ioopt = 0x680000} Is there enough information from the above to figure out what code was being executed, what address caused the fault, what exception was the OS handling when the fault occured, etc.? Any suggestions, including RTFM, are welcomed as long as you also include which manual I should be reading ;) -- Chuck Tuffli Agilent Technologies, Storage and Networking To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-scsi" in the body of the message