From owner-freebsd-stable@FreeBSD.ORG Thu May 19 06:56:04 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FCCF16A4CE for ; Thu, 19 May 2005 06:56:04 +0000 (GMT) Received: from mail02.syd.optusnet.com.au (mail02.syd.optusnet.com.au [211.29.132.183]) by mx1.FreeBSD.org (Postfix) with ESMTP id 45FC243DAD for ; Thu, 19 May 2005 06:56:03 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (c211-30-75-229.belrs2.nsw.optusnet.com.au [211.30.75.229]) j4J6tldd007876 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 19 May 2005 16:56:00 +1000 Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1])j4J6tkRx003763; Thu, 19 May 2005 16:55:46 +1000 (EST) (envelope-from pjeremy@cirb503493.alcatel.com.au) Received: (from pjeremy@localhost)j4J6tjXB003762; Thu, 19 May 2005 16:55:45 +1000 (EST) (envelope-from pjeremy) Date: Thu, 19 May 2005 16:55:45 +1000 From: Peter Jeremy To: Jamie Heckford Message-ID: <20050519065544.GC2129@cirb503493.alcatel.com.au> References: <001801c55a14$609720d0$37cba1cd@emerytelcom.com> <20050518150316.GA11987@nipples.trident-uk.co.uk> <20050518195312.GB2129@cirb503493.alcatel.com.au> <20050518222937.GA13356@nipples.trident-uk.co.uk> <20050518155452.M87264@carver.gumbysoft.com> <20050518231544.GA13555@nipples.trident-uk.co.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050518231544.GA13555@nipples.trident-uk.co.uk> User-Agent: Mutt/1.4.2i cc: freebsd-stable@freebsd.org Subject: Re: 5.4-RC2 freezing - ATA related? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 May 2005 06:56:04 -0000 Previously posted trap frame: #5 0xc0691771 in trap (frame= {tf_fs = -1068433384, tf_es = -989790192, tf_ds = 16, tf_edi = -106612473 6, tf_esi = -1066124736, tf_ebp = -323699844, tf_isp = -323699872, tf_ebx = -10 07063716, tf_edx = 528, tf_ecx = -1013235680, tf_eax = 307472464, tf_trapno = 1 2, tf_err = 2, tf_eip = -1067870386, tf_cs = 8, tf_eflags = 66050, tf_esp = -98 9760240, tf_ss = -1007063716}) at /usr/src/sys/i386/i386/trap.c:425 On Thu, 2005-May-19 00:15:44 +0100, Jamie Heckford wrote: >Fatal trap 12: page fault while in kernel mode >fault virtual address = 0x214 That's a NULL pointer somewhere. The trap frame shows %edx is 528 so the code has presumably tried to dereference %edx but it's not clear how %edx would up with that value. >fault code = supervisor write, page not present >instruction pointer = 0x8:0xc059974e >stack pointer = 0x10:0xecb4bb74 >frame pointer = 0x10:0xecb4bb7c This instruction pointer matches the trap frame but not the traceback you posted. The trap frame gives the stack pointer as 0xC5017510 (which is nonsense) with a nonsense stack segment but the frame pointer matches. Having the frame pointer above the stack pointer is also unusual. It looks like gdb is a bit confused. You could try: disasm 0xc059974e x/x 0xecb4bb74 Does the instruction either at or immediately before 0xc059974e include [%edx]? What function is it in and can you work out the line number? Does the address reported by the x/x match anything in the backtrace? -- Peter Jeremy