Date: Wed, 21 Oct 1998 02:42:24 +0200 From: sthaug@nethelp.no To: freebsd-current@FreeBSD.ORG, freebsd-hardware@FreeBSD.ORG Subject: Re: Problems with Digital server with P-166 and Neptune chipset Message-ID: <6824.908930544@verdi.nethelp.no> In-Reply-To: Your message of "Mon, 19 Oct 1998 23:36:15 %2B0200" References: <17857.908832975@verdi.nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
I wrote:
> I'm trying to get FreeBSD 3.0 to run reliably on a Digital server with
> Neptune chipset - so far without great success. (2.2.7, btw, wouldn't
> install at all. 3.0 installed with some effort).
I now have some more info. Built a kernel with debug info, built an aout
gdb. I have two identical machines running 3.0-RELEASE now, and both of
them are crashing the same way (page fault in kernel mode) and in the
same place (the zalloc inline routine in vm/vm_zone.h).
Here are two backtraces, one from each machine. These both happened at
the same time, namely when running /etc/daily at 02.00. In both cases,
the kernel is trying to follow a null pointer (z) at vm/vm_zone.h line 87:
item = z->zitems;
However, the zalloc inline routine is called from vmspace_alloc:
vm = zalloc(vmspace_zone);
and here the vmspace_zone seems to have a sensible value, 0xf0dd9980.
I'm going to try to recompile the kernel with DIAGNOSTIC enabled to see
if I can get some more info. Meanwhile, can anybody suggest why z is
null in zalloc when vmspace_zone isn't? Missing spl protection?
Steinar Haug, Nethelp consulting, sthaug@nethelp.no
----------------------------------------------------------------------
Machine 1:
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x7200720
fault code = supervisor read, page not present
instruction pointer = 0x8:0xf01cc637
stack pointer = 0x10:0xf882c970
frame pointer = 0x10:0xf882c978
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 286 (cron)
interrupt mask =
trap number = 12
panic: page fault
syncing disks... 4 4 done
...
#0 boot (howto=256) at ../../kern/kern_shutdown.c:268
268 dumppcb.pcb_cr3 = rcr3();
(kgdb) where
#0 boot (howto=256) at ../../kern/kern_shutdown.c:268
#1 0xf012e62b in panic (fmt=0xf01e651f "page fault") at ../../kern/kern_shutdown.c:430
#2 0xf01e716d in trap_fatal (frame=0xf882c934) at ../../i386/i386/trap.c:879
#3 0xf01e6c00 in trap_pfault (frame=0xf882c934, usermode=0) at ../../i386/i386/trap.c:772
#4 0xf01e685f in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -126140544, tf_esi = -125645156, tf_ebp = -125646472, tf_isp = -125646500,
tf_ebx = -126123776, tf_edx = 119539488, tf_ecx = -253912704, tf_eax = 42, tf_trapno = 12, tf_err = 0, tf_eip = -266549705, tf_cs = 8,
tf_eflags = 66199, tf_esp = -126123776, tf_ss = -125645156}) at ../../i386/i386/trap.c:396
#5 0xf01cc637 in vmspace_alloc (min=0, max=4022329344) at ../../vm/vm_zone.h:87
#6 0xf01cebdf in vmspace_exec (p=0xf87b3f80) at ../../vm/vm_map.c:2220
#7 0xf0127227 in exec_new_vmspace (imgp=0xf882ce9c) at ../../kern/kern_exec.c:443
#8 0xf011d598 in exec_elf_imgact (imgp=0xf882ce9c) at ../../kern/imgact_elf.c:468
#9 0xf0126c97 in execve (p=0xf87b3f80, uap=0xf882cf94) at ../../kern/kern_exec.c:176
#10 0xf01e73ff in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 134689062, tf_esi = -272640068, tf_ebp = -272640040, tf_isp = -125644828,
tf_ebx = 671929380, tf_edx = -272640012, tf_ecx = 3, tf_eax = 59, tf_trapno = 0, tf_err = 2, tf_eip = 671680280, tf_cs = 31,
tf_eflags = 582, tf_esp = -272640084, tf_ss = 39}) at ../../i386/i386/trap.c:1031
#11 0xf01da86c in Xint0x80_syscall ()
#12 0x804a5bf in ?? ()
#13 0x804a20a in ?? ()
#14 0x804abef in ?? ()
Machine 2:
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x7200720
fault code = supervisor read, page not present
instruction pointer = 0x8:0xf01cc637
stack pointer = 0x10:0xf8814ec4
frame pointer = 0x10:0xf8814ecc
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 479 (sh)
interrupt mask =
trap number = 12
panic: page fault
syncing disks... 23 17 4 done
...
#0 boot (howto=256) at ../../kern/kern_shutdown.c:268
#1 0xf012e62b in panic (fmt=0xf01e651f "page fault") at ../../kern/kern_shutdown.c:430
#2 0xf01e716d in trap_fatal (frame=0xf8814e88) at ../../i386/i386/trap.c:879
#3 0xf01e6c00 in trap_pfault (frame=0xf8814e88, usermode=0) at ../../i386/i386/trap.c:772
#4 0xf01e685f in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -126139584, tf_esi = -126139584,
tf_ebp = -125743412, tf_isp = -125743440, tf_ebx = 20, tf_edx = 119539488, tf_ecx = -253912704, tf_eax = 42,
tf_trapno = 12, tf_err = 0, tf_eip = -266549705, tf_cs = 8, tf_eflags = 66199, tf_esp = 20,
tf_ss = -126139584}) at ../../i386/i386/trap.c:396
#5 0xf01cc637 in vmspace_alloc (min=0, max=4022329344) at ../../vm/vm_zone.h:87
#6 0xf01ce9d0 in vmspace_fork (vm1=0xf87b8100) at ../../vm/vm_map.c:2122
#7 0xf01cb98f in vm_fork (p1=0xf87b4340, p2=0xf87b3f80, flags=20) at ../../vm/vm_glue.c:222
#8 0xf01285dc in fork1 (p1=0xf87b4340, flags=20) at ../../kern/kern_fork.c:403
#9 0xf0128091 in fork (p=0xf87b4340, uap=0xf8814f94) at ../../kern/kern_fork.c:96
#10 0xf01e73ff in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = 134877312, tf_esi = 134857940,
tf_ebp = -272639248, tf_isp = -125743132, tf_ebx = 134857880, tf_edx = -272639248, tf_ecx = 134857688,
tf_eax = 2, tf_trapno = 12, tf_err = 2, tf_eip = 134621760, tf_cs = 31, tf_eflags = 514, tf_esp = -272639272,
tf_ss = 39}) at ../../i386/i386/trap.c:1031
#11 0xf01da86c in Xint0x80_syscall ()
#12 0x804acdd in ?? ()
#13 0x804a852 in ?? ()
#14 0x804aef6 in ?? ()
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6824.908930544>