From owner-freebsd-hackers@FreeBSD.ORG  Sun Mar 24 17:23:16 2013
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id EBECAA50
 for <freebsd-hackers@freebsd.org>; Sun, 24 Mar 2013 17:23:16 +0000 (UTC)
 (envelope-from jrisom@gmail.com)
Received: from mail-ia0-x235.google.com (mail-ia0-x235.google.com
 [IPv6:2607:f8b0:4001:c02::235])
 by mx1.freebsd.org (Postfix) with ESMTP id C299D7E5
 for <freebsd-hackers@freebsd.org>; Sun, 24 Mar 2013 17:23:16 +0000 (UTC)
Received: by mail-ia0-f181.google.com with SMTP id o25so4906539iad.12
 for <freebsd-hackers@freebsd.org>; Sun, 24 Mar 2013 10:23:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=x-received:message-id:date:from:user-agent:mime-version:to:subject
 :content-type:content-transfer-encoding;
 bh=B6VK3aqkQyIYzFJdlNv6pveAQ1rsrsuZ8oBW6NodRTA=;
 b=QE0PQgHkKjKsD0xqFHOe8WM3UYlDGFwznPzgS5lEb9owNz5ETt9DZssGWyA2b3ZR8V
 mSSn0hAaVaCx7w/aGNO3A8mSJOZOf1I7K6VsyWRG7Vl2spAscUVtZYWr+X1nJDORcT1b
 DwxnWMKSHDnP59KQ6nQcHnsWlKGzGkU0qZTjwJhWdDOubzJy7iIJba2fHtjhGuLv5jLX
 /X+9rbpMomWrGLDJ67sPVrQ23zOR/NUzC0CjtRr/Iq8c5Jr5mDXXDd8xdup5Tf1fM4H3
 /qbvW0CiDjwR7Ib8DBgXkmkeNyqG3SAOqp+VfZOsEptvQ6X+CRJLBv1h7PcSazYN0SU5
 u76A==
X-Received: by 10.42.122.66 with SMTP id m2mr5044155icr.15.1364145795802;
 Sun, 24 Mar 2013 10:23:15 -0700 (PDT)
Received: from [192.168.1.44] (c-98-212-197-211.hsd1.il.comcast.net.
 [98.212.197.211])
 by mx.google.com with ESMTPS id px9sm19366266igc.0.2013.03.24.10.23.14
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Sun, 24 Mar 2013 10:23:14 -0700 (PDT)
Message-ID: <514F367E.8000908@gmail.com>
Date: Sun, 24 Mar 2013 12:23:10 -0500
From: Joshua Isom <jrisom@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64;
 rv:17.0) Gecko/20130215 Thunderbird/17.0.3
MIME-Version: 1.0
To: freebsd-hackers@freebsd.org
Subject: Debugging kernel cores without a stack
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2013 17:23:17 -0000

I have several core dumps that need debugged.  All are the same problem. 
  The debugging problem is when I fire up kgdb, I have to backtrace even 
though the kernel message buffer contains a back trace.  If I try to set 
the frame with "frame 0xffffff8020bddb30" I get an error "Cannot access 
memory at address 0x0".  All I have to debug with are these two pieces 
of information.  How do I get more information?

> jri.homeunix.com dumped core - see /var/crash/vmcore.29
>
> Sun Mar 24 10:49:52 CDT 2013
>
> FreeBSD jri.homeunix.com 10.0-CURRENT FreeBSD 10.0-CURRENT #0 r248680M: Sun Mar 24 07:13:16 CDT 2013     r
>
> panic: kdb_switch: did not reenter debugger
>
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for details.
> This GDB was configured as "amd64-marcel-freebsd"...
>
> Unread portion of the kernel message buffer:
> witness_warn() at witness_warn+0x4a8/frame 0xffffff8020bdd690
> trap_pfault() at trap_pfault+0x5a/frame 0xffffff8020bdd740
> trap() at trap+0x659/frame 0xffffff8020bdd950
> calltrap() at calltrap+0x8/frame 0xffffff8020bdd950
> --- trap 0xc, rip = 0xffffffff8133519e, rsp = 0xffffff8020bdda10, rbp = 0xffffff8020bddb30 ---
> ath_edma_tx_processq() at ath_edma_tx_processq+0x18e/frame 0xffffff8020bddb30
> taskqueue_run_locked() at taskqueue_run_locked+0xf0/frame 0xffffff8020bddb80
> taskqueue_thread_loop() at taskqueue_thread_loop+0x9b/frame 0xffffff8020bddbb0
> fork_exit() at fork_exit+0x84/frame 0xffffff8020bddbf0
> fork_trampoline() at fork_trampoline+0xe/frame 0xffffff8020bddbf0
> --- trap 0, rip = 0, rsp = 0xffffff8020bddcb0, rbp = 0 ---
>
>
> Fatal trap 12: page fault while in kernel mode
> cpuid = 0; apic id = 00
> fault virtual address   = 0x0
> fault code              = supervisor read data, page not present
> instruction pointer     = 0x20:0xffffffff8133519e
> stack pointer           = 0x28:0xffffff8020bdda10
> frame pointer           = 0x28:0xffffff8020bddb30
> code segment            = base 0x0, limit 0xfffff, type 0x1b
>                         = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags        = interrupt enabled, resume, IOPL = 0
> current process         = 0 (ath0 taskq)
> Uptime: 2m19s
> Dumping 261 out of 1771 MB:..7%..13%..25%..31%..43%..56%..62%..74%..86%..92%

> (kgdb) list *(0xffffffff8133519e)
> 0xffffffff8133519e is in ath_edma_tx_processq (/root/ATH/head/sys/modules/ath/../../dev/ath/if_ath_tx_edma.c:552).
> 547                                 bf->bf_descid);
> 548                     }
> 549     #endif
> 550
> 551                     /* This removes the buffer and decrements the queue depth */
> 552                     ATH_TXQ_REMOVE(txq, bf, bf_list);
> 553                     if (bf->bf_state.bfs_aggr)
> 554                             txq->axq_aggr_depth--;
> 555                     txq->axq_fifo_depth --;
> 556                     /* XXX assert FIFO depth >= 0 */