Date: Fri, 15 Jun 2001 16:50:03 -0700 (PDT) From: Thomas Quinot <thomas@cuivre.fr.eu.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/24596: sysinstall crash: Page fault while in kernel mode Message-ID: <200106152350.f5FNo3R76571@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/24596; it has been noted by GNATS.
From: Thomas Quinot <thomas@cuivre.fr.eu.org>
To: freebsd-gnats-submit@FreeBSD.org
Cc: stable@freebsd.org
Subject: Re: kern/24596: sysinstall crash: Page fault while in kernel mode
Date: Sat, 16 Jun 2001 01:41:10 +0200
After makeing kernel and world and recompiling sysinstall from
a freshly-cvsupped source tree, I still get a panic right after
the 'probing devices' message. Excerpts from kgdb session follow.
If any other system information or any further forensics are
necessary, please feel free to ask. :)
I am very intrigued by this crash dump. Why dp can be NULL at this
point is beyond my understanding.
Thomas.
Script started on Sat Jun 16 01:26:24 2001
$ uname -a
FreeBSD melusine.cuivre.fr.eu.org 4.3-STABLE FreeBSD 4.3-STABLE #4: Fri Jun 15 01:25:04 CEST 2001 thomas@melusine.cuivre.fr.eu.org:/usr/obj/usr/src/sys/MELUSINE i386
$ gdb -k /usr/obj/usr/src/sys/MELUSINE/kernel.debug /var/crash/vmcore.0
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
IdlePTD 4087808
initial pcb at 343a60
panicstr: page fault
panic messages:
---
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x0
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc0176cfa
stack pointer = 0x10:0xc8fcad58
frame pointer = 0x10:0xc8fcad74
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 541 (sysinstall)
interrupt mask = none
trap number = 12
panic: page fault
syncing disks... 53 3 1
done
Uptime: 51s
dumping to dev #ad/0x20009, offset 270360
dump ata0: resetting devices .. done
127 126 125 124 123 122 121 120 119 118 117 116 115 114 113 112 111 110 109 108 107 106 105 104 103 102 101 100 99 98 97 96 95 94 93 92 91 90 89 88 87 86 85 84 83 82 81 80 79 78 77 76 75 74 73 72 71 70 69 68 67 66 65 64 63 62 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
---
#0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:472
472 if (dumping++) {
(kgdb) bt
#0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:472
#1 0xc016d761 in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:312
#2 0xc016daf9 in panic (fmt=0xc02ec7cf "page fault")
at /usr/src/sys/kern/kern_shutdown.c:559
#3 0xc02a4506 in trap_fatal (frame=0xc8fcad18, eva=0)
at /usr/src/sys/i386/i386/trap.c:951
#4 0xc02a41c5 in trap_pfault (frame=0xc8fcad18, usermode=0, eva=0)
at /usr/src/sys/i386/i386/trap.c:844
#5 0xc02a3d6b in trap (frame={tf_fs = -922353648, tf_es = -1070661616,
tf_ds = -933822448, tf_edi = 0, tf_esi = -1060864640,
tf_ebp = -922964620, tf_isp = -922964668, tf_ebx = -1060872140,
tf_edx = 1, tf_ecx = 0, tf_eax = 0, tf_trapno = 12, tf_err = 0,
tf_eip = -1072206598, tf_cs = 8, tf_eflags = 66118,
tf_esp = -1060864640, tf_ss = 1}) at /usr/src/sys/i386/i386/trap.c:443
#6 0xc0176cfa in diskopen (dev=0xc0cb0580, oflags=1, devtype=8192,
p=0xc857c040) at /usr/src/sys/kern/subr_disk.c:189
#7 0xc01a4cd2 in spec_open (ap=0xc8fcadf4)
at /usr/src/sys/miscfs/specfs/spec_vnops.c:193
#8 0xc01a4bd9 in spec_vnoperate (ap=0xc8fcadf4)
at /usr/src/sys/miscfs/specfs/spec_vnops.c:119
#9 0xc023cf19 in ufs_vnoperatespec (ap=0xc8fcadf4)
at /usr/src/sys/ufs/ufs/ufs_vnops.c:2391
#10 0xc01a0a68 in vn_open (ndp=0xc8fcaec4, fmode=1, cmode=1164)
at vnode_if.h:189
#11 0xc019c920 in open (p=0xc857c040, uap=0xc8fcaf80)
at /usr/src/sys/kern/vfs_syscalls.c:995
#12 0xc02a47a6 in syscall2 (frame={tf_fs = 47, tf_es = 47, tf_ds = 47,
tf_edi = -1077939732, tf_esi = 0, tf_ebp = -1077943140,
tf_isp = -922964012, tf_ebx = -1077939732, tf_edx = 110,
tf_ecx = 135105439, tf_eax = 5, tf_trapno = 12, tf_err = 2,
tf_eip = 134909580, tf_cs = 31, tf_eflags = 643, tf_esp = -1077943264,
tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:1150
#13 0xc0296015 in Xint0x80_syscall ()
#14 0x804b29a in ?? ()
#15 0x80576c5 in ?? ()
#16 0x8048137 in ?? ()
(kgdb) fr 6
#6 0xc0176cfa in diskopen (dev=0xc0cb0580, oflags=1, devtype=8192,
p=0xc857c040) at /usr/src/sys/kern/subr_disk.c:189
189 error = dp->d_devsw->d_open(pdev, oflags, devtype, p);
(kgdb) print dp
$1 = (struct disk *) 0x0
(kgdb) print pdev
$2 = 0xc0c47d80
(kgdb) print *pdev
$3 = {si_flags = 0, si_udev = 69378, si_hash = {le_next = 0xc0342818,
le_prev = 0xc0c48a88}, si_hlist = {slh_first = 0x0},
si_name = "cd0", '\000' <repeats 12 times>, si_drv1 = 0x0, si_drv2 = 0x0,
si_devsw = 0xc033e540, si_devfs = 0x0, si_bdevfs = 0x0,
si_iosize_max = 65536, __si_u = {__si_tty = {__sit_tty = 0xc0c46034},
__si_disk = {__sid_disk = 0xc0c46034, __sid_mountpoint = 0x0,
__sid_bsize_phys = 0, __sid_bsize_best = 0}}}
(kgdb) print pdev->si_disk
There is no member named si_disk.
(kgdb) print pdev->__si_u.__si_disk.__sid_disk
$4 = (struct disk *) 0xc0c46034
(kgdb) print pdev->si_iosize_max
$5 = 65536
(kgdb) print pdev->__si_u.__si_disk.__sid_disk->d_slice
$6 = (struct diskslices *) 0x0
(kgdb) print dp
$7 = (struct disk *) 0x0
Script done on Sat Jun 16 01:33:30 2001
--
Thomas.Quinot@Cuivre.FR.EU.ORG
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106152350.f5FNo3R76571>