From owner-freebsd-sparc64@FreeBSD.ORG Sat Aug 20 19:09:59 2005 Return-Path: X-Original-To: sparc64@FreeBSD.org Delivered-To: freebsd-sparc64@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACA8A16A41F; Sat, 20 Aug 2005 19:09:59 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from fileserver.fields.utoronto.ca (fileserver.fields.utoronto.ca [128.100.216.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B6F743D46; Sat, 20 Aug 2005 19:09:59 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from fields.fields.utoronto.ca (fields.localdomain [192.168.216.11]) by fileserver.fields.utoronto.ca (8.12.8/8.12.8/Fields 6.0) with ESMTP id j7KJ9wvf030405 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 20 Aug 2005 15:09:58 -0400 Received: from obsecurity.dyndns.org (localhost.localdomain [127.0.0.1]) by fields.fields.utoronto.ca (8.12.8/8.12.8/Fields WS 6.0) with ESMTP id j7KJ9w6P029526; Sat, 20 Aug 2005 15:09:58 -0400 Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id ABF0F51404; Sat, 20 Aug 2005 15:09:57 -0400 (EDT) Date: Sat, 20 Aug 2005 15:09:57 -0400 From: Kris Kennaway To: Marcel Moolenaar Message-ID: <20050820190957.GA66426@xor.obsecurity.org> References: <20050819171555.GA45748@xor.obsecurity.org> <20050820025336.GA94049@xor.obsecurity.org> <3DBF403C-80AA-46B4-A57B-8B78F033E368@xcllnt.net> <20050820182755.GA57524@xor.obsecurity.org> <9D6502D2-02E7-4BAE-B3C1-AA6D4613C8BC@xcllnt.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="+QahgC5+KEYLbs62" Content-Disposition: inline In-Reply-To: <9D6502D2-02E7-4BAE-B3C1-AA6D4613C8BC@xcllnt.net> User-Agent: Mutt/1.4.2.1i Cc: marcel@FreeBSD.org, sparc64@FreeBSD.org, Kris Kennaway Subject: Re: kgdb still broken? X-BeenThere: freebsd-sparc64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the Sparc List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Aug 2005 19:09:59 -0000 --+QahgC5+KEYLbs62 Content-Type: text/plain; charset=unknown-8bit Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Aug 20, 2005 at 11:58:55AM -0700, Marcel Moolenaar wrote: > On Aug 20, 2005, at 11:27 AM, Kris Kennaway wrote: >=20 > >On Fri, Aug 19, 2005 at 11:28:14PM -0700, Marcel Moolenaar wrote: > > > >>On Aug 19, 2005, at 7:53 PM, Kris Kennaway wrote: > >> > >> > >>>It's not making much sense of the backtrace though: > >>> > >>>(kgdb) bt > >>>#0 doadump () at /usr/src.6/sys/kern/kern_shutdown.c:233 > >>>#1 0x00000000c006a728 in db_fncall (dummy1=3D0, dummy2=3D0, dummy3=3D= 11, > >>>dummy4=3D0x16e9a41a0 "") > >>> at /usr/src.6/sys/ddb/db_command.c:486 > >>>#2 0x00000000c006a434 in db_command (last_cmdp=3D0xc040f940, > >>>cmd_table=3D0x0, aux_cmd_tablep=3D0xc03c8dc8, > >>> aux_cmd_tablep_end=3D0xc03c8de0) at /usr/src.6/sys/ddb/ > >>>db_command.c:401 > >>>#3 0x00000000c006a558 in db_command_loop () at /usr/src.6/sys/ddb/ > >>>db_command.c:452 > >>>#4 0x00000000c006d0b8 in db_trap (type=3D1855603632, code=3D0) at /us= r/ > >>>src.6/sys/ddb/db_main.c:221 > >>>#5 0x00000000c018d208 in kdb_trap (type=3D107, code=3D0, > >>>tf=3D0x16e9a4630) at /usr/src.6/sys/kern/subr_kdb.c:473 > >>>#6 0x00000000c02f6b4c in trap (tf=3D0x16e9a4630) at /usr/src.6/sys/ > >>>sparc64/sparc64/trap.c:307 > >>>#7 0x00000000c0048fe0 in tl1_trap () > >>>#8 0x00000000c0048fe0 in tl1_trap () > >>>Previous frame identical to this frame (corrupt stack?) > >>> > >>>Where ddb showed that the panic correctly (see my mail to -current > >>>entitled 'panic: uma_small_alloc: free page still has mappings!'). > >>> > >> > >>How can you compare this backtrace with the one in the email. This > >>backtrace is the result of a trap, not a panic. For a panic, KDB > >>is entered via kdb_enter(), not kdb_trap() as it is in this case. > >> > > > >Regardless, this is what kgdb informed me was the backtrace for the > >same thread that panicked and I traced with DDB and gdb53. >=20 > I guess I just don't understand what's you're saying then. The > backtrace above clearly and reliably tells me that the core was > created by calling doadump() from within DDB. Such a backtrace > cannot be obtained from within DDB itself. I don't know what you > get with gdb53, but it should give you the same backtrace, unless > it shows the backtrace of a different thread or you were working > on a different core file altogether. >=20 > >I mean that 'info threads' doesn't work in gdb53, which is the only > >offline debugger one can use on sparc64 that obtains more or less > >reliable traces. >=20 > What exactly is unreliable about backtraces in kgdb? Wih gdb53 I see the following: # gdb53 -k kernel.debug vmcore.250 GNU gdb 5.3 (FreeBSD) Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "sparc64-portbld-freebsd7.0"... panic: uma_small_alloc: free page still has mappings! panic messages: --- --- #0 doadump () at /usr/src.6/sys/kern/kern_shutdown.c:233 233 savectx(&dumppcb); (kgdb) bt #0 doadump () at /usr/src.6/sys/kern/kern_shutdown.c:233 #1 0x00000000c006a720 in db_fncall (dummy1=3D0, dummy2=3D0, dummy3=3D11, d= ummy4=3D0x16e9a41a0 "") at /usr/src.6/sys/ddb/db_command.c:486 #2 0x00000000c006a42c in db_command (last_cmdp=3D0xc040f940, cmd_table=3D0= x0, aux_cmd_tablep=3D0xc03c8dc8,=20 aux_cmd_tablep_end=3D0xc03c8de0) at /usr/src.6/sys/ddb/db_command.c:401 #3 0x00000000c006a550 in db_command_loop () at /usr/src.6/sys/ddb/db_comma= nd.c:452 #4 0x00000000c006d0b0 in db_trap (type=3D1855603632, code=3D0) at /usr/src= .6/sys/ddb/db_main.c:219 #5 0x00000000c018d200 in kdb_trap (type=3D107, code=3D0, tf=3D0x16e9a4630)= at /usr/src.6/sys/kern/subr_kdb.c:473 #6 0x00000000c02f6b44 in trap (tf=3D0x16e9a4630) at /usr/src.6/sys/sparc64= /sparc64/trap.c:307 #7 0x00000000c018cddc in kdb_enter (msg=3D0x0) at /usr/src.6/sys/kern/subr= _kdb.c:267 #8 0x00000000c018cdd4 in kdb_enter (msg=3D0xc03a2650 "panic") at /usr/src.= 6/sys/kern/subr_kdb.c:267 #9 0x00000000c016e144 in panic (fmt=3D0xc03c4130 "uma_small_alloc: free pa= ge still has mappings!") at /usr/src.6/sys/kern/kern_shutdown.c:537 #10 0x00000000c02f83bc in uma_small_alloc (zone=3D0x101, bytes=3D8192, flag= s=3D0xfffff8013a465170 "=FF=FF=F8\0019=CC\020p", wait=3D3) at /usr/src.6/sys/sparc64/sparc64/vm_machdep.c:485 #11 0x00000000c02baf18 in slab_zalloc (zone=3D0xfffff8013dbfacc0, wait=3D3)= at /usr/src.6/sys/vm/uma_core.c:819 #12 0x00000000c02bc96c in uma_zone_slab (zone=3D0xfffff8013dbfacc0, flags= =3D3) at /usr/src.6/sys/vm/uma_core.c:2034 #13 0x00000000c02bcc2c in uma_zalloc_bucket (zone=3D0xfffff8013dbfacc0, fla= gs=3D3) at /usr/src.6/sys/vm/uma_core.c:2143 #14 0x00000000c02bc7d0 in uma_zalloc_arg (zone=3D0xfffff8013dbfacc0, udata= =3D0x0, flags=3D2) at /usr/src.6/sys/vm/uma_core.c:1951 #15 0x00000000c0162694 in malloc (size=3D18446735282947486976, mtp=3D0xc03f= 3368, flags=3D2) at uma.h:275 #16 0x00000000c01c5648 in allocbuf (bp=3D0xc143a920, size=3D2048) at /usr/s= rc.6/sys/kern/vfs_bio.c:2654 #17 0x00000000c01c52e8 in getblk (vp=3D0xfffff800cf995740, blkno=3D0, size= =3D2048, slpflag=3D0, slptimeo=3D0, flags=3D0) at /usr/src.6/sys/kern/vfs_bio.c:2536 #18 0x00000000c0295ad0 in ffs_balloc_ufs2 (vp=3D0xfffff800cf995740, startof= fset=3D0, size=3D512, cred=3D0xfffff8000ea86500,=20 flags=3D65536, bpp=3D0x16e9a5110) at /usr/src.6/sys/ufs/ffs/ffs_balloc.= c:676 #19 0x00000000c02b519c in ufs_mkdir (ap=3D0x16e9a5440) at /usr/src.6/sys/uf= s/ufs/ufs_vnops.c:1534 #20 0x00000000c02fa4ec in VOP_MKDIR_APV (vop=3D0xc0403a98, a=3D0x16e9a5440)= at vnode_if.c:1250 #21 0x00000000c01dd870 in kern_mkdir (td=3D0xfffff8011e0b6980, path=3D---Ca= n't read userspace from dump, or kernel process--- ) at vnode_if.h:653 #22 0x00000000c01dd570 in mkdir (td=3D0xfffff8011e0b6980, uap=3D0x16e9a58c0= ) at /usr/src.6/sys/kern/vfs_syscalls.c:3300 #23 0x00000000c02f725c in syscall (tf=3D0x16e9a5880) at /usr/src.6/sys/spar= c64/sparc64/trap.c:592 This corresponds to the ddb backtrace: db> wh Tracing pid 86114 tid 101592 td 0xfffff8011e0b6980 panic() at panic+0x164 uma_small_alloc() at uma_small_alloc+0x9c slab_zalloc() at slab_zalloc+0x98 uma_zone_slab() at uma_zone_slab+0x12c uma_zalloc_bucket() at uma_zalloc_bucket+0x16c uma_zalloc_arg() at uma_zalloc_arg+0x330 malloc() at malloc+0x114 allocbuf() at allocbuf+0x208 getblk() at getblk+0x5a8 ffs_balloc_ufs2() at ffs_balloc_ufs2+0xa30 ufs_mkdir() at ufs_mkdir+0x55c VOP_MKDIR_APV() at VOP_MKDIR_APV+0xcc kern_mkdir() at kern_mkdir+0x2f0 mkdir() at mkdir+0x10 syscall() at syscall+0x2dc -- syscall (136, FreeBSD ELF64, mkdir) %o7=3D0x105b90 -- userland() at 0x40527d08 user trace: trap %o7=3D0x105b90 pc 0x40527d08, sp 0x7fdffffd5d1 pc 0x105c6c, sp 0x7fdffffd711 done While the kgdb output is useless: (kgdb) # kgdb kernel.debug vmcore.250 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "sparc64-marcel-freebsd". Unread portion of the kernel message buffer: =00=00=00=16=94=00=00=00=00=00=00=16=8B=00=00=00=00=00=00=00=08=00=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =05=AC=80=00=00=00=00=00=06=B4=80=00=00=00=00=00=00=0BY=00=00=00=00=00=00i= =00=00=00=00=00=00=00=08=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=0Bv=00=00=00=00=00=00=0E=9B=80=00=00= =00=00=00=00=16=EC=00=00=00=00=00=00=1D7=00=00=00=00=00=00=00=08=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =00=07=98=00=00=00=00=00=00=06=1E=80=00=00=00=00=00=00=0F0=00=00=00=00=00= =00=0C=3D=00=00=00=00=00=00=00=08=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=00=00=00 =85=80=00=00=00=00=00=0C=D5=80=00=00=00=00=00=00=15=0B=00=00=00=00=00=00=19= =AB=00=00=00=00=00=00=00=08=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=00=07?=00=00=00=00=00=00=03q=80=00=00= =00=00=00=00=0E~=00=00=00=00=00=00=06=E3=00=00=00=00=00=00=00=08=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =00=06=BB=00=00=00=00=00=00=0B=84=80=00=00=00=00=00=00v=00=00=00=00=00=00= =17 =00=00=00=00=00=00=00=08=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00= =00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00 #0 doadump () at /usr/src.6/sys/kern/kern_shutdown.c:233 233 savectx(&dumppcb); (kgdb) bt #0 doadump () at /usr/src.6/sys/kern/kern_shutdown.c:233 #1 0x00000000c006a728 in db_fncall (dummy1=3D0, dummy2=3D0, dummy3=3D11, d= ummy4=3D0x16e9a41a0 "") at /usr/src.6/sys/ddb/db_command.c:486 #2 0x00000000c006a434 in db_command (last_cmdp=3D0xc040f940, cmd_table=3D0= x0, aux_cmd_tablep=3D0xc03c8dc8,=20 aux_cmd_tablep_end=3D0xc03c8de0) at /usr/src.6/sys/ddb/db_command.c:401 #3 0x00000000c006a558 in db_command_loop () at /usr/src.6/sys/ddb/db_comma= nd.c:452 #4 0x00000000c006d0b8 in db_trap (type=3D1855603632, code=3D0) at /usr/src= .6/sys/ddb/db_main.c:221 #5 0x00000000c018d208 in kdb_trap (type=3D107, code=3D0, tf=3D0x16e9a4630)= at /usr/src.6/sys/kern/subr_kdb.c:473 #6 0x00000000c02f6b4c in trap (tf=3D0x16e9a4630) at /usr/src.6/sys/sparc64= /sparc64/trap.c:307 #7 0x00000000c0048fe0 in tl1_trap () #8 0x00000000c0048fe0 in tl1_trap () Previous frame identical to this frame (corrupt stack?) (kgdb) --+QahgC5+KEYLbs62 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDB4AFWry0BWjoQKURAqqKAJ90K/xvWxh/ZGV/zRV8Zi/aSuB+OACghxqo YEE7AvnGg2VpGuMoLbi1GLU= =QX8p -----END PGP SIGNATURE----- --+QahgC5+KEYLbs62--