Date: Mon, 2 Dec 2002 17:00:52 -0800 From: Chuck Tuffli <chuck_tuffli@agilent.com> To: freebsd-scsi@FreeBSD.ORG Subject: decoding a double fault Message-ID: <20021203010051.GA96898@cre85086tuf.rose.agilent.com>
next in thread | raw e-mail | index | archive | help
I'm working on a CAM driver for 4.7-RELEASE and am looking for some
pointers on figuring out how I caused a double fault. The driver is a
KLD and had already been loaded. The command I was executing just
before the panic was a camcontrol rescan of the individual devices.
Before running rescan, the driver did sucessfully detect 4 devices
(This problem doesn't show up if I run rescan manually for each device).
smallrocks# while 1
while?
smallrocks# foreach d (0 1 2 3)
foreach? camcontrol rescan 0:$d\:0
foreach? end
Re-scan of 0:0:0 was successful
Re-scan of 0:1:0 was successful
The info on the terminal after the panic is
Fatal double fault:
eip = 0xc0371e68
esp = 0xc60aea50
ebp = 0xc612ea7c
where 0xc0371e68 is in bus_dmamap_load at line 437
...
vaddr = (vm_offset_t)buf;
sg = &dm_segments[0];
seg = 1;
sg->ds_len = 0; /* !!! line 437 */
nextpaddr = 0;
do {
...
The backtrace just shows the fault
(kgdb) bt
#0 Debugger (msg=0xc03ce15b "panic") at ../../i386/i386/db_interface.c:319
#1 0xc021158c in panic (fmt=0xc03fc7c3 "double fault")
at ../../kern/kern_shutdown.c:593
#2 0xc0382f13 in dblfault_handler () at ../../i386/i386/trap.c:1004
In frame #2, the contents of common_tss are
(kgdb) p/x common_tss
$4 = {tss_link = 0x0, tss_esp0 = 0xc612eff0, tss_ss0 = 0x10, tss_esp1 = 0x0,
tss_ss1 = 0x0, tss_esp2 = 0x0, tss_ss2 = 0x0, tss_cr3 = 0x0,
tss_eip = 0xc0371e68, tss_eflags = 0x10246, tss_eax = 0xc0d86284,
tss_ecx = 0x0, tss_edx = 0xc60aea50, tss_ebx = 0xc0ecc220,
tss_esp = 0xc60aea50, tss_ebp = 0xc612ea7c, tss_esi = 0xc0ed0800,
tss_edi = 0xc0ed0800, tss_es = 0x10, tss_cs = 0x8, tss_ss = 0x10,
tss_ds = 0x10, tss_fs = 0x10, tss_gs = 0x2f, tss_ldt = 0x0,
tss_ioopt = 0x680000}
Is there enough information from the above to figure out what code was
calling bus_dmamap_load, is the fault from a stack overflow or other
bad address, etc.? Any comments, including RTFM, are welcomed as long
as you mention which manual to read :)
--
Chuck Tuffli <chuck_tuffli AT NO_SPAM agilent DOT com>
Agilent Technologies, Storage and Networking
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-scsi" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021203010051.GA96898>