From owner-freebsd-scsi  Wed Dec  4 14: 2:23 2002
Delivered-To: freebsd-scsi@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A4DA337B401
	for <freebsd-scsi@FreeBSD.ORG>; Wed,  4 Dec 2002 14:02:21 -0800 (PST)
Received: from rootlabs.com (root.org [67.118.192.226])
	by mx1.FreeBSD.org (Postfix) with SMTP id 47D3343E4A
	for <freebsd-scsi@FreeBSD.ORG>; Wed,  4 Dec 2002 14:02:21 -0800 (PST)
	(envelope-from nate@rootlabs.com)
Received: (qmail 11159 invoked by uid 1000); 4 Dec 2002 22:02:22 -0000
Date: Wed, 4 Dec 2002 14:02:22 -0800 (PST)
From: Nate Lawson <nate@root.org>
To: Chuck Tuffli <chuck_tuffli@agilent.com>
Cc: freebsd-scsi@FreeBSD.ORG
Subject: Re: decoding a double fault
In-Reply-To: <20021203010051.GA96898@cre85086tuf.rose.agilent.com>
Message-ID: <Pine.BSF.4.21.0212041323310.10493-100000@root.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-scsi@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-scsi.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-scsi>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-scsi>
X-Loop: FreeBSD.org

On Mon, 2 Dec 2002, Chuck Tuffli wrote:
> I'm working on a CAM driver for 4.7-RELEASE and am looking for some
> pointers on figuring out how I caused a double fault. The driver is a
> KLD and had already been loaded. The command I was executing just
> before the panic was a camcontrol rescan of the individual devices.
> Before running rescan, the driver did sucessfully detect 4 devices
> (This problem doesn't show up if I run rescan manually for each device).
> 
> The info on the terminal after the panic is
> 
> Fatal double fault:
> eip = 0xc0371e68
> esp = 0xc60aea50
> ebp = 0xc612ea7c
> 
> where 0xc0371e68 is in bus_dmamap_load at line 437
> ...
> 	vaddr = (vm_offset_t)buf;
> 	sg = &dm_segments[0];
> 	seg = 1;
> 	sg->ds_len = 0;		/* !!! line 437 */
> 
> 	nextpaddr = 0;
> 	do {
> ...

Nothing in CAM calls bus_* so you must be calling it.  :)  isp calls it in
its reset routine.  async handler problems?

> The backtrace just shows the fault
> 
> (kgdb) bt
> #0  Debugger (msg=0xc03ce15b "panic") at ../../i386/i386/db_interface.c:319
> #1  0xc021158c in panic (fmt=0xc03fc7c3 "double fault")
>     at ../../kern/kern_shutdown.c:593
> #2  0xc0382f13 in dblfault_handler () at ../../i386/i386/trap.c:1004

That's because you lost the frame when the fault handler faulted.

-Nate


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-scsi" in the body of the message