Date: Fri, 7 Feb 1997 20:53:00 -0800 (PST) From: Dmitry Kohmanyuk <dk@genesyslab.com> To: freebsd-hackers@freebsd.org Cc: dk@farm.org Subject: 2.2 panic in i586_bc1 call from nfs_writerpc() Message-ID: <199702080453.UAA09228@zen.genesyslab.com>
next in thread | raw e-mail | index | archive | help
hi,
I got a weird panic today, and I beleive I know why it happened ;-)
(kgdb) bt
#0 boot (howto=256) at ../../kern/kern_shutdown.c:243
#1 0xf0112262 in panic (
fmt=0xf01b8257 "vm_fault: fault on nofault entry, addr: %lx")
at ../../kern/kern_shutdown.c:367
#2 0xf01b837e in vm_fault (map=0xf1f77e80, vaddr=4105216000,
fault_type=1 '\001', change_wiring=0) at ../../vm/vm_fault.c:201
#3 0xf01cd0a4 in trap_pfault (frame=0xefbffc80, usermode=0)
at ../../i386/i386/trap.c:642
#4 0xf01ccdcf in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -235292624,
tf_esi = -189751296, tf_ebp = -272630520, tf_isp = -272630616,
tf_ebx = -235363712, tf_edx = -2147155909, tf_ecx = 2000,
tf_eax = -45541328, tf_trapno = 12, tf_err = 0, tf_eip = -266552628,
tf_cs = 8, tf_eflags = 66050, tf_esp = 2000, tf_ss = -189751296})
at ../../i386/i386/trap.c:311
#5 0xf01cbacc in i586_bc1 ()
#6 0xf01876a8 in nfs_writerpc (vp=0xf24f6680, uiop=0xefbffdf8,
cred=0xf2753380, iomode=0xefbffdec, must_commit=0xefbffde4)
at ../../nfs/nfs_vnops.c:1164
#7 0xf01614a8 in nfs_doio (bp=0xf434ecc4, cr=0xf2753380, p=0x0)
at ../../nfs/nfs_bio.c:973
#8 0xf0180543 in nfssvc_iod (p=0xf23ab600) at ../../nfs/nfs_syscalls.c:781
#9 0xf017f2be in nfssvc (p=0xf23ab600, uap=0xefbfff94, retval=0xefbfff84)
at ../../nfs/nfs_syscalls.c:202
---Type <return> to continue, or q <return> to quit---
#10 0xf01cd89f in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = -272638320,
tf_esi = 0, tf_ebp = -272638368, tf_isp = -272629788, tf_ebx = 3,
tf_edx = 1, tf_ecx = 1, tf_eax = 155, tf_trapno = 12, tf_err = 7,
tf_eip = 8597, tf_cs = 31, tf_eflags = 582, tf_esp = -272638392,
tf_ss = 39}) at ../../i386/i386/trap.c:892
#11 0x2195 in ?? ()
Cannot access memory at address 0xefbfde64.
the system was writing over NFS at the moment, and the file size has
hit 2G:
-rw-r--r-- 1 backup wheel 2147516416 Feb 7 17:04 filename
(the reason file is that big is backup included /proc, by mistake, and
Solaris's tar was happily reading all the processes' cores)
the mtime stamp of this file is exactly the time of a crash, so I beleive
that nagative 32-bit offset was the reason for a panic.
there are 2 calls to bcopy() in nfs_vnops.c:nfs_writerpc(), but the logic
is that only one of them can be executed at one invocation.
(btw, gdb cannot disassemble functions in support.s ;-( but it's easy
to see that it's within i586_bc1 anyway (next label is i586_global_bcopy,
and that address is higher than fault's).
I have recompiled my world pretty recently (I cvsupped cvs tree, checked
out RELENG_2_2 and compiled from that). Just for reference, it's
* $Id: support.s,v 1.41.2.6 1997/01/25 03:23:09 dyson Exp $
and
* $Id: nfs_vnops.c,v 1.36.2.2 1997/01/07 06:18:27 wpaul Exp $
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702080453.UAA09228>