Re: New panics

From: Lukas Ertl <l.ertl_at_univie.ac.at>
Date: Wed, 13 Aug 2003 14:25:21 +0200 (CEST)
On Mon, 11 Aug 2003, Lukas Ertl wrote:

> Closest comes pmap_is_modified, I guess.

Gang,

I gladly managed to get a crashdump on the latest panic.  It's now clear
it happends in pmap_is_modified().

This is a "FreeBSD 5.1-CURRENT #18: Tue Aug 12 18:42:23 CEST 2003" kernel,
but with the DISABLE_PSE patch from Bosko (I don't think it has to do with
the patch - the same panic happened before, too).

Following is the DDB backtrace and the bt and bt full from gdb.

Stopped at      pmap_is_modified+0x75:  testb   $0x40,0(%eax)
db> trace
pmap_is_modified(c1d2bb30,0,e19a4b90,c0551956,c1d2bb30) at pmap_is_modified+0x75
vm_page_test_dirty(c1d2bb30,40,d2d25f10,c68e7248,d2f93978) at vm_page_test_dirty+0x1a
vfs_setdirty(d2f93978,2137000,0,d2f93978,d2f93978) at vfs_setdirty+0x136
vfs_busy_pages(d2f93978,1,d2d71078,0,c40) at vfs_busy_pages+0x3c
bwrite(d2f93978,4000,c3f,0,67380) at bwrite+0x380
vfs_bio_awrite(d2f93978,12,c653a260,c653a260,c653a260) at vfs_bio_awrite+0x289
flushbufqueues(0,c06fce40,44,c06a2842,64) at flushbufqueues+0x227
buf_daemon(0,e19a4d48,0,0,0) at buf_daemon+0x13c
fork_exit(c0550e40,0,e19a4d48) at fork_exit+0xb1
fork_trampoline() at fork_trampoline+0x8
--- trap 0x1, eip = 0, esp = 0xe19a4d7c, ebp = 0 ---


Script started on Wed Aug 13 14:17:29 2003
[root_at_newscore crash]# gdb -k kernel.5 vmcore.5
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-undermydesk-freebsd"...
panic messages:
---
Fatal trap 12: page fault while in kernel mode
cpuid = 2; lapic.id = 06000000
fault virtual address	= 0xbfcadf10
fault code		= supervisor read, page not present
instruction pointer	= 0x8:0xc065eee5
stack pointer	        = 0x10:0xe19a4b44
frame pointer	        = 0x10:0xe19a4b50
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 40 (bufdaemon)
Dumping 1023 MB
 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 256 272 288 304 320 336 352 368 384 400 416 432 448 464 480 496 512 528 544 560 576 592 608 624 640 656 672 688 704 720 736 752 768 784 800 816 832 848 864 880 896 912 928 944 960 976 992 1008
---
Reading symbols from /usr/obj/usr/src/sys/NEWSCORE/modules/usr/src/sys/modules/acpi/acpi.ko.debug...done.
Loaded symbols for /usr/obj/usr/src/sys/NEWSCORE/modules/usr/src/sys/modules/acpi/acpi.ko.debug
#0  doadump () at /usr/src/sys/kern/kern_shutdown.c:240
240		dumping++;
(kgdb) where
#0  doadump () at /usr/src/sys/kern/kern_shutdown.c:240
#1  0xc04495d5 in db_fncall (dummy1=0, dummy2=0, dummy3=1999,
    dummy4=0xe19a4928 "àRnÀÈ\203rÀDI\232á\r")
    at /usr/src/sys/ddb/db_command.c:548
#2  0xc0449322 in db_command (last_cmdp=0xc06e4980, cmd_table=0x0,
    aux_cmd_tablep=0xc06b5fb8, aux_cmd_tablep_end=0xc06b5fbc)
    at /usr/src/sys/ddb/db_command.c:346
#3  0xc0449465 in db_command_loop () at /usr/src/sys/ddb/db_command.c:472
#4  0xc044c485 in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_trap.c:73
#5  0xc064780c in kdb_trap (type=12, code=0, regs=0xe19a4b04)
    at /usr/src/sys/i386/i386/db_interface.c:172
#6  0xc0661b86 in trap_fatal (frame=0xe19a4b04, eva=0)
    at /usr/src/sys/i386/i386/trap.c:816
#7  0xc0661832 in trap_pfault (frame=0xe19a4b04, usermode=0, eva=3217743632)
    at /usr/src/sys/i386/i386/trap.c:735
#8  0xc066138d in trap (frame=
      {tf_fs = -958660584, tf_es = 409141264, tf_ds = -463536112, tf_edi = -964805744, tf_esi = -755418760, tf_ebp = -509981872, tf_isp = -509981904, tf_ebx = -579812704, tf_edx = 409186304, tf_ecx = -463514956, tf_eax = -1077223664, tf_trapno = 12, tf_err = 0, tf_eip = -1067061531, tf_cs = 8, tf_eflags = 66050, tf_esp = -958598736, tf_ss = 729563136}) at /usr/src/sys/i386/i386/trap.c:420
#9  0xc0649248 in calltrap () at {standard input}:103
#10 0xc061c1fa in vm_page_test_dirty (m=0xdd70c2a0)
    at /usr/src/sys/vm/vm_page.c:1700
#11 0xc0551956 in vfs_setdirty (bp=0xd2f93978)
    at /usr/src/sys/kern/vfs_bio.c:2297
#12 0xc055399c in vfs_busy_pages (bp=0xc67e3b90, clear_modify=1)
    at /usr/src/sys/kern/vfs_bio.c:3335
#13 0xc054dff0 in bwrite (bp=0xd2f93978) at /usr/src/sys/kern/vfs_bio.c:859
#14 0xc05505d9 in vfs_bio_awrite (bp=0xd2f93978)
    at /usr/src/sys/kern/vfs_bio.c:1707
#15 0xc0551417 in flushbufqueues (flushdeps=0)
    at /usr/src/sys/kern/vfs_bio.c:2169
#16 0xc0550f7c in buf_daemon () at /usr/src/sys/kern/vfs_bio.c:2070
#17 0xc04ec991 in fork_exit (callout=0xc0550e40 <buf_daemon>, arg=0x0,
---Type <return> to continue, or q <return> to quit---
    frame=0x0) at /usr/src/sys/kern/kern_fork.c:790
(kgdb) bt full
#0  doadump () at /usr/src/sys/kern/kern_shutdown.c:240
No locals.
#1  0xc04495d5 in db_fncall (dummy1=0, dummy2=0, dummy3=1999,
    dummy4=0xe19a4928 "àRnÀÈ\203rÀDI\232á\r")
    at /usr/src/sys/ddb/db_command.c:548
	fn_addr = -1068484368
	args = {0 <repeats 11 times>}
	nargs = 11
	retval = 0
	func = (fcn_10args_t *) 0xc05038f0 <doadump>
	t = 0
#2  0xc0449322 in db_command (last_cmdp=0xc06e4980, cmd_table=0x0,
    aux_cmd_tablep=0xc06b5fb8, aux_cmd_tablep_end=0xc06b5fbc)
    at /usr/src/sys/ddb/db_command.c:346
	cmd = (struct command *) 0xc06bba80
	t = 0
	modif = "àRnÀÈ\203rÀDI\232á\r\0\0\0_at_oqÀ\r\0\0\0\001\0\0\0dI\232áVÖcÀ_at_UpÀ\aK\0 ÀoqÀ`ËoÀàRnÀx\0\0\0àRnÀÈ\203rÀ\210I\232áa²DÀ¬²hÀ\020°DÀ\0\0\0\0\020\0\0\0È\203rÀàRnÀv©DÀàRnÀ\230JnÀx\0\0\0\020\0\0"
	addr = 0
	count = 1999
	have_addr = 0
	result = 0
#3  0xc0449465 in db_command_loop () at /usr/src/sys/ddb/db_command.c:472
No locals.
#4  0xc044c485 in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_trap.c:73
	bkpt = 0
#5  0xc064780c in kdb_trap (type=12, code=0, regs=0xe19a4b04)
    at /usr/src/sys/i386/i386/db_interface.c:172
	ef = 582
	ddb_mode = 1
#6  0xc0661b86 in trap_fatal (frame=0xe19a4b04, eva=0)
    at /usr/src/sys/i386/i386/trap.c:816
	code = 16
	type = 12
---Type <return> to continue, or q <return> to quit---
	ss = 16
	esp = 0
	softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27,
  ssd_dpl = 0, ssd_p = 1, ssd_xx = 6, ssd_xx1 = 3, ssd_def32 = 1, ssd_gran = 1}
#7  0xc0661832 in trap_pfault (frame=0xe19a4b04, usermode=0, eva=3217743632)
    at /usr/src/sys/i386/i386/trap.c:735
	va = 3217739776
	vm = (struct vmspace *) 0x0
	map = 0x1
	rv = 1
	ftype = 1 '\001'
	td = (struct thread *) 0xc653a260
	p = (struct proc *) 0xc65a5000
#8  0xc066138d in trap (frame=
      {tf_fs = -958660584, tf_es = 409141264, tf_ds = -463536112, tf_edi = -964805744, tf_esi = -755418760, tf_ebp = -509981872, tf_isp = -509981904, tf_ebx = -579812704, tf_edx = 409186304, tf_ecx = -463514956, tf_eax = -1077223664, tf_trapno = 12, tf_err = 0, tf_eip = -1067061531, tf_cs = 8, tf_eflags = 66050, tf_esp = -958598736, tf_ss = 729563136}) at /usr/src/sys/i386/i386/trap.c:420
	td = (struct thread *) 0xc653a260
	p = (struct proc *) 0xc65a5000
	sticks = 3327369824
	i = 0
	ucode = 0
	type = 12
	code = 0
	eva = 3217743632
#9  0xc0649248 in calltrap () at {standard input}:103
No locals.
#10 0xc061c1fa in vm_page_test_dirty (m=0xdd70c2a0)
    at /usr/src/sys/vm/vm_page.c:1700
No locals.
#11 0xc0551956 in vfs_setdirty (bp=0xd2f93978)
    at /usr/src/sys/kern/vfs_bio.c:2297
	boffset = 3539548536
---Type <return> to continue, or q <return> to quit---
	eoffset = 3715154592
	i = -579812704
	object = 0xc67e3b90
#12 0xc055399c in vfs_busy_pages (bp=0xc67e3b90, clear_modify=1)
    at /usr/src/sys/kern/vfs_bio.c:3335
	obj = 0xc67e3b90
	foff = 51380224
	i = -755418760
	bogus = -755418760
#13 0xc054dff0 in bwrite (bp=0xd2f93978) at /usr/src/sys/kern/vfs_bio.c:859
	oldflags = 537002660
	newbp = (struct buf *) 0x0
#14 0xc05505d9 in vfs_bio_awrite (bp=0xd2f93978)
    at /usr/src/sys/kern/vfs_bio.c:1707
	i = 1
	j = 0
	lblkno = 3136
	vp = (struct vnode *) 0xc68e7248
	ncl = 16384
	nwritten = 16384
	size = 16384
	maxcl = 8
#15 0xc0551417 in flushbufqueues (flushdeps=0)
    at /usr/src/sys/kern/vfs_bio.c:2169
	td = (struct thread *) 0xc653a260
	vp = (struct vnode *) 0xc68e7248
	bp = (struct buf *) 0xd2f93978
	hasdeps = 0
#16 0xc0550f7c in buf_daemon () at /usr/src/sys/kern/vfs_bio.c:2070
No locals.
#17 0xc04ec991 in fork_exit (callout=0xc0550e40 <buf_daemon>, arg=0x0,
    frame=0x0) at /usr/src/sys/kern/kern_fork.c:790
	td = (struct thread *) 0x0
	p = (struct proc *) 0xc65a5000
(kgdb)
(kgdb) quit
[root_at_newscore crash]# exit

Script done on Wed Aug 13 14:18:18 2003

-- 
Lukas Ertl                             eMail: l.ertl_at_univie.ac.at
UNIX Systemadministrator               Tel.:  (+43 1) 4277-14073
Vienna University Computer Center      Fax.:  (+43 1) 4277-9140
University of Vienna                   http://mailbox.univie.ac.at/~le/
Received on Wed Aug 13 2003 - 03:25:44 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:18 UTC