> Unfortunately this is missing the rest of the page fault > panic messages including the 'trap 12' etc. Those messages > include a line that says 'cs:eip = 0x8:0xblah', and we need > the 0xblah part to work out where the page fault happened. > Usually these bugs are a NULL pointer deref that can often be > easily fixed if we can find out where it happened. Actually, > though, the ip can be found from the tf_eip member of struct > trapframe, which is 0xc05d1e69. > Can you send the output of 'l *0xc05d1e69' from gdb on the > same kernel.debug? > > -- > John Baldwin <jhb_at_FreeBSD.org> <>< > http://www.FreeBSD.org/~jhb/ "Power Users Use the Power to > Serve" = http://www.FreeBSD.org > > Sure...here we go: # gdb -k /usr/obj/usr/src/sys/fbsd5.vpn/kernel.debug ./vmcore.11 GNU gdb 5.2.1 (FreeBSD) Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-undermydesk-freebsd"... panic: page fault panic messages: --- --- #0 doadump () at /usr/src/sys/kern/kern_shutdown.c:236 236 dumping++; (kgdb) bt full #0 doadump () at /usr/src/sys/kern/kern_shutdown.c:236 No locals. #1 0xc04cdb26 in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:370 No locals. #2 0xc04cdf5c in __panic () at /usr/src/sys/kern/kern_shutdown.c:548 td = (struct thread *) 0xc1cef6e0 bootopt = 256 newpanic = 0 ap = 0xd1022b8c "\f?fÀ\001" buf = "page fault", '\0' <repeats 245 times> #3 0xc061e24c in trap_fatal (frame=0xd1022c30, eva=0) at /usr/src/sys/i386/i386/trap.c:815 code = 16 type = 12 ss = 16 esp = 0 softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27, ssd_dpl = 0, ssd_p = 1, ssd_xx = 13, ssd_xx1 = 2, ssd_def32 = 1, ssd_gran = 1} #4 0xc061ded2 in trap_pfault (frame=0xd1022c30, usermode=0, eva=3522064088) at /usr/src/sys/i386/i386/trap.c:733 va = 3522060288 vm = (struct vmspace *) 0x0 map = 0x1 rv = 1 ftype = 1 '\001' td = (struct thread *) 0xc1cef6e0 p = (struct proc *) 0xc1e5a528 #5 0xc061da8d in trap (frame= {tf_fs = -1066860520, tf_es = -788398064, tf_ds = -1068630000, tf_edi = -788386540, tf_esi = 4098, tf_ebp = -788386588, tf_isp = -788386724, tf_ebx = -1041914584, tf_edx = 0, tf_ecx = -772903432, tf_eax = 536870912, tf_trapno = 12, tf_err = 0, tf_eip = -1067639191, tf_cs = 8, tf_eflags = 66066, tf_esp = -1041914584, tf_ss = 2}) at /usr/src/sys/i386/i386/trap.c:420 td = (struct thread *) 0xc1cef6e0 p = (struct proc *) 0xc1e5a528 sticks = 2405433344 i = 0 ucode = 0 type = 12 code = 0 eva = 3522064088 #6 0xc05d1e69 in mmap (td=0xc1cef6e0, uap=0xd1022d14) at /usr/src/sys/vm/vm_mmap.c:280 fp = (struct file *) 0x0 vp = (struct vnode *) 0x0 addr = 0 size = 69632 pageoff = 3163 prot = 54 '6' maxprot = 0 '\0' handle = (void *) 0xd1022d14 flags = 4098 error = -1041914584 pos = -4481373134027661312 vms = (struct vmspace *) 0xd1022cf8 #7 0xc061e630 in syscall (frame= {tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = 0, tf_esi = 4096, tf_ebp = -1077943656, tf_isp = -788386444, tf_ebx = 65536, tf_edx = 0, tf_ecx = 137734528, tf_eax = 198, tf_trapno = 12, tf_err = 2, tf_eip = 137101951, tf_cs = 31, tf_eflags = 642, tf_esp = -1077943700, tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:1004 params = 0xbfbfe278---Can't read userspace from dump, or kernel process--- (kgdb) l *0xc05d1e69 0xc05d1e69 is in mmap (/usr/src/sys/vm/vm_mmap.c:280). 275 PROC_LOCK(td->td_proc); 276 if (addr == 0 || 277 (addr >= round_page((vm_offset_t)vms->vm_taddr) && 278 addr < round_page((vm_offset_t)vms->vm_daddr + 279 lim_max(td->td_proc, RLIMIT_DATA)))) 280 addr = round_page((vm_offset_t)vms->vm_daddr + 281 lim_max(td->td_proc, RLIMIT_DATA)); 282 PROC_UNLOCK(td->td_proc); 283 } 284 if (flags & MAP_ANON) { (kgdb)Received on Wed May 19 2004 - 08:03:44 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:54 UTC