moused related panic

From: Giorgos Keramidas <keramida_at_freebsd.org>
Date: Sat, 3 Sep 2005 16:33:44 +0300
I've been unable to enable moused since a few days ago, because moving
the mouse panics with:

% Fatal trap 18: integer divide fault while in kernel mode
% instruction pointer     = 0x20:0xc0672388
% stack pointer           = 0x28:0xda93bbc0
% frame pointer           = 0x28:0xda93bbc8
% code segment            = base 0x0, limit 0xfffff, type 0x1b
%                         = DPL 0, pres 1, def32 1, gran 1
% processor eflags        = interrupt enabled, resume, IOPL = 0
% current process         = 566 (moused)

This was on a console running with 132x25 mode.

A backtrace didn't help track down the problem, because when I try to
see the values of local variables in the backtrace `scp' is NULL in
set_mouse_pos(scr_stat *scp).

Script started on Sat Sep  3 16:16:14 2005
gothmog:/var/crash# kgdb /usr/obj/usr/src/sys/GOTHMOG/kernel.debug vmcore.40
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:


Fatal trap 18: integer divide fault while in kernel mode
instruction pointer	= 0x20:0xc0672388
stack pointer	        = 0x28:0xda93bbc0
frame pointer	        = 0x28:0xda93bbc8
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 566 (moused)
panic: from debugger
KDB: stack backtrace:
Uptime: 41s
Dumping 511 MB (2 chunks)
  chunk 0: 1MB (159 pages) ... ok
  chunk 1: 511MB (130800 pages) 495 479 463 447 431 415 399 383 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15

#0  doadump () at pcpu.h:165
165	pcpu.h: No such file or directory.
	in pcpu.h
(kgdb) bt
#0  doadump () at pcpu.h:165
#1  0xc05360e8 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:397
#2  0xc0536393 in panic (fmt=0xc06bad52 "from debugger") at /usr/src/sys/kern/kern_shutdown.c:553
#3  0xc0478b21 in db_panic (addr=-1066982520, have_addr=0, count=-1, modif=0xda93ba14 "") at /usr/src/sys/ddb/db_command.c:432
#4  0xc0478ab8 in db_command (last_cmdp=0xc0740804, cmd_table=0x0, aux_cmd_tablep=0xc06eeab0, aux_cmd_tablep_end=0xc06eeab4)
    at /usr/src/sys/ddb/db_command.c:401
#5  0xc0478b80 in db_command_loop () at /usr/src/sys/ddb/db_command.c:452
#6  0xc047a721 in db_trap (type=18, code=0) at /usr/src/sys/ddb/db_main.c:221
#7  0xc054de3b in kdb_trap (type=18, code=0, tf=0xda93bb80) at /usr/src/sys/kern/subr_kdb.c:473
#8  0xc0693440 in trap_fatal (frame=0xda93bb80, eva=0) at /usr/src/sys/i386/i386/trap.c:832
#9  0xc0692fc4 in trap (frame=
      {tf_fs = -1066729464, tf_es = 40, tf_ds = -1072431064, tf_edi = -1065647296, tf_esi = 1840130, tf_ebp = -627852344, tf_isp = -627852372, tf_ebx = 1584, tf_edx = -1, tf_ecx = -1065647296, tf_eax = -1, tf_trapno = 18, tf_err = 0, tf_eip = -1066982520, tf_cs = 32, tf_eflags = 66054, tf_esp = -1065647296, tf_ss = -1043082592}) at /usr/src/sys/i386/i386/trap.c:639
#10 0xc0685eda in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#11 0xc06b0008 in __func__.0 ()
#12 0x00000028 in ?? ()
#13 0xc0140028 in ?? ()
#14 0xc07b8340 in kernel_console_ts ()
#15 0x001c1402 in ?? ()
#16 0xda93bbc8 in ?? ()
#17 0xda93bbac in ?? ()
#18 0x00000630 in ?? ()
#19 0xffffffff in ?? ()
#20 0xc07b8340 in kernel_console_ts ()
#21 0xffffffff in ?? ()
#22 0x00000012 in ?? ()
#23 0x00000000 in ?? ()
#24 0xc0672388 in set_mouse_pos (scp=0x0) at /usr/src/sys/dev/syscons/scmouse.c:162
#25 0xc0672f27 in sc_mouse_ioctl (tp=0x0, cmd=3229320000, data=0xc1d3d2a0 "\b", flag=3, td=0xc1d39900)
    at /usr/src/sys/dev/syscons/scmouse.c:732
#26 0xc06790ac in scioctl (dev=0xc1aa8b00, cmd=3222561546, data=0xc1d3d2a0 "\b", flag=3, td=0xc1d39900)
    at /usr/src/sys/dev/syscons/syscons.c:689
#27 0xc05127bb in giant_ioctl (dev=0xc1aa8b00, cmd=3222561546, data=0xc1d3d2a0 "\b", fflag=3, td=0xc1d39900)
    at /usr/src/sys/kern/kern_conf.c:287
#28 0xc04effe3 in devfs_ioctl_f (fp=0xc1badc60, com=3222561546, data=0xc1d3d2a0, cred=0xc1e1bb80, td=0xc1d39900)
    at /usr/src/sys/fs/devfs/devfs_vnops.c:546
#29 0xc05597e8 in ioctl (td=0xc1d39900, uap=0xda93bd04) at file.h:258
#30 0xc0693707 in syscall (frame=
      {tf_fs = 59, tf_es = 59, tf_ds = 59, tf_edi = -2147483648, tf_esi = 0, tf_ebp = -1077943096, tf_isp = -627851932, tf_ebx = 1, tf_edx = -2147483648, tf_ecx = 0, tf_eax = 54, tf_trapno = 22, tf_err = 2, tf_eip = 672370251, tf_cs = 51, tf_eflags = 663, tf_esp = -1077943540, tf_ss = 59}) at /usr/src/sys/i386/i386/trap.c:986
#31 0xc0685f2f in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:200
#32 0x0000003b in ?? ()
#33 0x0000003b in ?? ()
#34 0x0000003b in ?? ()
#35 0x80000000 in ?? ()
#36 0x00000000 in ?? ()
#37 0xbfbfe4c8 in ?? ()
#38 0xda93bd64 in ?? ()
#39 0x00000001 in ?? ()
#40 0x80000000 in ?? ()
#41 0x00000000 in ?? ()
#42 0x00000036 in ?? ()
#43 0x00000016 in ?? ()
#44 0x00000002 in ?? ()
#45 0x28138e4b in ?? ()
#46 0x00000033 in ?? ()
#47 0x00000297 in ?? ()
#48 0xbfbfe30c in ?? ()
#49 0x0000003b in ?? ()
#50 0x08078f38 in ?? ()
#51 0x08078f68 in ?? ()
#52 0xffffffff in ?? ()
#53 0x08078f08 in ?? ()
#54 0x1f4f4000 in ?? ()
#55 0xc1e48000 in ?? ()
#56 0xc1d39900 in ?? ()
#57 0xda93b7f4 in ?? ()
#58 0xda93b7dc in ?? ()
#59 0xc1976000 in ?? ()
#60 0xc0546833 in sched_switch (td=0x0, newtd=0x1, flags=Cannot access memory at address 0xbfbfe4d8
) at /usr/src/sys/kern/sched_4bsd.c:973
Previous frame inner to this frame (corrupt stack?)
(kgdb) up 24
#24 0xc0672388 in set_mouse_pos (scp=0x0) at /usr/src/sys/dev/syscons/scmouse.c:162
162	    	scp->mouse_pos =
(kgdb) list
157		    scp->mouse_ypos = (scp->ysize + scp->yoff)*scp->font_size - 1;
158	    }
159
160	    if (scp->mouse_xpos != scp->mouse_oldxpos || scp->mouse_ypos != scp->mouse_oldypos) {
161		scp->status |= MOUSE_MOVED;
162	    	scp->mouse_pos =
163		    (scp->mouse_ypos/scp->font_size - scp->yoff)*scp->xsize
164			+ scp->mouse_xpos/scp->font_width - scp->xoff;
165	#ifndef SC_NO_CUTPASTE
166		if ((scp->status & MOUSE_VISIBLE) && (scp->status & MOUSE_CUTTING))
(kgdb) p scp->font_width
Cannot access memory at address 0x6c
(kgdb) p *scp
Cannot access memory at address 0x0
(kgdb) p scp
$1 = (scr_stat *) 0x0
(kgdb) list set_mouse_pos
137	}
138
139	/* adjust mouse position */
140	static void
141	set_mouse_pos(scr_stat *scp)
142	{
143	    if (scp->mouse_xpos < scp->xoff*scp->font_width)
144		scp->mouse_xpos = scp->xoff*scp->font_width;
145	    if (scp->mouse_ypos < scp->yoff*scp->font_size)
146		scp->mouse_ypos = scp->yoff*scp->font_size;
(kgdb)
147	    if (ISGRAPHSC(scp)) {
148	        if (scp->mouse_xpos > scp->xpixel-1)
149		    scp->mouse_xpos = scp->xpixel-1;
150	        if (scp->mouse_ypos > scp->ypixel-1)
151		    scp->mouse_ypos = scp->ypixel-1;
152		return;
153	    } else {
154		if (scp->mouse_xpos > (scp->xsize + scp->xoff)*scp->font_width - 1)
155		    scp->mouse_xpos = (scp->xsize + scp->xoff)*scp->font_width - 1;
156		if (scp->mouse_ypos > (scp->ysize + scp->yoff)*scp->font_size - 1)
(kgdb) p scp
$2 = (scr_stat *) 0x0
(kgdb) list set_mouse_pos
137	}
138
139	/* adjust mouse position */
140	static void
141	set_mouse_pos(scr_stat *scp)
142	{
143	    if (scp->mouse_xpos < scp->xoff*scp->font_width)
144		scp->mouse_xpos = scp->xoff*scp->font_width;
145	    if (scp->mouse_ypos < scp->yoff*scp->font_size)
146		scp->mouse_ypos = scp->yoff*scp->font_size;
(kgdb)
147	    if (ISGRAPHSC(scp)) {
148	        if (scp->mouse_xpos > scp->xpixel-1)
149		    scp->mouse_xpos = scp->xpixel-1;
150	        if (scp->mouse_ypos > scp->ypixel-1)
151		    scp->mouse_ypos = scp->ypixel-1;
152		return;
153	    } else {
154		if (scp->mouse_xpos > (scp->xsize + scp->xoff)*scp->font_width - 1)
155		    scp->mouse_xpos = (scp->xsize + scp->xoff)*scp->font_width - 1;
156		if (scp->mouse_ypos > (scp->ysize + scp->yoff)*scp->font_size - 1)
(kgdb)
157		    scp->mouse_ypos = (scp->ysize + scp->yoff)*scp->font_size - 1;
158	    }
159
160	    if (scp->mouse_xpos != scp->mouse_oldxpos || scp->mouse_ypos != scp->mouse_oldypos) {
161		scp->status |= MOUSE_MOVED;
162	    	scp->mouse_pos =
163		    (scp->mouse_ypos/scp->font_size - scp->yoff)*scp->xsize
164			+ scp->mouse_xpos/scp->font_width - scp->xoff;
165	#ifndef SC_NO_CUTPASTE
166		if ((scp->status & MOUSE_VISIBLE) && (scp->status & MOUSE_CUTTING))
(kgdb) q
gothmog:/var/crash# exit
exit

Script done on Sat Sep  3 16:23:25 2005
Received on Sat Sep 03 2005 - 11:34:20 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:42 UTC