Current-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Current panics
Manuel Bouyer <bouyer%antioche.eu.org@localhost> writes:
> On Sat, Nov 21, 2009 at 05:05:45AM +0300, Aleksej Saushev wrote:
>> Alright, I've just had another panic:
>>
>> fatal page fault in supervisor mode
>> trap type 6 code 0 eip c0347585 cs 8 eflags 210202 cr2 0 ilevel 8
>>
>> dumping to dev 0,1 offset 1592368
>>
>>
>> (gdb) target kvm netbsd.44.core
>> #0 cpu_reboot (howto=256, bootstr=0x0) at
>> /usr/src/sys/arch/i386/i386/machdep.c:864
>> 864 splx(s);
>> (gdb) bt
>> #0 cpu_reboot (howto=256, bootstr=0x0) at
>> /usr/src/sys/arch/i386/i386/machdep.c:864
>> #1 0xc017f9b7 in db_sync_cmd (addr=-1070303867, have_addr=false,
>> count=-1067765371, modif=0xcc791804 "?H\027?")
>> at /usr/src/sys/ddb/db_command.c:1375
>> #2 0xc01800fa in db_command (last_cmdp=0xc05a0f1c) at
>> /usr/src/sys/ddb/db_command.c:909
>> #3 0xc018033d in db_command_loop () at /usr/src/sys/ddb/db_command.c:567
>> #4 0xc0185ca0 in db_trap (type=6, code=0) at /usr/src/sys/ddb/db_trap.c:101
>> #5 0xc0182c94 in kdb_trap (type=6, code=0, regs=0xcc791a2c) at
>> /usr/src/sys/arch/i386/i386/db_interface.c:226
>> #6 0xc03dd0ee in trap (frame=0xcc791a2c) at
>> /usr/src/sys/arch/i386/i386/trap.c:354
>> #7 0xc010cb3f in calltrap ()
>> #8 0xc0347585 in pmap_activate (l=0xcbead0e0) at
>> /usr/src/sys/arch/x86/x86/pmap.c:2527
>> #9 0xc0283b50 in mi_switch (l=0xcbead0e0) at
>> /usr/src/sys/kern/kern_synch.c:771
>> #10 0xc0280fd3 in sleepq_block (timo=0, catch=true) at
>> /usr/src/sys/kern/kern_sleepq.c:262
>> #11 0xc03bd959 in sel_do_scan (fds=0xcc791ba0, nfds=1, ts=0x0, mask=0x0,
>> retval=0xcc791d28, selpoll=0)
>> at /usr/src/sys/kern/sys_select.c:253
>> #12 0xc03bdb71 in pollcommon (retval=0xcc791d28, u_fds=0xbb80c070, nfds=1,
>> ts=0x0, mask=0x0)
>> at /usr/src/sys/kern/sys_select.c:440
>> #13 0xc03bdc95 in sys_poll (l=0xcbead0e0, uap=0xcc791d00, retval=0xcc791d28)
>> at /usr/src/sys/kern/sys_select.c:378
>> #14 0xc03bf736 in syscall (frame=0xcc791d48) at
>> /usr/src/sys/sys/syscallvar.h:61
>> #15 0xc0100524 in syscall1 ()
>>
>>
>> I remember this "pmap_activate ... sys_poll" sequence, it was observed
>> recently.
>
> This one seems to be unrelated to the previous. I can't see a vnode
> being involved here ...
Sure. Yet I've got the dump.
I shall run memory tests in near future to rule that possibility out.
Not that I believe in it, but the doubt was expressed.
>> "bt full" reveals these details:
>>
>> #8 0xc0347585 in pmap_activate (l=0xcbead0e0) at
>> /usr/src/sys/arch/x86/x86/pmap.c:2527
>
> That would be:
> struct pmap *pmap = vm_map_pmap(&l->l_proc->p_vmspace->vm_map);
>
>> ci = (struct cpu_info *) 0x8001003b
>> pmap = (struct pmap *) 0x0
>
> Can you also print:
> *l
> *(l->l_proc)
> *(l->l_proc->p_vmspace)
> l->l_proc->p_vmspace->vm_map
>
> I wonder what could be NULL in there.
$ gdb /usr/obj/sys/arch/i386/compile/KERN/netbsd.gdb
*** output flushed ***
(gdb) target kvm netbsd.44.core
#0 cpu_reboot (howto=256, bootstr=0x0) at
/usr/src/sys/arch/i386/i386/machdep.c:864
864 splx(s);
(gdb) p *l
$1 = {l_runq = {tqe_next = 0x0, tqe_prev = 0xcb1134d0}, l_sched = {info = 0x0,
timeslice = 0}, l_cpu = 0xc05a0640,
l_mutex = 0xcb12dd40, l_ctxswtch = 0, l_addr = 0xcc791da0, l_md = {md_regs =
0xcc791d48, md_flags = 1,
md_astpending = 0, md_gc_pmap = 0x0, md_gc_ptp = 0x0}, l_flag = 0, l_stat =
7, l_rtime = {sec = 0,
frac = 1202124396212054940}, l_stime = {sec = 19103, frac =
16176199348511777175}, l_swtime = 19043, _reserved1 = 0,
l_rticks = 1909092, l_rticksum = 0, l_slpticks = 1908099, l_slpticksum = 993,
l_biglocks = 0, l_class = 0,
l_kpriority = 1, l_kpribase = 64, l_priority = 43, l_inheritedprio = -1,
l_pi_lenders = {slh_first = 0x0},
l_ncsw = 3032, l_nivcsw = 72, l_cpticks = 7, l_pctcpu = 0, l_estcpu = 0,
l_psid = 0, l_target_cpu = 0x0,
l_lwpctl = 0x0, l_lcpage = 0x0, l_affinity = 0x0, l_savp = 0x0, l_ts =
0xcb12f618, l_syncobj = 0xc05a7594,
l_sleepchain = {tqe_next = 0xccd38a60, tqe_prev = 0xcd5f30e8}, l_wchan = 0x0,
l_wmesg = 0xc05740b9 "select",
l_sleepq = 0x0, l_sleeperr = 0, l_slptime = 0, l_timeout_ch = {_c_store =
{0x0, 0x0, 0xc0280c9a, 0xcbead0e0,
0xc05d6540, 0x0, 0x100, 0x11deeba1, 0x0, 0x0}}, l_emap_gen = 0, l_list =
{le_next = 0xcd129500,
le_prev = 0xcd129390}, l_ctxlink = 0x0, l_proc = 0xcbea194c, l_sibling =
{le_next = 0x0, le_prev = 0xcbea19e0},
l_waiter = 0, l_waitingfor = 0, l_prflag = 0, l_refcnt = 1, l_lid = 1,
l_selflag = 0, l_selwait = {
slh_first = 0xc2513348}, l_selcpu = 0xcb113e80, l_name = 0x0, l_sigrestore
= 0, l_sigwaitset = {__bits = {0, 0, 0,
0}}, l_sigcv = {cv_opaque = {0x0, 0xcbead240, 0xc05707ae}}, l_sigwaited =
0x0, l_sigpendset = 0x0, l_sigwaiter = {
le_next = 0x0, le_prev = 0x0}, l_sigstk = {ss_sp = 0x0, ss_size = 0,
ss_flags = 4}, l_sigmask = {__bits = {0, 0, 0,
0}}, l_sigpend = {sp_info = {cqh_first = 0xcbead278, cqh_last =
0xcbead278}, sp_set = {__bits = {0, 0, 0, 0}}},
l_sigoldmask = {__bits = {0, 0, 0, 0}}, l_specdataref =
{specdataref_container = 0xcd50e630, specdataref_lock = {u = {
mtxa_owner = 0}}}, l_ktrcsw = {tv_sec = 0, tv_nsec = 0}, l_private =
0x0, l_switchto = 0x0, l_cred = 0xcd24bc00,
l_fd = 0xcd253340, l_emuldata = 0x0, l_cv_signalled = 0, l_shlocks = 0,
l_exlocks = 0, l_unused = 0, l_blcnt = 0,
l_nopreempt = 0, l_dopreempt = 0, l_pflag = 536870944, l_dupfd = -5, l_sysent
= 0xc05a52cc, l_ru = {ru_utime = {
tv_sec = 0, tv_usec = 0}, ru_stime = {tv_sec = 0, tv_usec = 0}, ru_maxrss
= 0, ru_ixrss = 0, ru_idrss = 0,
ru_isrss = 0, ru_minflt = 253, ru_majflt = 41, ru_nswap = 0, ru_inblock =
4, ru_oublock = 0, ru_msgsnd = 1276,
ru_msgrcv = 5296, ru_nsignals = 0, ru_nvcsw = 0, ru_nivcsw = 0},
l_pfailtime = 0, l_pfailaddr = 0, l_pfaillock = 0,
l_ld_locks = {tqh_first = 0x0, tqh_last = 0xcbead348}, l_tcgen = 0, l_unused2
= 0, l_syscall_time = 0,
l_syscall_counter = 0x0}
(gdb) p *(l->l_proc)
$2 = {p_list = {le_next = 0x0, le_prev = 0x0}, p_auxlock = {u = {mtxa_owner =
0}}, p_lock = 0x0, p_stmutex = {u = {
mtxa_owner = 0}}, p_reflock = {rw_owner = 0}, p_waitcv = {cv_opaque =
{0x0, 0x0, 0x0}}, p_lwpcv = {cv_opaque = {
0x0, 0x0, 0x0}}, p_cred = 0x0, p_fd = 0x0, p_cwdi = 0x0, p_stats = 0x0,
p_limit = 0x0, p_vmspace = 0x0,
p_sigacts = 0x0, p_aio = 0x0, p_mqueue_cnt = 0, p_specdataref =
{specdataref_container = 0x0, specdataref_lock = {u = {
mtxa_owner = 0}}}, p_exitsig = 0, p_flag = 0, p_sflag = 0, p_slflag =
0, p_lflag = 0, p_stflag = 0,
p_stat = 0 '\0', p_trace_enabled = 0 '\0', p_pad1 = "\000", p_pid = 0,
p_pglist = {le_next = 0x0, le_prev = 0x0},
p_pptr = 0x0, p_sibling = {le_next = 0x0, le_prev = 0x0}, p_children =
{lh_first = 0x0}, p_lwps = {lh_first = 0x0},
p_raslist = 0x0, p_nlwps = 0, p_nzlwps = 0, p_nrlwps = 0, p_nlwpwait = 0,
p_ndlwps = 0, p_nlwpid = 0, p_nstopchild = 0,
p_waited = 0, p_zomblwp = 0x0, p_sa = 0x0, p_sched_info = 0x0, p_estcpu = 0,
p_estcpu_inherited = 0, p_forktime = 48,
p_pctcpu = 0, p_opptr = 0x0, p_timers = 0x0, p_rtime = {sec = 0, frac = 0},
p_uticks = 3, p_sticks = 4, p_iticks = 0,
p_traceflag = 0, p_timerpend = 0, p_tracep = 0x0, p_textvp = 0xcd5fbe60,
p_userret = 0, p_emul = 0xc05a6a00,
p_emuldata = 0x0, p_execsw = 0xc05a25e0, p_klist = {slh_first = 0x0},
p_sigwaiters = {lh_first = 0x0}, p_sigstore = {
ss_stk = {ss_sp = 0x0, ss_size = 0, ss_flags = 0}, ss_mask = {__bits = {0,
0, 0, 0}}}, p_sigpend = {sp_info = {
cqh_first = 0xcbea1a98, cqh_last = 0xcbea1a98}, sp_set = {__bits = {0, 0,
0, 0}}}, p_lwpctl = 0x0, p_ppid = 198,
p_sigctx = {ps_signo = 0, ps_code = 0, ps_lwp = 0, ps_sigcode = 0xbbbf1000,
ps_sigignore = {__bits = {2554888196, 0, 0,
0}}, ps_sigcatch = {__bits = {16387, 0, 0, 0}}}, p_nice = 20 '\024',
p_comm = "evilwm\000\000\000\000\000\000\000\000\000\000", p_pgrp =
0xcd0ecfc0, p_psstr = 0xbfbffff0, p_psargv = 0,
p_psnargv = 4, p_psenv = 8, p_psnenv = 12, p_pax = 0, p_xstat = 0, p_acflag =
0, p_md = {md_flags = 0,
md_syscall = 0xc03bf672 <syscall>}, p_stackbase = 3217031168}
(gdb) p *(l->l_proc->p_vmspace)
Cannot access memory at address 0x0
(gdb) p l->l_proc->p_vmspace->vm_map
Cannot access memory at address 0x0
--
HE CE3OH...
Home |
Main Index |
Thread Index |
Old Index