Subject: port-alpha/20473: kernel often crashes in ddb
To: None <>
From: None <>
List: netbsd-bugs
Date: 02/23/2003 08:33:59
>Number:         20473
>Category:       port-alpha
>Synopsis:       kernel often crashes in ddb
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    port-alpha-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Feb 23 08:35:00 PST 2003
>Originator:     Pavel Cahyna
>Release:        1.6_STABLE
NetBSD omega 1.6_STABLE NetBSD 1.6_STABLE (ALPHA-$Revision: $) #5: Wed Jan 15 08:31:54 UTC 2003 root@beta:/usr/obj/kern/BETA alpha
After entering ddb several times, setting and removing breakpoints, I
pressed ctrl+alt+esc to enter ddb and the kernel immediately crashed
(exited to SRM console). SRM console prints:

halt code = 2
kernel stack not valid halt

When I rebooted, following messages were found
in dmesg:

---cut here
CPU 0    a1         = 0x1
CPU 0    a2         = 0x1
CPU 0    pc         = 0xfffffc00009ec71c
CPU 0    ra         = 0xfffffc0000619988
CPU 0    pv         = 0xfffffc00009ec6e0
CPU 0    curproc    = 0x0

panic: trap

CPU 0: fatal kernel trap:

CPU 0    trap entry = 0x2 (memory management fault)
CPU 0    a0         = 0x6469726220657465
CPU 0    a1         = 0x1
CPU 0    a2         = 0x1
CPU 0    pc         = 0xfffffc00009ec71c
CPU 0    ra         = 0xfffffc0000619988
CPU 0    pv         = 0xfffffc00009ec6e0
CPU 0    curproc    = 0x0
---cut here
... repeated many times.

I guess pc is a program counter, so I ran gdb on the kernel:

---cut here
Script started on Thu Jan 16 08:55:06 2003
bash-2.05$ gdb netbsd.gdb
GNU gdb 5.0nb1
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "alpha-unknown-netbsd"...
(gdb) info line *0xfffffc00009ec71c
Line 255 of "/usr/src/sys/arch/alpha/alpha/db_interface.c"
   starts at address 0xfffffc00009ec710 <db_write_bytes+48>
   and ends at 0xfffffc00009ec72c <db_write_bytes+76>.
(gdb) disas db_write_bytes+48 db_write_bytes+76
Dump of assembler code from 0xfffffc00009ec710 to 0xfffffc00009ec72c:
0xfffffc00009ec710 <db_write_bytes+48>: mov     t2,t3
0xfffffc00009ec714 <db_write_bytes+52>: mov     t1,t4
0xfffffc00009ec718 <db_write_bytes+56>: ldbu    t5,0(t4)
0xfffffc00009ec71c <db_write_bytes+60>: stb     t5,0(t3)
0xfffffc00009ec720 <db_write_bytes+64>: addq    t1,0x1,t1
0xfffffc00009ec724 <db_write_bytes+68>: addq    t2,0x1,t2
0xfffffc00009ec728 <db_write_bytes+72>: 
    br  0xfffffc00009ec700 <db_write_bytes+32>
End of assembler dump.
(gdb) quit
---cut here

Line 255 of db_interface.c is:

		*dst++ = *data++;

first few lines of a "normal" dmesg in this machine are:

[ using 687152 bytes of netbsd ELF symbol table ]
consinit: not using prom console
Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002
    The NetBSD Foundation, Inc.  All rights reserved.
Copyright (c) 1982, 1986, 1989, 1991, 1993
    The Regents of the University of California.  All rights reserved.

NetBSD 1.6_STABLE (ALPHA-$Revision: $) #5: Wed Jan 15 08:31:54 UTC 200
Digital AlphaPC 164LX 599 MHz, s/n 
8192 byte page size, 1 processor.
total memory = 576 MB
(2136 KB reserved for PROM, 573 MB used by NetBSD)
avail memory = 522 MB
using 3685 buffers containing 29480 KB of memory
mainbus0 (root)
cpu0 at mainbus0: ID 0 (primary), 21164A-2
cpu0: VAX FP support, IEEE FP support, Primary Eligible
cpu0: Architecture extensions: 1<BWX>

Occurs randomly, but quite often in after some work in ddb. It happened
for example, on following occasions:
- entering ddb by pressing ctrl-alt-esc
- quitting ddb by typing c<Enter>
- hitting a breakpoint.

the pc value in the dmesg is always the same.