netbsd-bugs: Re: port-i386/6337: fatal page fault in supervisor mode

Subject: Re: port-i386/6337: fatal page fault in supervisor mode
To: Chris G. Demetriou <cgd@netbsd.org>
From: Dave Tyson <Dave.Tyson@liverpool.ac.uk>
List: netbsd-bugs
Date: 10/21/1998 10:28:10
On 20 Oct 1998, Chris G. Demetriou wrote:

>George Navas <navas@bayarea.net> writes:
>> >Number:         6337
>> >Category:       port-i386
>> >Synopsis:       trap type 6 code 0 eip f0142a6c cs 8 eflags 10206 cr2 14 cpl 0
>> >Confidential:   no
>> [ ... ]
>> #3  0xf02148fa in trap (frame={tf_es = -251592688, tf_ds = -258408432, 
>>       tf_edi = -252049152, tf_esi = -251997696, tf_ebp = -37675252, 
>>       tf_ebx = -252536064, tf_edx = 0, tf_ecx = 0, tf_eax = 2147483647, 
>>       tf_trapno = 6, tf_err = 0, tf_eip = -267113876, tf_cs = 8, 
>>       tf_eflags = 66054, tf_esp = 11, tf_ss = -251997696, tf_vm86_es = 11, 
>>       tf_vm86_ds = -266314792, tf_vm86_fs = -264904704, 
>>       tf_vm86_gs = -37675512}) at ../../../../arch/i386/i386/trap.c:238
>
>Alas, this trace doesn't say where the bug is occurring, only the
>trace after the trap.
>
>Do you have a kernel cmpiled with debugging symbols?  Can you gdb that
>kernel, then say "list *0xf0142a6c" (the eip where the fault
>happened)?
>
>If no kernel with debug symbols, can you "disass 0xf0142a6c" and reply
>with the result?
>
>please reply to this message (with all cc's) so that it gets appended
>to the PR.
>

I have been having the same problem on similar hardware. I built a
kernel with a symbol table and loaded it a while ago. Its taken a 
while to break, but it did so last night. The break is just like
all the others we have had. The crash info is below, I'll hang onto
the dump so I can answer questions :-). 

NetBSD 1.3.2 (WEBCACHE) #5: Mon Oct 12 10:15:52 BST 1998
    root@webcache2:/usr/src/sys/arch/i386/compile/WEBCACHE

fatal page fault in supervisor mode
trap type 6 code 0 eip f0180a14 cs 8 eflags 10282 cr2 deadbef7 cpl c0000000
panic: trap
syncing disks... 230 230 135 37 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 giving up

#gdb netbsd.gdb
GDB is free software and you are welcome to distribute copies of it
 under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for details.
GDB 4.16 (i386-netbsd), Copyright 1996 Free Software Foundation, Inc...
(gdb) target kcore netbsd.2.core
panic: trap
#0  0x6 in ?? ()
(gdb) where
#0  0x6 in ?? ()
#1  0xf01e7907 in cpu_reboot (howto=256, bootstr=0x0)
    at ../../../../arch/i386/i386/machdep.c:1162
#2  0xf013c515 in panic (fmt=0xf01edfbe "trap")
    at ../../../../kern/subr_prf.c:150
#3  0xf01ee1ea in trap (frame={tf_es = -251265008, tf_ds = -55246832, 
      tf_edi = -251247168, tf_esi = -251154944, tf_ebp = -55231788, 
      tf_ebx = -559038737, tf_edx = 348207130, tf_ecx = -55648224, 
      tf_eax = -907245867, tf_trapno = 6, tf_err = 0, tf_eip = -266860012, 
      tf_cs = 8, tf_eflags = 66178, tf_esp = -17295, tf_ss = -251154944, 
      tf_vm86_es = 40, tf_vm86_ds = -251154944, tf_vm86_fs = -250996992, 
      tf_vm86_gs = -251245408}) at ../../../../arch/i386/i386/trap.c:239
(gdb) list *0xf0180a14
0xf0180a14 is in tcp_reass (../../../../netinet/tcp_input.c:188).
../../../../netinet/tcp_input.c:183: No such file or directory.
(gdb) quit





--
=====================================================================
Dave Tyson			Phone: 0151-794-3731
Computing Services Dept         Fax:   0151-794-3759
The University of Liverpool     Email: dtyson@liv.ac.uk	
Chadwick Building		Web:   http://www.liv.ac.uk/~dtyson 
Peach Street			
Liverpool  L69 7ZF		Why not use a real OS like NetBSD ?
United Kingdom                 
=====================================================================