kernel panic maybe due to VM instability in 3.1R

Mon, 7 Jun 1999 18:27:29 -0700 (PDT) (envelope-from swjeong@bbs.kitel.co.kr) 

I am using FreeBSD-3.1-RELEASE
I met panic.
Panic occured at FIONREAD ioctl().
I found it was called at rdchk() at rbsb.c in lrzsz 0.12.16 packages.
Before panic, there was kernel warning message 
--- "b_to_q to a clist with no reserved cblocks".
Is it related ?
Following is gdb output for core dump.


  --------- gdb output --------

  # gdb -k /sys/compile/MYRI.19990430  vmcore.4
  GDB is free software and you are welcome to distribute copies of it
   under certain conditions; type "show copying" to see the conditions.
  There is absolutely no warranty for GDB; type "show warranty" for details.
  GDB 4.16 (i386-unknown-freebsd),
  Copyright 1996 Free Software Foundation, Inc...
  IdlePTD 3792896
  initial pcb at 2e598c
  panicstr: from debugger
  panic messages:
  ---
  Fatal trap 12: page fault while in kernel mode
  fault virtual address   = 0x5480345f
  fault code              = supervisor read, page not present
  instruction pointer     = 0x8:0xf016d01d
  stack pointer           = 0x10:0xfd69bec4
  frame pointer           = 0x10:0xfd69bf60
  code segment            = base 0x0, limit 0xfffff, type 0x1b
                          = DPL 0, pres 1, def32 1, gran 1
  processor eflags        = interrupt enabled, resume, IOPL = 0
  current process         = 69172 (IMP-lsz-0.12.16)
  interrupt mask          =
  panic: from debugger
  panic: from debugger

  dumping to dev 20401, offset 1572864
  dump 256 255 254 253 252 251 250 249 248  ...
  17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1
  ---
  #0  boot (howto=260) at ../../kern/kern_shutdown.c:285
  285                     dumppcb.pcb_cr3 = rcr3();
  (kgdb)  bt
  #0  boot (howto=260) at ../../kern/kern_shutdown.c:285
  #1  0xf016209d in panic (fmt=0xf0277128 "from debugger")
      at ../../kern/kern_shutdown.c:446
  #2  0xf012b3c5 in db_panic (addr=-266940387, have_addr=0, count=1,
      modif=0xfd69bd48 "") at ../../ddb/db_command.c:432
  #3  0xf012b365 in db_command (last_cmdp=0xf02b3920, cmd_table=0xf02b3780,
      aux_cmd_tablep=0xf02e317c) at ../../ddb/db_command.c:332
  #4  0xf012b42a in db_command_loop () at ../../ddb/db_command.c:454
  #5  0xf012d77b in db_trap (type=12, code=0) at ../../ddb/db_trap.c:71
  #6  0xf023f55e in kdb_trap (type=12, code=0, regs=0xfd69be88)
      at ../../i386/i386/db_interface.c:157
  #7  0xf02497d8 in trap_fatal (frame=0xfd69be88, eva=1417688159)
      at ../../i386/i386/trap.c:937
  #8  0xf02494b7 in trap_pfault (frame=0xfd69be88, usermode=0, eva=1417688159)
      at ../../i386/i386/trap.c:835
  #9  0xf02490ea in trap (frame={tf_es = -31850480, tf_ds = -43843568,
        tf_edi = 4, tf_esi = -238539008, tf_ebp = -43401376, tf_isp = -43401552,
        tf_ebx = -238632704, tf_edx = 0, tf_ecx = 1074030207,
        tf_eax = -238658276, tf_trapno = 12, tf_err = 0, tf_eip = -266940387,
        tf_cs = 8, tf_eflags = 66050, tf_esp = -43804224, tf_ss = -265588232})
      at ../../i386/i386/trap.c:437
  #10 0xf016d01d in ioctl (p=0xfd6399c0, uap=0xfd69bf94)
      at ../../kern/sys_generic.c:445
  #11 0xf0249a47 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = -272639696,
        tf_esi = 84992, tf_ebp = -272642208, tf_isp = -43401244, tf_ebx = 105,
        tf_edx = 85380, tf_ecx = 38099, tf_eax = 54, tf_trapno = 7, tf_err = 7,
        tf_eip = 537363601, tf_cs = 31, tf_eflags = 646, tf_esp = -272642224,
        tf_ss = 39}) at ../../i386/i386/trap.c:1100
  #12 0x20078491 in ?? ()
  #13 0x7193 in ?? ()
  #14 0x69f7 in ?? ()
  #15 0x49bd in ?? ()
  #16 0x4450 in ?? ()
  #17 0x3afe in ?? ()
  #18 0x38f8 in ?? ()
  #19 0x1095 in ?? ()
  (kgdb) up 10
  #10 0xf016d01d in ioctl (p=0xfd6399c0, uap=0xfd69bf94)
      at ../../kern/sys_generic.c:445
  445             } else if ((com&IOC_OUT) && size)
  (kgdb) l ioctl
  389     /* ARGSUSED */
  390     int
  391     ioctl(p, uap)
  392             struct proc *p;
  393             register struct ioctl_args *uap;
  394     {
  395             register struct file *fp;
  396             register struct filedesc *fdp;
  397             register u_long com;
  398             int error;
  (kgdb) p  *uap
  $1 = {Segmentation fault (core dumped)
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (gdb paniced here)

(kgdb) up
  #11 0xf0249a47 in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi = -272639696,
        tf_esi = 84992, tf_ebp = -272642208, tf_isp = -43401244, tf_ebx = 105,
        tf_edx = 85380, tf_ecx = 38099, tf_eax = 54, tf_trapno = 7, tf_err = 7,
        tf_eip = 537363601, tf_cs = 31, tf_eflags = 646, tf_esp = -272642224,
        tf_ss = 39}) at ../../i386/i386/trap.c:1100
  1100            error = (*callp->sy_call)(p, args);
  (kgdb) l syscall
  ...
  1032    void
  1033    syscall(frame)
  1034            struct trapframe frame;
  1035    {
  1036            caddr_t params;
  1037            int i;
  ...
    1083            if (params && (i = callp->sy_narg * sizeof(int)) &&
  1084                (error = copyin(params, (caddr_t)args, (u_int)i))) {
  ...
  1089                    goto bad;
  (kgdb) l
  1090            }
  ....
  1095            p->p_retval[0] = 0;
  1096            p->p_retval[1] = frame.tf_edx;
  1097
  1098            STOPEVENT(p, S_SCE, callp->sy_narg);
  1099
  (kgdb) l
  1100            error = (*callp->sy_call)(p, args);
  1101
  ...
  (kgdb) i
  No symbol "i" in current context.
  (kgdb) 

  ---------- end of gdb output ---------

  What's the reason of the panic ?
  VM problem ?


To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message

Reply via email to