kernel trap 19 with interrupts disabled: system hang
Don Bowman
don at sandvine.com
Sun Jun 13 16:01:56 GMT 2004
From: Don Bowman
> It trapped again, and i've got it in db this time.
> 3 are in sched_switch, and one is in
> smp_tlb_shootdown
>
... and here it is with line numbers. This is from
cvs as of june 10.
(kgdb) bt
#0 doadump () at /usr/src/sys/kern/kern_shutdown.c:236
#1 0xc04509f6 in db_fncall (dummy1=0, dummy2=0, dummy3=-1066661999,
dummy4=0xeec7da80 "´ÚÇî\001") at /usr/src/sys/ddb/db_command.c:551
#2 0xc0450804 in db_command (last_cmdp=0xc0733940, cmd_table=0x0,
aux_cmd_tablep=0xc06f7924, aux_cmd_tablep_end=0xc06f793c)
at /usr/src/sys/ddb/db_command.c:348
#3 0xc04508dc in db_command_loop () at /usr/src/sys/ddb/db_command.c:475
#4 0xc0453075 in db_trap (type=19, code=0) at /usr/src/sys/ddb/db_trap.c:73
#5 0xc0682557 in kdb_trap (type=19, code=0, regs=0xeec7dbb0)
at /usr/src/sys/i386/i386/db_interface.c:226
#6 0xc0694ed5 in trap (frame=
{tf_fs = 24, tf_es = 786448, tf_ds = 16, tf_edi = -413478912, tf_esi =
-1065886336, tf_ebp = -288891916, tf_isp = -288891940, tf_ebx = 3, tf_edx =
0, tf_ecx = 786678, tf_eax = 2, tf_trapno = 19, tf_err = 0, tf_eip =
-1066868634, tf_cs = 8, tf_eflags = 151, tf_esp = -413347840, tf_ss =
-288891896})
at /usr/src/sys/i386/i386/trap.c:606
#7 0xc068e066 in smp_tlb_shootdown (vector=246, addr1=0, addr2=0)
at machine/cpufunc.h:305
#8 0xc068e1d0 in smp_invlpg_range (addr1=3881488384, addr2=3881619456)
at /usr/src/sys/i386/i386/mp_machdep.c:1030
#9 0xc0690643 in pmap_invalidate_range (pmap=0xc077dd80, sva=3881488384,
eva=3881619456) at /usr/src/sys/i386/i386/pmap.c:640
#10 0xc0690c25 in pmap_qremove (sva=3881488384, count=0)
at /usr/src/sys/i386/i386/pmap.c:976
#11 0xc058acdb in cluster_callback (bp=0xde54c3e8)
at /usr/src/sys/kern/vfs_cluster.c:534
#12 0xc058719f in bufdone (bp=0xde54c3e8) at
/usr/src/sys/kern/vfs_bio.c:3141
#13 0xc0586ffb in bufdonebio (bp=0x0) at /usr/src/sys/kern/vfs_bio.c:3071
#14 0xc0586e56 in biodone (bp=0xde54c3e8) at
/usr/src/sys/kern/vfs_bio.c:2995
#15 0xc051354b in g_dev_done (bp2=0xca646660)
at /usr/src/sys/geom/geom_dev.c:360
#16 0xc0586e56 in biodone (bp=0xca646660) at
/usr/src/sys/kern/vfs_bio.c:2995
#17 0xc0515472 in g_io_schedule_up (tp=0xc54ab930)
at /usr/src/sys/geom/geom_io.c:405
#18 0xc05156b6 in g_up_procbody () at /usr/src/sys/geom/geom_kern.c:92
#19 0xc0531a7d in fork_exit (callout=0xc051569c <g_up_procbody>, arg=0x0,
frame=0xeec7dd48) at /usr/src/sys/kern/kern_fork.c:816
(kgdb) up 8
#8 0xc068e1d0 in smp_invlpg_range (addr1=3881488384, addr2=3881619456)
at /usr/src/sys/i386/i386/mp_machdep.c:1030
1030 smp_tlb_shootdown(IPI_INVLRNG, addr1, addr2);
(kgdb) p/x addr1
$1 = 0xe75ad000
(kgdb) p/x addr2
$2 = 0xe75cd000
(kgdb) l
1025
1026 void
1027 smp_invlpg_range(vm_offset_t addr1, vm_offset_t addr2)
1028 {
1029 if (smp_started) {
1030 smp_tlb_shootdown(IPI_INVLRNG, addr1, addr2);
1031 #ifdef COUNT_XINVLTLB_HITS
1032 ipi_range++;
1033 ipi_range_size += (addr2 - addr1) / PAGE_SIZE;
1034 #endif
(kgdb) p smp_started
$3 = 1
(kgdb) up
#9 0xc0690643 in pmap_invalidate_range (pmap=0xc077dd80, sva=3881488384,
eva=3881619456) at /usr/src/sys/i386/i386/pmap.c:640
640 smp_invlpg_range(sva, eva);
(kgdb) p/x sva
$4 = 0xe75ad000
(kgdb) p/x eva
$5 = 0xe75cd000
(kgdb) l
635 * XXX critical sections disable interrupts again
636 */
637 if (pmap == kernel_pmap || pmap->pm_active == all_cpus) {
638 for (addr = sva; addr < eva; addr += PAGE_SIZE)
639 invlpg(addr);
640 smp_invlpg_range(sva, eva);
641 } else {
642 cpumask = PCPU_GET(cpumask);
643 other_cpus = PCPU_GET(other_cpus);
644 if (pmap->pm_active & cpumask)
(kgdb) p pmap
$6 = 0xc077dd80
(kgdb) p kernel_pmap
No symbol "kernel_pmap" in current context.
(kgdb) p/x pmap->pm_active
$7 = 4294967295
(kgdb) p/x pmap->pm_active
$8 = 0xffffffff
(kgdb) p all_cpus
$9 = 15
(kgdb) p kernel_pmap
No symbol "kernel_pmap" in current context.
(kgdb) p &kernel_pmap_sture
No symbol "kernel_pmap_sture" in current context.
(kgdb) p &kernel_pmap_store
$10 = (struct pmap *) 0xc077dd80
(kgdb) p *m /x *pmap
$11 = {pm_pdir = 0xc0c1e000, pm_pvlist = {tqh_first = 0xe92c7498,
tqh_last = 0xe93539b0}, pm_active = 0xffffffff, pm_stats = {
resident_count = 0x574c, wired_count = 0x5748}, pm_list = {le_next =
0x0,
le_prev = 0xc074c278}}
(kgdb) up
#10 0xc0690c25 in pmap_qremove (sva=3881488384, count=0)
at /usr/src/sys/i386/i386/pmap.c:976
976 pmap_invalidate_range(kernel_pmap, sva, va);
(kgdb) l
971 va = sva;
972 while (count-- > 0) {
973 pmap_kremove(va);
974 va += PAGE_SIZE;
975 }
976 pmap_invalidate_range(kernel_pmap, sva, va);
977 }
978
979 /***************************************************
980 * Page table page management routines.....
(kgdb) p/x va
$12 = 0x0
(kgdb) p/x sva
$13 = 0xe75ad000
(kgdb) p/x count
$14 = 0x0
(kgdb) up
#11 0xc058acdb in cluster_callback (bp=0xde54c3e8)
at /usr/src/sys/kern/vfs_cluster.c:534
534 pmap_qremove(trunc_page((vm_offset_t) bp->b_data),
bp->b_npages);
(kgdb) l
529 * Must propogate errors to all the components.
530 */
531 if (bp->b_ioflags & BIO_ERROR)
532 error = bp->b_error;
533
534 pmap_qremove(trunc_page((vm_offset_t) bp->b_data),
bp->b_npages);
535 /*
536 * Move memory from the large cluster buffer into the
component
537 * buffers and mark IO as done on these.
538 */
(kgdb) p bp->b_npages
$15 = 32
(kgdb) p /x bp->b_data
There is no member named b_data.
(kgdb) p/x *bp
$16 = {b_io = {bio_cmd = 0x2, bio_dev = 0xc5982d00, bio_disk = 0x0,
bio_offset = 0x5ffa74000, bio_bcount = 0x20000, bio_data = 0xe75ad000,
bio_flags = 0x4, bio_error = 0x0, bio_resid = 0x0, bio_done =
0xc0586fbc,
bio_driver1 = 0x0, bio_driver2 = 0x0, bio_caller1 = 0x0,
bio_caller2 = 0xde54c3e8, bio_queue = {tqe_next = 0x0, tqe_prev = 0x0},
bio_attribute = 0x0, bio_from = 0x0, bio_to = 0x0, bio_length = 0x0,
bio_completed = 0x0, bio_children = 0x2ce7, bio_inbed = 0x0,
bio_parent = 0x0, bio_t0 = {sec = 0x0, frac = 0x0}, bio_task = 0x0,
bio_task_arg = 0x0, bio_pblkno = 0x0}, b_op = 0xc071a588,
b_magic = 0x10b10b10, b_iodone = 0x0, b_blkno = 0x2ffd3a0,
b_offset = 0xbc0000, b_vnbufs = {tqe_next = 0x0, tqe_prev = 0x0},
b_left = 0x0, b_right = 0x0, b_vflags = 0x0, b_freelist = {
tqe_next = 0xde54bec0, tqe_prev = 0xc0764bec}, b_qindex = 0x0,
b_flags = 0x64000224, b_xflags = 0x0, b_lock = {lk_interlock = 0xc075032c,
lk_flags = 0x400, lk_sharecount = 0x0, lk_waitcount = 0x0,
lk_exclusivecount = 0x1, lk_prio = 0x50, lk_wmesg = 0xc06e0fd3,
lk_timo = 0x0, lk_lockholder = 0xfffffffe, lk_newlock = 0x0},
b_bufsize = 0x20000, b_runningbufspace = 0x0, b_kvabase = 0xe75ad000,
b_kvasize = 0x20000, b_lblkno = 0x2f0, b_vp = 0xc80e2924,
b_object = 0xc89ea294, b_dirtyoff = 0x0, b_dirtyend = 0x20000,
b_rcred = 0x0, b_wcred = 0x0, b_saveaddr = 0xe75ad000, b_pager = {
pg_reqpage = 0x0}, b_cluster = {cluster_head = {tqh_first = 0xde84a298,
tqh_last = 0xde7b91b8}, cluster_entry = {tqe_next = 0xde84a298,
tqe_prev = 0xde7b91b8}}, b_pages = {0xc46ecb58, 0xc10db4a0,
0xc3278fe8,
0xc504a230, 0xc2f30a78, 0xc3fba9c0, 0xc1fd3208, 0xc14cfe50, 0xc2ec9c98,
0xc195f1e0, 0xc3c94128, 0xc1769f70, 0xc4352fb8, 0xc4ec0900, 0xc4252848,
0xc31ad090, 0xc18549d8, 0xc2363b20, 0xc24f1668, 0xc347f5b0, 0xc2136df8,
0xc2d19740, 0xc363a188, 0xc4f4d5d0, 0xc34f1a18, 0xc3756c60, 0xc1c2dba8,
0xc2bc02f0, 0xc4518a38, 0xc51abd80, 0xc1a0b9c8, 0xc18cc210},
b_npages = 0x20, b_dep = {lh_first = 0x0}}
(kgdb) up
#12 0xc058719f in bufdone (bp=0xde54c3e8) at
/usr/src/sys/kern/vfs_bio.c:3141
3141 (*biodone) (bp);
(kgdb) l
3136
3137 /* call optional completion function if requested */
3138 if (bp->b_iodone != NULL) {
3139 biodone = bp->b_iodone;
3140 bp->b_iodone = NULL;
3141 (*biodone) (bp);
3142 splx(s);
3143 return;
3144 }
3145 if (LIST_FIRST(&bp->b_dep) != NULL)
(kgdb) p/x *bp
$17 = {b_io = {bio_cmd = 0x2, bio_dev = 0xc5982d00, bio_disk = 0x0,
bio_offset = 0x5ffa74000, bio_bcount = 0x20000, bio_data = 0xe75ad000,
bio_flags = 0x4, bio_error = 0x0, bio_resid = 0x0, bio_done =
0xc0586fbc,
bio_driver1 = 0x0, bio_driver2 = 0x0, bio_caller1 = 0x0,
bio_caller2 = 0xde54c3e8, bio_queue = {tqe_next = 0x0, tqe_prev = 0x0},
bio_attribute = 0x0, bio_from = 0x0, bio_to = 0x0, bio_length = 0x0,
bio_completed = 0x0, bio_children = 0x2ce7, bio_inbed = 0x0,
bio_parent = 0x0, bio_t0 = {sec = 0x0, frac = 0x0}, bio_task = 0x0,
bio_task_arg = 0x0, bio_pblkno = 0x0}, b_op = 0xc071a588,
b_magic = 0x10b10b10, b_iodone = 0x0, b_blkno = 0x2ffd3a0,
b_offset = 0xbc0000, b_vnbufs = {tqe_next = 0x0, tqe_prev = 0x0},
b_left = 0x0, b_right = 0x0, b_vflags = 0x0, b_freelist = {
tqe_next = 0xde54bec0, tqe_prev = 0xc0764bec}, b_qindex = 0x0,
b_flags = 0x64000224, b_xflags = 0x0, b_lock = {lk_interlock = 0xc075032c,
lk_flags = 0x400, lk_sharecount = 0x0, lk_waitcount = 0x0,
lk_exclusivecount = 0x1, lk_prio = 0x50, lk_wmesg = 0xc06e0fd3,
lk_timo = 0x0, lk_lockholder = 0xfffffffe, lk_newlock = 0x0},
b_bufsize = 0x20000, b_runningbufspace = 0x0, b_kvabase = 0xe75ad000,
b_kvasize = 0x20000, b_lblkno = 0x2f0, b_vp = 0xc80e2924,
b_object = 0xc89ea294, b_dirtyoff = 0x0, b_dirtyend = 0x20000,
b_rcred = 0x0, b_wcred = 0x0, b_saveaddr = 0xe75ad000, b_pager = {
pg_reqpage = 0x0}, b_cluster = {cluster_head = {tqh_first = 0xde84a298,
tqh_last = 0xde7b91b8}, cluster_entry = {tqe_next = 0xde84a298,
tqe_prev = 0xde7b91b8}}, b_pages = {0xc46ecb58, 0xc10db4a0,
0xc3278fe8,
0xc504a230, 0xc2f30a78, 0xc3fba9c0, 0xc1fd3208, 0xc14cfe50, 0xc2ec9c98,
0xc195f1e0, 0xc3c94128, 0xc1769f70, 0xc4352fb8, 0xc4ec0900, 0xc4252848,
0xc31ad090, 0xc18549d8, 0xc2363b20, 0xc24f1668, 0xc347f5b0, 0xc2136df8,
0xc2d19740, 0xc363a188, 0xc4f4d5d0, 0xc34f1a18, 0xc3756c60, 0xc1c2dba8,
0xc2bc02f0, 0xc4518a38, 0xc51abd80, 0xc1a0b9c8, 0xc18cc210},
b_npages = 0x20, b_dep = {lh_first = 0x0}}
(kgdb) p s
No symbol "s" in current context.
(kgdb) l
3146 buf_complete(bp);
3147
3148 if (bp->b_flags & B_VMIO) {
3149 int i;
3150 vm_ooffset_t foff;
3151 vm_page_t m;
3152 vm_object_t obj;
3153 int iosize;
3154 struct vnode *vp = bp->b_vp;
3155
(kgdb) disass splbio
No symbol "splbio" in current context.
(kgdb) p biodone
$18 = (void (*)(struct buf *)) 0
(kgdb) up
#13 0xc0586ffb in bufdonebio (bp=0x0) at /usr/src/sys/kern/vfs_bio.c:3071
3071 bufdone(bp->bio_caller2);
(kgdb) l
3066 bufdonebio(struct bio *bp)
3067 {
3068
3069 /* Device drivers may or may not hold giant, hold it here.
*/
3070 mtx_lock(&Giant);
3071 bufdone(bp->bio_caller2);
3072 mtx_unlock(&Giant);
3073 }
3074
3075 void
(kgdb) p bp->biocol aller2
There is no member named biocaller2.
(kgdb) p bp->biio o_caller2
---Can't read userspace from dump, or kernel process---
(kgdb) up
#14 0xc0586e56 in biodone (bp=0xde54c3e8) at
/usr/src/sys/kern/vfs_bio.c:2995
2995 bp->bio_done(bp);
(kgdb) l
2990 bp->bio_flags |= BIO_DONE;
2991 if (bp->bio_done == NULL)
2992 wakeup(bp);
2993 mtx_unlock(&bdonelock);
2994 if (bp->bio_done != NULL)
2995 bp->bio_done(bp);
2996 }
2997
2998 /*
2999 * Wait for a BIO to finish.
(kgdb) up
#15 0xc051354b in g_dev_done (bp2=0xca646660)
at /usr/src/sys/geom/geom_dev.c:360
360 biodone(bp);
(kgdb) l
355 g_trace(G_T_BIO, "g_dev_done(%p/%p) resid %ld
completed %jd",
356 bp2, bp, bp->bio_resid,
(intmax_t)bp2->bio_completed);
357 }
358 bp->bio_resid = bp->bio_bcount - bp2->bio_completed;
359 g_destroy_bio(bp2);
360 biodone(bp);
361 }
362
363 static void
364 g_dev_strategy(struct bio *bp)
(kgdb) p bp2
$19 = (struct bio *) 0xca646660
(kgdb) p/x *bp2
$20 = {bio_cmd = 0x2, bio_dev = 0x0, bio_disk = 0x0, bio_offset =
0x5ffa74000,
bio_bcount = 0x20000, bio_data = 0xe75ad000, bio_flags = 0x4,
bio_error = 0x0, bio_resid = 0x0, bio_done = 0xc05134f0, bio_driver1 =
0x0,
bio_driver2 = 0x0, bio_caller1 = 0x0, bio_caller2 = 0x0, bio_queue = {
tqe_next = 0x0, tqe_prev = 0xc074bc00}, bio_attribute = 0x0,
bio_from = 0xc55edf00, bio_to = 0xc59c9400, bio_length = 0x20000,
bio_completed = 0x20000, bio_children = 0x1, bio_inbed = 0x1,
bio_parent = 0xde54c3e8, bio_t0 = {sec = 0x7e6f, frac =
0xb57a45f62e0379c0},
bio_task = 0x0, bio_task_arg = 0x0, bio_pblkno = 0x0}
(kgdb) p/x *bp
$21 = {bio_cmd = 0x2, bio_dev = 0xc5982d00, bio_disk = 0x0,
bio_offset = 0x5ffa74000, bio_bcount = 0x20000, bio_data = 0xe75ad000,
bio_flags = 0x4, bio_error = 0x0, bio_resid = 0x0, bio_done = 0xc0586fbc,
bio_driver1 = 0x0, bio_driver2 = 0x0, bio_caller1 = 0x0,
bio_caller2 = 0xde54c3e8, bio_queue = {tqe_next = 0x0, tqe_prev = 0x0},
bio_attribute = 0x0, bio_from = 0x0, bio_to = 0x0, bio_length = 0x0,
bio_completed = 0x0, bio_children = 0x2ce7, bio_inbed = 0x0,
bio_parent = 0x0, bio_t0 = {sec = 0x0, frac = 0x0}, bio_task = 0x0,
bio_task_arg = 0x0, bio_pblkno = 0x0}
(kgdb) p/x bp2->bio_completed
$22 = 0x20000
(kgdb) up
#16 0xc0586e56 in biodone (bp=0xca646660) at
/usr/src/sys/kern/vfs_bio.c:2995
2995 bp->bio_done(bp);
(kgdb) l
2990 bp->bio_flags |= BIO_DONE;
2991 if (bp->bio_done == NULL)
2992 wakeup(bp);
2993 mtx_unlock(&bdonelock);
2994 if (bp->bio_done != NULL)
2995 bp->bio_done(bp);
2996 }
2997
2998 /*
2999 * Wait for a BIO to finish.
(kgdb) up
#17 0xc0515472 in g_io_schedule_up (tp=0xc54ab930)
at /usr/src/sys/geom/geom_io.c:405
405 biodone(bp);
(kgdb) l
400 }
401 bp = g_bioq_first(&g_bio_run_up);
402 if (bp != NULL) {
403 g_bioq_unlock(&g_bio_run_up);
404 mtx_lock(&mymutex);
405 biodone(bp);
406 mtx_unlock(&mymutex);
407 continue;
408 }
409 msleep(&g_wait_up, &g_bio_run_up.bio_queue_lock,
(kgdb) up
#18 0xc05156b6 in g_up_procbody () at /usr/src/sys/geom/geom_kern.c:92
92 g_io_schedule_up(tp);
(kgdb) l
87 struct thread *tp = FIRST_THREAD_IN_PROC(p);
88
89 mtx_assert(&Giant, MA_NOTOWNED);
90 tp->td_base_pri = PRIBIO;
91 for(;;) {
92 g_io_schedule_up(tp);
93 }
94 }
95
96 struct kproc_desc g_up_kp = {
(kgdb) up p/x *tp
$23 = {td_proc = 0xc54d6a50, td_ksegrp = 0xc54d7000, td_plist = {
tqe_next = 0x0, tqe_prev = 0xc54d6a60}, td_kglist = {tqe_next = 0x0,
tqe_prev = 0xc54d701c}, td_slpq = {tqe_next = 0x0, tqe_prev =
0xeeca2c1c},
td_lockq = {tqe_next = 0x0, tqe_prev = 0xf5413b90}, td_runq = {
tqe_next = 0x0, tqe_prev = 0x0}, td_selq = {tqh_first = 0x0,
tqh_last = 0x0}, td_sleepqueue = 0xc542a4e0, td_turnstile = 0xc5552280,
td_tid = 0x3, td_flags = 0x0, td_inhibitors = 0x0, td_pflags = 0x0,
td_last_kse = 0xc5458820, td_kse = 0xc5458820, td_dupfd = 0x0,
td_wchan = 0x0, td_wmesg = 0x0, td_lastcpu = 0x0, td_oncpu = 0x0,
td_locks = 0x0, td_blocked = 0x0, td_ithd = 0x0, td_lockname = 0x0,
td_contested = {lh_first = 0x0}, td_sleeplocks = 0x0,
td_intr_nesting_level = 0x0, td_pinned = 0x0, td_mailbox = 0x0,
td_ucred = 0xc53d5180, td_standin = 0x0, td_prticks = 0x0, td_upcall =
0x0,
td_sticks = 0x4383, td_uuticks = 0x0, td_usticks = 0x0, td_intrval = 0x0,
td_oldsigmask = {__bits = {0x0, 0x0, 0x0, 0x0}}, td_sigmask = {__bits = {
0x0, 0x0, 0x0, 0x0}}, td_siglist = {__bits = {0x0, 0x0, 0x0, 0x0}},
td_waitset = 0x0, td_umtx = {tqe_next = 0x0, tqe_prev = 0x0},
td_generation = 0x6a92b5, td_sigstk = {ss_sp = 0x0, ss_size = 0x0,
ss_flags = 0x0}, td_kflags = 0x0, td_base_pri = 0x4c, td_priority =
0x4c,
td_pcb = 0xeec7dda0, td_state = 0x4, td_retval = {0x0, 0x0},
td_slpcallout = {c_links = {sle = {sle_next = 0x0}, tqe = {tqe_next = 0x0,
tqe_prev = 0xde4b3908}}, c_time = 0x1ee0045, c_arg = 0xc54ab930,
c_func = 0x0, c_flags = 0x8}, td_frame = 0xeec7dd48,
td_kstack_obj = 0xc104318c, td_kstack = 0xeec7c000, td_kstack_pages = 0x2,
td_altkstack_obj = 0x0, td_altkstack = 0x0, td_altkstack_pages = 0x0,
td_critnest = 0x1, td_md = {md_savecrit = 0x246}, td_sched = 0xc54aba80}
(kgdb) up
#19 0xc0531a7d in fork_exit (callout=0xc051569c <g_up_procbody>, arg=0x0,
frame=0xeec7dd48) at /usr/src/sys/kern/kern_fork.c:816
816 callout(arg, frame);
(kgdb) p/x *arg
Attempt to dereference a generic pointer.
(kgdb) p arg
$24 = (void *) 0x0
(kgdb) p frame
$25 = (struct trapframe *) 0xeec7dd48
(kgdb) p/x *frame
$26 = {tf_fs = 0x0, tf_es = 0x0, tf_ds = 0x0, tf_edi = 0x0, tf_esi = 0x0,
tf_ebp = 0x0, tf_isp = 0x0, tf_ebx = 0x0, tf_edx = 0x1, tf_ecx = 0x0,
tf_eax = 0x0, tf_trapno = 0x0, tf_err = 0x0, tf_eip = 0x0, tf_cs = 0x0,
tf_eflags = 0x0, tf_esp = 0x0, tf_ss = 0x0}
(kgdb) up
Initial frame selected; you cannot go up.
(kgdb) bt
#0 doadump () at /usr/src/sys/kern/kern_shutdown.c:236
#1 0xc04509f6 in db_fncall (dummy1=0, dummy2=0, dummy3=-1066661999,
dummy4=0xeec7da80 "´ÚÇî\001") at /usr/src/sys/ddb/db_command.c:551
#2 0xc0450804 in db_command (last_cmdp=0xc0733940, cmd_table=0x0,
aux_cmd_tablep=0xc06f7924, aux_cmd_tablep_end=0xc06f793c)
at /usr/src/sys/ddb/db_command.c:348
#3 0xc04508dc in db_command_loop () at /usr/src/sys/ddb/db_command.c:475
#4 0xc0453075 in db_trap (type=19, code=0) at /usr/src/sys/ddb/db_trap.c:73
#5 0xc0682557 in kdb_trap (type=19, code=0, regs=0xeec7dbb0)
at /usr/src/sys/i386/i386/db_interface.c:226
#6 0xc0694ed5 in trap (frame=
{tf_fs = 24, tf_es = 786448, tf_ds = 16, tf_edi = -413478912, tf_esi =
-1065886336, tf_ebp = -288891916, tf_isp = -288891940, tf_ebx = 3, tf_edx =
0, tf_ecx = 786678, tf_eax = 2, tf_trapno = 19, tf_err = 0, tf_eip =
-1066868634, tf_cs = 8, tf_eflags = 151, tf_esp = -413347840, tf_ss =
-288891896})
at /usr/src/sys/i386/i386/trap.c:606
#7 0xc068e066 in smp_tlb_shootdown (vector=246, addr1=0, addr2=0)
at machine/cpufunc.h:305
#8 0xc068e1d0 in smp_invlpg_range (addr1=3881488384, addr2=3881619456)
at /usr/src/sys/i386/i386/mp_machdep.c:1030
#9 0xc0690643 in pmap_invalidate_range (pmap=0xc077dd80, sva=3881488384,
eva=3881619456) at /usr/src/sys/i386/i386/pmap.c:640
#10 0xc0690c25 in pmap_qremove (sva=3881488384, count=0)
at /usr/src/sys/i386/i386/pmap.c:976
#11 0xc058acdb in cluster_callback (bp=0xde54c3e8)
at /usr/src/sys/kern/vfs_cluster.c:534
#12 0xc058719f in bufdone (bp=0xde54c3e8) at
/usr/src/sys/kern/vfs_bio.c:3141
#13 0xc0586ffb in bufdonebio (bp=0x0) at /usr/src/sys/kern/vfs_bio.c:3071
#14 0xc0586e56 in biodone (bp=0xde54c3e8) at
/usr/src/sys/kern/vfs_bio.c:2995
#15 0xc051354b in g_dev_done (bp2=0xca646660)
at /usr/src/sys/geom/geom_dev.c:360
#16 0xc0586e56 in biodone (bp=0xca646660) at
/usr/src/sys/kern/vfs_bio.c:2995
#17 0xc0515472 in g_io_schedule_up (tp=0xc54ab930)
at /usr/src/sys/geom/geom_io.c:405
#18 0xc05156b6 in g_up_procbody () at /usr/src/sys/geom/geom_kern.c:92
#19 0xc0531a7d in fork_exit (callout=0xc051569c <g_up_procbody>, arg=0x0,
frame=0xeec7dd48) at /usr/src/sys/kern/kern_fork.c:816
(kgdb) quit
More information about the freebsd-current
mailing list