Still panicing...
Robin P. Blanchard
robin.blanchard at gactr.uga.edu
Wed May 19 10:03:44 PDT 2004
> Unfortunately this is missing the rest of the page fault
> panic messages including the 'trap 12' etc. Those messages
> include a line that says 'cs:eip = 0x8:0xblah', and we need
> the 0xblah part to work out where the page fault happened.
> Usually these bugs are a NULL pointer deref that can often be
> easily fixed if we can find out where it happened. Actually,
> though, the ip can be found from the tf_eip member of struct
> trapframe, which is 0xc05d1e69.
> Can you send the output of 'l *0xc05d1e69' from gdb on the
> same kernel.debug?
>
> --
> John Baldwin <jhb at FreeBSD.org> <><
> http://www.FreeBSD.org/~jhb/ "Power Users Use the Power to
> Serve" = http://www.FreeBSD.org
>
>
Sure...here we go:
# gdb -k /usr/obj/usr/src/sys/fbsd5.vpn/kernel.debug ./vmcore.11
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-undermydesk-freebsd"...
panic: page fault
panic messages:
---
---
#0 doadump () at /usr/src/sys/kern/kern_shutdown.c:236
236 dumping++;
(kgdb) bt full
#0 doadump () at /usr/src/sys/kern/kern_shutdown.c:236
No locals.
#1 0xc04cdb26 in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:370
No locals.
#2 0xc04cdf5c in __panic () at /usr/src/sys/kern/kern_shutdown.c:548
td = (struct thread *) 0xc1cef6e0
bootopt = 256
newpanic = 0
ap = 0xd1022b8c "\f?fÀ\001"
buf = "page fault", '\0' <repeats 245 times>
#3 0xc061e24c in trap_fatal (frame=0xd1022c30, eva=0) at
/usr/src/sys/i386/i386/trap.c:815
code = 16
type = 12
ss = 16
esp = 0
softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27, ssd_dpl
= 0, ssd_p = 1, ssd_xx = 13,
ssd_xx1 = 2, ssd_def32 = 1, ssd_gran = 1}
#4 0xc061ded2 in trap_pfault (frame=0xd1022c30, usermode=0, eva=3522064088)
at /usr/src/sys/i386/i386/trap.c:733
va = 3522060288
vm = (struct vmspace *) 0x0
map = 0x1
rv = 1
ftype = 1 '\001'
td = (struct thread *) 0xc1cef6e0
p = (struct proc *) 0xc1e5a528
#5 0xc061da8d in trap (frame=
{tf_fs = -1066860520, tf_es = -788398064, tf_ds = -1068630000, tf_edi =
-788386540, tf_esi = 4098, tf_ebp = -788386588, tf_isp = -788386724, tf_ebx =
-1041914584, tf_edx = 0, tf_ecx = -772903432, tf_eax = 536870912, tf_trapno =
12, tf_err = 0, tf_eip = -1067639191, tf_cs = 8, tf_eflags = 66066, tf_esp =
-1041914584, tf_ss = 2}) at /usr/src/sys/i386/i386/trap.c:420
td = (struct thread *) 0xc1cef6e0
p = (struct proc *) 0xc1e5a528
sticks = 2405433344
i = 0
ucode = 0
type = 12
code = 0
eva = 3522064088
#6 0xc05d1e69 in mmap (td=0xc1cef6e0, uap=0xd1022d14) at
/usr/src/sys/vm/vm_mmap.c:280
fp = (struct file *) 0x0
vp = (struct vnode *) 0x0
addr = 0
size = 69632
pageoff = 3163
prot = 54 '6'
maxprot = 0 '\0'
handle = (void *) 0xd1022d14
flags = 4098
error = -1041914584
pos = -4481373134027661312
vms = (struct vmspace *) 0xd1022cf8
#7 0xc061e630 in syscall (frame=
{tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = 0, tf_esi = 4096, tf_ebp
= -1077943656, tf_isp = -788386444, tf_ebx = 65536, tf_edx = 0, tf_ecx =
137734528, tf_eax = 198, tf_trapno = 12, tf_err = 2, tf_eip = 137101951,
tf_cs = 31, tf_eflags = 642, tf_esp = -1077943700, tf_ss = 47}) at
/usr/src/sys/i386/i386/trap.c:1004
params = 0xbfbfe278---Can't read userspace from dump, or kernel
process---
(kgdb) l *0xc05d1e69
0xc05d1e69 is in mmap (/usr/src/sys/vm/vm_mmap.c:280).
275 PROC_LOCK(td->td_proc);
276 if (addr == 0 ||
277 (addr >= round_page((vm_offset_t)vms->vm_taddr)
&&
278 addr < round_page((vm_offset_t)vms->vm_daddr +
279 lim_max(td->td_proc, RLIMIT_DATA))))
280 addr = round_page((vm_offset_t)vms->vm_daddr
+
281 lim_max(td->td_proc, RLIMIT_DATA));
282 PROC_UNLOCK(td->td_proc);
283 }
284 if (flags & MAP_ANON) {
(kgdb)
More information about the freebsd-current
mailing list