Re: How to contitnule this kind of kernel debug
Re: How to contitnule this kind of kernel debug
- Subject: Re: How to contitnule this kind of kernel debug
- From: "Brian Bechtel" <email@hidden>
- Date: Wed, 7 Jan 2009 08:57:12 -0800
On Wed, Jan 7, 2009 at 12:27 AM, searockcliff <email@hidden> wrote:
> Hi All,
> I meet one kernel panic.
> When I begin to debug the kernel, I cannot get the back trace.
> All the backtrace in panic log is about panic handling, except the 0x0
> instruction :
> 0x85666a18 : 0x0 (0xe 0xe9660048 0xefd10010 0xd8330010)
> I find one application's kernel_stack is wrong too.
> task vm_map ipc_space #acts pid proc command
> 0x0e58e770 0x0e5d1b40 0x0dc611cc 3 2528 0x0dfc7750 TESTAPP
> thread processor pri state wait_queue wait_event
> 0x0e5964f0 0x7c361000 31 R
> kernel_stack=0x85664000
> stacktop=0x00000000
> stackbottom=0xfffffff0
> Could anybody give some hint about how to continue my kernel debug?
> Thanks a lot!
dump the memory starting at the kernel_stack address and see if you
can manually decode stack frames. Something has destroyed your stack.
> Mon Jan 5 16:50:55 2009
> panic(cpu 0 caller 0x001A8CEC): Kernel trap at 0x00000000, type 14=page
> fault, registers:
> CR0: 0x8001003b, CR2: 0x7c794000, CR3: 0x00f3b000, CR4: 0x00000660
> EAX: 0x00000000, EBX: 0x0042ec54, ECX: 0x00000000, EDX: 0x0dd09b00
> CR2: 0x00000000, EBP: 0x00000000, ESI: 0x00000144, EDI: 0xffff0000
> EFL: 0x00010212, EIP: 0x00000000, CS: 0x00000008, DS: 0x8f900010
> Error code: 0x00000010
> Backtrace (CPU 0), Frame : Return Address (4 potential args on stack)
> 0x856668d8 : 0x12b0fa (0x459234 0x8566690c 0x133243 0x0)
> 0x85666928 : 0x1a8cec (0x4627a0 0x0 0xe 0x461f50)
> 0x85666a08 : 0x19eed5 (0x85666a20 0x75fdcf03 0x0 0x0)
> 0x85666a18 : 0x0 (0xe 0xe9660048 0xefd10010 0xd8330010)
> Backtrace terminated-invalid frame pointer 0
> BSD process name corresponding to current thread: SntlKeysSrvrmac
> Mac OS version:
> 9F33
> Kernel version:
> Darwin Kernel Version 9.5.0: Wed Sep 3 11:29:43 PDT 2008;
> root:xnu-1228.7.58~1/RELEASE_I386
> System model name: MacPro3,1 (Mac-F42C88C8)
Something has jumped to location zero. You should dump the memory for
the stack frames
x/256x 0x856668d8
and manually decode the stack frame instead. Frames usually begin at
0x???????8, and the first word is a pointer to the next frame. You
can also try repeatedly issuing an "x/a" command on the memory of the
stack and see if any symbols match, i.e. the last known good frame is
0x85666a18, so
x/a 0x85666a18
[return to repeat the command for the next address]
[return to repeat the command for the next address]
[return to repeat the command for the next address]
[return to repeat the command for the next address]
[return to repeat the command for the next address]
[return to repeat the command for the next address]
etc.
Good luck. A trashed stack can be very tedious to diagnose.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden