Date: Sun, 7 Jan 2007 14:03:41 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: "Marc G. Fournier" <scrappy@freebsd.org> Cc: freebsd-stable@freebsd.org, jhb@FreeBSD.org Subject: Re: Fatal trap 12: page fault while in kernel mode Message-ID: <20070107140119.M46119@fledge.watson.org> In-Reply-To: <8FF1D577DF1087259D6F71E0@ganymede.hub.org> References: <8FF1D577DF1087259D6F71E0@ganymede.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--0-910365012-1168178621=:46119
Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE
On Sat, 6 Jan 2007, Marc G. Fournier wrote:
> Just had the following happen on a FreeBSD 6.2-PRERELEASE #7: Sun Dec 17=
=20
> 01:28:52 AST 2006 system ... amd64, HP Proliant, 6G of RAM ... have core =
if=20
> there is information that I can provide out of it ...
>
> Fatal trap 12: page fault while in kernel mode
> cpuid =3D 0; apic id =3D 00
> fault virtual address =3D 0x18c
> fault code =3D supervisor read, page not present
> instruction pointer =3D 0x8:0xffffffff801f9053
> stack pointer =3D 0x10:0xffffffffb5c78b30
> frame pointer =3D 0x10:0xffffffffb5c78b60
> code segment =3D base 0x0, limit 0xfffff, type 0x1b
> =3D DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags =3D resume, IOPL =3D 0
> current process =3D 5 (thread taskq)
> trap number =3D 12
> panic: page fault
> cpuid =3D 0
> Uptime: 8d22h25m40s
>
> (kgdb) where
> #0 doadump () at pcpu.h:172
> #1 0xffffffff80203955 in boot (howto=3D260) at
> /usr/src/sys/kern/kern_shutdown.c:409
> #2 0xffffffff80204065 in panic (fmt=3D0xffffff019b667720
> "X\223f\233\001=FF=FF=FF\020=B5c\233\001=FF=FF=FF") at
> /usr/src/sys/kern/kern_shutdown.c:565
> #3 0xffffffff803287a6 in trap_fatal (frame=3D0xc, eva=3D1844674298110007=
4784) at
> /usr/src/sys/amd64/amd64/trap.c:660
> #4 0xffffffff80328cd8 in trap (frame=3D
> {tf_rdi =3D 112, tf_rsi =3D -1092609476832, tf_rdx =3D 6, tf_rcx =3D=
3221225730,
> tf_r8 =3D -1245213424, tf_r9 =3D -1092609476832, tf_rax =3D 1, tf_rbx =3D
> - -1096874331952, tf_rbp =3D -1245213856, tf_r10 =3D -2142258536, tf_r11 =
=3D 0, tf_r12
> =3D 4, tf_r13 =3D -1092609476832, tf_r14 =3D 4, tf_r15 =3D 1, tf_trapno =
=3D 12, tf_addr =3D
> 396, tf_flags =3D -2145197496, tf_err =3D 0, tf_rip =3D -2145415085, tf_c=
s =3D 8,
> tf_rflags =3D 65538, tf_rsp =3D -1245213888, tf_ss =3D 16}) at
> /usr/src/sys/amd64/amd64/trap.c:238
> #5 0xffffffff80313c6b in calltrap () at
> /usr/src/sys/amd64/amd64/exception.S:168
> #6 0xffffffff801f9053 in _mtx_lock_sleep (m=3D0xffffff009d31f0d0,
> tid=3D18446742981100074784, opts=3D6, file=3D0xc0000102 <Address 0xc00001=
02 out of
> bounds>, line=3D-1245213424) at /usr/src/sys/kern/kern_mutex.c:546
> #7 0xffffffff8025b1ac in unp_gc (arg=3D0x70, pending=3D-1687783648) at
> /usr/src/sys/kern/uipc_usrreq.c:1714
> #8 0xffffffff8022c314 in taskqueue_run (queue=3D0xffffff0000844800) at
> /usr/src/sys/kern/subr_taskqueue.c:257
> #9 0xffffffff8022d0e7 in taskqueue_thread_loop (arg=3D0x70) at
> /usr/src/sys/kern/subr_taskqueue.c:376
> #10 0xffffffff801e7b76 in fork_exit (callout=3D0xffffffff8022d060
> <taskqueue_thread_loop>, arg=3D0xffffffff805030d0, frame=3D0xffffffffb5c7=
8c50) at
> /usr/src/sys/kern/kern_fork.c:821
> #11 0xffffffff80313fce in fork_trampoline () at
> /usr/src/sys/amd64/amd64/exception.S:394
This is a NULL pointer dereference in the UNIX domain socket code. John=20
Baldwin recently committed a fix for a bug with these symptoms to 7-CURRENT=
,=20
with an MFC planned in the near future. The fix won't make 6.2-RELEASE, bu=
t=20
assuming it tests out well over the next few weeks, we will cut an errata=
=20
patch/announcement for it. I believe you can pull down his 6-STABLE versio=
n=20
at:
http://people.FreeBSD.org/~jhb/patches/unp_gc.patch
This same patch is currently in texting on mx1.FreeBSD.org.
(John CC'd)
Robert N M Watson
Computer Laboratory
University of Cambridge
--0-910365012-1168178621=:46119--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070107140119.M46119>