Fatal trap 12: page fault while in kernel mode - current
process: flowcleaner
Lawrence Stewart
lstewart at freebsd.org
Fri Aug 7 12:53:18 UTC 2009
Fabian Keil wrote:
> Using:
>
> FreeBSD TP51.local 8.0-BETA2 FreeBSD 8.0-BETA2 #36: Sat Aug 1 00:07:09 CEST 2009
> fk at TP51.local:/usr/obj/usr/src/sys/THINKPAD i386
>
> I got the following panic:
>
> fk at TP51 /usr/crash $kgdb /boot/kernel/kernel.symbols vmcore.6
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "i386-marcel-freebsd"...
>
> Unread portion of the kernel message buffer:
>
>
> Fatal trap 12: page fault while in kernel mode
> cpuid = 0; apic id = 00
> fault virtual address = 0x0
> fault code = supervisor read, page not present
> instruction pointer = 0x20:0x0
> stack pointer = 0x28:0xf1a2fc94
> frame pointer = 0x28:0xf1a2fcd8
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, def32 1, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 40 (flowcleaner)
> panic: from debugger
> cpuid = 0
> Uptime: 2m1s
> Physical memory: 998 MB
> Dumping 144 MB: 129 113 97 81 65 49 33 17 1
>
> Reading symbols from /boot/kernel/unionfs.ko...Reading symbols from /boot/kernel/unionfs.ko.symbols...done.
> done.
> [...]
> Loaded symbols for /boot/kernel/fdescfs.ko
> #0 doadump () at pcpu.h:246
> 246 pcpu.h: No such file or directory.
> in pcpu.h
> (kgdb) where
> #0 doadump () at pcpu.h:246
> #1 0xc0678e66 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:419
> #2 0xc06790a2 in panic (fmt=Variable "fmt" is not available.
> ) at /usr/src/sys/kern/kern_shutdown.c:575
> #3 0xc04f2e57 in db_panic (addr=Could not find the frame base for "db_panic".
> ) at /usr/src/sys/ddb/db_command.c:478
> #4 0xc04f33e1 in db_command (last_cmdp=0xc0a1f31c, cmd_table=0x0, dopager=1) at /usr/src/sys/ddb/db_command.c:445
> #5 0xc04f353a in db_command_loop () at /usr/src/sys/ddb/db_command.c:498
> #6 0xc04f532d in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_main.c:229
> #7 0xc06a33c6 in kdb_trap (type=12, code=0, tf=0xf1a2fc54) at /usr/src/sys/kern/subr_kdb.c:534
> #8 0xc0913a8f in trap_fatal (frame=0xf1a2fc54, eva=0) at /usr/src/sys/i386/i386/trap.c:924
> #9 0xc0913cc3 in trap_pfault (frame=0xf1a2fc54, usermode=0, eva=0) at /usr/src/sys/i386/i386/trap.c:846
> #10 0xc091469a in trap (frame=0xf1a2fc54) at /usr/src/sys/i386/i386/trap.c:528
> #11 0xc08f83bb in calltrap () at /usr/src/sys/i386/i386/exception.s:165
> #12 0x00000000 in ?? ()
> Previous frame inner to this frame (corrupt stack?)
>
> The backtrace in ddb mentioned several flow* functions,
> but unfortunately it doesn't seem to have survived the
> dump.
>
> The problem occurred after booting the system with the rc.conf line:
> ifconfig_wlan0="inet 192.168.178.49 -wme"
> changing it to:
> ifconfig_wlan0="inet 192.168.178.49 ssid [...] wepkey 1:[0x...] deftxkey 1 wepmode on chanlist 7 -wme"
> running:
> /etc/rc.d/netif restart
> followed by:
> ifconfig wlan0
> which showed that wlan0 got associated.
> The panic happened less than a second later.
>
> The system is an IBM ThinkPad R51 with iwi0 as wlandev.
> em0 was configured and up but unconnected.
I can reliably trigger a flowcleaner panic as well on my Toshiba R600
laptop with a rum based WIFI dongle (D-Link DWA-110). I only get it on
teardown/detach though. Kip is aware of the issue and will hopefully
have a patch for us at some point.
Panic details:
Fatal trap 9: general protection fault while in kernel mode
cpuid = 1; apic id = 01
instruction pointer = 0x20:0xffffffff80628998
stack pointer = 0x28:0xffffff80568ebba0
frame pointer = 0x28:0xffffff80568ebc00
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 51 (flowcleaner)
Relevant part of backtrace:
#8 0xffffffff80849083 in calltrap () at
/usr/src/sys/amd64/amd64/exception.S:224
#9 0xffffffff80628998 in flowtable_free_stale (ft=Variable "ft" is not
available.
) at /usr/src/sys/net/flowtable.c:835
#10 0xffffffff80628b17 in flowtable_cleaner () at
/usr/src/sys/net/flowtable.c:944
#11 0xffffffff8055a37a in fork_exit (callout=0xffffffff80628a60
<flowtable_cleaner>, arg=0x0,
frame=0xffffff80568ebc80) at /usr/src/sys/kern/kern_fork.c:838
#12 0xffffffff8084955e in fork_trampoline () at
/usr/src/sys/amd64/amd64/exception.S:561
Cheers,
Lawrence
More information about the freebsd-current
mailing list