crash on STABLE

Mike Tancsa mike at sentex.net
Fri Nov 12 09:41:49 PST 2004


I have been seeing a few of these on this box in the past few days since 
trying out clamav.  Not sure how a userland app would trigger such 
faults.  Bad memory ? Or bug ?

4.10-STABLE FreeBSD 4.10-STABLE #1: Wed Nov 10 08:56:34 EST 2004

IdlePTD at physical address 0x002db000
initial pcb at physical address 0x00259620
panicstr: page fault
panic messages:
---
Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x314c4
fault code              = supervisor write, page not present
instruction pointer     = 0x8:0xc01d1b40
stack pointer           = 0x10:0xedd45ef0
frame pointer           = 0x10:0xedd45ef4
code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 3 (pagedaemon)
interrupt mask          = net tty bio cam
trap number             = 12
panic: page fault

syncing disks... 71 1 1 1 1 1 1 1 45
done
Uptime: 2d2h27m48s


(kgdb) bt
#0  dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487
#1  0xc014c90c in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:316
#2  0xc014cd40 in poweroff_wait (junk=0xc023144c, howto=-1071444145) at 
/usr/src/sys/kern/kern_shutdown.c:595
#3  0xc01facff in trap_fatal (frame=0xedd45eb0, eva=201924) at 
/usr/src/sys/i386/i386/trap.c:974
#4  0xc01fa9b9 in trap_pfault (frame=0xedd45eb0, usermode=0, eva=201924) at 
/usr/src/sys/i386/i386/trap.c:867
#5  0xc01fa58f in trap (frame={tf_fs = -1045102576, tf_es = 16, tf_ds = 
6815760, tf_edi = 0, tf_esi = 0, tf_ebp = -304849164,
       tf_isp = -304849188, tf_ebx = -1071191152, tf_edx = 201920, tf_ecx = 
-1067642188, tf_eax = -1071191152, tf_trapno = 12,
       tf_err = 2, tf_eip = -1071834304, tf_cs = 8, tf_eflags = 66054, 
tf_esp = -1067642188, tf_ss = -304849144})
     at /usr/src/sys/i386/i386/trap.c:466
#6  0xc01d1b40 in vm_page_unqueue_nowakeup (m=0xc05d12b4) at 
/usr/src/sys/vm/vm_page.c:582
#7  0xc01d2539 in vm_page_cache (m=0xc05d12b4) at 
/usr/src/sys/vm/vm_page.c:1426
#8  0xc01d395c in vm_pageout_scan (pass=0) at /usr/src/sys/vm/vm_pageout.c:792
#9  0xc01d44fb in vm_pageout () at /usr/src/sys/vm/vm_pageout.c:1405
(kgdb)

(kgdb) bt full
#0  dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487
         error = 0
#1  0xc014c90c in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:316
         howto = 256
#2  0xc014cd40 in poweroff_wait (junk=0xc023144c, howto=-1071444145) at 
/usr/src/sys/kern/kern_shutdown.c:595
         fmt = 0xc023144c "%s"
         bootopt = 256
         buf = "page fault", '\000' <repeats 245 times>
#3  0xc01facff in trap_fatal (frame=0xedd45eb0, eva=201924) at 
/usr/src/sys/i386/i386/trap.c:974
         frame = (struct trapframe *) 0x100
         eva = 0
         code = -1071442868
         type = 12
         ss = -1071442868
         esp = 0
         softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27, 
ssd_dpl = 0, ssd_p = 1, ssd_xx = 9, ssd_xx1 = 2,
   ssd_def32 = 1, ssd_gran = 1}
#4  0xc01fa9b9 in trap_pfault (frame=0xedd45eb0, usermode=0, eva=201924) at 
/usr/src/sys/i386/i386/trap.c:867
         va = 200704
         vm = (struct vmspace *) 0x0
         map = 0xc0257a20
         rv = 0
         ftype = 2 '\002'
         p = (struct proc *) 0xe6ad9ac0
#5  0xc01fa58f in trap (frame={tf_fs = -1045102576, tf_es = 16, tf_ds = 
6815760, tf_edi = 0, tf_esi = 0, tf_ebp = -304849164,
       tf_isp = -304849188, tf_ebx = -1071191152, tf_edx = 201920, tf_ecx = 
-1067642188, tf_eax = -1071191152, tf_trapno = 12,
       tf_err = 2, tf_eip = -1071834304, tf_cs = 8, tf_eflags = 66054, 
tf_esp = -1067642188, tf_ss = -304849144})
     at /usr/src/sys/i386/i386/trap.c:466
         p = (struct proc *) 0xe6ad9ac0
         sticks = 18155139221172181
         i = 0
         ucode = 0
         type = 12
         code = 0
         eva = 201924
#6  0xc01d1b40 in vm_page_unqueue_nowakeup (m=0xc05d12b4) at 
/usr/src/sys/vm/vm_page.c:582
         m = 0x0
         queue = 0
         pq = (struct vpgqueues *) 0x6fc052
#7  0xc01d2539 in vm_page_cache (m=0xc05d12b4) at 
/usr/src/sys/vm/vm_page.c:1426
         m = 0xc05d12b4
         s = 0
#8  0xc01d395c in vm_pageout_scan (pass=0) at /usr/src/sys/vm/vm_pageout.c:792
         m = 0xc05d12b4
         next = 0x314c0
         marker = {pageq = {tqe_next = 0x0, tqe_prev = 0x0}, hnext = 0x0, 
listq = {tqe_next = 0x0, tqe_prev = 0x0}, object = 0x0,
---Type <return> to continue, or q <return> to quit---
   pindex = 0, phys_addr = 0, md = {pv_list_count = 0, pv_list = {tqh_first 
= 0x0, tqh_last = 0x0}}, queue = 33, flags = 4105,
   pc = 0, wire_count = 1, hold_count = 0, act_count = 0 '\000', busy = 0 
'\000', valid = 0 '\000', dirty = 0 '\000'}
         page_shortage = 2141
         maxscan = 95747
         pcount = -424830272
         addl_page_shortage = 0
         addl_page_shortage_init = 0
         p = (struct proc *) 0x0
         bigproc = (struct proc *) 0x0
         size = 0
         bigsize = 3990118208
         object = 0x0
         actcount = 0
         vnodes_skipped = 0
         maxlaunder = 32
         s = 0
#9  0xc01d44fb in vm_pageout () at /usr/src/sys/vm/vm_pageout.c:1405
         error = 0
         s = 0
         pass = 0


And from a few days ago with a slightly older kernel

(kgdb) bt
#0  dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487
#1  0xc014c868 in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:316
#2  0xc014cc9c in poweroff_wait (junk=0xc02312ec, howto=-1071444497) at 
/usr/src/sys/kern/kern_shutdown.c:595
#3  0xc01fac3f in trap_fatal (frame=0xef83ce3c, eva=166771204) at 
/usr/src/sys/i386/i386/trap.c:974
#4  0xc01fa8f9 in trap_pfault (frame=0xef83ce3c, usermode=0, eva=166771204) 
at /usr/src/sys/i386/i386/trap.c:867
#5  0xc01fa4cf in trap (frame={tf_fs = 16, tf_es = -278724592, tf_ds = 
-278724592, tf_edi = 135249920, tf_esi = 35,
       tf_ebp = -276574588, tf_isp = -276574616, tf_ebx = -277882352, 
tf_edx = 166771184, tf_ecx = 8968288, tf_eax = 515857,
       tf_trapno = 12, tf_err = 0, tf_eip = -1071834672, tf_cs = 8, 
tf_eflags = 66054, tf_esp = 0, tf_ss = -277126336})
     at /usr/src/sys/i386/i386/trap.c:466
#6  0xc01d19d0 in vm_page_lookup (object=0xef6fda10, pindex=35) at 
/usr/src/sys/vm/vm_page.c:515
#7  0xc01c9b4e in vm_fault (map=0xef7b6340, vaddr=135249920, fault_type=2 
'\002', fault_flags=8) at /usr/src/sys/vm/vm_fault.c:292
#8  0xc01fa88b in trap_pfault (frame=0xef83cfa8, usermode=1, eva=135252524) 
at /usr/src/sys/i386/i386/trap.c:847
#9  0xc01fa3a3 in trap (frame={tf_fs = 673906735, tf_es = 673906735, tf_ds 
= -1078001617, tf_edi = 135252524, tf_esi = 16,
       tf_ebp = -1077950596, tf_isp = -276574252, tf_ebx = 135538448, 
tf_edx = 4, tf_ecx = 4, tf_eax = 9, tf_trapno = 12,
       tf_err = 7, tf_eip = 134877998, tf_cs = 31, tf_eflags = 66118, 
tf_esp = -1077950636, tf_ss = 47})
     at /usr/src/sys/i386/i386/trap.c:377
#10 0x80a132e in ?? ()
#11 0x8069ff8 in ?? ()
#12 0x80646fc in ?? ()
#13 0x809a563 in ?? ()
#14 0x806e834 in ?? ()
#15 0x804c21a in ?? ()
(kgdb)

(kgdb) bt
#0  dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487
#1  0xc014c868 in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:316
#2  0xc014cc9c in poweroff_wait (junk=0xc022b140, howto=-1058224168) at 
/usr/src/sys/kern/kern_shutdown.c:595
#3  0xc01d1875 in vm_page_insert (m=0xc0ecc7d8, object=0xef7ddb24, 
pindex=31) at /usr/src/sys/vm/vm_page.c:375
#4  0xc01d1d54 in vm_page_alloc (object=0xef7ddb24, pindex=31, page_req=0) 
at /usr/src/sys/vm/vm_page.c:845
#5  0xc01c9cb4 in vm_fault (map=0xef679140, vaddr=3217027072, fault_type=2 
'\002', fault_flags=8) at /usr/src/sys/vm/vm_fault.c:363
#6  0xc01fa88b in trap_pfault (frame=0xf14d7fa8, usermode=1, 
eva=3217031156) at /usr/src/sys/i386/i386/trap.c:847
#7  0xc01fa3a3 in trap (frame={tf_fs = -1078001617, tf_es = 673906735, 
tf_ds = -1078001617, tf_edi = 673963483,
       tf_esi = 673963424, tf_ebp = -1077964400, tf_isp = -246579244, 
tf_ebx = 673954988, tf_edx = 1, tf_ecx = 0,
       tf_eax = -1077936144, tf_trapno = 12, tf_err = 7, tf_eip = 
673590804, tf_cs = 31, tf_eflags = 66071, tf_esp = -1077964456,
       tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:377
#8  0x28262e14 in ?? ()
#9  0x80514c4 in ?? ()
#10 0x805bb01 in ?? ()
#11 0x805a14e in ?? ()
#12 0x8059d87 in ?? ()
#13 0x809fa83 in ?? ()
#14 0x809de83 in ?? ()
#15 0x806e834 in ?? ()
#16 0x804c21a in ?? ()
(kgdb)


--------------------------------------------------------------------
Mike Tancsa,                                      tel +1 519 651 3400
Sentex Communications,                            mike at sentex.net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada                         www.sentex.net/mike



More information about the freebsd-stable mailing list