Fatal trap 12: page fault while in kernel mode

Rocco Caputo rcaputo at pobox.com
Tue Jan 29 10:03:58 PST 2008


Yay, crash dumps!  How else can I help?

FreeBSD eyrie.homenet 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #1: Sun  
Dec 30 21:50:28 EST 2007     troc at eyrie.homenet:/usr/obj/usr/src/sys/ 
RC20071223  i386

2) eyrie:/usr/obj/usr/src/sys/RC20071223# kgdb kernel.debug /var/crash/ 
vmcore.0
kgdb: kvm_nlist(_stopped_cpus):
kgdb: kvm_nlist(_stoppcbs):
[GDB will not be able to debug user-mode threads: /usr/lib/ 
libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and  
you are
welcome to change it and/or distribute copies of it under certain  
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for  
details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:

Fatal trap 12: page fault while in kernel mode
fault virtual address	= 0x35000214
fault code		= supervisor write, page not present
instruction pointer	= 0x20:0xc080c74f
stack pointer	        = 0x28:0xd7d25b4c
frame pointer	        = 0x28:0xd7d25b5c
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 3422 (java)
trap number		= 12
panic: page fault
Uptime: 25d0h1m6s
Dumping 511 MB (2 chunks)
   chunk 0: 1MB (159 pages) ... ok
   chunk 1: 511MB (130800 pages) 495 479 463 447 431 415 399 383 367  
351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79  
63 47 31 15

#0  doadump () at pcpu.h:165
165		__asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) bt
#0  doadump () at pcpu.h:165
#1  0xc074873d in boot (howto=260) at /usr/src/sys/kern/ 
kern_shutdown.c:409
#2  0xc0748cd3 in panic (fmt=0xc0b8a6e0 "page fault") at /usr/src/sys/ 
kern/kern_shutdown.c:565
#3  0xc0a1bf24 in trap_fatal (frame=0xd7d25b0c, eva=889192980) at /usr/ 
src/sys/i386/i386/trap.c:838
#4  0xc0a1c1dd in trap_pfault (frame=0xd7d25b0c, usermode=0,  
eva=889192980) at /usr/src/sys/i386/i386/trap.c:745
#5  0xc0a1c5d0 in trap (frame=
       {tf_fs = 8, tf_es = 40, tf_ds = 40, tf_edi = -1012545064,  
tf_esi = -1061606752, tf_ebp = -674079908, tf_isp = -674079944, tf_ebx  
= -1012545064, tf_edx = 889192976, tf_ecx = -1001224928, tf_eax =  
394565837, tf_trapno = 12, tf_err = 2, tf_eip = -1065302193, tf_cs =  
32, tf_eflags = 66050, tf_esp = -674079908, tf_ss = -1066157083}) at / 
usr/src/sys/i386/i386/trap.c:435
#6  0xc0a0778a in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#7  0xc080c74f in in_pcbremlists (inp=0xc3a5c9d8) at /usr/src/sys/ 
netinet/in_pcb.c:1155
#8  0xc080c7dd in in_pcbdetach (inp=0xc3a5c9d8) at /usr/src/sys/ 
netinet/in_pcb.c:709
#9  0xc0834de7 in udp_detach (so=0x178498cd) at /usr/src/sys/netinet/ 
udp_usrreq.c:1071
#10 0xc078f3c7 in soclose (so=0xc485542c) at /usr/src/sys/kern/ 
uipc_socket.c:459
#11 0xc077a200 in soo_close (fp=0xc4aa5ca8, td=0xc50bca80) at /usr/src/ 
sys/kern/sys_socket.c:317
#12 0xc071abd3 in fdrop_locked (fp=0xc4aa5ca8, td=0xc50bca80) at  
file.h:296
#13 0xc071b0e2 in closef (fp=0xc4aa5ca8, td=0xc50bca80) at /usr/src/ 
sys/kern/kern_descrip.c:1933
#14 0xc071bca9 in kern_close (td=0xc50bca80, fd=57) at /usr/src/sys/ 
kern/kern_descrip.c:1023
#15 0xc0a1ca20 in syscall (frame=
       {tf_fs = 59, tf_es = 59, tf_ds = 59, tf_edi = 376516096, tf_esi  
= 0, tf_ebp = -1112515544, tf_isp = -674079388, tf_ebx = 672784448,  
tf_edx = 1, tf_ecx = -2147482943, tf_eax = 6, tf_trapno = 0, tf_err =  
2, tf_eip = 672723975, tf_cs = 51, tf_eflags = 535, tf_esp =  
-1112515572, tf_ss = 59})
     at /usr/src/sys/i386/i386/trap.c:984
#16 0xc0a077df in Xint0x80_syscall () at /usr/src/sys/i386/i386/ 
exception.s:200
#17 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)
(kgdb) frame 14
#14 0xc071bca9 in kern_close (td=0xc50bca80, fd=57) at /usr/src/sys/ 
kern/kern_descrip.c:1023
1023		error = closef(fp, td);
(kgdb) l
1018		 * for the new fd.
1019		 */
1020		knote_fdclose(td, fd);
1021		FILEDESC_UNLOCK(fdp);
1022	
1023		error = closef(fp, td);
1024		if (holdleaders) {
1025			FILEDESC_LOCK_FAST(fdp);
1026			fdp->fd_holdleaderscount--;
1027			if (fdp->fd_holdleaderscount == 0 &&
(kgdb) frame 15
#15 0xc0a1ca20 in syscall (frame=
       {tf_fs = 59, tf_es = 59, tf_ds = 59, tf_edi = 376516096, tf_esi  
= 0, tf_ebp = -1112515544, tf_isp = -674079388, tf_ebx = 672784448,  
tf_edx = 1, tf_ecx = -2147482943, tf_eax = 6, tf_trapno = 0, tf_err =  
2, tf_eip = 672723975, tf_cs = 51, tf_eflags = 535, tf_esp =  
-1112515572, tf_ss = 59})
     at /usr/src/sys/i386/i386/trap.c:984
984			error = (*callp->sy_call)(td, args);
(kgdb) l
979			STOPEVENT(p, S_SCE, narg);
980	
981			PTRACESTOP_SC(p, td, S_PT_SCE);
982	
983			AUDIT_SYSCALL_ENTER(code, td);
984			error = (*callp->sy_call)(td, args);
985			AUDIT_SYSCALL_EXIT(error, td);
986		}
987	
988		switch (error) {
(kgdb) frame 16
#16 0xc0a077df in Xint0x80_syscall () at /usr/src/sys/i386/i386/ 
exception.s:200
200		call	syscall
Current language:  auto; currently asm
(kgdb) l
195		movl	%eax,%ds
196		movl	%eax,%es
197		movl	$KPSEL,%eax
198		movl	%eax,%fs
199		FAKE_MCOUNT(TF_EIP(%esp))
200		call	syscall
201		MEXITCOUNT
202		jmp	doreti
203	
204	ENTRY(fork_trampoline)
(kgdb)

-- 
Rocco Caputo - rcaputo at pobox.com




More information about the freebsd-stable mailing list