Fatal trap 12: page fault while in kernel mode / current process=12 (swi1: net)

Vlad marchenko at gmail.com
Sat Mar 18 03:58:22 UTC 2006


and here comes another fresh one

# kgdb kernel.debug  /var/crash/vmcore.1
[GDB will not be able to debug user-mode threads:
/usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd".

Unread portion of the kernel message buffer:
kernel trap 12 with interrupts disabled


Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x48
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xffffffff80263071
stack pointer           = 0x10:0xffffffffa52fe8d0
frame pointer           = 0x10:0xffffff002a2144c0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = resume, IOPL = 0
current process         = 12 (swi1: net)
trap number             = 12
panic: page fault
Uptime: 25m3s
Dumping 1023 MB (2 chunks)
  chunk 0: 1MB (152 pages) ... ok
  chunk 1: 1023MB (261888 pages) 1008 992 976 960 944 928 912 896 880
864 848 832 816 800 784 768 752 736 720 704 688 672 656 640 624 608
592 576 560 544 528 512 496 480 464 448 432 416 400 384 368 352 336
320 304 288 272 256 240 224 208 192 176 160 144 128 112 96 80 64 48 32
16

#0  doadump () at pcpu.h:172
172             __asm __volatile("movq %%gs:0,%0" : "=r" (td));
(kgdb) list *0xffffffff80263071
0xffffffff80263071 is in propagate_priority
(../../../kern/subr_turnstile.c:235).

230                     /*
231                      * Pick up the lock that td is blocked on.
232                      */
233                     ts = td->td_blocked;
234                     MPASS(ts != NULL);
235                     tc = TC_LOOKUP(ts->ts_lockobj);
236                     mtx_lock_spin(&tc->tc_lock);
237
238                     /* Resort td on the list if needed. */
239                     if (!turnstile_adjust_thread(ts, td)) {
(kgdb)
240                             mtx_unlock_spin(&tc->tc_lock);
241                             return;
242                     }
243                     mtx_unlock_spin(&tc->tc_lock);
244             }
245     }
246
247     /*
248      * Adjust the thread's position on a turnstile after its
priority has been
249      * changed.
(kgdb) backtrace
#0  doadump () at pcpu.h:172
#1  0x0000000000000004 in ?? ()
#2  0xffffffff8023c133 in boot (howto=260) at ../../../kern/kern_shutdown.c:402
#3  0xffffffff8023c736 in panic (fmt=0xffffff003dc19be0 "@\203(c)=")
at ../../../kern/kern_shutdown.c:558
#4  0xffffffff8037fa22 in trap_fatal (frame=0xffffff003dc19be0,
eva=18446742975233884992)
    at ../../../amd64/amd64/trap.c:660
#5  0xffffffff8037ff46 in trap (frame=
      {tf_rdi = -1098804804416, tf_rsi = 40, tf_rdx = 4294967294,
tf_rcx = -1098475529184, tf_r8 = 1, tf_r9 = 0, tf_rax = 180, tf_rbx =
-1098475529248, tf_rbp = -1098804804416, tf_r10 = -1098804804414,
tf_r11 = 0, tf_r12 = -1098475529248, tf_r13 = -2143389918, tf_r14 = 0,
tf_r15 = 40, tf_trapno = 12, tf_addr = 72, tf_flags = -2144456830,
tf_err = 0, tf_rip = -2144980879, tf_cs = 8, tf_rflags = 65666, tf_rsp
= -1523586848, tf_ss = 0}) at ../../../amd64/amd64/trap.c:238
#6  0xffffffff8036e32b in calltrap () at ../../../amd64/amd64/exception.S:168
#7  0xffffffff80263071 in propagate_priority (td=0xffffff002a2144c0)
at ../../../kern/subr_turnstile.c:233
#8  0xffffffff8026386f in turnstile_wait (lock=0xffffffff80554de0,
owner=0x0) at ../../../kern/subr_turnstile.c:628
#9  0xffffffff80232369 in _mtx_lock_sleep (m=0xffffffff80554de0,
tid=18446742975234022368, opts=-2,
    file=0xffffff003dc19c20 "ю$h'", line=1) at ../../../kern/kern_mutex.c:565
#10 0xffffffff80288d56 in sf_buf_mext (addr=0xffffff002a2144c0,
args=0xffffff003ecf8260)
    at ../../../kern/uipc_syscalls.c:1710
#11 0xffffffff8027cb39 in mb_free_ext (m=0xffffff003d910e00) at
../../../kern/uipc_mbuf.c:272
#12 0xffffffff80283216 in sbdrop_locked (sb=0xffffff00089603c0, len=0)
at mbuf.h:486
#13 0xffffffff802e5576 in tcp_input (m=0xffffff002b27ac00,
off0=27399968) at ../../../netinet/tcp_input.c:2136
#14 0xffffffff802dc280 in ip_input (m=0xffffff002b27ac00) at
../../../netinet/ip_input.c:786
#15 0xffffffff802c7c8b in netisr_processqueue (ni=0xffffffff8054ffd0)
at ../../../net/netisr.c:236
#16 0xffffffff802c7f2d in swi_net (dummy=0xffffff002a2144c0) at
../../../net/netisr.c:349
#17 0xffffffff80223a06 in ithread_loop (arg=0xffffff00000246c0) at
../../../kern/kern_intr.c:673
#18 0xffffffff80222533 in fork_exit (callout=0xffffffff802238c0
<ithread_loop>, arg=0xffffff00000246c0,
    frame=0xffffffffa52fec50) at ../../../kern/kern_fork.c:789
#19 0xffffffff8036e68e in fork_trampoline () at
../../../amd64/amd64/exception.S:394
#20 0x0000000000000000 in ?? ()
Previous frame identical to this frame (corrupt stack?)


More information about the freebsd-stable mailing list