6.2-RELEASE + MPD 4.1 = Fatal trap 12: page fault while in kernelmode

viper viper at perm.raid.ru
Wed Feb 21 09:55:28 UTC 2007


Hi!

Again NULL pointer in m_copyxxxxx.
Looks like similar to PR kern/108963.
Are there any suggestions or ideas?
_______________________
Best regards, 
Vladimir

-----Original Message-----
From: owner-freebsd-stable at freebsd.org
[mailto:owner-freebsd-stable at freebsd.org] On Behalf Of Alexey Sopov
Sent: Tuesday, February 20, 2007 10:58 PM
To: stable at freebsd.org
Subject: 6.2-RELEASE + MPD 4.1 = Fatal trap 12: page fault while in kernelmode

   Hi!

Yesterday I've updated my FreeBSD 6.0-RELEASE + mpd-4.0b4 up to
FreeBSD 6.2-RELEASE + mpd-4.1. And today I have a Fatal Trap.

Could you please help me to figure out what the problem consists in?
I folowed instructions described in handbook:

[intel][root]~# kgdb /usr/obj/usr/src/sys/router/kernel.debug 
/var/crash/vmcore.77
kgdb: kvm_nlist(_stopped_cpus):
kgdb: kvm_nlist(_stoppcbs):
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so:
Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:
<6>external: promiscuous mode enabled

Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0xc
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc0596202
stack pointer           = 0x28:0xe4fabb18
frame pointer           = 0x28:0xe4fabb4c
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 12 (swi4: clock sio)
Dumping 2047 MB (2 chunks)
  chunk 0: 1MB (159 pages) ... ok
  chunk 1: 2047MB (524032 pages) 2032 2016 2000 1984 1968 1952 1936 1920 1904
1888 1872 1856 1840 1824 1808 1792 1776 1760 1744 1728 1712 1696 1680 1664
1648 1632 1616 1600 1584 1568 1552 1536 1520 1504 1488 1472 1456 1440 1424
1408 1392 1376 1360 1344 1328 1312 1296 1280 1264 1248 1232 1216 1200 1184
1168 1152 1136 1120 1104 1088 1072 1056 1040 1024 1008 992 976 960 944 928 912
896 880 864 848 832 816 800 784 768 752 736 720 704 688 672 656 640 624 608
592 576 560 544 528 512 496 480 464 448 432 416 400 384 368 352 336 320 304
288 272 256 240 224 208 192 176 160 144 128 112 96 80 64 48 32 16

#0  doadump () at pcpu.h:165
165     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) bt
#0  doadump () at pcpu.h:165
#1  0xc04772e7 in db_fncall (dummy1=-1067884030, dummy2=0, dummy3=1,
dummy4=0xe4fab92c "")
    at /usr/src/sys/ddb/db_command.c:492
#2  0xc0477780 in db_command_loop () at /usr/src/sys/ddb/db_command.c:350
#3  0xc0479600 in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_main.c:222
#4  0xc0572252 in kdb_trap (type=0, code=0, tf=0xe4fabad8) at
/usr/src/sys/kern/subr_kdb.c:473
#5  0xc06ffae4 in trap_fatal (frame=0xe4fabad8, eva=12) at
/usr/src/sys/i386/i386/trap.c:828
#6  0xc06ffdeb in trap_pfault (frame=0xe4fabad8, usermode=0, eva=12)
    at /usr/src/sys/i386/i386/trap.c:745
#7  0xc0700235 in trap (frame=
      {tf_fs = 8, tf_es = 40, tf_ds = 40, tf_edi = 1352, tf_esi = 0, tf_ebp =
-453330100, tf_isp = -453330172, tf_ebx = -940045504, tf_edx = 20, tf_ecx =
1396, tf_eax = 44, tf_trapno = 12, tf_err = 0, tf_eip = -1067884030, tf_cs =
32, tf_eflags = 66054, tf_esp = 256, tf_ss = -453330040})
    at /usr/src/sys/i386/i386/trap.c:435
#8  0xc06ec0ea in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#9  0xc0596202 in m_copym (m=0x0, off0=1396, len=1376, wait=1)
    at /usr/src/sys/kern/uipc_mbuf.c:397
#10 0xc061804a in ip_fragment (ip=0xcd365820, m_frag=0xe4fabc20, mtu=-940045504,
    if_hwassist_flags=0, sw_csum=3073) at /usr/src/sys/netinet/ip_output.c:975
#11 0xc061a846 in ip_output (m=0xc6894300, opt=0xcd365820, ro=0xe4fabbec,
flags=1, imo=0x0,
    inp=0x0) at /usr/src/sys/netinet/ip_output.c:804
#12 0xc0609742 in dummynet_send (m=0xc66b9e00) at
/usr/src/sys/netinet/ip_dummynet.c:771
#13 0xc0609a32 in dummynet (unused=0x0) at /usr/src/sys/netinet/ip_dummynet.c:753
#14 0xc0563590 in softclock (dummy=0x0) at /usr/src/sys/kern/kern_timeout.c:290
#15 0xc053a15f in ithread_loop (arg=0xc6391760) at
/usr/src/sys/kern/kern_intr.c:682
#16 0xc0538cbd in fork_exit (callout=0xc053a040 <ithread_loop>, arg=0x2c,
frame=0x2c)
    at /usr/src/sys/kern/kern_fork.c:821
#17 0xc06ec14c in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:208
(kgdb) list *0xc0596202
0xc0596202 is in m_copym (/usr/src/sys/kern/uipc_mbuf.c:400).
395             MBUF_CHECKSLEEP(wait);
396             if (off == 0 && m->m_flags & M_PKTHDR)
397                     copyhdr = 1;
398             while (off > 0) {
399                     KASSERT(m != NULL, ("m_copym, offset > size of mbuf
chain"));
400                     if (off < m->m_len)
401                             break;
402                     off -= m->m_len;
403                     m = m->m_next;
404             }
-----------------skipped------------------------


More information about the freebsd-stable mailing list