Fatal trap 12: page fault while in kernel mode - current process: flowcleaner

From: Fabian Keil <freebsd-listen_at_fabiankeil.de> Date: Fri, 7 Aug 2009 14:20:27 +0200 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:53 UTC

Using:

FreeBSD TP51.local 8.0-BETA2 FreeBSD 8.0-BETA2 #36: Sat Aug  1 00:07:09 CEST 2009
fk_at_TP51.local:/usr/obj/usr/src/sys/THINKPAD  i386

I got the following panic:

fk_at_TP51 /usr/crash $kgdb /boot/kernel/kernel.symbols vmcore.6
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...

Unread portion of the kernel message buffer:

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x0
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0x0
stack pointer           = 0x28:0xf1a2fc94
frame pointer           = 0x28:0xf1a2fcd8
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 40 (flowcleaner)
panic: from debugger
cpuid = 0
Uptime: 2m1s
Physical memory: 998 MB
Dumping 144 MB: 129 113 97 81 65 49 33 17 1

Reading symbols from /boot/kernel/unionfs.ko...Reading symbols from /boot/kernel/unionfs.ko.symbols...done.
done.
[...]
Loaded symbols for /boot/kernel/fdescfs.ko
#0  doadump () at pcpu.h:246
246     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) where
#0  doadump () at pcpu.h:246
#1  0xc0678e66 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:419
#2  0xc06790a2 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:575
#3  0xc04f2e57 in db_panic (addr=Could not find the frame base for "db_panic".
) at /usr/src/sys/ddb/db_command.c:478
#4  0xc04f33e1 in db_command (last_cmdp=0xc0a1f31c, cmd_table=0x0, dopager=1) at /usr/src/sys/ddb/db_command.c:445
#5  0xc04f353a in db_command_loop () at /usr/src/sys/ddb/db_command.c:498
#6  0xc04f532d in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_main.c:229
#7  0xc06a33c6 in kdb_trap (type=12, code=0, tf=0xf1a2fc54) at /usr/src/sys/kern/subr_kdb.c:534
#8  0xc0913a8f in trap_fatal (frame=0xf1a2fc54, eva=0) at /usr/src/sys/i386/i386/trap.c:924
#9  0xc0913cc3 in trap_pfault (frame=0xf1a2fc54, usermode=0, eva=0) at /usr/src/sys/i386/i386/trap.c:846
#10 0xc091469a in trap (frame=0xf1a2fc54) at /usr/src/sys/i386/i386/trap.c:528
#11 0xc08f83bb in calltrap () at /usr/src/sys/i386/i386/exception.s:165
#12 0x00000000 in ?? ()
Previous frame inner to this frame (corrupt stack?)

The backtrace in ddb mentioned several flow* functions,
but unfortunately it doesn't seem to have survived the
dump.

The problem occurred after booting the system with the rc.conf line:
  ifconfig_wlan0="inet 192.168.178.49 -wme"
changing it to:
  ifconfig_wlan0="inet 192.168.178.49 ssid [...] wepkey 1:[0x...] deftxkey 1 wepmode on chanlist 7 -wme"
running:
  /etc/rc.d/netif restart
followed by:
  ifconfig wlan0
which showed that wlan0 got associated.
The panic happened less than a second later.

The system is an IBM ThinkPad R51 with iwi0 as wlandev.
em0 was configured and up but unconnected.

Fabian