Fatal trap 12: page fault while in kernel mode [SEC=UNCLASSIFIED]

From: Wilkinson, Alex <alex.wilkinson_at_dsto.defence.gov.au>
Date: Tue, 5 Jan 2010 14:07:48 +0800
This seems to be happening often to me :(

FreeBSD 9.0-CURRENT #2 r200661: Fri Dec 18

   Kernel page fault with the following non-sleepable locks held:
   exclusive sleep mutex vm page queue free mutex (vm page queue free mutex) r = 0
   (0xc0f65280) locked _at_ /usr/src/sys/vm/vm_page.c:1052
   exclusive sleep mutex vm object (standard object) r = 0 (0xc207bee0) locked _at_
   /usr/src/sys/vm/vm_fault.c:269
   
   KDB: stack backtrace:
   db_trace_self_wrapper(c0c94824,e8986954,c08ceab5,c0cba8a5,10d,...) at
   db_trace_self_wrapper+0x26
   kdb_backtrace(c0cba8a5,10d,ffffffff,c0f2bbfc,e898698c,...) at kdb_backtrace+0x29
   _witness_debugger(c0c96cd9,e89869a0,4,1,0,...) at _witness_debugger+0x25
   witness_warn(5,0,c0ccb229,c0df122c,c69e6d48,...) at witness_warn+0x1fd
   trap(e8986a2c) at trap+0x19e
   calltrap() at calltrap+0x6
   --- trap 0xc, eip = 0xc0afd732, esp = 0xe8986a6c, ebp = 0xe8986ac0 ---
   vm_reserv_alloc_page(c207bee0,58a5,0,37e,c207bee0,...) at
   vm_reserv_alloc_page+0x102
   vm_page_alloc(c207bee0,58a5,0,40,e8986c0c,...) at vm_page_alloc+0x25e
   vm_fault(c684c1d0,2e129000,2,0,2e129000,...) at vm_fault+0x575
   trap_pfault(5,0,c0ccb229,2f0,c69e6d48,...) at trap_pfault+0x10d
   trap(e8986d38) at trap+0x2d0
   calltrap() at calltrap+0x6
   --- trap 0xc, eip = 0x2834ecba, esp = 0xbfbfe454, ebp = 0xbfbfe468 ---
   
   Fatal trap 12: page fault while in kernel mode
   cpuid = 3; apic id = 03
   fault virtual address   = 0xc445cf80
   fault code     = supervisor read, page not present
   instruction pointer  = 0x20:0xc0afd732
   stack pointer          = 0x28:0xe8986a6c
   frame pointer          = 0x28:0xe8986ac0
   code segment      = base 0x0, limit 0xfffff, type 0x1b
            = DPL 0, pres 1, def32 1, gran 1
   processor eflags  = interrupt enabled, resume, IOPL = 3
   current process      = 1430 (initial thread)
   [thread pid 1430 tid 100141 ]
   Stopped at      vm_reserv_alloc_page+0x102:     cmpl    %eax,0x10(%esi)
   db> lock order reversal: (Giant after non-sleepable)
    1st 0xc0f65280 vm page queue free mutex (vm page queue free mutex) _at_
   /usr/src/sys/vm/vm_page.c:1052
    2nd 0xc0debed0 Giant (Giant) _at_ /usr/src/sys/dev/usb/input/ukbd.c:1594
   KDB: stack backtrace:
   db_trace_self_wrapper(c0c94824,e89867a4,c08ceab5,c08bf76b,c0c9772d,...) at
   db_trace_self_wrapper+0x26
   kdb_backtrace(c08bf76b,c0c9772d,c612a6c0,c61291a0,e8986800,...) at
   kdb_backtrace+0x29
   _witness_debugger(c0c9772d,c0debed0,c0cb35e2,c61291a0,c0c82ff1,...) at
   _witness_debugger+0x25
   witness_checkorder(c0debed0,9,c0c82ff1,63a,0,...) at witness_checkorder+0x839
   _mtx_lock_flags(c0debed0,0,c0c82ff1,63a,c6730c60,...) at _mtx_lock_flags+0xc4
   ukbd_poll(c68fc000,1,c6763000,1,e8986880,...) at ukbd_poll+0x48
   kbdmux_poll(c6186200,1,c6763084,c0deab48,1,...) at kbdmux_poll+0x46
   sc_cngetc(c0d39220,78,e8986898,c084c066,e89868b8,...) at sc_cngetc+0xc3
   cncheckc(e89868b8,c04d1bc5,c0c3a16c,c04d2e70,e89868b4,...) at cncheckc+0x3a
   cngetc(c0c3a16c,c04d2e70,e89868b4,e89868f0,1,...) at cngetc+0x16
   db_readline(c0dba260,78,e89868d4,c04d0806,c0c3a16c,...) at db_readline+0x75
   db_read_line(c0c3a16c,e8986928,c04d26bd,c0cc7338,2,...) at db_read_line+0x1a
   db_command_loop(c0cc7338,2,0,e898690c,0,...) at db_command_loop+0x46
   db_trap(c,0,7,28,e8986a2c,...) at db_trap+0xdd
   kdb_trap(c,0,e8986a2c,1,1,...) at kdb_trap+0x96
   trap_fatal(5,0,c0ccb229,c0df122c,c69e6d48,...) at trap_fatal+0x2ef
   trap(e8986a2c) at trap+0x1ac
   calltrap() at calltrap+0x6
   --- trap 0xc, eip = 0xc0afd732, esp = 0xe8986a6c, ebp = 0xe8986ac0 ---
   vm_reserv_alloc_page(c207bee0,58a5,0,37e,c207bee0,...) at
   vm_reserv_alloc_page+0x102
   vm_page_alloc(c207bee0,58a5,0,40,e8986c0c,...) at vm_page_alloc+0x25e
   vm_fault(c684c1d0,2e129000,2,0,2e129000,...) at vm_fault+0x575
   trap_pfault(5,0,c0ccb229,2f0,c69e6d48,...) at trap_pfault+0x10d
   trap(e8986d38) at trap+0x2d0
   calltrap() at calltrap+0x6
   --- trap 0xc, eip = 0x2834ecba, esp = 0xbfbfe454, ebp = 0xbfbfe468 ---
   db> bt
   Tracing pid 1430 tid 100141 td 0xc69d56c0
   vm_reserv_alloc_page(c207bee0,58a5,0,37e,c207bee0,...) at
   vm_reserv_alloc_page+0x102
   vm_page_alloc(c207bee0,58a5,0,40,e8986c0c,...) at vm_page_alloc+0x25e
   vm_fault(c684c1d0,2e129000,2,0,2e129000,...) at vm_fault+0x575
   trap_pfault(5,0,c0ccb229,2f0,c69e6d48,...) at trap_pfault+0x10d
   trap(e8986d38) at trap+0x2d0
   calltrap() at calltrap+0x6
   --- trap 0xc, eip = 0x2834ecba, esp = 0xbfbfe454, ebp = 0xbfbfe468 ---
   db>
   
   db> show pcpu 0
   cpuid        = 0
   dynamic pcpu    = 0xe6d380
   curthread    = 0xc69f96c0: pid 757 "syslogd"
   curpcb       = 0xe8970d90
   fpcurthread  = none
   idlethread   = 0xc6181480: pid 11 "idle: cpu0"
   APIC ID      = 0
   currentldt   = 0x50
   spin locks held:
   db>
   db> show pcpu 1
   cpuid        = 1
   dynamic pcpu    = 0x51fa380
   curthread    = 0xc6e39b40: pid 1679 "VirtualBox"
   curpcb       = 0xeac7ad90
   fpcurthread  = none
   idlethread   = 0xc61816c0: pid 11 "idle: cpu1"
   APIC ID      = 1
   currentldt   = 0x50
   spin locks held:
   db>
   db> show pcpu 2
   cpuid        = 2
   dynamic pcpu    = 0x51fd380
   curthread    = 0xc6181900: pid 11 "idle: cpu2"
   curpcb       = 0xc5fd5d90
   fpcurthread  = none
   idlethread   = 0xc6181900: pid 11 "idle: cpu2"
   APIC ID      = 2
   currentldt   = 0x50
   spin locks held:
   db>
   db> show pcpu 3
   cpuid        = 3
   dynamic pcpu    = 0x5200380
   curthread    = 0xc69d56c0: pid 1430 "initial thread"
   curpcb       = 0xe8986d90
   fpcurthread  = 0xc69d56c0: pid 1430 "initial thread"
   idlethread   = 0xc6181b40: pid 11 "idle: cpu3"
   APIC ID      = 3
   currentldt   = 0x50
   spin locks held:
   db>
   db> show lockedvnods
   Locked vnodes
   
   0xc69c1660: tag ufs, type VDIR
       usecount 1, writecount 0, refcount 3 mountedhere 0
       flags ()
       v_object 0xc690e7f8 ref 0 pages 1
       lock type ufs: SHARED (count 1)
      ino 1719306, on dev ad8s2a
   
   0xc79a6880: tag ufs, type VREG
       usecount 2, writecount 1, refcount 3 mountedhere 0
       flags ()
       v_object 0xc75e9220 ref 0 pages 0
       lock type ufs: EXCL by thread 0xc69f96c0 (pid 757)
    with shared waiters pending
      ino 1719630, on dev ad8s2a
   db>
   db> show locks
   exclusive sleep mutex vm page queue free mutex (vm page queue free mutex) r = 0
   (0xc0f65280) locked _at_ /usr/src/sys/vm/vm_page.c:1052
   exclusive sleep mutex vm object (standard object) r = 0 (0xc207bee0) locked _at_
   /usr/src/sys/vm/vm_fault.c:269
   shared sx user map (user map) r = 0 (0xc684c218) locked _at_
   /usr/src/sys/vm/vm_map.c:3532
   db>
   
   db>  panic
   panic: from debugger
   cpuid = 3
   KDB: stack backtrace:
   db_trace_self_wrapper(c0c94824,e8986768,c08948dd,c0df1880,0,...) at
   db_trace_self_wrapper+0x26
   kdb_backtrace(c0df1880,0,c0c91e85,17b,c69d56c0,...) at kdb_backtrace+0x29
   mi_switch(100,0,c0c92f4a,98c,3,...) at mi_switch+0x12d
   sched_bind(c69d56c0,0,c0c91293,118,e89867cc,...) at sched_bind+0x8a
   boot(c0c913d9,c0c913d9,c0c3a0bd,e8986804,3,...) at boot+0x47
   panic(c0c3a0bd,e89868c8,c04d06c1,3,0,...) at panic+0x152
   db_panic(3,0,ffffffff,e8986840,1,...) at db_panic+0x17
   db_command(c0c3a16c,e8986928,c04d26bd,c0cc7338,2,...) at db_command+0x381
   db_command_loop(c0cc7338,2,0,e898690c,0,...) at db_command_loop+0x5a
   db_trap(c,0,7,28,e8986a2c,...) at db_trap+0xdd
   kdb_trap(c,0,e8986a2c,1,1,...) at kdb_trap+0x96
   trap_fatal(5,0,c0ccb229,c0df122c,c69e6d48,...) at trap_fatal+0x2ef
   trap(e8986a2c) at trap+0x1ac
   calltrap() at calltrap+0x6
   --- trap 0xc, eip = 0xc0afd732, esp = 0xe8986a6c, ebp = 0xe8986ac0 ---
   vm_reserv_alloc_page(c207bee0,58a5,0,37e,c207bee0,...) at
   vm_reserv_alloc_page+0x102
   vm_page_alloc(c207bee0,58a5,0,40,e8986c0c,...) at vm_page_alloc+0x25e
   vm_fault(c684c1d0,2e129000,2,0,2e129000,...) at vm_fault+0x575
   trap_pfault(5,0,c0ccb229,2f0,c69e6d48,...) at trap_pfault+0x10d
   trap(e8986d38) at trap+0x2d0
   calltrap() at calltrap+0x6
   --- trap 0xc, eip = 0x2834ecba, esp = 0xbfbfe454, ebp = 0xbfbfe468 ---
   db>

 -Alex

IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914.  If you have received this email in error, you are requested to contact the sender and delete the email.
Received on Tue Jan 05 2010 - 05:26:12 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:59 UTC