From nobody@FreeBSD.org  Fri May 30 23:28:08 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8D51B106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 30 May 2008 23:28:08 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 972FC8FC15
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 30 May 2008 23:28:08 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m4UNQOcW063070
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 30 May 2008 23:26:24 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m4UNQOkM063068;
	Fri, 30 May 2008 23:26:24 GMT
	(envelope-from nobody)
Message-Id: <200805302326.m4UNQOkM063068@www.freebsd.org>
Date: Fri, 30 May 2008 23:26:24 GMT
From: barbara <barbara.xxx1975@libero.it>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Fatal trap 12: page fault while in kernel mode
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         124153
>Category:       kern
>Synopsis:       [panic] Fatal trap 12: page fault while in kernel mode
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 30 23:30:00 UTC 2008
>Closed-Date:    Thu Apr 21 19:15:52 UTC 2011
>Last-Modified:  Thu Apr 21 19:15:52 UTC 2011
>Originator:     barbara
>Release:        RELENG_7
>Organization:
>Environment:
FreeBSD satanasso.local.net 7.0-STABLE FreeBSD 7.0-STABLE #0: Fri May 20 08:45:04 CEST 2008     root@satanasso.local.net:/usr/obj/usr/src/sys/SATANASSO  i386
>Description:
#  kgdb kernel.debug /var/crash/vmcore.0
..
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x4
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc07ad3aa
stack pointer           = 0x28:0xe7e1494c
frame pointer           = 0x28:0xe7e14960
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 28365 (ruby18)
trap number             = 12
panic: page fault
cpuid = 0
Uptime: 1h9m28s
Physical memory: 2031 MB
Dumping 185 MB: 170 (CTRL-C to abort)  154 (CTRL-C to abort)  138 122 106 90 74 (CTRL-C to abort)  58 42 26 10
..
#0  doadump () at pcpu.h:195
195             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) bt
#0  doadump () at pcpu.h:195
#1  0xc0586417 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418
#2  0xc05866dc in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:572
#3  0xc07b3a0c in trap_fatal (frame=0xe7e1490c, eva=4) at /usr/src/sys/i386/i386/trap.c:899
#4  0xc07b3c70 in trap_pfault (frame=0xe7e1490c, usermode=0, eva=4) at /usr/src/sys/i386/i386/trap.c:812
#5  0xc07b4639 in trap (frame=0xe7e1490c) at /usr/src/sys/i386/i386/trap.c:490
#6  0xc079b10b in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#7  0xc07ad3aa in pmap_remove_entry (pmap=0xc67dce24, m=0xc38feec8, va=671391744) at /usr/src/sys/i386/i386/pmap.c:1927
#8  0xc07ad7e1 in pmap_remove_pte (pmap=0xc67dce24, ptq=0xc38feec8, va=671391744, free=0xe7e149a0) at /usr/src/sys/i386/i386/pmap.c:2007
#9  0xc07ad9bf in pmap_remove (pmap=0xc67dce24, sva=671391744, eva=671535104) at /usr/src/sys/i386/i386/pmap.c:2118
#10 0xc07672ec in vm_map_delete (map=0xc67dcd98, start=0, end=3217031168) at /usr/src/sys/vm/vm_map.c:2396
#11 0xc0767525 in vm_map_remove (map=0xc67dcd98, start=0, end=Variable "end" is not available.
) at /usr/src/sys/vm/vm_map.c:2423
#12 0xc055ff10 in exec_new_vmspace (imgp=0xe7e14be4, sv=0xc084da40) at /usr/src/sys/kern/kern_exec.c:916
#13 0xc0549c4b in exec_elf32_imgact (imgp=0xe7e14be4) at /usr/src/sys/kern/imgact_elf.c:680
#14 0xc0560351 in kern_execve (td=0xc5a29000, args=0xe7e14c5c, mac_p=0x0) at /usr/src/sys/kern/kern_exec.c:414
#15 0xc056128c in execve (td=0xc5a29000, uap=0xe7e14cfc) at /usr/src/sys/kern/kern_exec.c:186
#16 0xc07b3fd5 in syscall (frame=0xe7e14d38) at /usr/src/sys/i386/i386/trap.c:1035
#17 0xc079b170 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:196
#18 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)
(kgdb) list *0xc07ad3aa
0xc07ad3aa is in pmap_remove_entry (/usr/src/sys/i386/i386/pmap.c:1932).
1927            TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
1928                    if (pmap == PV_PMAP(pv) && va == pv->pv_va)
1929                            break;
1930            }
1931            KASSERT(pv != NULL, ("pmap_remove_entry: pv not found"));
1932            TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
1933            m->md.pv_list_count--;
1934            if (TAILQ_EMPTY(&m->md.pv_list))
1935                    vm_page_flag_clear(m, PG_WRITEABLE);
1936            free_pv_entry(pmap, pv);
(kgdb) print *m
$1 = {pageq = {tqe_next = 0xc38fef10, tqe_prev = 0xc38fee80}, listq = {tqe_next = 0xc38fef10, tqe_prev = 0xc38fee88}, left = 0xc38fee80, right = 0x0, object = 0xc6703554, pindex = 92, phys_addr = 1937055744, md = {pv_list_count = 0, 
    pv_list = {tqh_first = 0x0, tqh_last = 0xc38feef4}}, queue = 1 '\001', segind = 2 '\002', flags = 128, order = 11 '\v', pool = 0 '\0', wire_count = 0, cow = 0, hold_count = 0, oflags = 0, act_count = 0 '\0', busy = 0 '\0', 
  valid = 255 '', dirty = 0 '\0'}

>How-To-Repeat:
I don't know.

When it happened I was upgrading net/samba3 with portupgrade (current process         = 28365 (ruby18)) and it was updating files in /var/ports/pkg. I don't know if it could be related, but recently I also had some segfaults from ruby18 while running portupgrade.


>Fix:


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: jh 
State-Changed-When: Fri Mar 4 16:10:55 UTC 2011 
State-Changed-Why:  
Could this be a hardware problem? Can you stilll reproduce? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=124153 
State-Changed-From-To: feedback->closed 
State-Changed-By: jh 
State-Changed-When: Thu Apr 21 19:15:51 UTC 2011 
State-Changed-Why:  
Feedback timeout.  Possibly a hardware problem. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=124153 
>Unformatted:
