From scrappy@hub.org  Sat Feb  8 07:41:05 2003
Return-Path: <scrappy@hub.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B270437B401
	for <FreeBSD-gnats-submit@freebsd.org>; Sat,  8 Feb 2003 07:41:05 -0800 (PST)
Received: from hub.org (hub.org [64.49.215.141])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 472A643F85
	for <FreeBSD-gnats-submit@freebsd.org>; Sat,  8 Feb 2003 07:41:05 -0800 (PST)
	(envelope-from scrappy@hub.org)
Received: by hub.org (Postfix, from userid 1002)
	id 7D0C78A2B75; Sat,  8 Feb 2003 11:40:58 -0400 (AST)
Message-Id: <20030208154058.7D0C78A2B75@hub.org>
Date: Sat,  8 Feb 2003 11:40:58 -0400 (AST)
From: Marc G.Fournier <scrappy@hub.org>
Reply-To: Marc G.Fournier <scrappy@hub.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Fatal trap 12: page fault while in kernel mode
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         48092
>Category:       kern
>Synopsis:       Fatal trap 12: page fault while in kernel mode
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Feb 08 07:50:00 PST 2003
>Closed-Date:    Thu Jul 15 20:41:49 GMT 2004
>Last-Modified:  Thu Jul 15 20:41:49 GMT 2004
>Originator:     Marc G. Fournier
>Release:        FreeBSD 4.7-STABLE i386
>Organization:
Hub.Org Networking Services (http://www.hub.org)
>Environment:
System: FreeBSD jupiter.hub.org 4.7-STABLE FreeBSD 4.7-STABLE #24: Thu Feb  6 13:48:43 CST 2003     root@jupiter.hub.org:/usr/obj/usr/src/sys/kernel  i386


	
>Description:

Fatal trap 12: page fault while in kernel mode
mp_lock = 01000002; cpuid = 1; lapic.id = 01000000
fault virtual address   = 0xc
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc01b1f3a
stack pointer           = 0x10:0xf5a9ed8c
frame pointer           = 0x10:0xf5a9eda4
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 44277 (perl)
interrupt mask          = none <- SMP: XXX
trap number             = 12
panic: page fault
mp_lock = 01000002; cpuid = 1; lapic.id = 01000000
boot() called on cpu#1

....

(kgdb) where
#0  0xc959e256 in ?? ()
#1  0xc013fb78 in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:223
#2  0xc014029d in panic (fmt=0xc02136d9 "%s") at /usr/src/sys/kern/kern_shutdown.c:595
#3  0xc01e6e9d in trap_fatal (frame=0xf5a9ed4c, eva=12) at /usr/src/sys/i386/i386/trap.c:974
#4  0xc01e6b09 in trap_pfault (frame=0xf5a9ed4c, usermode=0, eva=12) at /usr/src/sys/i386/i386/trap.c:867
#5  0xc01e6663 in trap (frame={tf_fs = -173473768, tf_es = -1072562160, tf_ds = -1072562160, tf_edi = -1071398996, tf_esi = -118494016, tf_ebp = -173412956,
      tf_isp = -173413000, tf_ebx = 0, tf_edx = -454654960, tf_ecx = -119140352, tf_eax = -1071398996, tf_trapno = 12, tf_err = 0, tf_eip = -1071964358,
      tf_cs = 8, tf_eflags = 66067, tf_esp = -118494016, tf_ss = -118494016}) at /usr/src/sys/i386/i386/trap.c:466
#6  0xc01b1f3a in vm_map_simplify_entry (map=0xc023bfac, entry=0xf8efecc0) at /usr/src/sys/vm/vm_map.c:785
#7  0xc01b20e2 in _vm_map_clip_start (map=0xc023bfac, entry=0xf8efecc0, start=4175826944) at /usr/src/sys/vm/vm_map.c:864
#8  0xc01b33fb in vm_map_delete (map=0xc023bfac, start=4175826944, end=4175843328) at /usr/src/sys/vm/vm_map.c:2084
#9  0xc01b35ca in vm_map_remove (map=0xc023bfac, start=4175826944, end=4175843328) at /usr/src/sys/vm/vm_map.c:2198
#10 0xc01b1161 in kmem_free (map=0xc023bfac, addr=4175826944, size=16384) at /usr/src/sys/vm/vm_kern.c:233
#11 0xc01513a8 in pipe_free_kmem (cpipe=0xf4fadd20) at /usr/src/sys/kern/sys_pipe.c:1166
#12 0xc015151e in pipeclose (cpipe=0xf4fadd20) at /usr/src/sys/kern/sys_pipe.c:1222
#13 0xc015136d in pipe_close (fp=0xcf61a680, p=0xf592f1e0) at /usr/src/sys/kern/sys_pipe.c:1153
#14 0xc0135887 in fdrop (fp=0xcf61a680, p=0xf592f1e0) at /usr/src/sys/sys/file.h:218
#15 0xc01357cf in closef (fp=0xcf61a680, p=0xf592f1e0) at /usr/src/sys/kern/kern_descrip.c:1279
#16 0xc0134bd1 in close (p=0xf592f1e0, uap=0xf5a9ef80) at /usr/src/sys/kern/kern_descrip.c:581
#17 0xc01e71d9 in syscall2 (frame={tf_fs = -1071841233, tf_es = 47, tf_ds = 47, tf_edi = 0, tf_esi = 673010328, tf_ebp = -1077937488, tf_isp = -173412396,
      tf_ebx = 672935044, tf_edx = 672131780, tf_ecx = 134911024, tf_eax = 6, tf_trapno = 22, tf_err = 2, tf_eip = 672888400, tf_cs = 31, tf_eflags = 643,
      tf_esp = -1077937532, tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:1175
#18 0xc01d451b in Xint0x80_syscall ()
#19 0x281a574b in ?? ()
#20 0x280c0e70 in ?? ()
#21 0x28084820 in ?? ()
#22 0x280847b5 in ?? ()
#23 0x2808846b in ?? ()
#24 0x2807f145 in ?? ()
#25 0x280e8f34 in ?? ()
#26 0x8048e75 in ?? ()
#27 0x8048d61 in ?? ()
(kgdb) up 5
#5  0xc01e6663 in trap (frame={tf_fs = -173473768, tf_es = -1072562160, tf_ds = -1072562160, tf_edi = -1071398996, tf_esi = -118494016, tf_ebp = -173412956,
      tf_isp = -173413000, tf_ebx = 0, tf_edx = -454654960, tf_ecx = -119140352, tf_eax = -1071398996, tf_trapno = 12, tf_err = 0, tf_eip = -1071964358,
      tf_cs = 8, tf_eflags = 66067, tf_esp = -118494016, tf_ss = -118494016}) at /usr/src/sys/i386/i386/trap.c:466
466                             (void) trap_pfault(&frame, FALSE, eva);
(kgdb) frame frame->tf_ebp frame->tf_eip
#0  vm_map_simplify_entry (map=0xc023bfac, entry=0xf8efecc0) at /usr/src/sys/vm/vm_map.c:786
786                     prevsize = prev->end - prev->start;
(kgdb) list
781                     return;
782             }
783
784             prev = entry->prev;
785             if (prev != &map->header) {
786                     prevsize = prev->end - prev->start;
787                     if ( (prev->end == entry->start) &&
788                          (prev->object.vm_object == entry->object.vm_object) &&
789                          (!prev->object.vm_object ||
790                             (prev->offset + prevsize == entry->offset)) &&

>How-To-Repeat:
	
>Fix:

	


>Release-Note:
>Audit-Trail:

From: Maxim Konovalov <maxim@macomnet.ru>
To: "Marc G. Fournier" <scrappy@hub.org>
Cc: bug-followup@freebsd.org
Subject: Re: kern/48092
Date: Sat, 8 Feb 2003 19:58:17 +0300 (MSK)

 Marc,
 
 What's the module you're using? Do you know 'how-to repeat' receipt?
 
 -- 
 Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org

From: "Marc G. Fournier" <scrappy@hub.org>
To: Maxim Konovalov <maxim@macomnet.ru>
Cc: bug-followup@freebsd.org
Subject: Re: kern/48092
Date: Sat, 8 Feb 2003 13:06:29 -0400 (AST)

 If I knew how to repeat, I'd add it in ... "how to repeat" == let it run
 for more then a few hours, or a few days, or ...
 
 On Sat, 8 Feb 2003, Maxim Konovalov wrote:
 
 > Marc,
 >
 > What's the module you're using? Do you know 'how-to repeat' receipt?
 >
 > --
 > Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org
 >
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Thu Jul 15 20:41:35 GMT 2004 
State-Changed-Why:  
This appears to be identical to kern/52745. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=48092 
>Unformatted:
