Page MenuHomeFreeBSD
Paste P170

Fatal trap 12: page fault while in kernel mode
ActivePublic
Actions

Authored by eadler on Apr 12 2018, 4:20 AM.
Tags
None
Referenced Files
F3305997: Fatal trap 12: page fault while in kernel mode
Apr 12 2018, 4:20 AM
Subscribers
None
How to reproduce:
kldload dcons; kldunload dcons
Unread portion of the kernel message buffer:
[124]
[124]
[124] Fatal trap 12: page fault while in kernel mode
[124] cpuid = 10; apic id = 0a
[124] fault virtual address = 0xffffffff8423ef48
[124] fault code = supervisor read data, page not present
[124] instruction pointer = 0x20:0xffffffff80be84d0
[124] stack pointer = 0x28:0xfffffe0077bff920
[124] frame pointer = 0x28:0xfffffe0077bff930
[124] code segment = base 0x0, limit 0xfffff, type 0x1b
[124] = DPL 0, pres 1, long 1, def32 0, gran 1
[124] processor eflags = interrupt enabled, resume, IOPL = 0
[124] current process = 12 (swi6: Giant taskq)
__curthread () at ./machine/pcpu.h:230
230 __asm("movq %%gs:%1,%0" : "=r" (td)
(kgdb) bt
...
#8 0xffffffff81025170 in trap_fatal (frame=0xfffffe0077bff860, eva=0xffffffff8423ef48) at
/usr/src/sys/amd64/amd64/trap.c:815
#9 0xffffffff81025282 in trap_pfault (frame=0xfffffe0077bff860, usermode=<optimized out>)
at /usr/src/sys/amd64/amd64/trap.c:664
#10 0xffffffff81024a72 in trap (frame=0xfffffe0077bff860) at /usr/src/sys/amd64/amd64/trap
.c:413
#11 <signal handler called>
#12 0xffffffff80be84d0 in ttydevsw_free (tp=<optimized out>) at /usr/src/sys/sys/ttydevsw.
h:198
#13 tty_dealloc (arg=0xfffff8001e238800) at /usr/src/sys/kern/tty.c:1109
#14 0xffffffff80b050cd in destroy_dev_tq (ctx=<optimized out>, pending=<optimized out>) at
/usr/src/sys/kern/kern_conf.c:1438
#15 0xffffffff80bbf42c in taskqueue_run_locked (queue=0xfffff80003104c00) at /usr/src/sys/
kern/subr_taskqueue.c:465
#16 0xffffffff80bbf29a in taskqueue_run (queue=0xfffff80003104c00) at /usr/src/sys/kern/su
br_taskqueue.c:484
#17 0xffffffff80b299f9 in intr_event_execute_handlers (p=<optimized out>, ie=0xfffff800036
eb400) at /usr/src/sys/kern/kern_intr.c:1338
#18 0xffffffff80b2a0e7 in ithread_execute_handlers (ie=<optimized out>, p=<optimized out>)
at /usr/src/sys/kern/kern_intr.c:1351
#19 ithread_loop (arg=0xfffff800036f0060) at /usr/src/sys/kern/kern_intr.c:1432
#20 0xffffffff80b26e34 in fork_exit (callout=0xffffffff80b2a030 <ithread_loop>, arg=0xffff
f800036f0060, frame=0xfffffe0077bffac0) at /usr/src/sys/kern/kern_fork.c:1039
#21 <signal handler called>
(kgdb) info args
tp = <optimized out>
(kgdb) up
#13 tty_dealloc (arg=0xfffff8001e238800) at /usr/src/sys/kern/tty.c:1109
1109 ttydevsw_free(tp);
(kgdb) info args
arg = 0xfffff8001e238800
(kgdb) p *tp
$2 = {
t_mtx = 0xfffff8001e238808,
t_mtxobj = {
lock_object = {
lo_name = 0xffffffff811baedf "ttymtx",
lo_flags = 0x1020000,
lo_data = 0x0,
lo_witness = 0xfffff8087f06de00
},
mtx_lock = 0x4
},
t_list = {
tqe_next = 0xfffff8001234d800,
tqe_prev = 0xfffff80048402828
},
t_drainwait = 0x12c,
t_flags = 0x41,
t_revokecnt = 0x0,
t_inq = {
ti_firstblock = 0x0,
ti_startblock = 0x0,
ti_reprintblock = 0x0,
ti_lastblock = 0x0,
ti_begin = 0x0,
ti_linestart = 0x0,
ti_reprint = 0x0,
ti_end = 0x0,
ti_nblocks = 0x0,
ti_quota = 0x0
},
t_inlow = 0x0,
t_outq = {
to_firstblock = 0x0,
to_lastblock = 0x0,
to_begin = 0x0,
to_end = 0x0,
to_nblocks = 0x0,
to_quota = 0x0
},
t_outlow = 0x0,
t_inwait = {
cv_description = 0xffffffff812d7ada "ttyin",
cv_waiters = 0x0
},
t_outwait = {
cv_description = 0xffffffff811b0ae0 "ttyout",
cv_waiters = 0x0
},
t_outserwait = {
cv_description = 0xffffffff811edf75 "ttyosr",
cv_waiters = 0x0
},
t_bgwait = {
cv_description = 0xffffffff8122a0db "ttybg",
cv_waiters = 0x0
},
t_dcdwait = {
cv_description = 0xffffffff811edf7c "ttydcd",
cv_waiters = 0x0
},
t_inpoll = {
si_tdlist = {
tqh_first = 0x0,
tqh_last = 0x0
},
si_note = {
kl_list = {
slh_first = 0x0
},
kl_lock = 0xffffffff80b1c7f0 <knlist_mtx_lock>,
kl_unlock = 0xffffffff80b1c810 <knlist_mtx_unlock>,
kl_assert_locked = 0xffffffff80b1c830 <knlist_mtx_assert_locked>,
kl_assert_unlocked = 0xffffffff80b1c850 <knlist_mtx_assert_unlocked>,
kl_lockarg = 0xfffff8001e238808,
kl_autodestroy = 0x0
},
si_mtx = 0x0
},
t_outpoll = {
si_tdlist = {
tqh_first = 0x0,
tqh_last = 0x0
},
si_note = {
kl_list = {
slh_first = 0x0
},
kl_lock = 0xffffffff80b1c7f0 <knlist_mtx_lock>,
kl_unlock = 0xffffffff80b1c810 <knlist_mtx_unlock>,
kl_assert_locked = 0xffffffff80b1c830 <knlist_mtx_assert_locked>,
kl_assert_unlocked = 0xffffffff80b1c850 <knlist_mtx_assert_unlocked>,
kl_lockarg = 0xfffff8001e238808,
kl_autodestroy = 0x0
},
si_mtx = 0x0
},
t_sigio = 0x0,
t_termios = {
c_iflag = 0x0,
c_oflag = 0x0,
c_cflag = 0x0,
c_lflag = 0x0,
c_cc = "",
c_ispeed = 0x0,
c_ospeed = 0x0
},
t_winsize = {
ws_row = 0x0,
ws_col = 0x0,
ws_xpixel = 0x0,
ws_ypixel = 0x0
},
t_column = 0x0,
t_writepos = 0x0,
t_compatflags = 0x0,
t_termios_init_in = {
c_iflag = 0x2b02,
c_oflag = 0x3,
c_cflag = 0xcb00,
c_lflag = 0x5cb,
c_cc = "\004\377\377\177\027\025\022\b\003\034\032\031\021\023\026\017\001",
c_ispeed = 0x2580,
c_ospeed = 0x2580
},
t_termios_lock_in = {
c_iflag = 0x0,
c_oflag = 0x0,
c_cflag = 0x0,
c_lflag = 0x0,
c_cc = "",
c_ispeed = 0x0,
c_ospeed = 0x0
},
t_termios_init_out = {
c_iflag = 0x2b02,
c_oflag = 0x3,
c_cflag = 0xcb00,
c_lflag = 0x5cb,
c_cc = "\004\377\377\177\027\025\022\b\003\034\032\031\021\023\026\017\001",
c_ispeed = 0x2580,
c_ospeed = 0x2580
},
t_termios_lock_out = {
c_iflag = 0x0,
c_oflag = 0x0,
c_cflag = 0x0,
c_lflag = 0x0,
c_cc = "",
c_ispeed = 0x0,
c_ospeed = 0x0
},
t_devsw = 0xffffffff8423eef0,
t_hook = 0x0,
t_pgrp = 0x0,
t_session = 0x0,
t_sessioncnt = 0x0,
t_devswsoftc = 0xffffffff8423efd0,
t_hooksoftc = 0x0,
t_dev = 0x0
}

Event Timeline

eadler created this paste.Apr 12 2018, 4:20 AM
eadler created this object in space S1 Global.