Bug 105208

Summary: Fatal trap 12: page fault while in kernel mode on mail gateway running Exim and Spamassassin
Product: Base System Reporter: Jonathan Hall <jdhall>
Component: kernAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 6.1-RELEASE   
Hardware: Any   
OS: Any   

Description Jonathan Hall 2006-11-06 12:40:21 UTC 
I have three identical hardware platforms based on Supermicro X5DE8-GG motherboards, dual Xeon 2.6GHz, on-board AIC-7902 SCSI and 2GB ram. Each system has been installed with FreeBSD 6.1-RELEASE. Exim 4.63 and Spamassassin 3.1.4 have been installed from source, not ports. The systems are used as inbound e-mail/spam scanning gateways.

Periodically, usually between 2 and 10 days of uptime, each of the boxes crashes with a "Fatal trap 12: page fault while in kernel mode" error. The crashes have occured using a custom SMP kernel (unused device drivers removed), a GENERIC-SMP kernel and a GENERIC kernel.

Crash message from custom SMP kernel:-

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 06
fault virtual address   = 0x5c
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc0578f90
stack pointer           = 0x28:0xe8918b10
frame pointer           = 0x28:0xe8918b2c
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 15752 (exim-4.63-3)
trap number             = 12
panic: page fault
cpuid = 1
Uptime: 6d5h7m32s
Cannot dump. No dump device defined.
Automatic reboot in 15 seconds - press a key on the console to abort

Crash message from GENERIC-SMP kernel:-

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 06
fault virtual address   = 0x5c
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc06eefd4
stack pointer           = 0x28:0xe8df6b10
frame pointer           = 0x28:0xe8df6b2c
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 54198 (exim-4.63-3)
trap number             = 12
panic: page fault
cpuid = 1
Uptime: 2d13h27m51s
Cannot dump. No dump device defined.
Automatic reboot in 15 seconds - press a key on the console to abort

Crash message from GENERIC kernel:-

Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x5c
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc06ea3a8
stack pointer           = 0x28:0xe8d7ab10
frame pointer           = 0x28:0xe8d7ab2c
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 81192 (exim-4.63-3)
trap number             = 12
panic: page fault
Uptime: 10d0h3m56s
Cannot dump. No dump device defined.
Automatic reboot in 15 seconds - press a key on the console to abort

A fourth identical hardware platform running FreeBSD 4.9-RELEASE, Exim 4.30 and Spamassassin 2.64 has been running without problems for about 2 years.

How-To-Repeat: Unable to repeat on demand. Need to wait for it to crash on its own.
Comment 1 ru freebsd_committer freebsd_triage 2006-11-06 14:36:08 UTC 
Jonathan,

On Mon, Nov 06, 2006 at 12:37:23PM +0000, Jonathan Hall wrote:
> Crash message from GENERIC kernel:-
> 
> Fatal trap 12: page fault while in kernel mode
> fault virtual address   = 0x5c
> fault code              = supervisor read, page not present
> instruction pointer     = 0x20:0xc06ea3a8
> stack pointer           = 0x28:0xe8d7ab10
> frame pointer           = 0x28:0xe8d7ab2c
> code segment            = base rx0, limit 0xfffff, type 0x1b
>                         = DPL 0, pres 1, def32 1, gran 1
> processor eflags        = interrupt enabled, resume, IOPL = 0
> current process         = 81192 (exim-4.63-3)
> trap number             = 12
> panic: page fault
> Uptime: 10d0h3m56s
> Cannot dump. No dump device defined.
> Automatic reboot in 15 seconds - press a key on the console to abort
> 

This looks pretty much like a null pointer dereference.
Two things to do for you:

1) Please check that the problem is still there with a more
   recent version of OS, by upgrading to the top of RELENG_6,
   because it can be that it's been already found and fixed.

2) If above isn't possible, or doesn't fix the problem, please
   get yourself familiar with the kernel debugging, and provide
   a useful stack trace that developers can use to try to diagnose
   the problem:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug.html


Cheers,
-- 
Ruslan Ermilov
ru@FreeBSD.org
FreeBSD committer
Comment 2 Kris Kennaway freebsd_committer freebsd_triage 2007-03-27 05:10:47 UTC 
State Changed
From-To: open->closed

Submitter address bounces, no response to request for a 
backtrace.  There is nothing further we can do on this PR.