Bug #2266
closed
Hi,
It looks like the system accessed the address 0xdeadc122, which is 0xdeadc0de + 0x44; deadcode is filled in to free()d kernel memory.
The particular dereference that generated this invalid address was the extraction of the mountpoint from the vnode structure in vop_write. This means that vop_write was using an already-kfree()d vnode, which is bad news.
I've experienced the same problem:
Fatal trap 12: page fault while in kernel mode
cpuid = 0; lapic.id = 00000000
fault virtual address = 0xdeadc122
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc028913f
stack pointer = 0x10:0xd62cc6c8
frame pointer = 0x10:0xd62cc7d0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 1 (init)
current thread = pri 31
<- SMP: XXX
kernel: type 12 trap, code=0
CPU0 stopping CPUs: 0x00000000
stopped
I have a crash dump available. It's a rather bulky 105MB xz compressed tar ball.
Could you upload the kernel & core to someplace we can access? It'd be great help!
- Status changed from New to In Progress
- % Done changed from 0 to 50
Possibly fixed by commit cf7ad7d148d126095d2261798f8f289a0d170959
- Status changed from In Progress to Closed
- % Done changed from 50 to 100
Confirmed fixed as of today
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
