From owner-freebsd-hackers  Wed Oct 30 11:10:41 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id LAA22785
          for hackers-outgoing; Wed, 30 Oct 1996 11:10:41 -0800 (PST)
Received: from watermarkgroup.com (lor.watermarkgroup.com [38.246.139.30])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA22776
          for <hackers@freebsd.org>; Wed, 30 Oct 1996 11:10:38 -0800 (PST)
Received: from 38.246.139.33 (Kim.watermarkgroup.com) by watermarkgroup.com (4.1/SMI-4.1)
	id AA00468; Wed, 30 Oct 96 14:10:02 EST
Message-Id: <3277A807.7FE8@watermarkgroup.com>
Date: Wed, 30 Oct 1996 14:13:01 -0500
From: Luoqi Chen <luoqi@watermarkgroup.com>
Organization: The Watermark Group
X-Mailer: Mozilla 3.0 (Macintosh; I; PPC)
Mime-Version: 1.0
To: hackers@freebsd.org
Subject: wine crash mystery
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hi,

I have been playing with wine recently. I noticed that wine would
mysteriously crash my machine whenever I tried to run wine with
a non-existing exe file (it was a typo initially). It seemed that
wine had somehow triggered the shutdown condition on the cpu,
because there was no panic when the system crashed.

According to the 80x86 manual, this shutdown condition is caused
by a triple fault -- fault while trying to execute double fault
exception vector. Now I have a few questions I hope more experienced 
hackers out there can help me on.

1. For the double fault to occur, an LDT entry has to be corrupted.
After looking at the kernel sources, I could see one reason this
might happen. In sys_machdep.c, syscall i386_set_ldt does NOT load
new ldt immediately, instead it relies on swtch to do the trick.
Chances are one of the new selectors is referenced before rescheduling
has taken place. There is a commented out need_reschedule() call
in the code, could anyone tell me why it is commented out?

2. Another reason could be the user LDT is not incore. Is this
possible? I see user ldt are allocated from kernel map, does it
mean user ldt should always be resident? How is it handled in
FreeBSD when the 2nd fault is a page fault?

3. For the shutdown condition to occur, the IDT vector for double
fault should also be corrupted. How could this happen?

I am running wine961023 on FreeBSD 2.1.5R. Do you fellow wine
users have the same crashes? I'm really interested in solving
this problem. Any advice is greatly appreciated.

Thanks
-lq