From owner-freebsd-alpha Fri Mar 16 14:32:17 2001 Delivered-To: freebsd-alpha@freebsd.org Received: from meow.osd.bsdi.com (meow.osd.bsdi.com [204.216.28.88]) by hub.freebsd.org (Postfix) with ESMTP id AB21337B718 for ; Fri, 16 Mar 2001 14:32:12 -0800 (PST) (envelope-from jhb@FreeBSD.org) Received: from laptop.baldwin.cx (john@jhb-laptop.osd.bsdi.com [204.216.28.241]) by meow.osd.bsdi.com (8.11.2/8.11.2) with ESMTP id f2GMV6G66826; Fri, 16 Mar 2001 14:31:06 -0800 (PST) (envelope-from jhb@FreeBSD.org) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <15026.37378.477855.889651@grasshopper.cs.duke.edu> Date: Fri, 16 Mar 2001 14:31:18 -0800 (PST) From: John Baldwin To: Andrew Gallatin Subject: RE: user process faulting on kernel address Cc: freebsd-alpha@FreeBSD.org Sender: owner-freebsd-alpha@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 16-Mar-01 Andrew Gallatin wrote: > > When running a linuxthreads app which basically sits in a loop > doing a pthread_create()/pthread_join() of a thread which just > exits, I'll occasionally see a very interesting thing -- > the app dies on an instruction fault on a kernel address. > > Enabling the DEBUG printtrap() calls in trap yeilds this information: > > login: > fatal user trap: > > trap entry = 0x2 (memory management fault) > a0 = 0xfffffc0000418be0 > a1 = 0x1 > a2 = 0xffffffffffffffff > pc = 0xfffffc0000418be0 > ra = 0x11ffbfc4 > curproc = 0xfffffe0006824cc0 > pid = 18788, comm = ex6 > > > Note that it is an instruction fault (a2 == -1) and the faulting > address maps to the bottom of witness_exit: > > (kgdb) l *0xfffffc0000418be0 > 0xfffffc0000418be0 is in witness_exit (../../kern/kern_mutex.c:1262). > 1257 m->mtx_line = line; > 1258 m->mtx_file = file; > 1259 p = curproc; > 1260 MPASS(m->mtx_held.le_prev == NULL); > 1261 LIST_INSERT_HEAD(&p->p_heldmtx, (struct mtx*)m, mtx_held); > 1262 } > 1263 > 1264 void > 1265 witness_exit(struct mtx *m, int flags, const char *file, int line) > 1266 { > > > The $ra looks reasonable, it is at least a userspace stack address. > > I think somebody saw this a while ago, but I cannot find their > message.. > > Any ideas? Weird. This might be related to the panics in witness_exit() during a LIST_REMOVE of the same list. Perhaps we are on an interrupt stack, but there should be some frames below witness_enter() if that were the case. :( > Drew -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-alpha" in the body of the message