From owner-freebsd-current@FreeBSD.ORG Mon Jul 12 20:11:59 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 822DF16A4CE for ; Mon, 12 Jul 2004 20:11:59 +0000 (GMT) Received: from mail6.speakeasy.net (mail6.speakeasy.net [216.254.0.206]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3156743D1F for ; Mon, 12 Jul 2004 20:11:59 +0000 (GMT) (envelope-from jhb@FreeBSD.org) Received: (qmail 23176 invoked from network); 12 Jul 2004 20:11:58 -0000 Received: from dsl027-160-063.atl1.dsl.speakeasy.net (HELO server.baldwin.cx) ([216.27.160.63]) (envelope-sender ) encrypted SMTP for ; 12 Jul 2004 20:11:58 -0000 Received: from 10.50.41.229 (gw1.twc.weather.com [216.133.140.1]) by server.baldwin.cx (8.12.11/8.12.11) with ESMTP id i6CKBrP8011071; Mon, 12 Jul 2004 16:11:53 -0400 (EDT) (envelope-from jhb@FreeBSD.org) From: John Baldwin To: Kris Kennaway Date: Mon, 12 Jul 2004 16:13:06 -0400 User-Agent: KMail/1.6 References: <20040712024044.GA24706@xor.obsecurity.org> In-Reply-To: <20040712024044.GA24706@xor.obsecurity.org> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200407121613.06408.jhb@FreeBSD.org> X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on server.baldwin.cx cc: current@FreeBSD.org Subject: Re: page fault/panic: mi_switch: switch in a critical section X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 20:11:59 -0000 On Sunday 11 July 2004 10:40 pm, Kris Kennaway wrote: > panic: page fault > panic messages: > --- > Fatal trap 12: page fault while in kernel mode > fault virtual address = 0x104 > fault code = supervisor read, page not present > instruction pointer = 0x8:0xc058a8cf > stack pointer = 0x10:0xdcb34cc4 > frame pointer = 0x10:0xdcb34cec > code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, def32 1, gran 1 > processor eflags = resume, IOPL = 0 > current process = 50 (schedcpu) > trap number = 12 > panic: page fault > > syncing disks, buffers remaining... panic: mi_switch: switch in a critical > section > > addr2line says the panic was in kern/sched_4bsd.c:327 > > /* > * The kse slptimes are not touched in > wakeup * because the thread may not HAVE a KSE. */ > if (ke->ke_state == KES_ONRUNQ) { > awake = 1; > ke->ke_flags &= ~KEF_DIDRUN; > ---> } else if ((ke->ke_state == KES_THREAD) && > (TD_IS_RUNNING(ke->ke_thread))) { > awake = 1; > > gdb -k got confused and couldn't make anything out of the backtrace. The code doesn't match the comment for one. Note that the code says the kse may be NULL, but it deref's ke anyways. Probably ke->ke_thread is NULL. Julian might know when that case can happen. -- John Baldwin <>< http://www.FreeBSD.org/~jhb/ "Power Users Use the Power to Serve" = http://www.FreeBSD.org