From owner-freebsd-stable Tue Mar 5 21:42: 1 2002 Delivered-To: freebsd-stable@freebsd.org Received: from vinyl2.sentex.ca (vinyl2.sentex.ca [199.212.134.13]) by hub.freebsd.org (Postfix) with ESMTP id 866FB37B417 for ; Tue, 5 Mar 2002 21:41:56 -0800 (PST) Received: from house.sentex.net (cage.simianscience.com [64.7.134.1]) (authenticated) by vinyl2.sentex.ca (8.11.6/8.11.6) with ESMTP id g265fk008674 (using TLSv1/SSLv3 with cipher DES-CBC3-SHA (168 bits) verified NO); Wed, 6 Mar 2002 00:41:47 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20020306003951.04fb0328@192.168.0.12> X-Sender: mdtancsa@192.168.0.12 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Wed, 06 Mar 2002 00:41:55 -0500 To: Harry Newton From: Mike Tancsa Subject: Re: reproducible kernel panic Cc: freebsd-stable@FreeBSD.ORG In-Reply-To: <867koq7gp7.fsf@basilisk.locus> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hmmm.... Is there any work around to this ? I guess there is no way to limit this via login.conf ? ---Mike At 11:11 PM 3/5/2002 +0000, Harry Newton wrote: >With this: > > #!/usr/local/bin/python2.2 > > import mmap > m = mmap.mmap(-1,256,mmap.MAP_ANON) > > m = 1 > >I can panic the kernel: > > trap 12: page fault while in kernel mode --- supervisor read, page not > present > > Stopped at: vm_map_clean+0x1ee: cmpl $0,0x40(%edi) > >I dug around a bit with the debugger, and found the fault to lie in: > > /usr/src/sys/vm/vm_map.c : 1749 > >here's the right bit ( reformatted to fit on this page ) > >/* > * Note that there is absolutely no sense in writing out > * anonymous objects, so we track down the vnode object > * to write out. > * We invalidate (remove) all pages from the address space > * anyway, for semantic correctness. > */ > while (object->backing_object) { > object = object->backing_object; > offset += object->backing_object_offset; > if (object->size < OFF_TO_IDX( offset + size)) > size = IDX_TO_OFF(object->size) - offset; > } > >But: I can't be much more use, apart from noting that: > > size = 4096 > offset = -3621126458136592384 > object = 0x0 > object->backing_object --- can't access memory at 0x40 > >I take it that messing round with anonymous maps shouldn't panic the >kernel like this. > >Q. + Should I submit a PR ? > + can I supply anymore information ? > > >( It was mis-keying that caused the first panic, and I've reduced it >to the above lines of Python: I didn't set out with the above ! ) > >- Harry > >-- >Harry Newton >harry_newton at telinco.co.uk >www.gaudeamus.telinco.co.uk/html/gpg.html > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-stable" in the body of the message -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message