From owner-freebsd-hackers@FreeBSD.ORG  Tue Aug  4 16:36:50 2009
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 28F101065676
	for <freebsd-hackers@freebsd.org>; Tue,  4 Aug 2009 16:36:50 +0000 (UTC)
	(envelope-from des@des.no)
Received: from tim.des.no (tim.des.no [194.63.250.121])
	by mx1.freebsd.org (Postfix) with ESMTP id DCBD98FC13
	for <freebsd-hackers@freebsd.org>; Tue,  4 Aug 2009 16:36:49 +0000 (UTC)
	(envelope-from des@des.no)
Received: from ds4.des.no (des.no [84.49.246.2])
	by smtp.des.no (Postfix) with ESMTP id E562B6D418;
	Tue,  4 Aug 2009 16:36:48 +0000 (UTC)
Received: by ds4.des.no (Postfix, from userid 1001)
	id AF50C844CC; Tue,  4 Aug 2009 18:36:48 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Maslan <maslanbsd@gmail.com>
References: <319cceca0908030119i3432a495ya60aa431dab0e1b1@mail.gmail.com>
	<864ospvvkv.fsf@ds4.des.no>
	<319cceca0908031043x6bfe5771wa73553dce922756a@mail.gmail.com>
	<86eirs65gb.fsf@ds4.des.no>
	<319cceca0908031425r3516de29q34807cdf2c7489ed@mail.gmail.com>
	<86k51k4kvl.fsf@ds4.des.no> <86fxc84ksj.fsf@ds4.des.no>
	<319cceca0908031558h1bd779b1pac3c9454986f5488@mail.gmail.com>
Date: Tue, 04 Aug 2009 18:36:48 +0200
In-Reply-To: <319cceca0908031558h1bd779b1pac3c9454986f5488@mail.gmail.com>
	(Maslan's message of "Mon, 3 Aug 2009 22:58:37 +0000")
Message-ID: <86y6pz359b.fsf@ds4.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org>
Subject: Re: sosend() and mbuf
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Aug 2009 16:36:50 -0000

Maslan <maslanbsd@gmail.com> writes:
> Fatal trap 12: page fault while in kernel mode
> cpuid =3D 1; apic id =3D 01
> fault virtual address	=3D 0x10
> fault code		=3D supervisor read, page not present
> instruction pointer	=3D 0x20:0xc085935b
> [...]
> #7  0xc085935b in namei (ndp=3D0xe6cd3bc8) at /usr/src/sys/kern/vfs_looku=
p.c:191
> #8  0xc08706d7 in vn_open_cred (ndp=3D0xe6cd3bc8, flagp=3D0xe6cd3cc4, cmo=
de=3D1,
>     cred=3D0xc408fc00, fp=3D0xc4b5b344) at /usr/src/sys/kern/vfs_vnops.c:=
188
> #9  0xc08709a3 in vn_open (ndp=3D0xe6cd3bc8, flagp=3D0xe6cd3cc4, cmode=3D=
1,
>     fp=3D0xc4b5b344) at /usr/src/sys/kern/vfs_vnops.c:94
> #10 0xc086e0d3 in kern_open (td=3D0xc499dd20, path=3D0xc4c7a978 "/root/te=
st.txt",
>     pathseg=3DUIO_SYSSPACE, flags=3D1, mode=3D1)
>     at /usr/src/sys/kern/vfs_syscalls.c:1042
> #11 0xc4c7a805 in f_open () from ./test.ko
> #12 0xc4c7a8a1 in thread_main () from ./test.ko
> #13 0xc07bd079 in fork_exit (callout=3D0xc4c7a880 <thread_main>, arg=3D0x=
0,
>     frame=3D0xe6cd3d38) at /usr/src/sys/kern/kern_fork.c:810
> #14 0xc0ac92b0 in fork_trampoline () at /usr/src/sys/i386/i386/exception.=
s:264

Depending on the exact FreeBSD version you're working on, line 191 in
sys/kern/vfs_lookup.c is either

   188          /*
   189           * Get starting point for the translation.
   190           */
 * 191          FILEDESC_SLOCK(fdp);
   192          ndp->ni_rootdir =3D fdp->fd_rdir;
   193          ndp->ni_topdir =3D fdp->fd_jdir;

or

   187          /*
   188           * Get starting point for the translation.
   189           */
   190          FILEDESC_SLOCK(fdp);
 * 191          ndp->ni_rootdir =3D fdp->fd_rdir;
   192          ndp->ni_topdir =3D fdp->fd_jdir;

Either way, the problem is not ndp (which we know is valid), but fdp,
which is dereferenced either by FILEDESC_SLOCK(), which evaluates to
sx_slock(&fdp->fd_sx), or in the assignment.

You're calling namei() (indirectly) from a thread assigned to proc0, and
I'm pretty sure proc0 has a valid filedesc table (see proc0_init() in
sys/kern/init_main.c), but all the same, I suspect that creating a
separate process as I suggested earlier will fix the panic.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no