From owner-freebsd-stable Tue Mar 5 15:14:22 2002 Delivered-To: freebsd-stable@freebsd.org Received: from smarthost-1.mail.telinco.net (smarthost-1.mail.telinco.net [212.1.128.90]) by hub.freebsd.org (Postfix) with ESMTP id 37EEA37B421 for ; Tue, 5 Mar 2002 15:12:15 -0800 (PST) Received: from ppp-2-253.5800-11.telinco.net ([212.1.153.253] helo=basilisk.locus) by smarthost-1.mail.telinco.net with esmtp (Exim 3.22 #1) id 16iO6O-0000uP-00 for freebsd-stable@freebsd.org; Tue, 05 Mar 2002 23:12:13 +0000 Received: (from harry@localhost) by basilisk.locus (8.11.6/8.11.6) id g25NBmB00491; Tue, 5 Mar 2002 23:11:48 GMT (envelope-from harry@basilisk.locus) To: freebsd-stable@freebsd.org Subject: reproducable panic with python From: Harry Newton Organization: GAUDEAMUS X-Op.135: Muss es sein ? Es muss sein X-Attribution: HN X-GnuPG-Fingerprint: 497E C8CD 0553 5EB4 1AE3 3BF5 D041 39E0 35E4 7F8B Date: 05 Mar 2002 23:11:48 +0000 Message-ID: <867koq7gp7.fsf@basilisk.locus> Lines: 59 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG With this: #!/usr/local/bin/python2.2 import mmap m = mmap.mmap(-1,256,mmap.MAP_ANON) m = 1 I can panic the kernel: trap 12: page fault while in kernel mode --- supervisor read, page not present Stopped at: vm_map_clean+0x1ee: cmpl $0,0x40(%edi) I dug around a bit with the debugger, and found the fault to lie in: /usr/src/sys/vm/vm_map.c : 1749 here's the right bit ( reformatted to fit on this page ) /* * Note that there is absolutely no sense in writing out * anonymous objects, so we track down the vnode object * to write out. * We invalidate (remove) all pages from the address space * anyway, for semantic correctness. */ while (object->backing_object) { object = object->backing_object; offset += object->backing_object_offset; if (object->size < OFF_TO_IDX( offset + size)) size = IDX_TO_OFF(object->size) - offset; } But: I can't be much more use, apart from noting that: size = 4096 offset = -3621126458136592384 object = 0x0 object->backing_object --- can't access memory at 0x40 I take it that messing round with anonymous maps shouldn't panic the kernel like this. Q. + Should I submit a PR ? + can I supply anymore information ? ( It was mis-keying that caused the first panic, and I've reduced it to the above lines of Python: I didn't set out with the above ! ) - Harry -- Harry Newton harry_newton at telinco.co.uk www.gaudeamus.telinco.co.uk/html/gpg.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message