Skip site navigation (1)Skip section navigation (2) 
Date:      24 Nov 2001 13:06:47 +0100
From:      Dag-Erling Smorgrav <des@ofug.org>
To:        Martin Blapp <mb@imp.ch>
Cc:        <jhb@freebsd.org>, <freebsd-current@freebsd.org>
Subject:   Re: Still panic() with userland binary on CURRENT
Message-ID:  <xzpelmov0dk.fsf@flood.ping.uio.no>
In-Reply-To: <20011123110955.Q3094-100000@levais.imp.ch>
References:  <20011123110955.Q3094-100000@levais.imp.ch>
next in thread | previous in thread | raw e-mail | index | archive | help 
--=-=-=

Martin Blapp <mb@imp.ch> writes:
> kernel trap 12 with interrupts disabled
> 
> Fatal trap 12: page fault while in kernel mode
> fault virtual address   = 0x123423bd
> fault code              = supervisor read, page not present
> instruction pointer     = 0x8:0xc024d74a
> stack pointer           = 0x10:0xcdc4dc70
> frame pointer           = 0x10:0xcdc4dc7c
> code segment            = base 0x0, limit 0xfffff, type 0x1b
>                         = DPL 0, pres 1, def32 1, gran 1
> processor eflags        = resume, IOPL = 0
> current process         = 12 (swi6: tty:sio clock)
> kernel: type 12 trap, code=0
> Stopped at      _mtx_lock_sleep+0x14e:  movb    0x45(%eax),%al
> db> trace
> _mtx_lock_sleep(cf610f10,0,c03c7966,27b) at _mtx_lock_sleep+0x14e
> _mtx_lock_flags(cf610f10,0,c03c7966,27b,6) at _mtx_lock_flags+0x79
> realitexpire(cf610d04) at realitexpire+0x24

This is caused by incorrect usage of callout_reset() in linux_misc.c:
it passes a struct thread * argument instead of the struct proc *
realitexpire() expects.  Untested patch attached.

DES
-- 
Dag-Erling Smorgrav - des@ofug.org


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment; filename=linux_misc.diff

Index: linux_misc.c
===================================================================
RCS file: /home/ncvs/src/sys/compat/linux/linux_misc.c,v
retrieving revision 1.109
diff -u -r1.109 linux_misc.c
--- linux_misc.c	10 Oct 2001 23:06:51 -0000	1.109
+++ linux_misc.c	24 Nov 2001 12:02:26 -0000
@@ -189,7 +189,7 @@
 		callout_stop(&td->td_proc->p_itcallout);
 	if (it.it_value.tv_sec != 0) {
 		callout_reset(&td->td_proc->p_itcallout, tvtohz(&it.it_value),
-		    realitexpire, td);
+		    realitexpire, td->td_proc);
 		timevaladd(&it.it_value, &tv);
 	}
 	td->td_proc->p_realtimer = it;

--=-=-=--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpelmov0dk.fsf>