kern/39248: "Replace exec_map with a pool" change causes kernel crash

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/39248: "Replace exec_map with a pool" change causes kernel crash
From: o.vd.linden%quicknet.nl@localhost
Date: Tue, 29 Jul 2008 21:05:00 +0000 (UTC)

>Number:         39248
>Category:       kern
>Synopsis:       "Replace exec_map with a pool" change causes kernel crash
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jul 29 21:05:00 +0000 2008
>Originator:     Onno van der Linden
>Release:        4.99.69
>Organization:
>Environment:
NetBSD sheep 4.99.69 NetBSD 4.99.69 (SHEEP) #0: Tue Jul 29 21:45:26 MEST 2008  
onno@sheep:/usr/src/sys/arch/i386/compile/SHEEP i386

>Description:
kernel compiled from sources dated 2008.07.02.17.25 will not
crash when I run

mplayer -vo null -ss 101 whoareyou-mhd.mpg

kernel compiled from sources dated 2008.07.02.17.45 *will*
crash when I run the same mplayer command.

Tried to crash the kernel when compiled with DEBUG,DIAGNOSTIC
and/or LOCKDEBUG and failed so far to do so.

DDB output:

uvm_fault(0xca1f9bb8,0,1) -> 0xe
fatal page fault in supervisor mode
trap byte 6 code 0 eip c01edd09 cs 8 eflags 210213 cr2 20 ilevel 0
kernel supervisor trap page fault, code=0
Stopped in pid 15.1 (mplayer) at netbsd:uvm_unmap_remove+0x99: cmpl 0x20(%ebx),%
edi
DDB> show regs
ds 0x10
es 0x10
fs 0x30
gs 0x10
edi 0xcb14f000
esi 0xc03e0d80 kernel_map_store
ebp 0xcb1e2bbc
ebx 0
edx 0xcb14e000
ecx 0xca83a5ec
eax 0xcb1e2c0c
eip 0xc01edd09 uvm_unmap_remove+0x99
cs 0x8
eflags 0x210213
esp 0xcb1e2b94
ss 0x10

uvm_unamp_remove(c03e0d80,cb14e000,cb14f000,cb1e2c0c,cb1e2c000,0,20,ca1e6f00,10)
   at netbsd:uvm_unmap_remove+0x99
uvm_unmap1(c03e0d80,cb14e000,cb14f000,0,ca1f46d0,0,ca14f46d0,cb1e2ca8,ca1f46d0,0
)
   at netbsd:uvm_unmap1+0x38
lwp_ctl_exit(1,0,0,7fffff04,ff121517,191a1c03,f161311,cb0c9c80,ca1f56f8,ca1f56c0
)
   at lwp_ctl_exit+0x56
exit1(cb0x02e0,0,1,0,0,c03a3dac,cb1e2d3c,c02b3611,cbec02e0,cb1e2d00)
   at netbsd:exit1+0xb4
sys_exit(cb0c02e0,cb1e2d00,cb1e2d28,cb1e2d00,bb8a400,ca1f9bb8,1,0,bb435f5,bfbfdb
78)
   at netbsd:sys_exit+0x47
syscall(cb1e2d48,b3,ab,1f,1f,1,0,bfbfdb78,bb435f58,0)
   at netbsd:syscall+0x95


>How-To-Repeat:
Compile kernel sources dated 2008.07.02.17.45,
boot kernel and use mplayer to play 5 seconds of an mpeg.
>Fix:

Follow-Ups:
- Re: kern/39248: "Replace exec_map with a pool" change causes kernel crash
  - From: Nick Hudson

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: misc/39249: [linux] "release" fails with: nbmtree: existing entry for `.', type `dir' does not match type `file'
Previous by Thread: PR/39240 CVS commit: src/libexec/ld.elf_so
Next by Thread: Re: kern/39248: "Replace exec_map with a pool" change causes kernel crash
Indexes:

Home | Main Index | Thread Index | Old Index