Subject: Another serious bug in NetBSD-1.6.1
To: None <current-users@netbsd.org>
From: Brian Buhrow <buhrow@lothlorien.nfbcal.org>
List: port-i386
Date: 03/11/2003 17:50:18
	Hello folks.  I believe Greg Oster and I have figured out the mystery
of my hanging NetBSD 1.6.1_RC2 system, but there is still a recurring panic
which I believe is unrelated to the raid problem.  This time, I believe
it's I386 specific, but I'm not sure, so I'm copying both lists in case it
isn't machine dependent.

	I'm getting a double panic which looks like:
uvm_fault(0xc05d7300, 0xffc00000, 0, 1) -> e
fatal page fault in supervisor mode
trap type 6 code 0 eip c0311347 cs 8 eflags 10202 cr2 ffc000c4 cpl 0
panic: trap
syncing disks... panic: lockmgr: locking against myself

The first argument in the uvm_fault message varies by 20 bytes or so, but
the other two arguments, along with the error code at the end, are always
the same.  The error code is EFAULT and the ffc0000 argument corresponds
to this definition in /usr/src/sys/arch/i386/i386/locore.s

/*
 * APTmap, APTD is the alternate recursive pagemap.
 * It's used when modifying another process's page tables.
 *
 * XXX 4 == sizeof pde
 */
	.set	_C_LABEL(APTmap),(PDSLOT_APTE << PDSHIFT)
	.set	_C_LABEL(APTD),(_C_LABEL(APTmap) + PDSLOT_APTE * NBPG)
	.set	_C_LABEL(APTDpde),(_C_LABEL(PTD) + PDSLOT_APTE * 4)


	These panics occur when the syncer kernel thread is running.  
Specifically, genfs_putpages, which is called from ffs_putpages.

	Does anyone have any idea what race condition could be going on here?
-thanks
-Brian