kernel panic on HEAD from Oct. 4th sources
Nicolas Thery
nthery at gmail.com
Sun Oct 21 04:55:19 PDT 2007
2007/10/21, Peter Avalos <pavalos at theshell.com>:
[...]
> Got another from sources with your fix in it:
>
> Fatal trap 12: page fault while in kernel mode
> mp_lock = 00000000; cpuid = 0; lapic.id = 00000000
> fault virtual address = 0xa00
> fault code = supervisor read, page not present
> instruction pointer = 0x8:0xc018cc02
[...]
> #7 0xc018cc02 in fill_kinfo_proc (p=0xe9297860, kp=0xe9106628) at /usr/src/sys/kern/kern_kinfo.c:87
> #8 0xc0193efd in sysctl_out_proc (p=0xe9297860, req=0xe9106bf4, flags=0) at /usr/src/sys/kern/kern_proc.c:653
> #9 0xc01948b6 in sysctl_kern_proc (oidp=0xc033d9e0, arg1=0x0, arg2=0, req=0xe9106bf4) at /usr/src/sys/kern/kern_proc.c:782
It looks like p_sigsagts == NULL. Presumably, p_sigsagts could be tested for
NULL in fill_kinfo_proc() (as p_pgrp).
However, the problem may be higher up in the call stack. sysctl_kern_proc()
contains two calls to sysctl_out_proc(). One is protected by PHOLD/PRELE, the
other isn't. I reckon both calls should be protected to delay reaping until
sysctl() processing completes.
The following patch is UNTESTED as I don't know how to reproduce the original
problem.
Index: kern_proc.c
===================================================================
RCS file: /home/dcvs/src/sys/kern/kern_proc.c,v
retrieving revision 1.39
diff -u -5 -r1.39 kern_proc.c
--- kern_proc.c 12 Aug 2007 16:32:13 -0000 1.39
+++ kern_proc.c 21 Oct 2007 10:34:28 -0000
@@ -714,11 +714,13 @@
p = pfind((pid_t)name[0]);
if (!p)
return (0);
if (!PRISON_CHECK(cr1, p->p_ucred))
return (0);
+ PHOLD(p);
error = sysctl_out_proc(p, req, flags);
+ PRELE(p);
return (error);
}
if (!req->oldptr) {
/* overestimate by 5 procs */
More information about the Bugs
mailing list