[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dragonfly-users
Subject:    i386 wire_count panic finally tracked down
From:       Matthew Dillon <dillon () apollo ! backplane ! com>
Date:       2012-09-26 17:08:26
Message-ID: 201209261708.q8QH8QiH046907 () apollo ! backplane ! com
[Download RAW message or body]

    I may have finally tracked down the i386 wire_count panic.  I noticed
    that the pmap pointer in the last pkgbox32 crash dump doesn't seem to
    be to any process's active pmap, meaning that it is related to a process
    which had exited.

    It appears to be a race against a pmap structure being dtor'd after
    a process exit and a vm_page_protect() call on a vm_page.  In this
    situation page table pages can be removed from the pmap's VM object
    unconditonally without vm_token being held, racing against a
    vm_page_protect() occuring at the same time.

    I will commit a likely fix in the next hour.

    x86-64 does not seem to be vulnerable to this particular issue but I
    am reviewing the code.

						-Matt

[prev in list] [next in list] [prev in thread] [next in thread]