From nobody@FreeBSD.org  Fri Jul 23 11:39:36 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4408F106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 23 Jul 2010 11:39:36 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 1A2D48FC13
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 23 Jul 2010 11:39:36 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o6NBdZmA074553
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 23 Jul 2010 11:39:35 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o6NBdZS9074546;
	Fri, 23 Jul 2010 11:39:35 GMT
	(envelope-from nobody)
Message-Id: <201007231139.o6NBdZS9074546@www.freebsd.org>
Date: Fri, 23 Jul 2010 11:39:35 GMT
From: Yuriy Kohut <ykohut@onapp.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: page fault while in kernel mode at _mtx_lock_sleep
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         148862
>Category:       kern
>Synopsis:       [panic] page fault while in kernel mode at _mtx_lock_sleep
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-xen
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jul 23 11:40:05 UTC 2010
>Closed-Date:    Mon Nov 29 05:27:52 UTC 2010
>Last-Modified:  Mon Nov 29 05:27:52 UTC 2010
>Originator:     Yuriy Kohut
>Release:        FreeBSD 8.0-RELEASE-p4 (XEN)
>Organization:
UK2, OnApp
>Environment:
FreeBSD freebsd.tst 8.0-RELEASE-p4 FreeBSD 8.0-RELEASE-p4 #1: Tue Jul 20 15:40:53 EEST 2010     root@freebsd.vm:/mnt/usr/src/sys/XEN  i386
>Description:
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address	= 0x206e6700
fault code		= supervisor read, page not present
instruction pointer	= 0x21:0xc00c954d
stack pointer	        = 0x29:0xc3cbc9d0
frame pointer	        = 0x29:0xc3cbc9ec
code segment		= base 0x0, limit 0xf9800, type 0x1b
			= DPL 1, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 12 (swi4: clock)
[thread pid 12 tid 100005 ]
Stopped at      _mtx_lock_sleep+0x6d:   movl    0x1a0(%ecx),%eax
db> where
Tracing pid 12 tid 100005 td 0xc3eed6c0
_mtx_lock_sleep(c07b2808,c3eed6c0,0,c03678d3,33e,...) at _mtx_lock_sleep+0x6d
_mtx_lock_flags(c07b2808,0,c03678d3,33e,c6d50d00,...) at _mtx_lock_flags+0xd1
netisr_clearqdrops(c3cbca48,2,42,0) at netisr_clearqdrops+0x66e
netisr_queue_src(1,0,c6d50d00,c3cbca8c,c01817ce,...) at netisr_queue_src+0xa7
netisr_queue(1,c6d50d00,df,0,c3cbcaa0,...) at netisr_queue+0x20
if_simloop(c3ece400,c6d50d00,2,0,c019df3f,...) at if_simloop+0xfe
looutput(c3ece400,c6d50d00,c3cbcb20,c3cbcb18,c00c71a8,...) at looutput+0x141
ip_output(c6d50d00,0,0,0,0,...) at ip_output+0x9cc
tcp_output(c6d56c58,c036e08b,b5,c6d56eb0,c03cd320,...) at tcp_output+0x1540
tcp_timer_delack(c6d56c58,0,c035a3de,176,c03cd354,...) at tcp_timer_delack+0xe5
softclock(c03cd320,c3cbccc8,c00c8fb4,c03d1040,c3ee8cb8,...) at softclock+0x24a
intr_event_execute_handlers(c3eeb7f8,c3ee8c80,c03547f6,4fc,c3ee8cf0,...) at intr_event_execute_handlers+0x125
intr_event_add_handler(c3eea050,c3cbcd38,c0354565,343,c3eeb7f8,...) at intr_event_add_handler+0x41f
fork_exit(c00b2750,c3eea050,c3cbcd38) at fork_exit+0xb8
fork_trampoline() at fork_trampoline+0x8
--- trap 0, eip = 0, esp = 0xc3cbcd70, ebp = 0 ---
>How-To-Repeat:
FreeBSD 8.0 i386 is running as Xen (version 3.0, arch x86_64) guest (DomU).

Install nginx, php5, mysql, and phpmyadmin from ports.

On the other box run siege-2.70 http stress test tool.
>Fix:


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-i386->freebsd-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Mon Aug 2 02:51:09 UTC 2010 
Responsible-Changed-Why:  
This does not sound i386-specific. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=148862 
Responsible-Changed-From-To: freebsd-bugs->freebsd-net 
Responsible-Changed-By: brucec 
Responsible-Changed-When: Mon Aug 2 05:57:21 UTC 2010 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=148862 
Responsible-Changed-From-To: freebsd-net->freebsd-xen 
Responsible-Changed-By: cperciva 
Responsible-Changed-When: Mon Nov 29 05:19:21 UTC 2010 
Responsible-Changed-Why:  
This is a Xen bug, not a network stack bug. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=148862 
State-Changed-From-To: open->closed 
State-Changed-By: cperciva 
State-Changed-When: Mon Nov 29 05:25:57 UTC 2010 
State-Changed-Why:  
This is the same bug as kern/148780.  (The panic message is slightly 
different, but only because the netisr data structure got corrupted 
with different garbage.) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=148862 
>Unformatted:
