I'm still trying to track this down, the last commit didn't fix it.
I think what is going on is that a double-trap is occuring during
a uiomove. uiomove has a on-fault mechanic to catch illegal VM
faults.
However, if a normal VM fault (such as a pagein from swap or a
zero-fill) occurs during a uiomove and the vm_fault() code then
faults again on e.g. an illegal address, the pcb_onfault vector
winds up getting re-executed and blowing up the kernel stack.
Currently we are testing with a fix to this recursive on-fault
issue and hope to get better backtraces for the i386 PG_BUSY crash
to figure out what is actually happening. I really want to get the
i386 issues fixed for the release.
-Matt
Matthew Dillon
<[email protected]>
