From owner-freebsd-current@FreeBSD.ORG  Tue Mar  8 19:48:32 2005
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 758)
	id 3AFBB16A4CF; Tue,  8 Mar 2005 19:48:32 +0000 (GMT)
Date: Tue, 8 Mar 2005 19:48:32 +0000
From: Kris Kennaway <kris@FreeBSD.org>
To: dg@FreeBSD.org, current@FreeBSD.org, alc@FreeBSD.org
Message-ID: <20050308194832.GD30165@hub.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
Subject: SIGABRT under load (tracked to vm_map_find() returning
	KERN_NO_SPACE)
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Mar 2005 19:48:32 -0000

I finally found a good way to reproduce the SIGABRT errors I've been
seeing off and on for a long time (buildworld -j18 on a 12-processor
sparc64 running RELENG_5).

The error is originating here in kern/imgact_elf.c in the __CONCAT()
function:

                        if ((error = __elfN(load_section)(imgp->proc, vmspace,
                            imgp->vp, imgp->object, phdr[i].p_offset,
                            (caddr_t)(uintptr_t)phdr[i].p_vaddr,
                            phdr[i].p_memsz, phdr[i].p_filesz, prot,
                            sv->sv_pagesize)) != 0) {
                                printf("__elfN(load_section) %d\n",error);
                                goto fail;
                        }

On the console:

__elfN(load_section) 22
*(execsw[i]->ex_imgact)(imgp) error 22
Fell through to exec_fail
Process cc received SIGABRT
__elfN(load_section) 22
*(execsw[i]->ex_imgact)(imgp) error 22
Fell through to exec_fail
Process make received SIGABRT

i.e. __elfN(load_section) is returning EINVAL.

I instrumented the three places this is possible in
__elfN(load_section) and found the failure occurs here:

                rv = vm_map_find(exec_map,
                                 object,
                                 trunc_page(offset + filsz),
                                 &data_buf,
                                 PAGE_SIZE,
                                 TRUE,
                                 VM_PROT_READ,
                                 VM_PROT_ALL,
                                 MAP_COPY_ON_WRITE | MAP_PREFAULT_PARTIAL);
                if (rv != KERN_SUCCESS) {
                        vm_object_deallocate(object);
                        printf("rv != KERN_SUCCESS 3\n");
                        return (EINVAL);
                }

Pushing up into vm_map_find() shows that it's returning KERN_NO_SPACE:

        if (find_space) {
                if (vm_map_findspace(map, start, length, addr)) {
                        vm_map_unlock(map);
                        printf("KERN_NO_SPACE\n");
                        return (KERN_NO_SPACE);
                }
                start = *addr;
        }
 
Kris

--
In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <forsythe@alum.mit.edu>