Date: Sat, 21 Dec 2013 16:55:34 +0200 From: Konstantin Belousov <kostikbel@gmail.com> To: Peter Wemm <peter@wemm.org> Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: 10.0 BETA 3 with redports kernel panic Message-ID: <20131221145534.GY59496@kib.kiev.ua> In-Reply-To: <CAGE5yCos5xGu7w24A6QSRDEPbfRNsjmHSvnpUE2Dvr1PUW2T8w@mail.gmail.com> References: <1387473915.2494.0.camel@powernoodle.corp.yahoo.com> <20131219180833.GN59496@kib.kiev.ua> <1387479064.2494.5.camel@powernoodle.corp.yahoo.com> <CAGE5yCqhmRSM6oyw=FRZq59LniLsYaN%2BEog=GEPn3-ruuQk9EQ@mail.gmail.com> <CAGE5yCp9msPAy4HZ4TGRXws%2BxjLQ8iChbPQGj539qHJKhq2UJQ@mail.gmail.com> <1387492541.27693.5.camel@powernoodle.corp.yahoo.com> <20131220094835.GR59496@kib.kiev.ua> <1387554355.1491.4.camel@powernoodle.corp.yahoo.com> <20131220162254.GT59496@kib.kiev.ua> <CAGE5yCos5xGu7w24A6QSRDEPbfRNsjmHSvnpUE2Dvr1PUW2T8w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--t5GvENM0tXJC2Y4Y
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Dec 20, 2013 at 11:29:40AM -0800, Peter Wemm wrote:
> On Fri, Dec 20, 2013 at 8:22 AM, Konstantin Belousov
> <kostikbel@gmail.com> wrote:
> > On Fri, Dec 20, 2013 at 07:45:55AM -0800, Sean Bruno wrote:
> >> With this change to pmap.c we blow up in keg_alloc_slab() now:
> >>
> >> FreeBSD clang version 3.3 (tags/RELEASE_33/final 183502) 20130610
> >> kernel trap 12 with interrupts disabled
> >>
> >>
> >> Fatal trap 12: page fault while in kernel mode
> >> cpuid =3D 0; apic id =3D 00
> >> fault virtual address =3D 0x8
> >> fault code =3D supervisor write data, page not present
> >> instruction pointer =3D 0x20:0xffffffff80b2602a
> >> stack pointer =3D 0x28:0xffffffff81a90a50
> >> frame pointer =3D 0x28:0xffffffff81a90ac0
> >> code segment =3D base 0x0, limit 0xfffff, type 0x1b
> >> =3D DPL 0, pres 1, long 1, def32 0, gran 1
> >> processor eflags =3D resume, IOPL =3D 0
> >> current process =3D 0 ()
> >> [ thread pid 0 tid 0 ]
> >> Stopped at keg_alloc_slab+0x13a: movq %r13,0x8(%rax)
> >> db> whe
> >> Tracing pid 0 tid 0 td 0xffffffff81527500
> >> keg_alloc_slab() at keg_alloc_slab+0x13a/frame 0xffffffff81a90ac0
> >> keg_fetch_slab() at keg_fetch_slab+0x152/frame 0xffffffff81a90b10
> >> zone_fetch_slab() at zone_fetch_slab+0x7e/frame 0xffffffff81a90b50
> >> zone_import() at zone_import+0x3c/frame 0xffffffff81a90b90
> >> uma_zalloc_arg() at uma_zalloc_arg+0x33e/frame 0xffffffff81a90c10
> >> malloc() at malloc+0x6a/frame 0xffffffff81a90c60
> >> init_dynamic_kenv() at init_dynamic_kenv+0x8d/frame 0xffffffff81a90c90
> >> mi_startup() at mi_startup+0x118/frame 0xffffffff81a90cb0
> >> btext() at btext+0x2c
> >> db> bt
> >> Tracing pid 0 tid 0 td 0xffffffff81527500
> >> keg_alloc_slab() at keg_alloc_slab+0x13a/frame 0xffffffff81a90ac0
> >> keg_fetch_slab() at keg_fetch_slab+0x152/frame 0xffffffff81a90b10
> >> zone_fetch_slab() at zone_fetch_slab+0x7e/frame 0xffffffff81a90b50
> >> zone_import() at zone_import+0x3c/frame 0xffffffff81a90b90
> >> uma_zalloc_arg() at uma_zalloc_arg+0x33e/frame 0xffffffff81a90c10
> >> malloc() at malloc+0x6a/frame 0xffffffff81a90c60
> >> init_dynamic_kenv() at init_dynamic_kenv+0x8d/frame 0xffffffff81a90c90
> >> mi_startup() at mi_startup+0x118/frame 0xffffffff81a90cb0
> >> btext() at btext+0x2c
> >>
> >
> > This could be related, indeed.
> >
> > Lets limit the impact to the /dev/{,k}mem only. Please try this.
> >
> > diff --git a/sys/amd64/amd64/mem.c b/sys/amd64/amd64/mem.c
> > index abbbb21..2a9b7c1 100644
> > --- a/sys/amd64/amd64/mem.c
> > +++ b/sys/amd64/amd64/mem.c
> > @@ -98,7 +98,11 @@ memrw(struct cdev *dev, struct uio *uio, int flags)
> > kmemphys:
> > o =3D v & PAGE_MASK;
> > c =3D min(uio->uio_resid, (u_int)(PAGE_SIZE - o=
));
> > - error =3D uiomove((void *)PHYS_TO_DMAP(v), (int=
)c, uio);
> > + v =3D PHYS_TO_DMAP(v);
> > + if (v < DMAP_MIN_ADDRESS || v >=3D dmaplimit ||
> > + pmap_kextract(v) =3D=3D 0)
> > + return (EFAULT);
> > + error =3D uiomove((void *)v, (int)c, uio);
> > continue;
> > }
> > else if (dev2unit(dev) =3D=3D CDEV_MINOR_KMEM) {
> > diff --git a/sys/amd64/amd64/pmap.c b/sys/amd64/amd64/pmap.c
> > index 014020b..13404b0 100644
> > --- a/sys/amd64/amd64/pmap.c
> > +++ b/sys/amd64/amd64/pmap.c
> > @@ -321,7 +321,7 @@ SYSCTL_INT(_machdep, OID_AUTO, nkpt, CTLFLAG_RD, &n=
kpt, 0,
> > "Number of kernel page table pages allocated on bootup");
> >
> > static int ndmpdp;
> > -static vm_paddr_t dmaplimit;
> > +vm_paddr_t dmaplimit;
> > vm_offset_t kernel_vm_end =3D VM_MIN_KERNEL_ADDRESS;
> > pt_entry_t pg_nx;
> >
> > diff --git a/sys/amd64/include/pmap.h b/sys/amd64/include/pmap.h
> > index 3918282..e83e07e 100644
> > --- a/sys/amd64/include/pmap.h
> > +++ b/sys/amd64/include/pmap.h
> > @@ -369,6 +369,7 @@ extern vm_paddr_t phys_avail[];
> > extern vm_paddr_t dump_avail[];
> > extern vm_offset_t virtual_avail;
> > extern vm_offset_t virtual_end;
> > +extern vm_paddr_t dmaplimit;
> >
> > #define pmap_page_get_memattr(m) ((vm_memattr_t)(m)->md.=
pat_mode)
> > #define pmap_page_is_write_mapped(m) (((m)->aflags & PGA_WRI=
TEABLE) !=3D 0)
>=20
> The reason why the dmaplimit change originally exploded was becase
> dmaplimit is set to zero for the duration of while we're running on
> the page tables given to us by the loader. I believe initializing
> dmaplimit to DMAP_MAX_ADDRESS rather than zero would have solved the
> original explosions.
The dmaplimit is initialized in hammer_time->pmap_bootstrap->getmemsize->
create_pagetable(). The backtrace above should be much later in the
boot sequence, note that mi_startup() was already running.
I believe that my previous change just broke vsetslab()/vtoslab().
--t5GvENM0tXJC2Y4Y
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)
iQIcBAEBAgAGBQJStavlAAoJEJDCuSvBvK1Bj/gP/1nMfabZLntr1skIWWF3ocS3
fj/yX0oKF2FP/fOL/qVCG8q3y2cUPWMaQPs2UzFq0E9+f+3gffdXnYJ0vMH7iZ3W
cGiMlZTGeuFYY1KCLpYhcm+C0Qe7vnYiFC72359g1u/obSwfaUrjIBH7S9hbl5pn
NG27mMNhanOLQEpQBgDWUelOxegKYNTutsmkhNJoc7E8aU83h8rhI/14XSRWd1mI
E0Uv+7Bu7xOuwT8CN07UCIXxuQbXSHRnkTNlAveaOWtMjC3ycYeTxjefgw+zlai1
h5KwL3fmg3iZl2wL5ikcTKlZcE6c3jPuIoDlWebtXTgZk6ilvtV7IdZssLsQdug3
IuK3UOm3gwyHDm5X0LAi9778HzC6yWP921DshvSqGI6+fkeBUlKOIjEIIyVs5kdi
sYXioBl8zgn29rCBfPMPhzXyiJ/1usBY4HJy0AAkoDsASoEbHBZm2tzmzuhe4aUa
0EYrydhsRmRMckOJjpC9GRHsgCa3d0SGMb5t4YKD91YbSeqSJ9CfREdEZUAw0OFM
RKXcUYqtL92nqEV+P2G+XplWgjDVpnnQXwu0oQw9CcMFOYGztuxzLSMPBF6nbYCE
FGTEXeE13E1q8ECoZZ94v2ODl1pJY7FrmVBfAVsQV6Tg7h3sm9nV2qpk3xRlLaR6
s+ogkhkFdUkf5CLWjayy
=rNho
-----END PGP SIGNATURE-----
--t5GvENM0tXJC2Y4Y--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131221145534.GY59496>