Date: Wed, 30 Jul 2014 23:35:44 -0500 From: Alan Cox <alc@rice.edu> To: Andreas Tobler <andreast@FreeBSD.org>, Alan Cox <alc@FreeBSD.org>, src-committers@FreeBSD.org, svn-src-all@FreeBSD.org, svn-src-head@FreeBSD.org Subject: Re: svn commit: r269134 - head/sys/vm Message-ID: <53D9C7A0.4010100@rice.edu> In-Reply-To: <53D9630A.5050500@FreeBSD.org> References: <201407261810.s6QIAIIj049439@svn.freebsd.org> <53D9406A.3060101@FreeBSD.org> <53D94BAF.8050102@rice.edu> <53D94D73.3050808@rice.edu> <53D95265.9010406@FreeBSD.org> <53D960E9.50905@rice.edu> <53D9630A.5050500@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------010001050408000309070408 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 07/30/2014 16:26, Andreas Tobler wrote: > On 30.07.14 23:17, Alan Cox wrote: >> On 07/30/2014 15:15, Andreas Tobler wrote: >>> On 30.07.14 21:54, Alan Cox wrote: >>>> On 07/30/2014 14:46, Alan Cox wrote: >>>>> On 07/30/2014 13:58, Andreas Tobler wrote: >>>>>> Hi Alan, >>>>>> >>>>>> On 26.07.14 20:10, Alan Cox wrote: >>>>>>> Author: alc >>>>>>> Date: Sat Jul 26 18:10:18 2014 >>>>>>> New Revision: 269134 >>>>>>> URL: http://svnweb.freebsd.org/changeset/base/269134 >>>>>>> >>>>>>> Log: >>>>>>> When unwiring a region of an address space, do not assume that >>>>>>> the >>>>>>> underlying physical pages are mapped by the pmap. If, for >>>>>>> example, the >>>>>>> application has performed an mprotect(..., PROT_NONE) on >>>>>>> any part >>>>>>> of the >>>>>>> wired region, then those pages will no longer be mapped by the >>>>>>> pmap. >>>>>>> So, using the pmap to lookup the wired pages in order to >>>>>>> unwire them >>>>>>> doesn't always work, and when it doesn't work wired pages are >>>>>>> leaked. >>>>>>> >>>>>>> To avoid the leak, introduce and use a new function >>>>>>> vm_object_unwire() >>>>>>> that locates the wired pages by traversing the object and its >>>>>>> backing >>>>>>> objects. >>>>>>> >>>>>>> At the same time, switch from using pmap_change_wiring() to >>>>>>> the >>>>>>> recently >>>>>>> introduced function pmap_unwire() for unwiring the region's >>>>>>> mappings. >>>>>>> pmap_unwire() is faster, because it operates a range of >>>>>>> virtual >>>>>>> addresses >>>>>>> rather than a single virtual page at a time. Moreover, by >>>>>>> operating on >>>>>>> a range, it is superpage friendly. It doesn't waste time >>>>>>> performing >>>>>>> unnecessary demotions. >>>>>>> >>>>>>> Reported by: markj >>>>>>> Reviewed by: kib >>>>>>> Tested by: pho, jmg (arm) >>>>>>> Sponsored by: EMC / Isilon Storage Division >>>>>> This commit brings my 32- and 64-bit PowerMac's into panic. >>>>>> Unfortunately I'm not able to give you a backtrace in the form of a >>>>>> textdump nor of a core dump. >>>>>> >>>>>> The only thing I have is this picture: >>>>>> >>>>>> http://people.freebsd.org/~andreast/r269134_panic.jpg >>>>>> >>>>>> Exactly this revision gives a panic and breaks the textdump/coredump >>>>>> facility. >>>>>> >>>>>> How can I help debugging? >>>>>> >>>>> It appears to me that moea64_pvo_enter() had a pre-existing bug that >>>>> got >>>>> tickled by this change. Specifically, moea64_pvo_enter() doesn't set >>>>> the PVO_WIRED flag when an unwired mapping already exists. It just >>>>> returns with the mapping still in an unwired state. Consequently, >>>>> when >>>>> pmap_unwire() finally runs, it doesn't find a wired mapping. >>>>> >>>>> Try this: >>>>> >>>>> Index: powerpc/aim/mmu_oea64.c >>>>> =================================================================== >>>>> --- powerpc/aim/mmu_oea64.c (revision 269127) >>>>> +++ powerpc/aim/mmu_oea64.c (working copy) >>>>> @@ -2274,7 +2274,8 @@ moea64_pvo_enter(mmu_t mmu, pmap_t pm, >>>>> uma_zone_t >>>>> if (pvo->pvo_pmap == pm && PVO_VADDR(pvo) == va) { >>>>> if ((pvo->pvo_pte.lpte.pte_lo & LPTE_RPGN) >>>>> == pa && >>>>> (pvo->pvo_pte.lpte.pte_lo & >>>>> (LPTE_NOEXEC | >>>>> LPTE_PP)) >>>>> - == (pte_lo & (LPTE_NOEXEC | LPTE_PP))) { >>>>> + == (pte_lo & (LPTE_NOEXEC | LPTE_PP)) && >>>>> + ((pvo->pvo_vaddr ^ flags) & PVO_WIRED)) { >>>>> if (!(pvo->pvo_pte.lpte.pte_hi & >>>>> LPTE_VALID)) { >>>>> /* Re-insert if spilled */ >>>>> i = MOEA64_PTE_INSERT(mmu, >>>>> ptegidx, >>>>> >>>> >>>> The new conditional test needs to be inverted. Try this instead: >>>> >>>> Index: powerpc/aim/mmu_oea64.c >>>> =================================================================== >>>> --- powerpc/aim/mmu_oea64.c (revision 269127) >>>> +++ powerpc/aim/mmu_oea64.c (working copy) >>>> @@ -2274,7 +2274,8 @@ moea64_pvo_enter(mmu_t mmu, pmap_t pm, >>>> uma_zone_t >>>> if (pvo->pvo_pmap == pm && PVO_VADDR(pvo) == va) { >>>> if ((pvo->pvo_pte.lpte.pte_lo & LPTE_RPGN) >>>> == pa && >>>> (pvo->pvo_pte.lpte.pte_lo & >>>> (LPTE_NOEXEC | >>>> LPTE_PP)) >>>> - == (pte_lo & (LPTE_NOEXEC | LPTE_PP))) { >>>> + == (pte_lo & (LPTE_NOEXEC | LPTE_PP)) && >>>> + ((pvo->pvo_vaddr ^ flags) & PVO_WIRED) == >>>> 0) { >>>> if (!(pvo->pvo_pte.lpte.pte_hi & >>>> LPTE_VALID)) { >>>> /* Re-insert if spilled */ >>>> i = MOEA64_PTE_INSERT(mmu, >>>> ptegidx, >>>> >>> >>> >>> The panic stays, but the message is different: >>> >>> panic: moea64_pvo_to_pte: pvo 0x10147ea0 has invalid pte 0xb341180 in >>> moea64_pteg_table but valid in pvo. >>> >> >> My attempted fix is doing something else wrong. Do you have a stack >> trace? > > iPhone sei Dank: > > http://people.freebsd.org/~andreast/r269134-1_panic.jpg Ok, this patch should fix both the original panic and the new one. They are two distinct problems. --------------010001050408000309070408 Content-Type: text/plain; charset=ISO-8859-15; name="mmu_oea64_fixes.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="mmu_oea64_fixes.patch" SW5kZXg6IHBvd2VycGMvYWltL21tdV9vZWE2NC5jCj09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIHBvd2Vy cGMvYWltL21tdV9vZWE2NC5jCShyZXZpc2lvbiAyNjkxMjcpCisrKyBwb3dlcnBjL2FpbS9t bXVfb2VhNjQuYwkod29ya2luZyBjb3B5KQpAQCAtMTA5MCw2ICsxMDkwLDcgQEAgbW9lYTY0 X3Vud2lyZShtbXVfdCBtbXUsIHBtYXBfdCBwbSwgdm1fb2Zmc2V0X3Qgc3YKIAlmb3IgKHB2 byA9IFJCX05GSU5EKHB2b190cmVlLCAmcG0tPnBtYXBfcHZvLCAma2V5KTsKIAkgICAgcHZv ICE9IE5VTEwgJiYgUFZPX1ZBRERSKHB2bykgPCBldmE7CiAJICAgIHB2byA9IFJCX05FWFQo cHZvX3RyZWUsICZwbS0+cG1hcF9wdm8sIHB2bykpIHsKKwkJcHQgPSBNT0VBNjRfUFZPX1RP X1BURShtbXUsIHB2byk7CiAJCWlmICgocHZvLT5wdm9fdmFkZHIgJiBQVk9fV0lSRUQpID09 IDApCiAJCQlwYW5pYygibW9lYTY0X3Vud2lyZTogcHZvICVwIGlzIG1pc3NpbmcgUFZPX1dJ UkVEIiwKIAkJCSAgICBwdm8pOwpAQCAtMTA5OCw3ICsxMDk5LDcgQEAgbW9lYTY0X3Vud2ly ZShtbXVfdCBtbXUsIHBtYXBfdCBwbSwgdm1fb2Zmc2V0X3Qgc3YKIAkJCXBhbmljKCJtb2Vh NjRfdW53aXJlOiBwdGUgJXAgaXMgbWlzc2luZyBMUFRFX1dJUkVEIiwKIAkJCSAgICAmcHZv LT5wdm9fcHRlLmxwdGUpOwogCQlwdm8tPnB2b19wdGUubHB0ZS5wdGVfaGkgJj0gfkxQVEVf V0lSRUQ7Ci0JCWlmICgocHQgPSBNT0VBNjRfUFZPX1RPX1BURShtbXUsIHB2bykpICE9IC0x KSB7CisJCWlmIChwdCAhPSAtMSkgewogCQkJLyoKIAkJCSAqIFRoZSBQVEUncyB3aXJlZCBh dHRyaWJ1dGUgaXMgbm90IGEgaGFyZHdhcmUKIAkJCSAqIGZlYXR1cmUsIHNvIHRoZXJlIGlz IG5vIG5lZWQgdG8gaW52YWxpZGF0ZSBhbnkgVExCCkBAIC0yMjc0LDcgKzIyNzUsOCBAQCBt b2VhNjRfcHZvX2VudGVyKG1tdV90IG1tdSwgcG1hcF90IHBtLCB1bWFfem9uZV90CiAJCWlm IChwdm8tPnB2b19wbWFwID09IHBtICYmIFBWT19WQUREUihwdm8pID09IHZhKSB7CiAJCQlp ZiAoKHB2by0+cHZvX3B0ZS5scHRlLnB0ZV9sbyAmIExQVEVfUlBHTikgPT0gcGEgJiYKIAkJ CSAgICAocHZvLT5wdm9fcHRlLmxwdGUucHRlX2xvICYgKExQVEVfTk9FWEVDIHwgTFBURV9Q UCkpCi0JCQkgICAgPT0gKHB0ZV9sbyAmIChMUFRFX05PRVhFQyB8IExQVEVfUFApKSkgewor CQkJICAgID09IChwdGVfbG8gJiAoTFBURV9OT0VYRUMgfCBMUFRFX1BQKSkgJiYKKwkJCSAg ICAoKHB2by0+cHZvX3ZhZGRyIF4gZmxhZ3MpICYgUFZPX1dJUkVEKSA9PSAwKSB7CiAJCQkg ICAgCWlmICghKHB2by0+cHZvX3B0ZS5scHRlLnB0ZV9oaSAmIExQVEVfVkFMSUQpKSB7CiAJ CQkJCS8qIFJlLWluc2VydCBpZiBzcGlsbGVkICovCiAJCQkJCWkgPSBNT0VBNjRfUFRFX0lO U0VSVChtbXUsIHB0ZWdpZHgsCg== --------------010001050408000309070408--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53D9C7A0.4010100>