Site Navigation

Date:      Sun, 28 Jan 1996 05:41:21 +0200 (EET)
From:      Heikki Suonsivu <hsu@clinet.fi>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   kern/974: ktrace causes panic: freeing busy page
Message-ID:  <199601280341.FAA03784@katiska.clinet.fi>
Resent-Message-ID: <199601280350.TAA22170@freefall.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

>Number:         974
>Category:       kern
>Synopsis:       ktrace causes panic: freeing busy page
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jan 27 19:50:02 PST 1996
>Last-Modified:
>Originator:     Heikki Suonsivu
>Organization:
Clinet, Espoo, Finland
>Release:        FreeBSD 2.2-CURRENT i386
>Environment:

	-current, last sup jan 8.

>Description:

dumps are available in ftp://ftp.clinet.fi/pub/FreeBSD/crashdumps/*.53.gz

Script started on Sun Jan 28 05:16:30 1996
jeppe has logged on ttyp0 from smile.
saku has logged on ttyp1 from newzetor.
hsu has logged on ttyp3 from katiska.
hsu has logged on ttyp4 from katiska.
saku has logged on ttyp5 from newzetor.
steinerk has logged on ttyp6 from osku.
wesku has logged on ttyp7 from clinet.
hsu#katiska.clinet.fi Sun 1: gdb -k 
gdb-log.53  kernel.52   kernel.53   vmcore.52   vmcore.53   
hsu#katiska.clinet.fi Sun 1: gdb -k kernel.53 vmcore.53	
GDB is free software and you are welcome to distribute copies of it
 under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for details.
GDB 4.13 (i386-unknown-freebsd), 
Copyright 1994 Free Software Foundation, Inc...
IdlePTD 257000
current pcb at 212e50
panic: vm_page_free: freeing busy page
#0  boot (howto=256) at ../../i386/i386/machdep.c:931
931					dumppcb.pcb_ptd = rcr3();
(kgdb) list
926			cngetc();
927		} else {
928			if (howto & RB_DUMP) {
929				if (!cold) {
930					savectx(&dumppcb, 0);
931					dumppcb.pcb_ptd = rcr3();
932					dumpsys();
933				}
934	
935				if (PANIC_REBOOT_WAIT_TIME != 0) {
(kgdb) up
#1  0xf0115e43 in panic (fmt=0xf01b4ddb "vm_page_free: freeing busy page")
    at ../../kern/subr_prf.c:126
126		boot(bootopt);
(kgdb) list
121			kdbpanic();
122	#endif
123	#ifdef DDB
124		Debugger ("panic");
125	#endif
126		boot(bootopt);
127	}
128	
129	/*
130	 * Warn that a system table is full.
(kgdb) up
#2  0xf01b4ff2 in vm_page_free (mem=0xf030dee0) at ../../vm/vm_page.c:812
812			panic("vm_page_free: freeing busy page");
(kgdb) list
807		if (mem->bmapped || mem->busy || flags & (PG_BUSY|PG_FREE)) {
808			if (flags & PG_FREE)
809				panic("vm_page_free: freeing free page");
810			printf("vm_page_free: pindex(%ld), bmapped(%d), busy(%d), PG_BUSY(%d)\n",
811			    mem->pindex, mem->bmapped, mem->busy, (flags & PG_BUSY) ? 1 : 0);
812			panic("vm_page_free: freeing busy page");
813		}
814	
815		if ((flags & PG_WANTED) != 0)
816			wakeup(mem);
(kgdb) list
817		if ((flags & PG_FICTITIOUS) == 0) {
818			if (mem->wire_count) {
819				if (mem->wire_count > 1) {
820					printf("vm_page_free: wire count > 1 (%d)", mem->wire_count);
821					panic("vm_page_free: invalid wire count");
822				}
823				cnt.v_wire_count--;
824				mem->wire_count = 0;
825			}
826			mem->flags |= PG_FREE;
(kgdb) up
#3  0xf0129761 in vm_hold_free_pages (bp=0xf2fd0704, from=4086550528, 
    to=4086558720) at ../../kern/vfs_bio.c:1651
1651			vm_page_free(p);
(kgdb) list
1646	
1647		for (pg = from; pg < to; pg += PAGE_SIZE, index++) {
1648			p = bp->b_pages[index];
1649			bp->b_pages[index] = 0;
1650			pmap_kremove(pg);
1651			vm_page_free(p);
1652			--bp->b_npages;
1653		}
1654	}
(kgdb) print p
$1 = (struct vm_page *) 0xf030dee0
(kgdb) print *p
$2 = {pageq = {tqe_next = 0xf02debdc, tqe_prev = 0xf021a42c}, hashq = {
    tqe_next = 0x0, tqe_prev = 0xf027ae50}, listq = {tqe_next = 0xf02d2874, 
    tqe_prev = 0xf031d450}, object = 0xf0212c4c, pindex = 14718, 
  phys_addr = 42569728, wire_count = 1, flags = 1536, hold_count = 0, 
  act_count = 0, bmapped = 0, busy = 1, valid = 0, dirty = 0}
(kgdb) down
#2  0xf01b4ff2 in vm_page_free (mem=0xf030dee0) at ../../vm/vm_page.c:812
812			panic("vm_page_free: freeing busy page");
(kgdb) list
807		if (mem->bmapped || mem->busy || flags & (PG_BUSY|PG_FREE)) {
808			if (flags & PG_FREE)
809				panic("vm_page_free: freeing free page");
810			printf("vm_page_free: pindex(%ld), bmapped(%d), busy(%d), PG_BUSY(%d)\n",
811			    mem->pindex, mem->bmapped, mem->busy, (flags & PG_BUSY) ? 1 : 0);
812			panic("vm_page_free: freeing busy page");
813		}
814	
815		if ((flags & PG_WANTED) != 0)
816			wakeup(mem);
(kgdb) print mem-    *mem
$3 = {pageq = {tqe_next = 0xf02debdc, tqe_prev = 0xf021a42c}, hashq = {
    tqe_next = 0x0, tqe_prev = 0xf027ae50}, listq = {tqe_next = 0xf02d2874, 
    tqe_prev = 0xf031d450}, object = 0xf0212c4c, pindex = 14718, 
  phys_addr = 42569728, wire_count = 1, flags = 1536, hold_count = 0, 
  act_count = 0, bmapped = 0, busy = 1, valid = 0, dirty = 0}
(kgdb) set radix 16
Input and output radices now set to decimal 16, hex 10, octal 20.
(kgdb) print *mem
$4 = {pageq = {tqe_next = 0xf02debdc, tqe_prev = 0xf021a42c}, hashq = {
    tqe_next = 0x0, tqe_prev = 0xf027ae50}, listq = {tqe_next = 0xf02d2874, 
    tqe_prev = 0xf031d450}, object = 0xf0212c4c, pindex = 0x397e, 
  phys_addr = 0x2899000, wire_count = 0x1, flags = 0x600, hold_count = 0x0, 
  act_count = 0x0, bmapped = 0x0, busy = 0x1, valid = 0x0, dirty = 0x0}
(kgdb) quit
hsu#katiska.clinet.fi Sun 2: ^Dexit

Script done on Sun Jan 28 05:21:17 1996

>How-To-Repeat:

	This was already on -current list, but better PR it to make sure
	it's not forgotten.  It is trivial to cause, ktrace anything which
	does lots of disk IO/system calls.

>Fix:
	
	

>Audit-Trail:
>Unformatted:

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601280341.FAA03784>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact