Date: Fri, 01 Apr 2016 14:43:05 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-threads@FreeBSD.org Subject: [Bug 204426] Processes terminating cannot access memory Message-ID: <bug-204426-16-s0tt5EVdKN@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-204426-16@https.bugs.freebsd.org/bugzilla/> References: <bug-204426-16@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D204426 --- Comment #80 from Konstantin Belousov <kib@FreeBSD.org> --- (In reply to Robert Blayzor from comment #79) The page fault was not handled since some object in the shadow chain which backs the faulted region, has the OBJ_DEAD flag set. I do not see why would this state valid for the object in question. There is another PR 204764, w= here the same flag is set for a vnode object and the manifestation of the proble= m is different. Instead of vm_fault, the object was found by vnode_create_vobjec= t(), which sleeps forever waiting for the object termination to finish. Since t= he flag was not set by the termination conditions, termination does not happen= and lookup is stuck forever. Right now, I have no idea why does this happen. Either we have a bug in VM= by spuriously setting the flag (but code reading does not support this possibility), or some random memory access happens and corrupts the vm obje= ct memory. I do not know. I attached some additions to the debugging patch, which both asserts that t= he object is write-locked when object->flags are modified, and also it slightly changes the layout of struct vm_object. So if the issue is VM bug, most li= kely unlocked modifications, it could be catched. Or, if the problem is the mem= ory corruption, it should migrate to other place. Still, it is only speculation. Please make sure that you have INVARIANTS a= nd WITNESS in your kernel config enabled. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-204426-16-s0tt5EVdKN>