FreeBSD Mail Archives

Date:      Sat, 29 Sep 2012 18:14:38 +0400
From:      Aleksey Fedorov <aleksey.v.fedorov@gmail.com>
To:        powerpc@freebsd.org
Subject:   panic: Bad list head in keg_ctor()
Message-ID:  <CABCAhMHGTXnZsvdQWB-TxhgY3ia0LFvE=reTe0BXd=C8TcXdeQ@mail.gmail.com>

next in thread | raw e-mail | index | archive | help

Hi!

Sometimes while adding or removing some debugging in kernel
I get the kernel which is panic at the same location in keg_ctor()
LIST_INSERT_HEAD(&uma_kegs, keg, uk_link).

For example I have kernel which is boot ok, I comment out some
printf(...), rebuild the kernel and get the kernel which is panic.
For example:

FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.0-CURRENT #211 r239991=44c70c6-dirty: Sat Sep 29 17:33:53 MSK 2012
    avf@avfh:/usr/obj/powerpc.powerpc/root/freebsd-head/sys/N710 powerpc
WARNING: WITNESS option enabled, expect reduced performance.
Creating uma keg headers zone and keg.
Calculated uma_max_ipers (for OFFPAGE) is 64
Calculated uma_max_ipers_slab (for OFFPAGE) is 64
UMA: UMA Kegs(0xc0688fe8) size 128(128) flags 536870912 ipers 30 ppera
1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc0688edc
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
Filling boot free list.
Creating uma zone headers zone and keg.
slab_zalloc:  Allocating a new slab for UMA Kegs
UMA: UMA Zones(0xc0688f60) size 328(352) flags 536870912 ipers 11
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048000
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
Initializing pcpu cache locks.
Creating slab and hash zones.
slab_zalloc:  Allocating a new slab for UMA Zones
UMA: UMA Slabs(0xc2047000) size 284(284) flags 536870912 ipers 14
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048080
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: UMA RCntSlabs(0xc2047160) size 544(544) flags 536870912 ipers 7
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048100
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: UMA Hash(0xc20472c0) size 128(128) flags 536870912 ipers 30 ppera
1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048180
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: 16 Bucket(0xc2047420) size 76(76) flags 570425344 ipers 50 ppera
1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048200
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: 32 Bucket(0xc2047580) size 140(140) flags 570425344 ipers 28
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048280
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: 64 Bucket(0xc20476e0) size 268(268) flags 570425344 ipers 14
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048300
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: 128 Bucket(0xc2047840) size 524(524) flags 570425344 ipers 7
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048380
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA startup complete.
UMA: VM OBJECT(0xc20479a0) size 160(160) flags -2147483488 ipers 24
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048400
panic: Bad list head 0xc0688eac first->prev != head
cpuid = 0
KDB: enter: panic
[ thread pid 0 tid 0 ]
Stopped at      kdb_enter+0x60: addi    r0, r0, 0x0
db> bt
Tracing pid 0 tid 0 td 0xc05145f0
0xc2008a50: at panic+0x248
0xc2008ab0: at keg_ctor+0x3c0
0xc2008ad0: at zone_alloc_item+0x18c
0xc2008b00: at zone_ctor+0x1d8
0xc2008b50: at zone_alloc_item+0x18c
0xc2008b80: at uma_zcreate+0x4c
0xc2008bd0: at vm_object_init+0xf0
0xc2008c00: at vm_mem_init+0x2c
0xc2008c20: at mi_startup+0x13c
0xc2008c50: at done_mapping+0x28
db>


The normal boot (this kernel is differ from the above by "#define
DEBUG" in dev/fdt/simplebus.c):

FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.0-CURRENT #210 r239991=44c70c6-dirty: Sat Sep 29 17:31:00 MSK 2012
    avf@avfh:/usr/obj/powerpc.powerpc/root/freebsd-head/sys/N710 powerpc
WARNING: WITNESS option enabled, expect reduced performance.
Creating uma keg headers zone and keg.
Calculated uma_max_ipers (for OFFPAGE) is 64
Calculated uma_max_ipers_slab (for OFFPAGE) is 64
UMA: UMA Kegs(0xc0688fe8) size 128(128) flags 536870912 ipers 30 ppera
1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc0688edc
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
Filling boot free list.
Creating uma zone headers zone and keg.
slab_zalloc:  Allocating a new slab for UMA Kegs
UMA: UMA Zones(0xc0688f60) size 328(352) flags 536870912 ipers 11
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048000
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
Initializing pcpu cache locks.
Creating slab and hash zones.
slab_zalloc:  Allocating a new slab for UMA Zones
UMA: UMA Slabs(0xc2047000) size 284(284) flags 536870912 ipers 14
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048080
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: UMA RCntSlabs(0xc2047160) size 544(544) flags 536870912 ipers 7
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048100
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: UMA Hash(0xc20472c0) size 128(128) flags 536870912 ipers 30 ppera
1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048180
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: 16 Bucket(0xc2047420) size 76(76) flags 570425344 ipers 50 ppera
1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048200
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: 32 Bucket(0xc2047580) size 140(140) flags 570425344 ipers 28
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048280
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: 64 Bucket(0xc20476e0) size 268(268) flags 570425344 ipers 14
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048300
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: 128 Bucket(0xc2047840) size 524(524) flags 570425344 ipers 7
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048380
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA startup complete.
UMA: VM OBJECT(0xc20479a0) size 160(160) flags -2147483488 ipers 24
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048400
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
UMA: MAP(0xc2047b00) size 152(152) flags 32 ipers 26 ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048480
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
slab_zalloc:  Allocating a new slab for MAP
UMA: KMAP ENTRY(0xc2047c60) size 80(80) flags -2147483456 ipers 48
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048500
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
slab_zalloc:  Allocating a new slab for KMAP ENTRY
slab_zalloc:  Allocating a new slab for KMAP ENTRY
slab_zalloc:  Allocating a new slab for KMAP ENTRY
UMA: MAP ENTRY(0xc2047dc0) size 80(80) flags 0 ipers 48 ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048580
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
uma_zalloc_arg: Bucketzone returned NULL
uma_zalloc_arg: Bucketzone returned NULL
uma_zalloc_arg: Bucketzone returned NULL
slab_zalloc:  Allocating a new slab for UMA Zones
UMA: PV ENTRY(0xc2042000) size 16(16) flags -2147483488 ipers 203
ppera 1 out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048600
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
uma_zalloc_arg: Bucketzone returned NULL
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
slab_zalloc:  Allocating a new slab for PV ENTRY
UMA: fakepg(0xc2042160) size 80(80) flags -2147483488 ipers 48 ppera 1
out 0 free 0
keg_ctor: LIST_INSERT_HEAD uma_kegs=0xc0688eac, keg=0xc2048680
keg_ctor: LIST_INSERT_HEAD uma_kegs ok
uma_zalloc_arg: Bucketzone returned NULL
uma_zalloc_arg: Bucketzone returned NULL
UMA startup2 complete.
<skip>

It seems like LIST structure corrupted somehow and this is possibly depend on
alignment of kernel structures because the changing th code size
change the behavior.
Any ideas how to find the root of this issue?

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CABCAhMHGTXnZsvdQWB-TxhgY3ia0LFvE=reTe0BXd=C8TcXdeQ>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation