Date: Wed, 06 Mar 2002 23:09:01 -0500 From: Mike Tancsa <mike@sentex.net> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: patch (was Re: reproducable panic with python) Message-ID: <5.1.0.14.0.20020306230807.05170868@192.168.0.12> In-Reply-To: <200203070351.g273pdb63445@apollo.backplane.com> References: <867koq7gp7.fsf@basilisk.locus> <20020306220959.GA47881@walton.maths.tcd.ie> <5.1.0.14.0.20020306205947.0513fcc8@192.168.0.12> <5.1.0.14.0.20020306222755.04151720@192.168.0.12>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks very much Matt! That did the trick!
---Mike
At 07:51 PM 3/6/2002 -0800, Matthew Dillon wrote:
> This should fix it. Included below is the test program to reproduce
> the panic and the patch that will fix it.
>
> The mmap() that triggers it is a MAP_ANON|MAP_NOSYNC mmap.
>
> I am starting a commit cycle now.
>
> -Matt
>
>#include <sys/types.h>
>#include <sys/mman.h>
>#include <stdio.h>
>#include <fcntl.h>
>#include <unistd.h>
>#include <assert.h>
>
>#define SIZE (512*1024*1024)
>#define SYNC (1*1024*1024)
>
>int
>main(int ac, char **av)
>{
> void *ptr;
>
> ptr = mmap(NULL, 4096, PROT_READ, MAP_ANON, -1, 0);
> assert(ptr != MAP_FAILED);
> ptr = mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_ANON|MAP_NOSYNC, -1, 0);
> assert(ptr != MAP_FAILED);
> msync(ptr, 4096, 0);
>}
>
>
>Index: vm/vm_map.c
>===================================================================
>RCS file: /home/ncvs/src/sys/vm/vm_map.c,v
>retrieving revision 1.187.2.12
>diff -u -r1.187.2.12 vm_map.c
>--- vm/vm_map.c 10 Nov 2001 22:27:09 -0000 1.187.2.12
>+++ vm/vm_map.c 7 Mar 2002 03:45:42 -0000
>@@ -1741,8 +1741,11 @@
> * to write out.
> * We invalidate (remove) all pages from the address space
> * anyway, for semantic correctness.
>+ *
>+ * note: certain anonymous maps, such as MAP_NOSYNC maps,
>+ * may start out with a NULL object.
> */
>- while (object->backing_object) {
>+ while (object && object->backing_object) {
> object = object->backing_object;
> offset += object->backing_object_offset;
> if (object->size < OFF_TO_IDX( offset + size))
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020306230807.05170868>