From owner-freebsd-current@FreeBSD.ORG Thu Jan 20 23:05:39 2005 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FC0616A4CE for ; Thu, 20 Jan 2005 23:05:39 +0000 (GMT) Received: from obsecurity.dyndns.org (CPE0050040655c8-CM00111ae02aac.cpe.net.cable.rogers.com [69.199.47.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id DEF7443D1D for ; Thu, 20 Jan 2005 23:05:36 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id C01EE511C1; Thu, 20 Jan 2005 15:05:26 -0800 (PST) Date: Thu, 20 Jan 2005 15:05:26 -0800 From: Kris Kennaway To: "Mark W. Krentel" Message-ID: <20050120230526.GA76209@xor.obsecurity.org> References: <20050119050220.GU3194@noel.cs.rice.edu> <200501202247.j0KMlvJH032907@blue.mwk.domain> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="6c2NcOVqGQ03X4Wi" Content-Disposition: inline In-Reply-To: <200501202247.j0KMlvJH032907@blue.mwk.domain> User-Agent: Mutt/1.4.2.1i cc: freebsd-current@freebsd.org cc: Alan Cox cc: Kris Kennaway Subject: Re: fstat triggered INVARIANTS panic in memrw() X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jan 2005 23:05:39 -0000 --6c2NcOVqGQ03X4Wi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 20, 2005 at 05:47:57PM -0500, Mark W. Krentel wrote: > First, let me check that your panic requires three things to trigger: > (1) heavy load, in your case ports building, (2) INVARIANTS compiled > into the kernel, and (3) many calls to fstat(1). Is that right? I didn't try without INVARIANTS, but it doesn't require heavy load. In fact I can panic the UP boxes just by running fstat in a loop (typically panics within a few seconds). SMP often panics on the first try. > Also, you're running 6.0-current on an x86 SMP machine?=20 I think it also happens on 5.x, but I'm not sure. I first noticed the problem some time in early December, but it might be older (I previously did not run fstat on these machines). > Can you bound > the problem between two dates, that is, you compiled kernel/world on > date X and it was ok, and updated on date Y and it panicked? Are you > changing the default kernel address space (3 Gig user and 1 Gig > kernel) via KVA_PAGES? Not on all affected machines (i.e. it happens on machines with the default KVA_PAGES). > arguments to kernacc() and vm_map_check_protection(). I didn't get a > panic, but I can confirm that kernacc() is being called with arguments > that constitute address wrap. My tests were on a single-CPU P3-933. > I ran buildworld along with a loop of fstat(1)s, and the address wrap > happened within seconds. It required both (1) and (3) above, > INVARIANTS may be a red herring, I'm not sure. >=20 > How long did it take for your machine to panic? Mine didn't panic, > but maybe I didn't run the test long enough, or maybe I don't have > enough open files. >=20 > Anyway, try this patch, see if it avoids the panic for you. >=20 > --Mark Thanks, it sounds promising! Kris --6c2NcOVqGQ03X4Wi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFB8Dk2Wry0BWjoQKURAspDAKD7bQ26qJAeXt312kpQ1uD8sFytKQCfVeYa W+sTEjcdvXni4bKKcFS40Kc= =J89l -----END PGP SIGNATURE----- --6c2NcOVqGQ03X4Wi--