Date: Sat, 22 Nov 2025 20:22:39 +0200 From: Konstantin Belousov <kostikbel@gmail.com> To: Mark Millard <marklmi@yahoo.com> Cc: Michal Meloun <mmel@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: mmap( MAP_ANON) is broken on current. (was Still seeing Failed assertion: "p[i] == 0" on armv7 buildworld) Message-ID: <aSH_b3j1HsDH8gJ1@kib.kiev.ua> In-Reply-To: <7435C4D0-94AF-41FA-B9A0-2E5091F5A727@yahoo.com> References: <7435C4D0-94AF-41FA-B9A0-2E5091F5A727.ref@yahoo.com> <7435C4D0-94AF-41FA-B9A0-2E5091F5A727@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 22, 2025 at 09:37:15AM -0800, Mark Millard wrote:
> Michal Meloun <mmel_at_freebsd.org> wrote on
> Date: Sat, 22 Nov 2025 16:37:19 UTC :
>
> > On 22.11.2025 16:40, Konstantin Belousov wrote:
> > > On Sat, Nov 22, 2025 at 03:31:24PM +0100, Michal Meloun wrote:
> > >> This patch KASSERTs almost immediately when the system enters multi-user
> > >> mode while processing mmap() syscall:
> > >>
> > >> panic: vm_object_coalesce: obj 0xc73ddb28 next_pindex 0x13 next_size 0x5
> > >> obj_size 0x176
> > >
> > > Yes, the assert was mis-placed. Please try this variant.
> > >
> > > commit 2b1a1bcd2926bd89b8422c665b0aa411e29c883b
> > > Author: Konstantin Belousov <kib@FreeBSD.org>
> > > Date: Sat Nov 22 16:02:50 2025 +0200
> > >
> > > vm_object_coalesce(): fix logic to detect coalesce possibility, simplify
> > >
> > > diff --git a/sys/vm/vm_object.c b/sys/vm/vm_object.c
> > > index 5b4517d2bf0c..9bb4e54edd96 100644
> > > --- a/sys/vm/vm_object.c
> > > +++ b/sys/vm/vm_object.c
> > > @@ -2189,13 +2189,19 @@ vm_object_coalesce(vm_object_t prev_object, vm_ooffset_t prev_offset,
> > > next_size >>= PAGE_SHIFT;
> > > next_pindex = OFF_TO_IDX(prev_offset) + prev_size;
> > >
> > > - if (prev_object->ref_count > 1 &&
> > > - prev_object->size != next_pindex &&
> > > + if (prev_object->ref_count > 1 ||
> > > + prev_object->size != next_pindex ||
> > > (prev_object->flags & OBJ_ONEMAPPING) == 0) {
> > > VM_OBJECT_WUNLOCK(prev_object);
> > > return (FALSE);
> > > }
> > >
> > > + KASSERT(next_pindex + next_size > prev_object->size,
> > > + ("vm_object_coalesce: "
> > > + "obj %p next_pindex %#jx next_size %#jx obj_size %#jx",
> > > + prev_object, (uintmax_t)next_pindex, (uintmax_t)next_size,
> > > + (uintmax_t)prev_object->size));
> > > +
> > > /*
> > > * Account for the charge.
> > > */
> > > @@ -2222,26 +2228,13 @@ vm_object_coalesce(vm_object_t prev_object, vm_ooffset_t prev_offset,
> > > * Remove any pages that may still be in the object from a previous
> > > * deallocation.
> > > */
> > > - if (next_pindex < prev_object->size) {
> > > - vm_object_page_remove(prev_object, next_pindex, next_pindex +
> > > - next_size, 0);
> > > -#if 0
> > > - if (prev_object->cred != NULL) {
> > > - KASSERT(prev_object->charge >=
> > > - ptoa(prev_object->size - next_pindex),
> > > - ("object %p overcharged 1 %jx %jx", prev_object,
> > > - (uintmax_t)next_pindex, (uintmax_t)next_size));
> > > - prev_object->charge -= ptoa(prev_object->size -
> > > - next_pindex);
> > > - }
> > > -#endif
> > > - }
> > > + vm_object_page_remove(prev_object, next_pindex, next_pindex +
> > > + next_size, 0);
> > >
> > > /*
> > > * Extend the object if necessary.
> > > */
> > > - if (next_pindex + next_size > prev_object->size)
> > > - prev_object->size = next_pindex + next_size;
> > > + prev_object->size = next_pindex + next_size;
> > >
> > > VM_OBJECT_WUNLOCK(prev_object);
> > > return (TRUE);
> >
> > Unfortunately, that didn't help. I will try the vm_map.c patch again
> > for confirmation.
>
> On amd64 I could not complete a boot: the KASSERT failed for equality
> instead of > : "next_pindex Oxf next_size 0x4 obj_size 0x19"
>
> QUOTE (from a prior message to the list):
> No serial console so a summary from a picture
> (expect typos):
>
> . . .
> ue0: link state changed to UP
> panic: vm_object_coalesce: obj Oxfffff800090a27c0 next_pindex Oxf next_size 0x4 obj_size 0x19
Remove this assertion from your source. The right fix is to move it later,
but it does not matter for the testing.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aSH_b3j1HsDH8gJ1>