Date: Tue, 22 Oct 2013 20:35:57 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: Andriy Gapon <avg@FreeBSD.org> Cc: "freebsd-fs@freebsd.org" <freebsd-fs@FreeBSD.org>, alc@FreeBSD.org, Alan Cox <alc@rice.edu> Subject: Re: 9.2 + ZFS + i386 = panic: pmap_enter: attempted pmap_enter on 4MB page Message-ID: <20131022173557.GB5208@kib.kiev.ua> In-Reply-To: <5266B0E9.3040206@FreeBSD.org> References: <20131015164537.GH3865@kib.kiev.ua> <525D7784.5000808@rice.edu> <20131016060010.GO3865@kib.kiev.ua> <CABXB=RR2C%2BpZAr%2BZDDCe%2Bxb=EG4AQL0_WyTQneGG1TW6Ghi7=w@mail.gmail.com> <CABXB=RQhsZKJi34gojN_96%2BTmJ9_DOsd-HyZ5wPLAsAPu1h7pg@mail.gmail.com> <20131017070949.GA3865@kib.kiev.ua> <CABXB=RSGpH3sFNo0i6jFr6mH-U79c-1kNA%2B2kZaj7rE9ENoLEA@mail.gmail.com> <CABXB=RTVpBYFy209ML-NMdNioTqJuYYkVv5L9zjRYB=7yemB1w@mail.gmail.com> <CABXB=RQe6rLui%2Bc8n-5kUwaaii%2BXmZpSuE60WFaZU3owv_-y9g@mail.gmail.com> <5266B0E9.3040206@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--nVMJ2NtxeReIH9PS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Oct 22, 2013 at 08:07:53PM +0300, Andriy Gapon wrote: > on 22/10/2013 15:46 J David said the following: > > On Sun, Oct 20, 2013 at 9:02 AM, J David <j.david.lists@gmail.com> wrot= e: > >> The "attempted pmap_enter on 4MB page" panic occurred again. > >=20 > > Since a machine that crashes 3-4x a day is not useful, we have > > captured a few viable core images for this panic and have now set it > > to vm.pmap.pg_ps_enabled=3D0 in the hopes of stopping the crashes. > >=20 > > If there is anything else we can do to aid the debugging, please let us= know. >=20 > Both panics you posted actually happened because of bad pointer > dereference in ZFS. > > It appears that for some reason trap_pfault does not just call panic > right there as it should, but instead attempts to "fault in" a > corresponding page. > > All in all, these look like a memory corruption of some sort (or use > after free). I just do not have time left for this right now. One thing that catched my eye initially are very strange pointers in the backtrace, like 'zio=3D0x883ca8b8'. The standard i386 address space map splits user/kernel mode at 3GB, so 0x883ca8b8 is definitely usermode, unless non-standard kernel config is used. This is why I asked for the gdb backtrace. why=20 --nVMJ2NtxeReIH9PS Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBAgAGBQJSZrd8AAoJEJDCuSvBvK1BAi0P+gLUZtsigFQDptTNHDIglciM c53rszC89ItPH2tNlVrcz1MMkSGVTKDn92T/SV/js2Emq0TiVOgg1X3FNTxqxAvj wn4djXaonr/IxYnD4CaAyHSnCOQX5X+5j4waJD2dgKGpipAgQ0zk+pQkwFIhc65o Rx78sOJcT9gbmmloGEwmWC1gRiaaZe8xhF8UJWXSqLTPFXb6PzevGJiXreiKMZuA D3QKPE3ENWiUpUbILN8WHqDdZNXRGOHJvZrf4qHbUuFkpINqmHXqvElDFZvkcIK/ 3Yxzhwr8cmw9Os0wtwSBIqpx6FY2H62ClU34UGS1dMy8ql3t1/kuuHKHtGjBtk6i aBSChubFM8kKmt2qKKNcQ5QH4lgu58HChpWwpxV2uMuaTfSgJY3ZjLALdhnsMOao TfhyKZqd/H3FX2OxAJEQ1j73+/sxR80dvqG9YzB8G4nlaUTlIXatDuJFgvRoUV5y ae9gqnusecJWT6SQV2DpNfJSa7n5JBWWAdlTxIToactH4EeALB3jTmSwvY0CLEvb WaJnmfZSo9TTzFASk58XbtnUVP9np08fDh3k9pa0pPQ1W72p5M/UmzAu+LS2RUXx gVeKw7KECpDqS4puYGnO/ZSYqGkyeLLmQYuDtLOtlkx6CbZjOTLCtoAbhNYB4TCf W+aE9GQluVGF1gbC+hiH =S/ws -----END PGP SIGNATURE----- --nVMJ2NtxeReIH9PS--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131022173557.GB5208>