Panic in contigmalloc/vm_page_remove (fwd)
Nicolas Dehaine
nicko at stbernard.com
Wed Nov 8 19:49:09 UTC 2006
Back in June 2005, I encountered an issue with contigmalloc1() (see rev 1.43 of
src/sys/vm/vm_contig.c) which Brian (green at freebsd.org) looked into and solved.
Running FreeBSD 5.3 + the updated rev (1.43) of vm_contig.c (which isn't merged
to RELENG_5), I have now encountered a reproduceable panic in vm_page_remove
which seems to be related to this patch but also to our new hardware. I have a
new system (based on a Tyan 3098 motherboard) which panics at boot time (when
assigning an IP with ifconfig more exactly) while the same build works ok on my
older systems (Tyan 2098 motherboard).
I have
- reverted to the FreeBSD 5.3 version of vm_contig - panic went away. - merged
the newer panic-related fixes - panic remained
- tried the last version of vm_page on RELENG_5 - panic remained
- loaded FreeBSD 6.1 - no panic
I am guessing that rev 1.43 causes the panic indirectly but a later change in
RELENG_6 fixed it or hid it. However, I would guess that this problem is
unlikely to affect many, as rev 1.43 was not merged to RELENG_5.
The dmesg output and panic trace are attached. Any assistance is most welcome.
Nicolas Dehaine
St Bernard Software
-------------- next part --------------
[kernel boots, root login. ifconfig wasn't run at boot time (same results if it does)]
# ifconfig
<output ok: em0, em1 interfaces>
# ifconfig em0 10.0.0.1
panic: vm_page_remove: page not busy
KDB: stack backtrace:
kdb_backtrace(100,c27877d0,c233f5f8,c1c41d68,18c87) at kdb_backtrace+0x29
panic(c05e5fd1,c233f5f8,c1c41d68,dd94f9d4,c0580238) at panic+0xa8
vm_page_remove(c233f5f8,c233f5f8) at vm_page_remove+0x22
vm_page_free_toq(c233f5f8,c233f5f8,40,c233f5f8,dd94fa38) at
vm_page_free_toq+0x78
vm_page_free(c233f5f8) at vm_page_free+0x15
vm_page_alloc_contig(1,0,0,ffffffff,1000) at vm_page_alloc_contig+0x346
contigmalloc(1000,c05fc2c0,1,0,ffffffff) at contigmalloc+0x97
alloc_bounce_pages(c2750480,1) at alloc_bounce_pages+0x5f
bus_dmamap_create(c2750480,1,c2760004,c25d3000,c25d3000) at
bus_dmamap_create+0xff
em_allocate_receive_structures(c25d3000,c25f2000,1000) at
em_allocate_receive_structures+0xec
em_setup_receive_structures(c25d3000,c25d3000,c25d3000) at
em_setup_receive_structures+0x23
em_init_locked(c25d3000) at em_init_locked+0x10e
em_init(c25d3000,c25d3000,c278f500,c25d3000,dd94fb5c) at em_init+0x42
ether_ioctl(c25d3000,8020690c,c278f500) at ether_ioctl+0x50
em_ioctl(c25d3000,8020690c,c278f500,0,1) at em_ioctl+0xba
in_ifinit(c25d3000,c278f500,dd94fc70,0,dd94fbbc) at in_ifinit+0x1e5
in_control(c2789510,8040691a,dd94fc60,c25d3000,c27877d0) at
in_control+0x830
ifioctl(c2789510,8040691a,dd94fc60,c27877d0,0) at ifioctl+0x187
soo_ioctl(c270dd8c,8040691a,dd94fc60,c28fee00,c27877d0) at soo_ioctl+0x42d
ioctl(c27877d0,dd94fd14,3,0,286) at ioctl+0x545
syscall(2f,2f,2f,0,bfbfedb0) at syscall+0x27b
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (54, FreeBSD ELF32, ioctl), eip = 0x280cd0e7, esp =
0xbfbfec5c, ebp = 0xbfbfecc8 ---
KDB: enter: panic
Fatal trap 3: breakpoint instruction fault while in kernel mode
instruction pointer = 0x8:0xc04caf1b
stack pointer = 0x10:0xdd94f984
frame pointer = 0x10:0xdd94f984
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, IOPL = 0
current process = 671 (ifconfig)
trap number = 3
panic: breakpoint instruction fault
KDB: enter: panic
Fatal trap 3: breakpoint instruction fault while in kernel mode
instruction pointer = 0x8:0xc04caf1b
stack pointer = 0x10:0xdd94f8c0
frame pointer = 0x10:0xdd94f8c0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = IOPL = 0
current process = 671 (ifconfig)
trap number = 3
panic: breakpoint instruction fault
KDB: enter: panic
Fatal trap 3: breakpoint instruction fault while in kernel mode
instruction pointer = 0x8:0xc04caf1b
stack pointer = 0x10:0xdd94f7fc
frame pointer = 0x10:0xdd94f7fc
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = IOPL = 0
current process = 671 (ifconfig)
trap number = 3
Fatal trap 3: breakpoint instruction fault while in kernel mode
instruction pointer = 0x8:0xc04caf1b
stack pointer = 0x10:0xdd94f738
frame pointer = 0x10:0xdd94f738
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = IOPL = 0
current process = 671 (ifconfig)
trap number = 3
panic: breakpoint instruction fault
KDB: enter: panic
Fatal trap 3: breakpoint instruction fault while in kernel mode
instruction pointer = 0x8:0xc04caf1b
stack pointer = 0x10:0xdd94f674
frame pointer = 0x10:0xdd94f674
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = IOPL = 0
current process = 671 (ifconfig)
trap number = 3
panic: breakpoint instruction fault
[much more of this]
-------------- next part --------------
Copyright (c) 1992-2004 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 5.3-RELEASE #0: Wed Oct 18 13:16:34 PDT 2006
khall at puma.rapid.stbernard.com:/usr/obj/work3/khall/head/products/rapid/freebsd5/src/sys/RAPID
ACPI APIC Table: <IntelR AWRDACPI>
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 2.00GHz (1992.62-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf29 Stepping = 9
Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
real memory = 527302656 (502 MB)
avail memory = 492945408 (470 MB)
ioapic0 <Version 2.0> irqs 0-23 on motherboard
npx0: [FAST]
npx0: <math processor> on motherboard
npx0: INT 16 interface
acpi0: <IntelR AWRDACPI> on motherboard
acpi0: Power Button (fixed)
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0
cpu0: <ACPI CPU> on acpi0
acpi_tz0: <Thermal Zone> on acpi0
acpi_button0: <Power Button> on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
agp0: <Intel 82845G (845G GMCH) SVGA controller> mem 0xe8100000-0xe817ffff,0xe0000000-0xe7ffffff irq 16 at device 2.0 on pci0
agp0: detected 8060k stolen memory
agp0: aperture size is 128M
pci0: <serial bus, USB> at device 29.0 (no driver attached)
pci0: <serial bus, USB> at device 29.1 (no driver attached)
pci0: <serial bus, USB> at device 29.2 (no driver attached)
pci0: <serial bus, USB> at device 29.7 (no driver attached)
pcib1: <ACPI PCI-PCI bridge> at device 30.0 on pci0
pci1: <ACPI PCI bus> on pcib1
em0: <Intel(R) PRO/1000 Network Connection, Version - 1.7.35> port 0xd000-0xd03f mem 0xe8020000-0xe803ffff,0xe8000000-0xe801ffff irq 21 at device 3.0 on p
ci1
em0: Ethernet address: 00:07:e8:41:7e:e4
em0: Speed:N/A Duplex:N/A
em1: <Intel(R) PRO/1000 Network Connection, Version - 1.7.35> port 0xd100-0xd13f mem 0xe8060000-0xe807ffff,0xe8040000-0xe805ffff irq 20 at device 4.0 on p
ci1
em1: Ethernet address: 00:07:e8:01:7e:e4
em1: Speed:N/A Duplex:N/A
isab0: <PCI-ISA bridge> at device 31.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel ICH4 UDMA100 controller> port 0xf000-0xf00f,0x376,0x170-0x177,0x3f6,0x1f0-0x1f7 at device 31.1 on pci0
ata0: channel #0 on atapci0
ata1: channel #1 on atapci0
pci0: <serial bus, SMBus> at device 31.3 (no driver attached)
sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
sio0: type 16550A, console
sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0
sio1: type 16550A
atkbdc0: <Keyboard controller (i8042)> port 0x64,0x60 irq 1 on acpi0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
pmtimer0 on isa0
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x100>
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
Timecounter "TSC" frequency 1992620396 Hz quality 800
Timecounters tick every 1.000 msec
ad0: 38166MB <ST3402111A/3.AAJ> [77545/16/63] at ata0-master UDMA100
More information about the freebsd-hackers
mailing list