getting vm_object from allocated memory in kernel

Alexej Sokolov bsd.quest at googlemail.com
Mon Dec 1 14:20:20 PST 2008 

Hello,
I try to allocate a memory in the system call and then I would like to get
vm_object
of allocated space to remap it later:

/* Syscall func */
static int
syscf(struct thread *td, void *sa)
{
...
        vm_offset_t addr;
...
        MALLOC(addr, vm_offset_t, PAGE_SIZE, M_DEVBUF, M_WAITOK | M_ZERO);

/* Then I try to get vm_obj */
        vm_map_lookup(&kernel_map, addr, VM_PROT_ALL,
                        &myentry, &myobject, &mypindex, &myprot, &mywired);
/* OUT */
        vm_map_lookup_done(&kernel_map, myentry);

/* If i try to make system call it work successful but after a few seconds
happens
    kernel panic */

...
}

could anyone give me a tip what I do wrong ?

# kgdb kernel.debug
vmcore.10
/home/alexandre/alexandre-da/misc/crash
kgdb: kvm_nlist(_stopped_cpus):
kgdb: kvm_nlist(_stoppcbs):
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so:
Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:
kernel trap 12 with interrupts disabled


Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x14
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc0589028
stack pointer           = 0x28:0xe7a83758
frame pointer           = 0x28:0xe7a83774
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = resume, IOPL = 0
current process         = 792 (zsh)
panic: from debugger
Uptime: 20m59s
Physical memory: 2034 MB
Dumping 73 MB: 58 42 26 10

#0  doadump () at pcpu.h:195
195     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb)) bt
#0  doadump () at pcpu.h:195
#1  0xc0558c03 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2  0xc0558e2c in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:563
#3  0xc0457927 in db_panic (addr=Could not find the frame base for
"db_panic".
) at /usr/src/sys/ddb/db_command.c:433
#4  0xc0458085 in db_command_loop () at /usr/src/sys/ddb/db_command.c:401
#5  0xc0459ab5 in db_trap (type=12, code=0) at
/usr/src/sys/ddb/db_main.c:222
#6  0xc057ed84 in kdb_trap (type=12, code=0, tf=0xe7a83718) at
/usr/src/sys/kern/subr_kdb.c:502
#7  0xc06b3edf in trap_fatal (frame=0xe7a83718, eva=20) at
/usr/src/sys/i386/i386/trap.c:890
#8  0xc06b489a in trap (frame=0xe7a83718) at
/usr/src/sys/i386/i386/trap.c:280
#9  0xc069dacb in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#10 0xc0589028 in propagate_priority (td=0xc5963210) at
/usr/src/sys/kern/subr_turnstile.c:272
#11 0xc05899a9 in turnstile_wait (ts=0xc5083870, owner=0xc5963210,
queue=Variable "queue" is not available.
) at /usr/src/sys/kern/subr_turnstile.c:739
#12 0xc054cdbd in _mtx_lock_sleep (m=0xc14540e8, tid=3312898576, opts=0,
file=0x0, line=0) at /usr/src/sys/kern/kern_mutex.c:416
#13 0xc054d141 in _mtx_lock_flags (m=0xc14540e8, opts=0, file=0x0, line=0)
at /usr/src/sys/kern/kern_mutex.c:186
#14 0xc066c234 in _vm_map_lock (map=0xc145408c, file=0x0, line=0) at
/usr/src/sys/vm/vm_map.c:449
#15 0xc0669e4a in kmem_malloc (map=0xc145408c, size=4096, flags=259) at
/usr/src/sys/vm/vm_kern.c:296
#16 0xc0660a77 in page_alloc (zone=0xc1445780, bytes=4096, pflag=0xe7a8388f
"\002\200\207D�\003", wait=259) at /usr/src/sys/vm/uma_core.c:955
#17 0xc065fb3c in slab_zalloc (zone=0xc1445780, wait=259) at
/usr/src/sys/vm/uma_core.c:820
#18 0xc0660014 in uma_zone_slab (zone=0xc1445780, flags=3) at
/usr/src/sys/vm/uma_core.c:2010
#19 0xc0663286 in uma_zalloc_arg (zone=0xc1445780, udata=0x0, flags=3) at
/usr/src/sys/vm/uma_core.c:2111
#20 0xc05bf62f in cache_enter (dvp=0xc5724770, vp=0x0, cnp=0xe7a83bd0) at
uma.h:277
#21 0xc06521d8 in ufs_lookup (ap=0xe7a83a00) at
/usr/src/sys/ufs/ufs/ufs_lookup.c:446
#22 0xc06c9ee2 in VOP_CACHEDLOOKUP_APV (vop=0xc073a180, a=0xe7a83a00) at
vnode_if.c:153
#23 0xc05bffa0 in vfs_cache_lookup (ap=0xe7a83a84) at vnode_if.h:83
#24 0xc06cbb26 in VOP_LOOKUP_APV (vop=0xc073a6a0, a=0xe7a83a84) at
vnode_if.c:99
#25 0xc05c64c1 in lookup (ndp=0xe7a83ba8) at vnode_if.h:57
#26 0xc05c7118 in namei (ndp=0xe7a83ba8) at
/usr/src/sys/kern/vfs_lookup.c:219
#27 0xc05d4b5d in kern_stat (td=0xc576d210, path=0xbfbe5238 <Address
0xbfbe5238 out of bounds>, pathseg=UIO_USERSPACE, sbp=0xe7a83c18)
    at /usr/src/sys/kern/vfs_syscalls.c:2109
#28 0xc05d4d0f in stat (td=0xc576d210, uap=0xe7a83cfc) at
/usr/src/sys/kern/vfs_syscalls.c:2093
#29 0xc06b44b7 in syscall (frame=0xe7a83d38) at
/usr/src/sys/i386/i386/trap.c:1035
#30 0xc069db30 in Xint0x80_syscall () at
/usr/src/sys/i386/i386/exception.s:196
#31 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)

More information about the freebsd-hackers mailing list