Date: Sat, 20 Nov 2004 19:51:18 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Xin LI <delphij@frontfree.net> Cc: Xin LI <delphij@FreeBSD.org> Subject: Re: kern/72539: Panic: vm_page_remove(): page not found in hash Message-ID: <20041120195118.GA793@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <20041115085240.GA3759@frontfree.net> References: <200411120350.iAC3o8xF072944@freefall.freebsd.org> <20041114174352.GA876@happy-idiot-talk.infracaninophile.co.uk> <20041115085240.GA3759@frontfree.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--EVF5PPMfhYS0aIcm Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 15, 2004 at 04:52:40PM +0800, Xin LI wrote: > Hi, Matthew, >=20 > Would you please have INVARIANTS and INVARIANT_SUPPORT in your > kernel configuration and try again? I think it would be helpful > for us to figure out what was happening. >=20 > In addition, Matt Dillon has suggested[1] that you run his vmpageinfo > program on the dump, please have a try. >=20 > [1] http://lists.freebsd.org/pipermail/freebsd-hackers/2004-November/0089= 54.html >=20 Right. I've now had a chance to compile up a kernel with INVARIANTS and INVARIANT_SUPPORT. This doesn't include the vm_page.c patch you sent me. I still get a crash from running my nasty perl code, but this time, it's on a page fault. Dillon's vmpageinfo program doesn't produce any interesting output: % sudo ~/src/vm_page_remove.crash/vmpageinfo -N kernel.31 -M vmcore.31 = -d Password: page 131042 index 262143 Here's a backtrace: Script started on Sat Nov 20 19:41:38 2004 Password:=0D GNU gdb 4.18 (FreeBSD)=0D Copyright 1998 Free Software Foundation, Inc.=0D GDB is free software, covered by the GNU General Public License, and you ar= e=0D welcome to change it and/or distribute copies of it under certain condition= s.=0D Type "show copying" to see the conditions.=0D There is absolutely no warranty for GDB. Type "show warranty" for details.= =0D This GDB was configured as "i386-unknown-freebsd"...Deprecated bfd_read cal= led at /usr/src/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxrea= d.c line 2627 in elfstab_build_psymtabs=0D Deprecated bfd_read called at /usr/src/gnu/usr.bin/binutils/gdb/../../../..= /contrib/gdb/gdb/dbxread.c line 933 in fill_symbuf=0D =0D IdlePTD at physical address 0x00979000=0D initial pcb at physical address 0x003a7ee0=0D panicstr: page fault=0D panic messages:=0D ---=0D panic: double fault=0D =0D syncing disks... kernel trap 12 with interrupts disabled=0D =0D =0D Fatal trap 12: page fault while in kernel mode=0D fault virtual address =3D 0x30=0D fault code =3D supervisor read, page not present=0D instruction pointer =3D 0x8:0xc02581d4=0D stack pointer =3D 0x10:0xc03c2410=0D frame pointer =3D 0x10:0xc03c2418=0D code segment =3D base 0x0, limit 0xfffff, type 0x1b=0D =3D DPL 0, pres 1, def32 1, gran 1=0D processor eflags =3D nested task, resume, IOPL =3D 0=0D current process =3D Idle=0D interrupt mask =3D net tty bio cam =0D trap number =3D 12=0D panic: page fault=0D Uptime: 8m37s=0D =0D dumping to dev #da/0x20001, offset 1048736=0D dump 511 510 509 508 507 506 505 504 503 502 501 500 499 498 497 496 495 49= 4 493 492 491 490 489 488 487 486 485 484 483 482 481 480 479 478 477 476 4= 75 474 473 472 471 470 469 468 467 466 465 464 463 462 461 460 459 458 457 = 456 455 454 453 452 451 450 449 448 447 446 445 444 443 442 441 440 439 438= 437 436 435 434 433 432 431 430 429 428 427 426 425 424 423 422 421 420 41= 9 418 417 416 415 414 413 412 411 410 409 408 407 406 405 404 403 402 401 4= 00 399 398 397 396 395 394 393 392 391 390 389 388 387 386 385 384 383 382 = 381 380 379 378 377 376 375 374 373 372 371 370 369 368 367 366 365 364 363= 362 361 360 359 358 357 356 355 354 353 352 351 350 349 348 347 346 345 34= 4 343 342 341 340 339 338 337 336 335 334 333 332 331 330 329 328 327 326 3= 25 324 323 322 321 320 319 318 317 316 315 314 313 312 311 310 309 308 307 = 306 305 304 303 302 301 300 299 298 297 296 295 294 293 292 291 290 289 288= 287 286 285 284 283 282 281 280 279 278 277 276 275 274 273 272 271 270 26= 9 268 267 266 265 264 263 262 261 260 259 258 257 256 255 254 253 252 251 2= 50 249 248 247 246 245 244 243 242 241 240 239 238 237 236 235 234 233 232 = 231 230 229 228 227 226 225 224 223 222 221 220 219 218 217 216 215 214 213= 212 211 210 209 208 207 206 205 204 203 202 201 200 199 198 197 196 195 19= 4 193 192 191 190 189 188 187 186 185 184 183 182 181 180 179 178 177 176 1= 75 174 173 172 171 170 169 168 167 166 165 164 163 162 161 160 159 158 157 = 156 155 154 15=0D ---=0D #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487=0D 487 if (dumping++) {=0D (kgdb) bt/full=0D A syntax error in expression, near `full'.=0D (kgdb) bt\full=0D #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487=0D error =3D 0=0D #1 0xc0180277 in boot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:3= 16=0D howto =3D 260=0D #2 0xc01806b5 in panic (fmt=3D0xc035a22c "%s")=0D at /usr/src/sys/kern/kern_shutdown.c:595=0D fmt =3D 0xc035a22c "%s"=0D bootopt =3D 260=0D buf =3D "page fault\000t", '\000' <repeats 243 times>=0D #3 0xc02f19fb in trap_fatal (frame=3D0xc03c23d0, eva=3D48)=0D at /usr/src/sys/i386/i386/trap.c:974=0D frame =3D (struct trapframe *) 0xc03c23d0=0D code =3D 16=0D type =3D 12=0D ss =3D 16=0D esp =3D 0=0D softseg =3D {ssd_base =3D 0, ssd_limit =3D 1048575, ssd_type =3D 27, =0D ssd_dpl =3D 0, ssd_p =3D 1, ssd_xx =3D 8, ssd_xx1 =3D 0, ssd_def32 =3D 1,= ssd_gran =3D 1}=0D #4 0xc02f16a9 in trap_pfault (frame=3D0xc03c23d0, usermode=3D0, eva=3D48)= =0D at /usr/src/sys/i386/i386/trap.c:867=0D va =3D 0=0D vm =3D (struct vmspace *) 0x0=0D map =3D 0xc=0D rv =3D 0=0D ftype =3D 255 '=FF'=0D p =3D (struct proc *) 0x0=0D #5 0xc02f124f in trap (frame=3D{tf_fs =3D 24, tf_es =3D 16, tf_ds =3D 16, = =0D tf_edi =3D -1069770624, tf_esi =3D 0, tf_ebp =3D -1069800424, =0D tf_isp =3D -1069800452, tf_ebx =3D -1070095780, tf_edx =3D 6832128, = =0D tf_ecx =3D 4, tf_eax =3D 0, tf_trapno =3D 12, tf_err =3D 0, =0D tf_eip =3D -1071283756, tf_cs =3D 8, tf_eflags =3D 82054, tf_esp =3D = 0, =0D tf_ss =3D 0}) at /usr/src/sys/i386/i386/trap.c:466=0D p =3D (struct proc *) 0x0=0D sticks =3D 14011138798591732604=0D i =3D 0=0D ucode =3D 0=0D type =3D 12=0D code =3D 0=0D eva =3D 48=0D #6 0xc02581d4 in acquire_lock (lk=3D0xc037a25c)=0D at /usr/src/sys/ufs/ffs/ffs_softdep.c:266=0D lk =3D (struct lockit *) 0xffffffff=0D holder =3D 0=0D #7 0xc025c812 in softdep_fsync_mountdev (vp=3D0xd69dbb40)=0D at /usr/src/sys/ufs/ffs/ffs_softdep.c:4024=0D bp =3D (struct buf *) 0x0=0D nbp =3D (struct buf *) 0xc03c2468=0D wk =3D (struct worklist *) 0x0=0D #8 0xc0260c1e in ffs_fsync (ap=3D0xc03c248c)=0D at /usr/src/sys/ufs/ffs/ffs_vnops.c:134=0D vp =3D (struct vnode *) 0xd69dbb40=0D bp =3D (struct buf *) 0x0=0D nbp =3D (struct buf *) 0xc03c24a0=0D s =3D -1069770624=0D error =3D 0=0D wait =3D 0=0D passes =3D -694305984=0D skipmeta =3D -1070194848=0D lbn =3D 2147483647=0D #9 0xc025f84f in ffs_sync (mp=3D0xc2732e00, waitfor=3D2, cred=3D0xc1854480= , =0D p=3D0xc03c9880) at vnode_if.h:558=0D a =3D {a_desc =3D 0xc0361ca0, a_vp =3D 0xd69dbb40, a_cred =3D 0xc1854480, = =0D a_waitfor =3D 2, a_p =3D 0xc03c9880}=0D vp =3D (struct vnode *) 0x0=0D cred =3D (struct ucred *) 0xc1854480=0D waitfor =3D 2=0D p =3D (struct proc *) 0xc03c9880=0D p =3D (struct proc *) 0xc03c9880=0D nvp =3D (struct vnode *) 0x0=0D vp =3D (struct vnode *) 0x0=0D ip =3D (struct inode *) 0x0=0D ump =3D (struct ufsmount *) 0xc2722c00=0D fs =3D (struct fs *) 0xc2790800=0D error =3D 0=0D allerror =3D 0=0D #10 0xc01b2383 in sync (p=3D0xc03c9880, uap=3D0x0)=0D at /usr/src/sys/kern/vfs_syscalls.c:583=0D p =3D (struct proc *) 0xc03c9880=0D mp =3D (struct mount *) 0xc2732e00=0D ---Type <return> to continue, or q <return> to quit---=0D nmp =3D (struct mount *) 0x0=0D asyncflag =3D 0=0D #11 0xc018003a in boot (howto=3D256) at /usr/src/sys/kern/kern_shutdown.c:2= 35=0D bp =3D (struct buf *) 0x0=0D iter =3D 0=0D nbusy =3D -1=0D pbusy =3D 5=0D howto =3D 256=0D #12 0xc01806b5 in panic (fmt=3D0xc0359c62 "double fault")=0D at /usr/src/sys/kern/kern_shutdown.c:595=0D fmt =3D 0xc0359c62 "double fault"=0D bootopt =3D 256=0D buf =3D "page fault\000t", '\000' <repeats 243 times>=0D #13 0xc02f1a57 in dblfault_handler () at /usr/src/sys/i386/i386/trap.c:1004= =0D No locals.=0D (kgdb) quit=0D Script done on Sat Nov 20 19:42:52 2004 Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --EVF5PPMfhYS0aIcm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBn6A2iD657aJF7eIRAnM0AKCHB4vs1neigjrnG9OVtcdFArc21ACgon3R i2a4jNVZy3Jq0Kq3bk1kFoM= =F3nq -----END PGP SIGNATURE----- --EVF5PPMfhYS0aIcm--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041120195118.GA793>