Michal Meloun <mmel_at_freebsd.org> wrote on Date: Sat, 22 Nov 2025 16:37:19 UTC :
> On 22.11.2025 16:40, Konstantin Belousov wrote: > > On Sat, Nov 22, 2025 at 03:31:24PM +0100, Michal Meloun wrote: > >> This patch KASSERTs almost immediately when the system enters multi-user > >> mode while processing mmap() syscall: > >> > >> panic: vm_object_coalesce: obj 0xc73ddb28 next_pindex 0x13 next_size 0x5 > >> obj_size 0x176 > > > > Yes, the assert was mis-placed. Please try this variant. > > > > commit 2b1a1bcd2926bd89b8422c665b0aa411e29c883b > > Author: Konstantin Belousov <[email protected]> > > Date: Sat Nov 22 16:02:50 2025 +0200 > > > > vm_object_coalesce(): fix logic to detect coalesce possibility, simplify > > > > diff --git a/sys/vm/vm_object.c b/sys/vm/vm_object.c > > index 5b4517d2bf0c..9bb4e54edd96 100644 > > --- a/sys/vm/vm_object.c > > +++ b/sys/vm/vm_object.c > > @@ -2189,13 +2189,19 @@ vm_object_coalesce(vm_object_t prev_object, > > vm_ooffset_t prev_offset, > > next_size >>= PAGE_SHIFT; > > next_pindex = OFF_TO_IDX(prev_offset) + prev_size; > > > > - if (prev_object->ref_count > 1 && > > - prev_object->size != next_pindex && > > + if (prev_object->ref_count > 1 || > > + prev_object->size != next_pindex || > > (prev_object->flags & OBJ_ONEMAPPING) == 0) { > > VM_OBJECT_WUNLOCK(prev_object); > > return (FALSE); > > } > > > > + KASSERT(next_pindex + next_size > prev_object->size, > > + ("vm_object_coalesce: " > > + "obj %p next_pindex %#jx next_size %#jx obj_size %#jx", > > + prev_object, (uintmax_t)next_pindex, (uintmax_t)next_size, > > + (uintmax_t)prev_object->size)); > > + > > /* > > * Account for the charge. > > */ > > @@ -2222,26 +2228,13 @@ vm_object_coalesce(vm_object_t prev_object, > > vm_ooffset_t prev_offset, > > * Remove any pages that may still be in the object from a previous > > * deallocation. > > */ > > - if (next_pindex < prev_object->size) { > > - vm_object_page_remove(prev_object, next_pindex, next_pindex + > > - next_size, 0); > > -#if 0 > > - if (prev_object->cred != NULL) { > > - KASSERT(prev_object->charge >= > > - ptoa(prev_object->size - next_pindex), > > - ("object %p overcharged 1 %jx %jx", prev_object, > > - (uintmax_t)next_pindex, (uintmax_t)next_size)); > > - prev_object->charge -= ptoa(prev_object->size - > > - next_pindex); > > - } > > -#endif > > - } > > + vm_object_page_remove(prev_object, next_pindex, next_pindex + > > + next_size, 0); > > > > /* > > * Extend the object if necessary. > > */ > > - if (next_pindex + next_size > prev_object->size) > > - prev_object->size = next_pindex + next_size; > > + prev_object->size = next_pindex + next_size; > > > > VM_OBJECT_WUNLOCK(prev_object); > > return (TRUE); > > Unfortunately, that didn't help. I will try the vm_map.c patch again > for confirmation. On amd64 I could not complete a boot: the KASSERT failed for equality instead of > : "next_pindex Oxf next_size 0x4 obj_size 0x19" QUOTE (from a prior message to the list): No serial console so a summary from a picture (expect typos): . . . ue0: link state changed to UP panic: vm_object_coalesce: obj Oxfffff800090a27c0 next_pindex Oxf next_size 0x4 obj_size 0x19 . . . vm_object_coalesce vm_map_insert1 vm_map_find_locked pipespace_new pipe_paircreate kern_pipe sys_pipe2 amd64_syscall fast_syscall_common syscall END QUOTE === Mark Millard marklmi at yahoo.com
