subject:"Re\: Panic \- uma_zfree_arg \- zone argument is NULL"

Re: Panic - uma_zfree_arg - zone argument is NULL

2014-09-26 Thread Hans Petter Selasky


On 09/26/14 07:51, Hans Petter Selasky wrote:

On 09/25/14 11:19, Gleb Smirnoff wrote:

On Thu, Sep 18, 2014 at 02:03:44PM +0200, Hans Petter Selasky wrote:
H #7  0x80b07863 in uma_zfree_arg (zone=0x0,
item=0xf800114ee000,
H  udata=0x81484760)

udata here is uma_slab_t. Can you look at it?

btw, is that reproducible on stable/10 or head?



Yes, it is reproducible. I have not tried stable/10 or head yet.

(kgdb) print *(uma_slab_t)udata
$3 = {
   us_keg = 0xf8085696d680,
   us_type = {
 _us_link = {
   le_next = 0xf80856970a80,
   le_prev = 0x3
 },
 _us_size = 18446735313429006976
   },
   us_hlink = {
 sle_next = 0x0
   },
   us_data = 0x81484778 ,
   us_free = {
 __bits = {0, 0, -2125969520, 0}
   },
   us_freecount = 0,
   us_flags = 0 '\0',
   us_pad = 0 '\0'
}



BTW: I don't rule out that this might be an indirect error of some other 
kernel modules which I am experimenting with currently. But if you see 
something which is obvious then please let me know.


--HPS

___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: Panic - uma_zfree_arg - zone argument is NULL

2014-09-26 Thread Gleb Smirnoff

On Fri, Sep 26, 2014 at 07:59:09AM +0200, Hans Petter Selasky wrote:
H On 09/26/14 07:51, Hans Petter Selasky wrote:
H  On 09/25/14 11:19, Gleb Smirnoff wrote:
H  On Thu, Sep 18, 2014 at 02:03:44PM +0200, Hans Petter Selasky wrote:
H  H #7  0x80b07863 in uma_zfree_arg (zone=0x0,
H  item=0xf800114ee000,
H  H  udata=0x81484760)
H 
H  udata here is uma_slab_t. Can you look at it?
H 
H  btw, is that reproducible on stable/10 or head?
H 
H 
H  Yes, it is reproducible. I have not tried stable/10 or head yet.
H 
H  (kgdb) print *(uma_slab_t)udata
H  $3 = {
H us_keg = 0xf8085696d680,

Can you print the us_keg, please?

-- 
Totus tuus, Glebius.
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: Panic - uma_zfree_arg - zone argument is NULL

2014-09-26 Thread Hans Petter Selasky


On 09/26/14 08:06, Gleb Smirnoff wrote:

On Fri, Sep 26, 2014 at 07:59:09AM +0200, Hans Petter Selasky wrote:
H On 09/26/14 07:51, Hans Petter Selasky wrote:
H  On 09/25/14 11:19, Gleb Smirnoff wrote:
H  On Thu, Sep 18, 2014 at 02:03:44PM +0200, Hans Petter Selasky wrote:
H  H #7  0x80b07863 in uma_zfree_arg (zone=0x0,
H  item=0xf800114ee000,
H  H  udata=0x81484760)
H 
H  udata here is uma_slab_t. Can you look at it?
H 
H  btw, is that reproducible on stable/10 or head?
H 
H 
H  Yes, it is reproducible. I have not tried stable/10 or head yet.
H 
H  (kgdb) print *(uma_slab_t)udata
H  $3 = {
H us_keg = 0xf8085696d680,

Can you print the us_keg, please?



(kgdb) print *(*(uma_slab_t)udata).us_keg
$5 = {
  uk_lock = {
lock_object = {
  lo_name = 0xf8085696fd80 \200\n\227V\b???\200?\226V\b???,
  lo_flags = 2168997728,
  lo_data = 4294967295,
  lo_witness = 0x0
},
mtx_lock = 0
  },
  uk_hash = {
uh_slab_hash = 0x0,
uh_hashsize = 0,
uh_hashmask = 0
  },
  uk_zones = {
lh_first = 0x0
  },
  uk_part_slab = {
lh_first = 0x224821000
  },
  uk_free_slab = {
lh_first = 0x0
  },
  uk_full_slab = {
lh_first = 0xf8085696d720
  },
  uk_align = 0,
  uk_pages = 6,
  uk_free = 0,
  uk_reserve = 1,
  uk_size = 131072,
  uk_rsize = 67044352,
  uk_maxpages = 269,
  uk_init = 0,
  uk_fini = 0x81484760 vm_phys_free_queues+336,
  uk_allocf = 0xf8085696d7b8,
  uk_freef = 0xf80854307748,
  uk_offset = 18446744071584084984,
  uk_kva = 36435,
  uk_slabzone = 0x224822000,
  uk_slabsize = 0,
  uk_pgoff = 0,
  uk_ppera = 0,
  uk_ipers = 0,
  uk_flags = 1452726152,
  uk_name = 0x6 Address 0x6 out of bounds,
  uk_link = {
le_next = 0x10001,
le_prev = 0x3ff0400
  }
}

--HPS
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: Panic - uma_zfree_arg - zone argument is NULL

2014-09-26 Thread Gleb Smirnoff

On Fri, Sep 26, 2014 at 08:30:06AM +0200, Hans Petter Selasky wrote:
H On 09/26/14 08:06, Gleb Smirnoff wrote:
H  On Fri, Sep 26, 2014 at 07:59:09AM +0200, Hans Petter Selasky wrote:
H  H On 09/26/14 07:51, Hans Petter Selasky wrote:
H  H  On 09/25/14 11:19, Gleb Smirnoff wrote:
H  H  On Thu, Sep 18, 2014 at 02:03:44PM +0200, Hans Petter Selasky wrote:
H  H  H #7  0x80b07863 in uma_zfree_arg (zone=0x0,
H  H  item=0xf800114ee000,
H  H  H  udata=0x81484760)
H  H 
H  H  udata here is uma_slab_t. Can you look at it?
H  H 
H  H  btw, is that reproducible on stable/10 or head?
H  H 
H  H 
H  H  Yes, it is reproducible. I have not tried stable/10 or head yet.
H  H 
H  H  (kgdb) print *(uma_slab_t)udata
H  H  $3 = {
H  H us_keg = 0xf8085696d680,
H 
H  Can you print the us_keg, please?
H 
H (kgdb) print *(*(uma_slab_t)udata).us_keg
 skip

It is trash. This means that vtoslab() returned us bad pointer.

Either this mean the address passed to free() is invalid, and
belongs to a page not under UMA control, or someone else have
mangled the page belonging to UMA.

Can you please print *(struct vm_page *)0x81484760 ?

-- 
Totus tuus, Glebius.
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: Panic - uma_zfree_arg - zone argument is NULL

2014-09-26 Thread Hans Petter Selasky


On 09/26/14 08:44, Gleb Smirnoff wrote:

print *(struct vm_page *)0x81484760


(kgdb) print *(struct vm_page *)0x81484760
$4 = {
  plinks = {
q = {
  tqe_next = 0xf8085696d680,
  tqe_prev = 0xf80856970a80
},
s = {
  ss = {
sle_next = 0xf8085696d680
  },
  pv = 0xf80856970a80
},
memguard = {
  p = 18446735313428993664,
  v = 18446735313429006976
}
  },
  listq = {
tqe_next = 0x3,
tqe_prev = 0x0
  },
  object = 0x81484778,
  pindex = 0,
  phys_addr = 0,
  md = {
pv_list = {
  tqh_first = 0x81484790,
  tqh_last = 0x0
},
pv_gen = 0,
pat_mode = 0
  },
  wire_count = 2168997800,
  busy_lock = 4294967295,
  hold_count = 0,
  flags = 0,
  aflags = 0 '\0',
  oflags = 0 '\0',
  queue = 0 '\0',
  segind = 0 '\0',
  order = 0 '\0',
  pool = 0 '\0',
  act_count = 0 '\0',
  valid = 0 '\0',
  dirty = 0 '\0'
}

--HPS
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: Panic - uma_zfree_arg - zone argument is NULL

2014-09-25 Thread Gleb Smirnoff

On Thu, Sep 18, 2014 at 02:03:44PM +0200, Hans Petter Selasky wrote:
H #7  0x80b07863 in uma_zfree_arg (zone=0x0, item=0xf800114ee000,
H  udata=0x81484760)

udata here is uma_slab_t. Can you look at it?

btw, is that reproducible on stable/10 or head?

-- 
Totus tuus, Glebius.
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: Panic - uma_zfree_arg - zone argument is NULL

2014-09-25 Thread Hans Petter Selasky


On 09/25/14 11:19, Gleb Smirnoff wrote:

On Thu, Sep 18, 2014 at 02:03:44PM +0200, Hans Petter Selasky wrote:
H #7  0x80b07863 in uma_zfree_arg (zone=0x0, item=0xf800114ee000,
H  udata=0x81484760)

udata here is uma_slab_t. Can you look at it?

btw, is that reproducible on stable/10 or head?



Yes, it is reproducible. I have not tried stable/10 or head yet.

(kgdb) print *(uma_slab_t)udata
$3 = {
  us_keg = 0xf8085696d680,
  us_type = {
_us_link = {
  le_next = 0xf80856970a80,
  le_prev = 0x3
},
_us_size = 18446735313429006976
  },
  us_hlink = {
sle_next = 0x0
  },
  us_data = 0x81484778 ,
  us_free = {
__bits = {0, 0, -2125969520, 0}
  },
  us_freecount = 0,
  us_flags = 0 '\0',
  us_pad = 0 '\0'
}

--HPS
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: Panic - uma_zfree_arg - zone argument is NULL

2014-09-18 Thread Hans Petter Selasky


On 09/18/14 13:57, Hans Petter Selasky wrote:

Hi,

Is this a known issue?

Happens when invoking a program over and over again in a loop in from a
shell.

--HPS




Backtrace got stripped:

FreeBSD 10.0-RELEASE

panic: page fault

Unread portion of the kernel message buffer:
fault virtual address   = 0xd8
fault code  = supervisor read data, page not present
instruction pointer = 0x20:0x80b07863
stack pointer   = 0x28:0xfe085d63b3b0
frame pointer   = 0x28:0xfe085d63b420
code segment= base 0x0, limit 0xf, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags= interrupt enabled, resume, IOPL = 0
current process = 5386 (sh)
trap number = 12
panic: page fault
cpuid = 21
KDB: stack backtrace:
#0 0x808e7dc0 at kdb_backtrace+0x60
#1 0x808af8a5 at panic+0x155
#2 0x80c8e882 at trap_fatal+0x3a2
#3 0x80c8eb59 at trap_pfault+0x2c9
#4 0x80c8e2e6 at trap+0x5e6
#5 0x80c75582 at calltrap+0x8
#6 0x80898d25 at free+0x75
#7 0x8085c869 at elf64_load_file+0x379
#8 0x8085c23e at exec_elf64_imgact+0xa9e
#9 0x80879f50 at kern_execve+0x690
#10 0x808796a7 at sys_execve+0x37
#11 0x80c8f177 at amd64_syscall+0x357
#12 0x80c7586b at Xfast_syscall+0xfb
Uptime: 1h51m46s

#0  doadump (textdump=value optimized out) at pcpu.h:219
219 pcpu.h: No such file or directory.
in pcpu.h
(kgdb) #0  doadump (textdump=value optimized out) at pcpu.h:219
#1  0x808af520 in kern_reboot (howto=260)
at /10_release/sys/kern/kern_shutdown.c:447
#2  0x808af8e4 in panic (fmt=value optimized out)
at /10_release/sys/kern/kern_shutdown.c:754
#3  0x80c8e882 in trap_fatal (frame=value optimized out,
eva=value optimized out)
at /10_release/sys/amd64/amd64/trap.c:882
#4  0x80c8eb59 in trap_pfault (frame=0xfe085d63b300, usermode=0)
at /10_release/sys/amd64/amd64/trap.c:699
#5  0x80c8e2e6 in trap (frame=0xfe085d63b300)
at /10_release/sys/amd64/amd64/trap.c:463
#6  0x80c75582 in calltrap ()
at /10_release/sys/amd64/amd64/exception.S:232
#7  0x80b07863 in uma_zfree_arg (zone=0x0, item=0xf800114ee000,
udata=0x81484760)
at /10_release/sys/vm/uma_core.c:2519
#8  0x80898d25 in free (addr=value optimized out,
mtp=0x8138df70)
at /10_release/sys/kern/kern_malloc.c:596
#9  0x8085c869 in elf64_load_file (p=value optimized out,
file=value optimized out, addr=0xfe085d63b588,
entry=0xfe085d63b790, pagesize=4096)
at /10_release/sys/kern/imgact_elf.c:709
#10 0x8085c23e in exec_elf64_imgact (imgp=0xfe085d63b760)
at /10_release/sys/kern/imgact_elf.c:944
#11 0x80879f50 in kern_execve (td=0xf800114db000,
args=0xfe085d63b958, mac_p=0x0)
at /10_release/sys/kern/kern_exec.c:501
#12 0x808796a7 in sys_execve (td=value optimized out,
uap=value optimized out)
at /10_release/sys/kern/kern_exec.c:213
#13 0x80c8f177 in amd64_syscall (td=0xf800114db000, traced=0)
at subr_syscall.c:134
#14 0x80c7586b in Xfast_syscall ()
at /10_release/sys/amd64/amd64/exception.S:391
#15 0x000800d38d5a in ?? ()
Previous frame inner to this frame (corrupt stack?)
Current language:  auto; currently minimal
(kgdb)

--HPS
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: Panic - uma_zfree_arg - zone argument is NULL

Re: Panic - uma_zfree_arg - zone argument is NULL

Re: Panic - uma_zfree_arg - zone argument is NULL

Re: Panic - uma_zfree_arg - zone argument is NULL

Re: Panic - uma_zfree_arg - zone argument is NULL

Re: Panic - uma_zfree_arg - zone argument is NULL

Re: Panic - uma_zfree_arg - zone argument is NULL

Re: Panic - uma_zfree_arg - zone argument is NULL

8 matches

Site Navigation

Mail list logo

Footer information