panic: assertion: pmap->pm_stats.resident_count > 0 in pmap_release_free_page

YONETANI Tomokazu qhwt+dfly at les.ath.cx
Thu Dec 24 02:35:43 PST 2009


On Wed, Dec 23, 2009 at 08:42:47PM -0800, Matthew Dillon wrote:
>     The panic is due to pmap->pm_stats.resident_count being off by 1.
>     It should have been left with a count of 1 with only the page
>     directory page left to purge but the count was 0.
> 
>     I'm thinking possibly something in the pmap unwiring code, possibly
>     in _pmap_unwire_pte_hold(), could be racing.
> 
>     Here is a patch to try.  It adds a bunch of assertions in an attempt
>     to catch the potential race.

It panicked at almost the same place as before:

(kgdb) bt
			:
#4  0xc01a14fc in panic (fmt=0xc030329e "assertion: %s in %s")
    at /usr/src/sys/kern/kern_shutdown.c:743
#5  0xc02d9cc4 in pmap_release_free_page (pmap=0x0, p=0xc1026410)
    at /usr/src/sys/platform/pc32/i386/pmap.c:1157
#6  0xc02d9f23 in pmap_release (pmap=0xdaebd9f4)
    at /usr/src/sys/platform/pc32/i386/pmap.c:1358
#7  0xc029c654 in vmspace_terminate (vm=0xdaebd970)
    at /usr/src/sys/vm/vm_map.c:313
#8  0xc017ee84 in _sysref_put (sr=0xdaebda68)
    at /usr/src/sys/kern/kern_sysref.c:318
#9  0xc02a5f22 in sysref_put (ve=0xc3223200, vkp=<value optimized out>)
    at /usr/src/sys/sys/sysref2.h:85
#10 vmspace_entry_delete (ve=0xc3223200, vkp=<value optimized out>)
    at /usr/src/sys/vm/vm_vmspace.c:518
#11 0xc02a639a in sys_vmspace_destroy (uap=0xdbb3dcf0)
    at /usr/src/sys/vm/vm_vmspace.c:147
#12 0xc02dcd8c in syscall2 (frame=0xdbb3dd40)
    at /usr/src/sys/platform/pc32/i386/trap.c:1359
#13 0xc02c83f6 in Xint0x80_syscall ()
    at /usr/src/sys/platform/pc32/i386/exception.s:876
			:

(kgdb) fr 5
#5  0xc02d9cc4 in pmap_release_free_page (pmap=0x0, p=0xc1026410)
    at /usr/src/sys/platform/pc32/i386/pmap.c:1157
1157            KKASSERT(pmap->pm_stats.resident_count > 0);
(kgdb) l -12,+18
1140    static int
1141    pmap_release_free_page(struct pmap *pmap, vm_page_t p)
1142    {
1143            unsigned *pde = (unsigned *) pmap->pm_pdir;
1144            /*
1145             * This code optimizes the case of freeing non-busy
1146             * page-table pages.  Those pages are zero now, and
1147             * might as well be placed directly into the zero queue.
1148             */
1149            if (vm_page_sleep_busy(p, FALSE, "pmaprl"))
1150                    return 0;
1151
1152            vm_page_busy(p);
1153
1154            /*
1155             * Remove the page table page from the processes address space.
1156             */
1157            KKASSERT(pmap->pm_stats.resident_count > 0);
1158            KKASSERT(pde[p->pindex]);





More information about the Bugs mailing list