NetBSD Problem Report #55980
From www@netbsd.org Sat Feb 6 17:54:55 2021
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 65C261A9239
for <gnats-bugs@gnats.NetBSD.org>; Sat, 6 Feb 2021 17:54:55 +0000 (UTC)
Message-Id: <20210206175454.0D5A81A923A@mollari.NetBSD.org>
Date: Sat, 6 Feb 2021 17:54:53 +0000 (UTC)
From: prlw1@cam.ac.uk
Reply-To: prlw1@cam.ac.uk
To: gnats-bugs@NetBSD.org
Subject: panic: kernel diagnostic assertion "atomic_load_relaxed...
X-Send-Pr-Version: www-1.0
>Number: 55980
>Category: kern
>Synopsis: panic: kernel diagnostic assertion "atomic_load_relaxed...
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Feb 06 17:55:00 +0000 2021
>Last-Modified: Wed Jun 02 16:35:01 +0000 2021
>Originator: Patrick Welche
>Release: NetBSD-9.99.80/amd64
>Organization:
>Environment:
NetBSD 9.99.80 (GENERIC) #59: Sat Feb 6 13:13:44 GMT 2021
total memory = 159 GB
cpu23: AMD Opteron(tm) Processor 6174, id 0x100f91
>Description:
Unfortunately all I have is from a tmux tip serial console:
[ 9916.0148407] panic: kernel diagnostic assertion "atomic_load_relaxed(&pp->pp
[ 9916.0448418] cpu1: Begin traceback...
[ 9916.0548410] vpanic() at netbsd:vpanic+0x156
[ 9916.0648412] __x86_indirect_thunk_rax() at netbsd:__x86_indirect_thunk_rax
[ 9916.0748414] pmap_clear_attrs() at netbsd:pmap_clear_attrs+0x124
[ 9916.0948428] uvm_pagemarkdirty() at netbsd:uvm_pagemarkdirty+0x37b
[ 9916.1048420] uao_get() at netbsd:uao_get+0x315
[ 9916.1148407] ubc_fault() at netbsd:ubc_fault+0x16a
[ 9916.1248414] uvm_fault_internal() at netbsd:uvm_fault_internal+0x57a
[ 9916.1348416] trap() at netbsd:trap+0x5b7
[ 9916.1448423] --- trap (number 6) ---
[ 9916.1548415] copyin() at netbsd:copyin+0x2f
[ 9916.1648407] uiomove() at netbsd:uiomove+0xba
[ 9916.1748414] ubc_uiomove() at netbsd:ubc_uiomove+0x157
[ 9916.1848421] tmpfs_write() at netbsd:tmpfs_write+0xff
[ 9916.1948418] VOP_WRITE() at netbsd:VOP_WRITE+0x40
[ 9916.2048415] vn_write() at netbsd:vn_write+0xe0
[ 9916.2148427] dofilewrite() at netbsd:dofilewrite+0x80
[ 9916.2248429] sys_write() at netbsd:sys_write+0x49
[ 9916.2348431] syscall() at netbsd:syscall+0x23e
[ 9916.2448428] --- syscall (number 4) ---
[ 9916.2548430] netbsd:syscall+0x23e:
[ 9916.2648437] cpu1: End traceback...
[ 9916.2748425] rebooting...
>How-To-Repeat:
>Fix:
>Audit-Trail:
From: Patrick Welche <prlw1@cam.ac.uk>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: kern/55980: panic: kernel diagnostic assertion
"atomic_load_relaxed...
Date: Wed, 2 Jun 2021 17:32:36 +0100
Managed to reproduce this a couple of times since, with coredumps,
e.g., 31 May source, 9.99.82/amd64.
First, the full message is:
System panicked: kernel diagnostic assertion "atomic_load_relaxed(&pp->pp_pte.pte_va) == 0" failed: file "../../../../arch/x86/x86/pmap.c", line 4573
#3 0xffffffff80ec68f3 in kern_assert (
fmt=fmt@entry=0xffffffff8134d970 "kernel %sassertion \"%s\" failed: file \"%s\", line %d ") at ../../../../../../lib/libkern/kern_assert.c:51
#4 0xffffffff8055f6e7 in pmap_clear_attrs (pg=pg@entry=0xffff9580002bde80,
clearbits=clearbits@entry=1) at ../../../../arch/x86/x86/pmap.c:4573
#5 0xffffffff80cb1a7b in uvm_pagemarkdirty (pg=pg@entry=0xffff9580002bde80,
newstatus=newstatus@entry=0) at ../../../../uvm/uvm_page_status.c:124
#6 0xffffffff80c96beb in uao_get (uobj=0xffff93e9a7973100,
offset=<optimized out>, pps=0xffff958b756c87b0, npagesp=<optimized out>,
centeridx=<optimized out>, access_type=<optimized out>, advice=0,
flags=7170) at ../../../../uvm/uvm_aobj.c:1041
#7 0xffffffff80c997e2 in ubc_fault (ufi=0xffff958b756c88d0,
ign1=<optimized out>, ign2=<optimized out>, ign3=<optimized out>,
ign4=<optimized out>, access_type=<optimized out>, flags=<optimized out>)
at ../../../../uvm/uvm_bio.c:386
#8 0xffffffff80c9c598 in uvm_fault_internal (
orig_map=orig_map@entry=0xffffffff81904f40 <kernel_map_store>,
vaddr=vaddr@entry=18446627024758292480, access_type=access_type@entry=2,
fault_flag=fault_flag@entry=0) at ../../../../uvm/uvm_fault.c:917
#9 0xffffffff802288c0 in trap (frame=0xffff958b756c8b70)
at ../../../../arch/amd64/amd64/trap.c:520
#10 0xffffffff802210e3 in alltraps ()
#11 0xffff958b6ad6c000 in ?? ()
#12 0x0000704428b68000 in ?? ()
#13 0x0000704428b6803b in ?? ()
#14 0xffff93ec64ea8228 in ?? ()
#15 0x00007f7ffffff000 in ?? ()
#16 0xffff958b756c8d00 in ?? ()
#17 0xffff940072af25c0 in ?? ()
#18 0xffffffff80dc1ea5 in genfs_islocked (v=<optimized out>)
at ../../../../miscfs/genfs/genfs_vnops.c:394
#19 0xffffffff80c99f87 in ubc_uiomove (uobj=uobj@entry=0xffff93e9a7973100,
uio=uio@entry=0xffff958b756c8ef0, todo=59, advice=1970048736,
advice@entry=0, flags=0, flags@entry=2) at ../../../../uvm/uvm_bio.c:779
#20 0xffffffff80bdcc27 in tmpfs_write (v=<optimized out>)
at ../../../../fs/tmpfs/tmpfs_vnops.c:642
#21 0xffffffff80db7b03 in VOP_WRITE (vp=vp@entry=0xffff93f6895212c0,
uio=uio@entry=0xffff958b756c8ef0, ioflag=ioflag@entry=16,
cred=cred@entry=0xffff940071889dc0) at ../../../../kern/vnode_if.c:540
#22 0xffffffff80daf3b7 in vn_write (fp=<optimized out>,
offset=0xffff93ec7aacfac0, uio=0xffff958b756c8ef0,
cred=0xffff940071889dc0, flags=1) at ../../../../kern/vfs_vnops.c:612
#23 0xffffffff80d50a4b in dofilewrite (fd=fd@entry=4, fp=0xffff93ec7aacfac0,
buf=0x704428b68000, nbyte=59, offset=<optimized out>, flags=flags@entry=1, retval=retval@entry=0xffff958b756c8fb0) at ../../../../kern/sys_generic.c:350
#24 0xffffffff80d50b60 in sys_write (l=<optimized out>, uap=0xffff958b756c9000, retval=0xffff958b756c8fb0) at ../../../../kern/sys_generic.c:318
#25 0xffffffff80565ece in sy_call (rval=0xffff958b756c8fb0, uap=0xffff958b756c9000, l=0xffff940070bf32c0, sy=0xffffffff81882b00 <sysent+96>) at ../../../../sys/syscallvar.h:65
#26 sy_invoke (code=4, rval=0xffff958b756c8fb0, uap=0xffff958b756c9000, l=0xffff940070bf32c0, sy=0xffffffff81882b00 <sysent+96>) at ../../../../sys/syscallvar.h:94
#27 syscall (frame=0xffff958b756c9000) at ../../../../arch/x86/x86/syscall.c:138
(gdb) frame 4
(gdb) print *pp
$1 = {pp_u = {rb = {rbt_root = 0x0, rbt_ops = 0xffff958b6101c000,
rbt_minmax = {0x0, 0x0}}, link = {le_next = 0x0,
le_prev = 0xffff958b6101c000}, s = {pte = {pte_ptp = 0x0,
pte_va = 18446627024593338368}, pvlist = {lh_first = 0x0},
attrs = 0 '\000'}}, pp_lock = {u = {mtxa_owner = 1537, s = {
mtxs_dummy = 1 '\001', mtxs_ipl = {_ipl = 6 '\006'},
mtxs_lock = 0 '\000', mtxs_unused = 0 '\000'}}}}
(gdb) print *pg
$2 = {pageq = {queue = {tqe_next = 0x1, tqe_prev = 0x1}, list = {
le_next = 0x1, le_prev = 0x1}}, pqflags = 0, flags = 1606,
phys_addr = 74025328640, loan_count = 0, wire_count = 0, uanon = 0x0,
uobject = 0xffff93e9a7973100, offset = 0, interlock = {u = {mtxa_owner = 0,
s = {mtxs_dummy = 0 '\000', mtxs_ipl = {_ipl = 0 '\000'},
mtxs_lock = 0 '\000', mtxs_unused = 0 '\000'}}}, pdqueue = {
tqe_next = 0x0, tqe_prev = 0x0}, mdpage = {mp_pp = {pp_u = {rb = {
rbt_root = 0x0, rbt_ops = 0xffff958b6101c000, rbt_minmax = {0x0,
0x0}}, link = {le_next = 0x0, le_prev = 0xffff958b6101c000}, s = {
pte = {pte_ptp = 0x0, pte_va = 18446627024593338368}, pvlist = {
lh_first = 0x0}, attrs = 0 '\000'}}, pp_lock = {u = {
mtxa_owner = 1537, s = {mtxs_dummy = 1 '\001', mtxs_ipl = {
_ipl = 6 '\006'}, mtxs_lock = 0 '\000',
mtxs_unused = 0 '\000'}}}}}}
(gdb) print pg->flags
$3 = 1606 == 0x646 = TABLED AOBJ FAKE BUSY DIRTY
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.