Subject: Re: Status of NEW_BUFQ_STRATEGY?
To: None <current-users@netbsd.org>
From: Juergen Hannken-Illjes <hannken@eis.cs.tu-bs.de>
List: current-users
Date: 11/01/2002 11:37:02
After some correspondence with Urban:
Am I right that uvm_fault(0xc03c02a0, 0x0, 0, 1) -> e is a NULL dereference in kernel?
The code fragment from bufq_prio_get (a little bit different from the original posting) is:
bp = prio->bq_next;
if (prio->bq_next != NULL && remove) {
if ((prio->bq_next->b_flags & B_READ) == B_READ)
or as assembly
<bufq_prio_get+80>: mov 0x14(%ecx),%ebx bp = prio->bq_next
<bufq_prio_get+83>: test %ebx,%ebx prio->bq_next == NULL ?
<bufq_prio_get+85>: je <bufq_prio_get+199>
<bufq_prio_get+87>: cmpl $0x0,0xc(%ebp) remove == 0 ?
<bufq_prio_get+91>: je <bufq_prio_get+199>
<bufq_prio_get+93>: mov 0x24(%ebx),%eax prio->bq_next->b_flags
<bufq_prio_get+96>: test $0x100000,%eax == B_READ ?
<bufq_prio_get+101>: je <bufq_prio_get+132>
<bufq_prio_get+103>: cmpl $0x0,0x18(%ebx)
<bufq_prio_get+107>: je <bufq_prio_get+120>
<bufq_prio_get+93> is the instruction generating the fault.
I cannnot see a zero dereference here, confused ...
Btw.: there seems to be a queue error:
TAILQ_REMOVE(&prio->bq_write, prio->bq_next, b_actq);
/*
* Advance the write pointer.
*/
prio->bq_write_next =
TAILQ_NEXT(prio->bq_write_next, b_actq);
if (prio->bq_write_next == NULL)
prio->bq_write_next =
TAILQ_FIRST(&prio->bq_write);
should become
/*
* Advance the write pointer.
*/
prio->bq_write_next =
TAILQ_NEXT(prio->bq_write_next, b_actq);
if (prio->bq_write_next == NULL)
prio->bq_write_next =
TAILQ_FIRST(&prio->bq_write);
TAILQ_REMOVE(&prio->bq_write, prio->bq_next, b_actq);
On Thu, Oct 31, 2002 at 02:40:34PM +0100, Urban Boquist wrote:
> Are there any known problems with NEW_BUFQ_STRATEGY? This is what I
> get immediately on boot when I try it:
>
> uvm_fault(0xc03c02a0, 0x0, 0, 1) -> e
> fatal page fault in supervisor mode
> trap type 6 code 0 eip c0216db3 cs 8 eflags 10202 cr2 32 imask 70
> panic: trap
> Begin traceback...
> trap() at trap+0x20f
> --- trap (number 6) ---
> bufq_prio_get(c07a689c,1,c0420bf0,c02332e6) at bufq_prio_get+0x5b
> wdstart(c07a6800,0,c0420c20,c029017f,c07a689c,c48d0838,0,0) at wdstart+0x3c
> wdstrategy(c48d0838,c07a6b3b,c0420c70,c0290aed,c07a6800,c07a1400,c07a7e40,c0290b
> 51,c07a1400,c07a6b3a,10,0,c07a6800,c07a1400,0,0,0,0,c0420ca0,c0290bf1,3,c0290020
> ,c07a1400,c07a7c00,c07a6800,0,0,c0292ec5,c07a6800,0,c0420ce0,c0290869,c07a6800,0
> ,c0420ce0,c0290860,c07a6800,8,c07a6b04,cf32f000,0,c0420d5c,cf32f000,cf32f000,c04
> 20d5c,0,c0420d30,c024340e,0,1,6000,0,cf32f000,0,c03c623c,cead5f80,cead6f60,0,c04
> 20d30,0,c03c4260) at wdstrategy+0x168
> readdisklabel(3,c0290020,c07a1400,c07a7c00) at readdisklabel+0xe6
> wdgetdisklabel(c07a6800,0,c0420ce0,c0290860,c07a6800,8,c07a6b04,cf32f000) at wdg
> etdisklabel+0x8d
> wdopen(0,1,6000,0,cf32f000) at wdopen+0xed
> spec_open(c0420d5c,0,c03c623c,c0215f6f,0) at spec_open+0x1c2
> VOP_OPEN(cf32f000,1,ffffffff,0) at VOP_OPEN+0x3b
> match_harddisk(c07a6800,c03c623c,c03c0568,c0205804) at match_harddisk+0xc2
> findroot(0,c03c0360,c0420fa0,c01fda96,c041c010) at findroot+0xa6
> cpu_rootconf(c041c010,41c000,425000,0,0) at cpu_rootconf+0xb
> main(0,0,0,0,0) at main+0x4a6
> End traceback...
> syncing disks... done
> rebooting...
>
> Kind regards,
>
> -- Urban
--
Juergen Hannken-Illjes - hannken@eis.cs.tu-bs.de - TU Braunschweig (Germany)