GENERIC from Fri May 22 14:31:49 2009 +0300, vm3 7ff935d, vmcore.151 KDB: debugger backends: ddb KDB: current backend: ddb 524288K of memory above 4GB ignored Copyright (c) 1992-2009 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 8.0-CURRENT #0: Fri May 22 14:54:29 CEST 2009 pho@x4.osted.lan:/var/tmp/deviant2/sys/i386/compile/PHO WARNING: WITNESS option enabled, expect reduced performance. WARNING: DIAGNOSTIC option enabled, expect reduced performance. Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: AMD Phenom(tm) 9150e Quad-Core Processor (1799.99-MHz 686-class CPU) Origin = "AuthenticAMD" Id = 0x100f23 Stepping = 3 Features=0x178bfbff Features2=0x802009 AMD Features=0xee500800 AMD Features2=0x7ff TSC: P-state invariant real memory = 4294967296 (4096 MB) avail memory = 1032314880 (984 MB) : Trying to mount root from ufs:/dev/ad4s1a Entropy harvesting: interrupts ethernet point_to_point kickstart. GEOM_LABEL: Label ufsid/48f38e3c5b611e96 removed. /dev/ad4s1a: FILE SYSTEM CLEAN; SKIPPING CHECKS /dev/ad4s1a: clean, 252449 free (2417 frags, 31G254 blocks, 0.2%EOM_LABEL fragmentation): Labe l for provider ad4s1a is ufsid/48f38e3c5b611e96. GEOM_LABEL: Label ufsid/48f38e3cff1ca3a5 removed. /dev/ad4s1e: FILE SYSTEM CLEAN; SKIPPING CHECKS /dev/ad4s1e: clean, 50083406 frGEOM_LABEL:ee (2326 frags, 6260135 blocks, Label for provider ad4s1e is ufsid/48f38e3cff1ca3a5.0.0% fragmentati on) GEOM_LABEL: Label ufsid/48f38e47737647c8 removed. /dev/ad4s1f: FILE SYSTEM CLEAN; SKIPPING CHECKS /dev/ad4s1f: clean, 6407617 free (205993 frags,GEOM_LABEL 775203 blocks, : Labe0.9% fragmentatil for provider aon) d4s1f is ufsid/48f38e47737647c8. GEOM_LABEL: Label ufsid/48f38e4956403ff8 removed. /dev/ad4s1d: FILGEOM_LABEL: E SYSTEM CLEAN; Label for prSKIPPING CHECKSovider ad4s1d is /dev/ad4s1d: cl ufsid/48f38e4956403ff8.ean, 11964979 fr ee (106699 frags, 1482285 blocks, 0.2% fragmentation) GEOM_LABEL: Label ufsid/48f38e3c5b611e96 removed. GEOM_LABEL: Label ufsid/48f38e3cff1ca3a5 removed. GEOM_LABEL: Label ufsid/48f38e47737647c8 removed. GEOM_LABEL: Label ufsid/48f38e4956403ff8 removed. re0: link state changed to DOWN Starting Network: lo0 re0. add net default: gateway 192.168.1.1 Additional ABI support: linux. lock order reversal: 1st 0xe4516d38 bufwait (bufwait) @ kern/vfs_bio.c:2556 2nd 0xc4b4b800 dirhash (dirhash) @ ufs/ufs/ufs_dirhash.c:275 KDB: stack backtrace: db_trace_self_wrapper(c0c4cf5e,f385787c,c08a1345,c089307b,c0c4fe15,...) at db_trace_self_wrapper+0x26 kdb_backtrace(c089307b,c0c4fe15,c452bcf0,c452f2f8,f38578d8,...) at kdb_backtrace+0x29 _witness_debugger(c0c4fe15,c4b4b800,c0c700f9,c452f2f8,c0c6fd9f,...) at _witness_debugger+0x25 witness_checkorder(c4b4b800,9,c0c6fd96,113,0,...) at witness_checkorder+0x839 _sx_xlock(c4b4b800,0,c0c6fd96,113,c4cf4d98,...) at _sx_xlock+0x85 ufsdirhash_acquire(e4516cd8,f3857a20,e0,e4e9f660,f38579a8,...) at ufsdirhash_acquire+0x48 ufsdirhash_add(c4cf4d98,f3857a20,1660,f3857994,f3857998,...) at ufsdirhash_add+0x13 ufs_direnter(c4cf79bc,c4fa1000,f3857a20,f3857c04,e45171ac,...) at ufs_direnter+0x779 ufs_mkdir(f3857c28,c0c84d4a,0,f3857bd8,f3857b70,...) at ufs_mkdir+0x8ce VOP_MKDIR_APV(c0d4cae0,f3857c28,eae,eac,0,...) at VOP_MKDIR_APV+0xc5 kern_mkdirat(c4c4d940,ffffff9c,bfbfef5a,0,1ff,...) at kern_mkdirat+0x23b kern_mkdir(c4c4d940,bfbfef5a,0,1ff,f3857d2c,...) at kern_mkdir+0x2e mkdir(c4c4d940,f3857cf8,8,c0c50704,c0d2df40,...) at mkdir+0x29 syscall(f3857d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (136, FreeBSD ELF32, mkdir), eip = 0x2815fea3, esp = 0xbfbfed6c, ebp = 0xbfbfee38 --- Starting mountd. Configuring syscons: keymap blanktime. Local package initialization: watchdogd. Fri May 22 15:12:52 CEST 2009 FreeBSD/i386 (x4.osted.lan) (console) login: lock order reversal: 1st 0xc5138320 ufs (ufs) @ kern/vfs_lookup.c:492 2nd 0xe453b8a4 bufwait (bufwait) @ ufs/ffs/ffs_softdep.c:6150 3rd 0xc5389cdc ufs (ufs) @ kern/vfs_subr.c:2103 KDB: stack backtrace: db_trace_self_wrapper(c0c4cf5e,f3a123e0,c08a1345,c089307b,c0c4fe2e,...) at db_trace_self_wrapper+0x26 kdb_backtrace(c089307b,c0c4fe2e,c452bcf0,c452f290,f3a1243c,...) at kdb_backtrace+0x29 _witness_debugger(c0c4fe2e,c5389cdc,c0c43022,c452f290,c0c56c81,...) at _witness_debugger+0x25 witness_checkorder(c5389cdc,9,c0c56c78,837,0,...) at witness_checkorder+0x839 __lockmgr_args(c5389cdc,80100,c5389d44,0,0,...) at __lockmgr_args+0x7a7 ffs_lock(f3a12548,c08a10eb,c0c5631e,80100,c5389c84,...) at ffs_lock+0xa1 VOP_LOCK1_APV(c0d4cae0,f3a12548,c541e794,c0d65360,c5389c84,...) at VOP_LOCK1_APV+0xa5 _vn_lock(c5389c84,80100,c0c56c78,837,4,...) at _vn_lock+0x78 vget(c5389c84,80100,c541e6f0,50,0,...) at vget+0xc9 vfs_hash_get(c4e18598,5dcc20,80000,c541e6f0,f3a126a4,...) at vfs_hash_get+0xed ffs_vgetf(c4e18598,5dcc20,80000,f3a126a4,1,...) at ffs_vgetf+0x49 softdep_sync_metadata(c51382c8,0,c0c6f9e6,131,0,...) at softdep_sync_metadata+0x5ba ffs_syncvnode(c51382c8,1,c541e6f0,f3a12764,246,...) at ffs_syncvnode+0x3e2 ffs_truncate(c51382c8,200,0,880,c4bc6000,...) at ffs_truncate+0x696 ufs_direnter(c51382c8,c5389c84,f3a12a20,f3a12c04,e4554764,...) at ufs_direnter+0x946 ufs_mkdir(f3a12c28,c0c84d4a,0,f3a12bd8,f3a12b70,...) at ufs_mkdir+0x8ce VOP_MKDIR_APV(c0d4cae0,f3a12c28,eae,eac,0,...) at VOP_MKDIR_APV+0xc5 kern_mkdirat(c541e6f0,ffffff9c,804d2e0,0,1f8,...) at kern_mkdirat+0x23b kern_mkdir(c541e6f0,804d2e0,0,1f8,f3a12d2c,...) at kern_mkdir+0x2e mkdir(c541e6f0,f3a12cf8,8,c0c50647,c0d2df40,...) at mkdir+0x29 syscall(f3a12d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (136, FreeBSD ELF32, mkdir), eip = 0x28172ea3, esp = 0xbfbfe65c, ebp = 0xbfbfe678 --- witness_lock_list_get: witness exhausted Expensive timeout(9) function: 0xc0949e80(0xc572d400) 0.588742257 s Expensive timeout(9) function: 0xc08bb280(0) 0.817588344 s May 22 17:59:29 x4 su: pho to root on /dev/pts/1 Limiting icmp unreach response from 5159 to 200 packets/sec Limiting icmp unreach response from 19565 to 200 packets/sec Limiting icmp unreach response from 12968 to 200 packets/sec : Limiting icmp unreach response from 4753 to 200 packets/sec Limiting icmp unreach response from 1123 to 200 packets/sec Limiting icmp unreach response from 1824 to 200 packets/sec Limiting icmp unreach response from 2876 to 200 packets/sec Limiting icmp unreach response from 3773 to 200 packets/sec Limiting icmp unreach response from 4659 to 200 packets/sec panic: uiomove EFAULT bfbff000 2807ed60 4096 cpuid = 1 KDB: enter: panic [thread pid 43712 tid 100559 ] Stopped at kdb_enter+0x3a: movl $0,kdb_why db:0:kdb.enter.panic> run pho db:1:pho> bt Tracing pid 43712 tid 100559 td 0xc52366f0 kdb_enter(c0c49c1b,c0c49c1b,c0c71796,f3f64844,1,...) at kdb_enter+0x3a panic(c0c71796,bfbff000,0,2807ed60,0,...) at panic+0x136 vm_fault_hold(0,0,f3f64a28,c08a876f,c4f1a570,...) at vm_fault_hold+0x6d vm_fault(c4f1a570,bfbff000,1,0,f3f649f0,...) at vm_fault+0x23 proc_rwmem(c4f92d34,f3f64c54,c0c40110,42,c4f92d34,...) at proc_rwmem+0xaf procfs_doprocmem(c52366f0,c4f92d34,c48f5a80,0,f3f64c54,...) at procfs_doprocmem+0x8a pfs_read(f3f64ad4,c0c8457f,c4c216c8,f3f64ad4,c754142c,...) at pfs_read+0x240 VOP_READ_APV(c0d2ab20,f3f64ad4,c0c580c6,282,f3f64c54,...) at VOP_READ_APV+0xc5 vn_read_wired_chunk(c4c216c8,f3f64c54,c4544300,0,0,...) at vn_read_wired_chunk+0xb1 do_vn_rw_chunked(0,0,c52366f0,f3f64b60,c08fa9d0,...) at do_vn_rw_chunked+0xa7 vn_read(c4c216c8,f3f64c54,c4544300,0,c52366f0,...) at vn_read+0x1b9 dofileread(f3f64c54,ffffffff,ffffffff,0,c4c216c8,...) at dofileread+0x96 kern_readv(c52366f0,5,f3f64c54,f3f64c78,1,...) at kern_readv+0x58 read(c52366f0,f3f64cf8,c,c0c50641,c0d2d2c8,...) at read+0x4f syscall(f3f64d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (3, FreeBSD ELF32, read), eip = 0x281988a3, esp = 0xbfbfdaac, ebp = 0xbfbfdef8 --- db:1:bt> show allpcpu Current CPU: 1 cpuid = 0 curthread = 0xc4579250: pid 11 "idle: cpu0" curpcb = 0xc41d1d90 fpcurthread = none idlethread = 0xc4579250: pid 11 "idle: cpu0" APIC ID = 0 currentldt = 0x50 spin locks held: cpuid = 1 curthread = 0xc52366f0: pid 43712 "ps" curpcb = 0xf3f64d90 fpcurthread = 0xc52366f0: pid 43712 "ps" idlethread = 0xc45794a0: pid 11 "idle: cpu1" APIC ID = 1 currentldt = 0x50 spin locks held: cpuid = 2 curthread = 0xc45796f0: pid 11 "idle: cpu2" curpcb = 0xc41cbd90 fpcurthread = none idlethread = 0xc45796f0: pid 11 "idle: cpu2" APIC ID = 2 currentldt = 0x50 spin locks held: cpuid = 3 curthread = 0xc4579940: pid 11 "idle: cpu3" curpcb = 0xc41c8d90 fpcurthread = none idlethread = 0xc4579940: pid 11 "idle: cpu3" APIC ID = 3 currentldt = 0x50 spin locks held: db:1:allpcpu> show alllocks Process 1204 (sshd) thread 0xc50aab90 (100154) Process 1177 (sshd) thread 0xc4cb8940 (100098) Process 1176 (sshd) thread 0xc4cb8b90 (100097) Process 1175 (sshd) thread 0xc4c50940 (100080) db:1:alllocks> show lockedvnods Locked vnodes db:1:lockedvnods> show mount 0xc4bc4b30 /dev/ad4s1a on / (ufs) 0xc4bc5000 devfs on /dev (devfs) 0xc4e18598 /dev/ad4s1e on /tmp (ufs) 0xc4e32000 /dev/ad4s1f on /usr (ufs) 0xc4e31b30 /dev/ad4s1d on /var (ufs) 0xc4e31864 procfs on /proc (procfs) More info: show mount db:1:mount> ps pid ppid pgrp uid state wmesg wchan cmd 43713 43711 1 0 S piperd 0xc50a9d80 sh 43712 43711 1 0 R CPU 1 ps 43711 43709 1 0 S wait 0xc63e3d34 sh 43709 43696 1 0 S piperd 0xc4c75780 sh 43702 43700 1 0 S nanslp 0xc0d98c84 sleep 43700 43696 1 0 S wait 0xc7bfd548 sh 43696 1 1 0 S wait 0xc573d548 sh 43694 1187 1184 1001 S nanslp 0xc0d98c84 sleep 96745 96741 96745 0 S+ ttyin 0xc4c14870 bash 96741 96725 96741 0 S+ pause 0xc573ed8c csh 96725 1207 96725 1001 S+ wait 0xc4bfa7ec su 1207 1206 1207 1001 Ss+ wait 0xc5379000 bash 1206 1204 1204 1001 S select 0xc4bcad24 sshd 1204 1075 1204 0 Ss sbwait 0xc508eea0 sshd 1188 1184 1184 1001 SL piperd 0xc50a8d80 awk 1187 1184 1184 1001 S wait 0xc4f93d34 sh 1186 1182 1186 1001 Ss+ select 0xc4c3e1a4 top 1185 1183 1185 1001 Ss kqread 0xc505d180 tail 1184 1181 1184 1001 Ss wait 0xc4c18548 sh 1183 1176 1176 1001 S select 0xc5057364 sshd 1182 1175 1175 1001 S select 0xc4c3eca4 sshd 1181 1177 1177 1001 S select 0xc4b876e4 sshd 1177 1075 1177 0 Ss sbwait 0xc50b2d14 sshd 1176 1075 1176 0 Ss sbwait 0xc508e240 sshd 1175 1075 1175 0 Ss sbwait 0xc50ae6e4 sshd 1125 1 1125 0 Ss select 0xc4c3fde4 inetd 1101 1 1101 0 Ss nanslp 0xc0d98c84 watchdogd 1092 1 1092 0 Ss nanslp 0xc0d98c84 cron 1086 1 1086 25 Ss pause 0xc508a844 sendmail 1082 1 1082 0 Ss select 0xc5057ea4 sendmail 1075 1 1075 0 Ss select 0xc5057524 sshd 1038 1 1038 0 Ss select 0xc4cbd1e4 ntpd 917 1 917 0 Ss rpcsvc 0xc4b87cd0 NLM: master 911 1 911 0 Ss select 0xc5058b64 rpc.statd 897 896 896 0 S (threaded) nfsd 100135 S rpcsvc 0xc4cbc010 nfsd: service 100134 S rpcsvc 0xc4c3fe90 nfsd: service 100133 S rpcsvc 0xc4cbc050 nfsd: service 100130 S rpcsvc 0xc4c3fe50 nfsd: master 896 1 896 0 Ss select 0xc5057024 nfsd 892 1 892 0 Ss select 0xc4c3fce4 mountd 808 1 808 0 Ss select 0xc4b86964 rpcbind 788 1 788 0 Ss select 0xc4a5a864 syslogd 593 1 593 0 Ss select 0xc4c3ede4 devd 44 0 0 0 SL flowclea 0xc0d98ae4 [flowcleaner] 43 0 0 0 SL sdflush 0xc0f113e0 [softdepflush] 42 0 0 0 SL syncer 0xc0f05554 [syncer] 41 0 0 0 SL vlruwt 0xc4b3b548 [vnlru] 40 0 0 0 SL psleep 0xc0f05288 [bufdaemon] 39 0 0 0 SL pgzero 0xc0f12014 [pagezero] 38 0 0 0 SL psleep 0xc0f11c3c [vmdaemon] 9 0 0 0 SL psleep 0xc0f11c04 [pagedaemon] 37 0 0 0 SL wmsg 0xc47dfd0c [usbus5] 36 0 0 0 SL wmsg 0xc47dfcdc [usbus5] 35 0 0 0 SL wmsg 0xc47dfcac [usbus5] 34 0 0 0 SL wmsg 0xc47dfc7c [usbus5] 33 0 0 0 SL wmsg 0xc47d9b5c [usbus4] 32 0 0 0 SL wmsg 0xc47d9b2c [usbus4] 31 0 0 0 SL wmsg 0xc47d9afc [usbus4] 30 0 0 0 SL wmsg 0xc47d9acc [usbus4] 29 0 0 0 SL wmsg 0xc47d0b5c [usbus3] 28 0 0 0 SL wmsg 0xc47d0b2c [usbus3] 27 0 0 0 SL wmsg 0xc47d0afc [usbus3] 26 0 0 0 SL wmsg 0xc47d0acc [usbus3] 25 0 0 0 SL wmsg 0xc47ccb5c [usbus2] 24 0 0 0 SL wmsg 0xc47ccb2c [usbus2] 23 0 0 0 SL wmsg 0xc47ccafc [usbus2] 22 0 0 0 SL wmsg 0xc47ccacc [usbus2] 21 0 0 0 SL wmsg 0xc47c6b5c [usbus1] 20 0 0 0 SL wmsg 0xc47c6b2c [usbus1] 19 0 0 0 SL wmsg 0xc47c6afc [usbus1] 18 0 0 0 SL wmsg 0xc47c6acc [usbus1] 17 0 0 0 SL wmsg 0xc47c1b5c [usbus0] 16 0 0 0 SL wmsg 0xc47c1b2c [usbus0] 15 0 0 0 SL wmsg 0xc47c1afc [usbus0] 14 0 0 0 SL wmsg 0xc47c1acc [usbus0] 8 0 0 0 SL waiting_ 0xc0f0743c [sctp_iterator] 7 0 0 0 SL - 0xc47cf43c [fdc0] 6 0 0 0 SL - 0xc4800000 [fw0_probe] 5 0 0 0 SL ccb_scan 0xc0d65ad4 [xpt_thrd] 13 0 0 0 SL - 0xc0d98ae4 [yarrow] 4 0 0 0 SL - 0xc0d96864 [g_down] 3 0 0 0 SL - 0xc0d96860 [g_up] 2 0 0 0 SL - 0xc0d96858 [g_event] 12 0 0 0 WL (threaded) intr 100042 I [irq12: psm0] 100041 I [irq1: atkbd0] 100039 I [swi0: uart] 100036 I [irq20: fwohci0] 100035 I [irq14: ata0] 100034 I [irq19: ehci0] 100033 I [irq18: ohci2 ohci4] 100032 I [irq17: ohci1 ohci3] 100031 I [irq16: hdac1 ohci0] 100030 I [irq22: atapci0] 100029 I [irq256: hdac0] 100028 I [irq9: acpi0] 100027 I [swi5: +] 100026 I [swi2: cambio] 100020 I [swi6: task queue] 100019 I [swi6: Giant taskq] 100012 I [swi3: vm] 100011 I [swi1: net] 100010 I [swi4: clock] 100009 I [swi4: clock] 100008 I [swi4: clock] 100007 I [swi4: clock] 11 0 0 0 RL (threaded) idle 100006 Run CPU 0 [idle: cpu0] 100005 CanRun [idle: cpu1] 100004 Run CPU 2 [idle: cpu2] 100003 Run CPU 3 [idle: cpu3] 1 0 1 0 SLs wait 0xc4577d34 [init] 10 0 0 0 SL audit_wo 0xc0f10d80 [audit] 0 0 0 0 SLs (threaded) kernel 100037 D - 0xc4808780 [fw0_taskq] 100024 D - 0xc472b200 [acpi_task_2] 100023 D - 0xc472b200 [acpi_task_1] 100022 D - 0xc472b200 [acpi_task_0] 100021 D - 0xc472b240 [kqueue taskq] 100018 D - 0xc472b380 [thread taskq] 100016 D - 0xc455fc80 [firmware taskq] 100000 D sched 0xc0d96920 [swapper] db:1:ps> allt Tracing command sh pid 43713 tid 100437 td 0xc57484a0 sched_switch(c57484a0,0,104,18c,aa64f639,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,4c,...) at mi_switch+0x200 sleepq_switch(c57484a0,0,c0c4df6b,189,4c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c50a9d80,4c,c0c5040b,100,0,...) at sleepq_wait_sig+0x17 _sleep(c50a9d80,c50a9ee8,14c,c0c5040b,0,...) at _sleep+0x344 pipe_read(c4c39460,f3dc8c54,c4544300,0,c57484a0,...) at pipe_read+0x3f7 dofileread(f3dc8c54,ffffffff,ffffffff,0,c4c39460,...) at dofileread+0x96 kern_readv(c57484a0,0,f3dc8c54,f3dc8c78,1,...) at kern_readv+0x58 read(c57484a0,f3dc8cf8,c,f3dc8d38,c0d2d2c8,...) at read+0x4f syscall(f3dc8d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (3, FreeBSD ELF32, read), eip = 0x281e08a3, esp = 0xbfbfd86c, ebp = 0xbfbfd9a8 --- Tracing command ps pid 43712 tid 100559 td 0xc52366f0 kdb_enter(c0c49c1b,c0c49c1b,c0c71796,f3f64844,1,...) at kdb_enter+0x3a panic(c0c71796,bfbff000,0,2807ed60,0,...) at panic+0x136 vm_fault_hold(0,0,f3f64a28,c08a876f,c4f1a570,...) at vm_fault_hold+0x6d vm_fault(c4f1a570,bfbff000,1,0,f3f649f0,...) at vm_fault+0x23 proc_rwmem(c4f92d34,f3f64c54,c0c40110,42,c4f92d34,...) at proc_rwmem+0xaf procfs_doprocmem(c52366f0,c4f92d34,c48f5a80,0,f3f64c54,...) at procfs_doprocmem+0x8a pfs_read(f3f64ad4,c0c8457f,c4c216c8,f3f64ad4,c754142c,...) at pfs_read+0x240 VOP_READ_APV(c0d2ab20,f3f64ad4,c0c580c6,282,f3f64c54,...) at VOP_READ_APV+0xc5 vn_read_wired_chunk(c4c216c8,f3f64c54,c4544300,0,0,...) at vn_read_wired_chunk+0xb1 do_vn_rw_chunked(0,0,c52366f0,f3f64b60,c08fa9d0,...) at do_vn_rw_chunked+0xa7 vn_read(c4c216c8,f3f64c54,c4544300,0,c52366f0,...) at vn_read+0x1b9 dofileread(f3f64c54,ffffffff,ffffffff,0,c4c216c8,...) at dofileread+0x96 kern_readv(c52366f0,5,f3f64c54,f3f64c78,1,...) at kern_readv+0x58 read(c52366f0,f3f64cf8,c,c0c50641,c0d2d2c8,...) at read+0x4f syscall(f3f64d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (3, FreeBSD ELF32, read), eip = 0x281988a3, esp = 0xbfbfdaac, ebp = 0xbfbfdef8 --- Tracing command sh pid 43711 tid 100766 td 0xc56ce940 sched_switch(c56ce940,0,104,18c,aa60ebfd,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c56ce940,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c63e3d34,5c,c0c507e9,100,0,...) at sleepq_wait_sig+0x17 _sleep(c63e3d34,c63e3dbc,15c,c0c507e9,0,...) at _sleep+0x344 kern_wait(c56ce940,ffffffff,f4196c74,2,0,...) at kern_wait+0xac6 wait4(c56ce940,f4196cf8,10,c0c507c8,c0d2d328,...) at wait4+0x3b syscall(f4196d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (7, FreeBSD ELF32, wait4), eip = 0x28157f3b, esp = 0xbfbfdabc, ebp = 0xbfbfdad8 --- Tracing command sh pid 43709 tid 100486 td 0xc5774000 sched_switch(c5774000,0,104,18c,aa4909a0,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,4c,...) at mi_switch+0x200 sleepq_switch(c5774000,0,c0c4df6b,189,4c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4c75780,4c,c0c5040b,100,0,...) at sleepq_wait_sig+0x17 _sleep(c4c75780,c4c758e8,14c,c0c5040b,0,...) at _sleep+0x344 pipe_read(c4cfcb98,f3e82c54,c4544300,0,c5774000,...) at pipe_read+0x3f7 dofileread(f3e82c54,ffffffff,ffffffff,0,c4cfcb98,...) at dofileread+0x96 kern_readv(c5774000,3,f3e82c54,f3e82c78,1,...) at kern_readv+0x58 read(c5774000,f3e82cf8,c,f3e82d38,c0d2d2c8,...) at read+0x4f syscall(f3e82d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (3, FreeBSD ELF32, read), eip = 0x281e08a3, esp = 0xbfbfe05c, ebp = 0xbfbfe1b8 --- Tracing command sleep pid 43702 tid 100882 td 0xc576c250 sched_switch(c576c250,0,104,18c,855479d8,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c576c250,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(7531,c0897a20,c576c250,1,100,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c0d98c84,5c,c0c4ae2c,100,0,...) at sleepq_timedwait_sig+0x1a _sleep(c0d98c84,0,15c,c0c4ae2c,7531,...) at _sleep+0x30e kern_nanosleep(c576c250,f443fc64,f443fc6c,1e,0,...) at kern_nanosleep+0xc1 nanosleep(c576c250,f443fcf8,8,f443fd38,c0d2e900,...) at nanosleep+0x6f syscall(f443fd38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (240, FreeBSD ELF32, nanosleep), eip = 0x2815141f, esp = 0xbfbfee0c, ebp = 0xbfbfee48 --- Tracing command sh pid 43700 tid 100719 td 0xc59716f0 sched_switch(c59716f0,0,104,18c,85018171,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c59716f0,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c7bfd548,5c,c0c507e9,100,0,...) at sleepq_wait_sig+0x17 _sleep(c7bfd548,c7bfd5d0,15c,c0c507e9,0,...) at _sleep+0x344 kern_wait(c59716f0,ffffffff,f41c3c74,2,0,...) at kern_wait+0xac6 wait4(c59716f0,f41c3cf8,10,c0c507c8,c0d2d328,...) at wait4+0x3b syscall(f41c3d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (7, FreeBSD ELF32, wait4), eip = 0x28157f3b, esp = 0xbfbfea1c, ebp = 0xbfbfea38 --- Tracing command sh pid 43696 tid 100542 td 0xc5574940 sched_switch(c5574940,0,104,18c,a9e8c7d4,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c5574940,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c573d548,5c,c0c507e9,100,0,...) at sleepq_wait_sig+0x17 _sleep(c573d548,c573d5d0,15c,c0c507e9,0,...) at _sleep+0x344 kern_wait(c5574940,ffffffff,f3f31c74,2,0,...) at kern_wait+0xac6 wait4(c5574940,f3f31cf8,10,c0c507c8,c0d2d328,...) at wait4+0x3b syscall(f3f31d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (7, FreeBSD ELF32, wait4), eip = 0x28157f3b, esp = 0xbfbfe95c, ebp = 0xbfbfe978 --- Tracing command sleep pid 43694 tid 100422 td 0xc5a6d000 sched_switch(c5a6d000,0,104,18c,620a51b6,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c5a6d000,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(2711,c0897a20,c5a6d000,0,100,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c0d98c84,5c,c0c4ae2c,100,0,...) at sleepq_timedwait_sig+0x1a _sleep(c0d98c84,0,15c,c0c4ae2c,2711,...) at _sleep+0x30e kern_nanosleep(c5a6d000,f3d73c64,f3d73c6c,a,0,...) at kern_nanosleep+0xc1 nanosleep(c5a6d000,f3d73cf8,8,f3d73d38,c0d2e900,...) at nanosleep+0x6f syscall(f3d73d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (240, FreeBSD ELF32, nanosleep), eip = 0x2815141f, esp = 0xbfbfecbc, ebp = 0xbfbfecf8 --- Tracing command bash pid 96745 tid 100429 td 0xc552d940 sched_switch(c552d940,0,104,18c,739f8bf5,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c552d940,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(c0851eaa,c4c14804,0,c0c483d2,c552d940,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4c14870,0,f3d0ab08,101,0,...) at sleepq_wait_sig+0x17 _cv_wait_sig(c4c14870,c4c14804,c0c51ed4,4ce,0,...) at _cv_wait_sig+0x240 tty_wait(c4c14800,c4c14870,f3d0ac54,1,0,...) at tty_wait+0x71 ttydisc_read(c4c14800,f3d0ac54,0,9e,0,...) at ttydisc_read+0x22c ttydev_read(c4cb1900,f3d0ac54,0,0,1,...) at ttydev_read+0xaa devfs_read_f(c4cb3888,f3d0ac54,c5b0aa00,0,c552d940,...) at devfs_read_f+0x7e dofileread(f3d0ac54,ffffffff,ffffffff,0,c4cb3888,...) at dofileread+0x96 kern_readv(c552d940,0,f3d0ac54,f3d0ac78,1,...) at kern_readv+0x58 read(c552d940,f3d0acf8,c,c0c506c3,c0d2d2c8,...) at read+0x4f syscall(f3d0ad38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (3, FreeBSD ELF32, read), eip = 0x283328a3, esp = 0xbfbfe63c, ebp = 0xbfbfe668 --- Tracing command csh pid 96741 tid 100533 td 0xc549c000 sched_switch(c549c000,0,104,18c,2f7d4ded,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,68,...) at mi_switch+0x200 sleepq_switch(c549c000,0,c0c4df6b,189,68,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c573ed8c,68,c0bf956c,100,0,...) at sleepq_wait_sig+0x17 _sleep(c573ed8c,c573edbc,168,c0bf956c,0,...) at _sleep+0x344 kern_sigsuspend(c549c000,0,0,0,0,...) at kern_sigsuspend+0xe4 sigsuspend(c549c000,f3f16cf8,4,c0c506c3,c0d2f278,...) at sigsuspend+0x4d syscall(f3f16d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (341, FreeBSD ELF32, sigsuspend), eip = 0x281750fb, esp = 0xbfbfe5dc, ebp = 0xbfbfe648 --- Tracing command su pid 96725 tid 100584 td 0xc521a250 sched_switch(c521a250,0,104,18c,55110d67,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c521a250,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4bfa7ec,5c,c0c507e9,100,0,...) at sleepq_wait_sig+0x17 _sleep(c4bfa7ec,c4bfa874,15c,c0c507e9,0,...) at _sleep+0x344 kern_wait(c521a250,179e5,f3fafc74,2,0,...) at kern_wait+0xac6 wait4(c521a250,f3fafcf8,10,f3fafd38,c0d2d328,...) at wait4+0x3b syscall(f3fafd38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (7, FreeBSD ELF32, wait4), eip = 0x28117f3b, esp = 0xbfbfe62c, ebp = 0xbfbfe648 --- Tracing command bash pid 1207 tid 100157 td 0xc50aa6f0 sched_switch(c50aa6f0,0,104,18c,614bb4b0,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c50aa6f0,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c5379000,5c,c0c507e9,100,0,...) at sleepq_wait_sig+0x17 _sleep(c5379000,c5379088,15c,c0c507e9,0,...) at _sleep+0x344 kern_wait(c50aa6f0,ffffffff,f3983c74,6,0,...) at kern_wait+0xac6 wait4(c50aa6f0,f3983cf8,10,c0c506c3,c0d2d328,...) at wait4+0x3b syscall(f3983d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (7, FreeBSD ELF32, wait4), eip = 0x282a9f3b, esp = 0xbfbfe9dc, ebp = 0xbfbfe9f8 --- Tracing command sshd pid 1206 tid 100156 td 0xc537fb90 sched_switch(c537fb90,0,104,18c,73a0b727,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c537fb90,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(c0851eaa,c4bcad10,0,c0c483d2,c537fb90,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4bcad24,0,f3980a80,101,0,...) at sleepq_wait_sig+0x17 _cv_wait_sig(c4bcad24,c4bcad10,c0c50233,5c4,c4c21310,...) at _cv_wait_sig+0x240 seltdwait(c4c21310,58,c5072400,c537fb90,c5051c2c,...) at seltdwait+0xa2 kern_select(c537fb90,a,286030b8,286030dc,0,0,66,280f87f8) at kern_select+0x4c4 select(c537fb90,f3980cf8,14,c0c2c5fb,c0d2db38,...) at select+0x5e syscall(f3980d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x283be823, esp = 0xbfbfde5c, ebp = 0xbfbfdea8 --- Tracing command sshd pid 1204 tid 100154 td 0xc50aab90 Tracing command awk pid 1188 tid 100114 td 0xc4f966f0 sched_switch(c4f966f0,0,104,18c,61c95f98,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,4c,...) at mi_switch+0x200 sleepq_switch(c4f966f0,0,c0c4df6b,189,4c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c50a8d80,4c,c0c5040b,100,0,...) at sleepq_wait_sig+0x17 _sleep(c50a8d80,c50a8ee8,14c,c0c5040b,0,...) at _sleep+0x344 pipe_read(c4c22460,f38f6c54,c4cb2900,0,c4f966f0,...) at pipe_read+0x3f7 dofileread(f38f6c54,ffffffff,ffffffff,0,c4c22460,...) at dofileread+0x96 kern_readv(c4f966f0,0,f38f6c54,f38f6c78,1,...) at kern_readv+0x58 read(c4f966f0,f38f6cf8,c,c4f966f0,c0d2d2c8,...) at read+0x4f syscall(f38f6d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (3, FreeBSD ELF32, read), eip = 0x281a78a3, esp = 0xbfbfe97c, ebp = 0xbfbfe998 --- Tracing command sh pid 1187 tid 100147 td 0xc50ab4a0 sched_switch(c50ab4a0,0,104,18c,61d3ac42,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c50ab4a0,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4f93d34,5c,c0c507e9,100,0,...) at sleepq_wait_sig+0x17 _sleep(c4f93d34,c4f93dbc,15c,c0c507e9,0,...) at _sleep+0x344 kern_wait(c50ab4a0,ffffffff,f3961c74,2,0,...) at kern_wait+0xac6 wait4(c50ab4a0,f3961cf8,10,c0c507c8,c0d2d328,...) at wait4+0x3b syscall(f3961d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (7, FreeBSD ELF32, wait4), eip = 0x28157f3b, esp = 0xbfbfe95c, ebp = 0xbfbfe978 --- Tracing command top pid 1186 tid 100081 td 0xc4c506f0 sched_switch(c4c506f0,0,104,18c,4a15f072,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4c506f0,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f3841a50,c0851eaa,c4c3e190,0,c4c506f0,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c4c3e1a4,0,f3841a80,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c4c3e1a4,c4c3e190,3e9,5c4,c4c21268,...) at _cv_timedwait_sig+0x250 seltdwait(f3841c2c,f3841c34,c4f1da00,c4c506f0,5b1b322e,...) at seltdwait+0x8a kern_select(c4c506f0,2,bfbfebec,0,0,f3841c70,1,0) at kern_select+0x4c4 select(c4c506f0,f3841cf8,14,c0c2c5fb,c0d2db38,...) at select+0x5e syscall(f3841d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x281dc823, esp = 0xbfbfeb8c, ebp = 0xbfbfece8 --- Tracing command tail pid 1185 tid 100083 td 0xc4c50250 sched_switch(c4c50250,0,104,18c,9e456ad5,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,58,...) at mi_switch+0x200 sleepq_switch(c4c50250,0,c0c4df6b,189,58,...) at sleepq_switch+0x15f sleepq_catch_signals(3e9,c0897a20,c4c50250,1,100,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c505d180,58,c0c45502,100,0,...) at sleepq_timedwait_sig+0x1a _sleep(c505d180,c505d180,158,c0c45502,3e9,...) at _sleep+0x30e kern_kevent(c4c50250,4,0,1,f384ac58,...) at kern_kevent+0x357 kevent(c4c50250,f384acf8,18,c0be4fff,c0d2f488,...) at kevent+0x1a2 syscall(f384ad38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (363, FreeBSD ELF32, kevent), eip = 0x2815560b, esp = 0xbfbfeb6c, ebp = 0xbfbfec18 --- Tracing command sh pid 1184 tid 100110 td 0xc4c1d4a0 sched_switch(c4c1d4a0,0,104,18c,7d2ee9ee,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c4c1d4a0,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4c18548,5c,c0c507e9,100,0,...) at sleepq_wait_sig+0x17 _sleep(c4c18548,c4c185d0,15c,c0c507e9,0,...) at _sleep+0x344 kern_wait(c4c1d4a0,ffffffff,f38e9c74,2,0,...) at kern_wait+0xac6 wait4(c4c1d4a0,f38e9cf8,10,f38e9d38,c0d2d328,...) at wait4+0x3b syscall(f38e9d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (7, FreeBSD ELF32, wait4), eip = 0x28157f3b, esp = 0xbfbfeb5c, ebp = 0xbfbfeb78 --- Tracing command sshd pid 1183 tid 100087 td 0xc4c4d6f0 sched_switch(c4c4d6f0,0,104,18c,84a38913,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4c4d6f0,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(c0851eaa,c5057350,0,c0c483d2,c4c4d6f0,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c5057364,0,f385da80,101,0,...) at sleepq_wait_sig+0x17 _cv_wait_sig(c5057364,c5057350,c0c50233,5c4,c4f835b0,...) at _cv_wait_sig+0x240 seltdwait(c4f835b0,58,c5070e00,c4c4d6f0,c5051db4,...) at seltdwait+0xa2 kern_select(c4c4d6f0,c,286030b8,286030dc,0,0,66,280f87f8) at kern_select+0x4c4 select(c4c4d6f0,f385dcf8,14,c0c2c5fb,c0d2db38,...) at select+0x5e syscall(f385dd38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x283be823, esp = 0xbfbfde5c, ebp = 0xbfbfdea8 --- Tracing command sshd pid 1182 tid 100127 td 0xc4badb90 sched_switch(c4badb90,0,104,18c,4a1713bb,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4badb90,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(c0851eaa,c4c3ec90,0,c0c483d2,c4badb90,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4c3eca4,0,f391ea80,101,0,...) at sleepq_wait_sig+0x17 _cv_wait_sig(c4c3eca4,c4c3ec90,c0c50233,5c4,c4f7bd90,...) at _cv_wait_sig+0x240 seltdwait(c4f7bd90,58,c5072b00,c4badb90,c5051e78,...) at seltdwait+0xa2 kern_select(c4badb90,a,286030b8,286030dc,0,0,66,280f87f8) at kern_select+0x4c4 select(c4badb90,f391ecf8,14,c0c2c5fb,c0d2db38,...) at select+0x5e syscall(f391ed38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x283be823, esp = 0xbfbfde5c, ebp = 0xbfbfdea8 --- Tracing command sshd pid 1181 tid 100140 td 0xc4b27b90 sched_switch(c4b27b90,0,104,18c,b402006c,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b27b90,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(c0851eaa,c4b876d0,0,c0c483d2,c4b27b90,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4b876e4,0,f394aa80,101,0,...) at sleepq_wait_sig+0x17 _cv_wait_sig(c4b876e4,c4b876d0,c0c50233,5c4,c4c39e70,...) at _cv_wait_sig+0x240 seltdwait(c4c39e70,58,c4bc6200,c4b27b90,c5051cf0,...) at seltdwait+0xa2 kern_select(c4b27b90,c,286030b8,286030dc,0,0,66,280f87f8) at kern_select+0x4c4 select(c4b27b90,f394acf8,14,c0c2c5fb,c0d2db38,...) at select+0x5e syscall(f394ad38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x283be823, esp = 0xbfbfde5c, ebp = 0xbfbfdea8 --- Tracing command sshd pid 1177 tid 100098 td 0xc4cb8940 Tracing command sshd pid 1176 tid 100097 td 0xc4cb8b90 Tracing command sshd pid 1175 tid 100080 td 0xc4c50940 Tracing command inetd pid 1125 tid 100146 td 0xc50ab6f0 Tracing command watchdogd pid 1101 tid 100106 td 0xc4cb8000 sched_switch(c4cb8000,0,104,18c,ceb07a54,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c4cb8000,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(ea61,c0897a20,c4cb8000,0,100,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c0d98c84,5c,c0c4ae2c,100,0,...) at sleepq_timedwait_sig+0x1a _sleep(c0d98c84,0,15c,c0c4ae2c,ea61,...) at _sleep+0x30e kern_nanosleep(c4cb8000,f38bcc64,f38bcc6c,3c,0,...) at kern_nanosleep+0xc1 nanosleep(c4cb8000,f38bccf8,8,c0c603f7,c0d2e900,...) at nanosleep+0x6f syscall(f38bcd38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (240, FreeBSD ELF32, nanosleep), eip = 0x2817b41f, esp = 0xbfbfecec, ebp = 0xbfbfed18 --- Tracing command cron pid 1092 tid 100131 td 0xc4bad4a0 sched_switch(c4bad4a0,0,104,18c,b1574329,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c4bad4a0,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(ea61,c0897a20,c4bad4a0,0,100,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c0d98c84,5c,c0c4ae2c,100,0,...) at sleepq_timedwait_sig+0x1a _sleep(c0d98c84,0,15c,c0c4ae2c,ea61,...) at _sleep+0x30e kern_nanosleep(c4bad4a0,f392bc64,f392bc6c,3c,0,...) at kern_nanosleep+0xc1 nanosleep(c4bad4a0,f392bcf8,8,c0c5092d,c0d2e900,...) at nanosleep+0x6f syscall(f392bd38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (240, FreeBSD ELF32, nanosleep), eip = 0x2816e41f, esp = 0xbfbfec8c, ebp = 0xbfbfecb8 --- Tracing command sendmail pid 1086 tid 100143 td 0xc50ac000 sched_switch(c50ac000,0,104,18c,bcf67ca9,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,68,...) at mi_switch+0x200 sleepq_switch(c50ac000,0,c0c4df6b,189,68,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c508a844,68,c0bf956c,100,0,...) at sleepq_wait_sig+0x17 _sleep(c508a844,c508a874,168,c0bf956c,0,...) at _sleep+0x344 kern_sigsuspend(c50ac000,0,0,0,0,...) at kern_sigsuspend+0xe4 sigsuspend(c50ac000,f3954cf8,4,c0c506c3,c0d2f278,...) at sigsuspend+0x4d syscall(f3954d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (341, FreeBSD ELF32, sigsuspend), eip = 0x283280fb, esp = 0xbfbfcf9c, ebp = 0xbfbfcfc8 --- Tracing command sendmail pid 1082 tid 100125 td 0xc4f94940 sched_switch(c4f94940,0,104,18c,3eac65dd,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4f94940,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f3917a50,c0851eaa,c5057e90,0,c4f94940,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c5057ea4,0,f3917a80,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c5057ea4,c5057e90,1389,5c4,c7eb0b60,...) at _cv_timedwait_sig+0x250 seltdwait(f3917c2c,f3917c34,c4cb2e00,c4f94940,c4417000,...) at seltdwait+0x8a kern_select(c4f94940,5,bfbfc520,0,0,f3917c70,5,0) at kern_select+0x4c4 select(c4f94940,f3917cf8,14,c0c50c03,c0d2db38,...) at select+0x5e syscall(f3917d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x283c6823, esp = 0xbfbfc48c, ebp = 0xbfbfcfb8 --- Tracing command sshd pid 1075 tid 100112 td 0xc4c1e940 Tracing command ntpd pid 1038 tid 100121 td 0xc4f954a0 sched_switch(c4f954a0,0,104,18c,9bb247a2,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4f954a0,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(c0851eaa,c4cbd1d0,0,c0c483d2,c4f954a0,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4cbd1e4,0,f390ba80,101,0,...) at sleepq_wait_sig+0x17 _cv_wait_sig(c4cbd1e4,c4cbd1d0,c0c50233,5c4,c4cfc1c0,...) at _cv_wait_sig+0x240 seltdwait(c4cfc1c0,58,c4544300,c4f954a0,0,...) at seltdwait+0xa2 kern_select(c4f954a0,1b,bfbfed28,0,0,0,f390bc98,246) at kern_select+0x4c4 select(c4f954a0,f390bcf8,14,c4f954a0,c0d2db38,...) at select+0x5e syscall(f390bd38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x28347823, esp = 0xbfbfecfc, ebp = 0xbfbfedc8 --- Tracing command rpc.lockd pid 917 tid 100136 td 0xc4c1ab90 sched_switch(c4c1ab90,0,104,18c,cd9c22c5,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4c1ab90,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f393aa04,c0851eaa,c505c180,0,c4c1ab90,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c4b87cd0,0,f393aa34,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c4b87cd0,c505c180,1388,3a5,c507fa00,...) at _cv_timedwait_sig+0x250 svc_run_internal(c4c1acf4,14,c0c6c083,c0c6b49b,f393ab8c,...) at svc_run_internal+0x356 svc_run(c505c180,0,4,c0a40780,f393ab8c,...) at svc_run+0x7f nlm_syscall(c4c1ab90,f393acf8,10,c0c5102b,c0d2e0f0,...) at nlm_syscall+0x6a9 syscall(f393ad38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (154, FreeBSD ELF32, nlm_syscall), eip = 0x280f5d5b, esp = 0xbfbfed5c, ebp = 0xbfbfee28 --- Tracing command rpc.statd pid 911 tid 100128 td 0xc4bad940 sched_switch(c4bad940,0,104,18c,1573311d,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4bad940,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f3921a50,c0851eaa,c5058b50,0,c4bad940,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c5058b64,0,f3921a80,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c5058b64,c5058b50,7531,5c4,c4cfc000,...) at _cv_timedwait_sig+0x250 seltdwait(f3921c2c,f3921c34,c4544300,c4bad940,755,...) at seltdwait+0x8a kern_select(c4bad940,8,bfbfed44,0,0,f3921c70,1e,0) at kern_select+0x4c4 select(c4bad940,f3921cf8,14,c0c5092d,c0d2db38,...) at select+0x5e syscall(f3921d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x2817c823, esp = 0xbfbfec9c, ebp = 0xbfbfedd8 --- Tracing command nfsd pid 897 tid 100135 td 0xc4c51250 sched_switch(c4c51250,0,104,18c,9d166ed5,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4c51250,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f3937bf8,c0851eaa,c48f5c80,0,c4c51250,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c4cbc010,0,f3937c28,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c4cbc010,c48f5c80,1388,3a5,5a5a5a5a,...) at _cv_timedwait_sig+0x250 svc_run_internal(f3937d24,c083b0c8,c48f5c80,f3937d38,c0c4579b,...) at svc_run_internal+0x356 svc_thread_start(c48f5c80,f3937d38,c0c4579b,336,c508ba90,...) at svc_thread_start+0x10 fork_exit(c0a50960,c48f5c80,f3937d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0xc, esp = 0x33, ebp = 0 --- Tracing command nfsd pid 897 tid 100134 td 0xc4c514a0 sched_switch(c4c514a0,0,104,18c,9f2020d1,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4c514a0,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f3934bf8,c0851eaa,c48f5c80,0,c4c514a0,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c4c3fe90,0,f3934c28,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c4c3fe90,c48f5c80,1388,3a5,5a5a5a5a,...) at _cv_timedwait_sig+0x250 svc_run_internal(f3934d24,c083b0c8,c48f5c80,f3934d38,c0c4579b,...) at svc_run_internal+0x356 svc_thread_start(c48f5c80,f3934d38,c0c4579b,336,c508ba90,...) at svc_thread_start+0x10 fork_exit(c0a50960,c48f5c80,f3934d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0xc, esp = 0x33, ebp = 0 --- Tracing command nfsd pid 897 tid 100133 td 0xc4c516f0 sched_switch(c4c516f0,0,104,18c,9c717266,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4c516f0,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f3931bf8,c0851eaa,c48f5c80,0,c4c516f0,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c4cbc050,0,f3931c28,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c4cbc050,c48f5c80,1388,3a5,5a5a5a5a,...) at _cv_timedwait_sig+0x250 svc_run_internal(f3931d24,c083b0c8,c48f5c80,f3931d38,c0c4579b,...) at svc_run_internal+0x356 svc_thread_start(c48f5c80,f3931d38,c0c4579b,336,c508ba90,...) at svc_thread_start+0x10 fork_exit(c0a50960,c48f5c80,f3931d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0xc, esp = 0x33, ebp = 0 --- Tracing command nfsd pid 897 tid 100130 td 0xc4bad6f0 sched_switch(c4bad6f0,0,104,18c,9ee91db0,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4bad6f0,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f3928ae8,c0851eaa,c48f5c80,0,c4bad6f0,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c4c3fe50,0,f3928b18,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c4c3fe50,c48f5c80,1388,3a5,f3928b60,...) at _cv_timedwait_sig+0x250 svc_run_internal(c4bad854,14,c0c6c083,c0c6a982,0,...) at svc_run_internal+0x356 svc_run(c48f5c80,0,c0c6ac86,1fa,0,...) at svc_run+0x7f nfssvc_nfsd(f3928c38,c083e875,c4544300,122,f3928c50,...) at nfssvc_nfsd+0xad nfssvc_nfsserver(c4bad6f0,f3928cf8,4,c4bad6f0,c508ba90,...) at nfssvc_nfsserver+0x1d5 nfssvc(c4bad6f0,f3928cf8,8,f3928d38,c0d2e108,...) at nfssvc+0x77 syscall(f3928d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (155, FreeBSD ELF32, nfssvc), eip = 0x280d5d3b, esp = 0xbfbfe9bc, ebp = 0xbfbfeae8 --- Tracing command nfsd pid 896 tid 100129 td 0xc4c1d000 Tracing command mountd pid 892 tid 100116 td 0xc4f96250 Tracing command rpcbind pid 808 tid 100122 td 0xc4f95250 sched_switch(c4f95250,0,104,18c,95c456a4,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4f95250,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(f390eaa8,c0851eaa,c4b86950,0,c4f95250,...) at sleepq_catch_signals+0xb6 sleepq_timedwait_sig(c4b86964,0,f390ead8,101,0,...) at sleepq_timedwait_sig+0x1a _cv_timedwait_sig(c4b86964,c4b86950,7531,5c4,f390eb8c,...) at _cv_timedwait_sig+0x250 seltdwait(f390ec5c,f390ec64,4d4,c4f95250,f390eb5c,...) at seltdwait+0x8a poll(c4f95250,f390ecf8,c,c0c5092d,c0d2e618,...) at poll+0x2f9 syscall(f390ed38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (209, FreeBSD ELF32, poll), eip = 0x28136a3f, esp = 0xbfbfcc0c, ebp = 0xbfbfedd8 --- Tracing command syslogd pid 788 tid 100117 td 0xc4f96000 sched_switch(c4f96000,0,104,18c,9cf7b729,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4f96000,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(c0851eaa,c4a5a850,0,c0c483d2,c4f96000,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4a5a864,0,f38ffa80,101,0,...) at sleepq_wait_sig+0x17 _cv_wait_sig(c4a5a864,c4a5a850,c0c50233,5c4,c4f7b578,...) at _cv_wait_sig+0x240 seltdwait(c4f7b578,58,c4544300,c4f96000,0,...) at seltdwait+0xa2 kern_select(c4f96000,9,282290ac,0,0,0,66,2819a020) at kern_select+0x4c4 select(c4f96000,f38ffcf8,14,c0c507d8,c0d2db38,...) at select+0x5e syscall(f38ffd38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x28186823, esp = 0xbfbfde7c, ebp = 0xbfbfee28 --- Tracing command devd pid 593 tid 100089 td 0xc4c4d250 sched_switch(c4c4d250,0,104,18c,40ca8560,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4c4d250,0,c0c4df6b,189,0,...) at sleepq_switch+0x15f sleepq_catch_signals(c0851eaa,c4c3edd0,0,c0c483d2,c4c4d250,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4c3ede4,0,f3866a80,101,0,...) at sleepq_wait_sig+0x17 _cv_wait_sig(c4c3ede4,c4c3edd0,c0c50233,5c4,c4c22ab8,...) at _cv_wait_sig+0x240 seltdwait(c4c22ab8,58,c4544300,c4c4d250,c0ed8380,...) at seltdwait+0xa2 kern_select(c4c4d250,6,bfbfe9b0,0,0,0,66,10) at kern_select+0x4c4 select(c4c4d250,f3866cf8,14,c0be4fff,c0d2db38,...) at select+0x5e syscall(f3866d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (93, FreeBSD ELF32, select), eip = 0x808800f, esp = 0xbfbfe97c, ebp = 0xbfbfee58 --- Tracing command flowcleaner pid 44 tid 100075 td 0xc4bae250 sched_switch(c4bae250,0,104,18c,549f9b02,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4bae250,0,c0c4df6b,26a,2,...) at sleepq_switch+0x15f sleepq_timedwait(c0d98ae4,0,c0c58a6c,2,0,...) at sleepq_timedwait+0x6b _sleep(c0d98ae4,0,0,c0c58a6c,4e20,...) at _sleep+0x329 pause(c0c58a6c,4e20,c0c589a1,41e,0,...) at pause+0x47 flowtable_cleaner(0,f163ed38,c0c4579b,336,c4b22d34,...) at flowtable_cleaner+0x160 fork_exit(c0903190,0,f163ed38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf163ed70, ebp = 0 --- Tracing command softdepflush pid 43 tid 100074 td 0xc4bae4a0 sched_switch(c4bae4a0,0,104,18c,74be93c1,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,44,...) at mi_switch+0x200 sleepq_switch(c4bae4a0,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c0f113e0,44,c0c6ef19,0,0,...) at sleepq_timedwait+0x6b _sleep(c0f113e0,c0f11384,44,c0c6ef19,3e8,...) at _sleep+0x329 softdep_flush(0,f163bd38,c0c4579b,336,c4b3b000,...) at softdep_flush+0x2b0 fork_exit(c0a7cc70,0,f163bd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf163bd70, ebp = 0 --- Tracing command syncer pid 42 tid 100073 td 0xc4bae6f0 sched_switch(c4bae6f0,0,104,18c,8d87a31f,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4bae6f0,0,c0c4df6b,26a,c4bae6f0,...) at sleepq_switch+0x15f sleepq_timedwait(c0f05554,0,f1638c88,1,0,...) at sleepq_timedwait+0x6b _cv_timedwait(c0f05554,c0f05540,3e8,6e0,4e20,...) at _cv_timedwait+0x250 sched_sync(0,f1638d38,c0c4579b,336,c4b3b2a4,...) at sched_sync+0x502 fork_exit(c08edbb0,0,f1638d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1638d70, ebp = 0 --- Tracing command vnlru pid 41 tid 100072 td 0xc4bae940 sched_switch(c4bae940,0,104,18c,74a2f62f,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,50,...) at mi_switch+0x200 sleepq_switch(c4bae940,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c4b3b548,50,c0c57be2,0,0,...) at sleepq_timedwait+0x6b _sleep(c4b3b548,c0f05514,250,c0c57be2,3e8,...) at _sleep+0x329 vnlru_proc(0,f1635d38,c0c4579b,336,c4b3b548,...) at vnlru_proc+0xe7 fork_exit(c08ee750,0,f1635d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1635d70, ebp = 0 --- Tracing command bufdaemon pid 40 tid 100071 td 0xc4baeb90 sched_switch(c4baeb90,0,104,18c,74a38cf8,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,44,...) at mi_switch+0x200 sleepq_switch(c4baeb90,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c0f05288,44,c0c55386,0,0,...) at sleepq_timedwait+0x6b _sleep(c0f05288,c0f0528c,44,c0c55386,3e8,...) at _sleep+0x329 buf_daemon(0,f1632d38,c0c4579b,336,c4b3b7ec,...) at buf_daemon+0x138 fork_exit(c08d68d0,0,f1632d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1632d70, ebp = 0 --- Tracing command pagezero pid 39 tid 100070 td 0xc4b0d6f0 sched_switch(c4b0d6f0,0,104,18c,7e6100e9,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0d6f0,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c0f12014,0,c0c74454,0,0,...) at sleepq_timedwait+0x6b _sleep(c0f12014,c0f11bd0,0,c0c74454,493e0,...) at _sleep+0x329 vm_pagezero(0,f162fd38,c0c4579b,336,c4b3ba90,...) at vm_pagezero+0xdc fork_exit(c0ab96d0,0,f162fd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf162fd70, ebp = 0 --- Tracing command vmdaemon pid 38 tid 100069 td 0xc4b0d940 sched_switch(c4b0d940,0,104,18c,1efeeb77,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,68,...) at mi_switch+0x200 sleepq_switch(c4b0d940,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c0f11c3c,68,c0c55386,0,0,...) at sleepq_wait+0x63 _sleep(c0f11c3c,c0f11c40,68,c0c55386,0,...) at _sleep+0x35b vm_daemon(0,f162cd38,c0c4579b,336,c4b3bd34,...) at vm_daemon+0x59 fork_exit(c0ab3b40,0,f162cd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf162cd70, ebp = 0 --- Tracing command pagedaemon pid 9 tid 100068 td 0xc4b0db90 sched_switch(c4b0db90,0,104,18c,7c5cb3ed,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,44,...) at mi_switch+0x200 sleepq_switch(c4b0db90,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c0f11c04,44,c0c55386,0,0,...) at sleepq_timedwait+0x6b _sleep(c0f11c04,c0f11bd0,44,c0c55386,1388,...) at _sleep+0x329 vm_pageout(0,f1629d38,c0c4579b,336,c4b3c000,...) at vm_pageout+0x2bb fork_exit(c0ab49f0,0,f1629d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1629d70, ebp = 0 --- Tracing command usbus5 pid 37 tid 100067 td 0xc4b25000 sched_switch(c4b25000,0,104,18c,52a6fbb6,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b25000,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47dfd0c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47dfd0c,c47dfdac,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15c6cf8,c079d4db,c47dfd0c,...) at usb2_msleep+0x58 usb2_cv_wait(c47dfd0c,c47dfdac,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47dfd04,f15c6d38,c0c4579b,336,c4b3c2a4,...) at usb2_process+0x18b fork_exit(c079d350,c47dfd04,f15c6d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15c6d70, ebp = 0 --- Tracing command usbus5 pid 36 tid 100066 td 0xc4b25250 sched_switch(c4b25250,0,104,18c,3576d58,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b25250,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47dfcdc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47dfcdc,c47dfdac,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15c3cf8,c079d4db,c47dfcdc,...) at usb2_msleep+0x58 usb2_cv_wait(c47dfcdc,c47dfdac,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47dfcd4,f15c3d38,c0c4579b,336,c4b3c548,...) at usb2_process+0x18b fork_exit(c079d350,c47dfcd4,f15c3d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15c3d70, ebp = 0 --- Tracing command usbus5 pid 35 tid 100065 td 0xc4b254a0 sched_switch(c4b254a0,0,104,18c,52400126,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b254a0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47dfcac,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47dfcac,c47dfdac,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15c0cf8,c079d4db,c47dfcac,...) at usb2_msleep+0x58 usb2_cv_wait(c47dfcac,c47dfdac,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47dfca4,f15c0d38,c0c4579b,336,c4b21000,...) at usb2_process+0x18b fork_exit(c079d350,c47dfca4,f15c0d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15c0d70, ebp = 0 --- Tracing command usbus5 pid 34 tid 100064 td 0xc4b256f0 sched_switch(c4b256f0,0,104,18c,523ff33a,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b256f0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47dfc7c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47dfc7c,c47dfdac,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15bdcf8,c079d4db,c47dfc7c,...) at usb2_msleep+0x58 usb2_cv_wait(c47dfc7c,c47dfdac,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47dfc74,f15bdd38,c0c4579b,336,c4b212a4,...) at usb2_process+0x18b fork_exit(c079d350,c47dfc74,f15bdd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15bdd70, ebp = 0 --- Tracing command usbus4 pid 33 tid 100063 td 0xc4b25940 sched_switch(c4b25940,0,104,18c,523fe513,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b25940,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47d9b5c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47d9b5c,c47d9bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15bacf8,c079d4db,c47d9b5c,...) at usb2_msleep+0x58 usb2_cv_wait(c47d9b5c,c47d9bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47d9b54,f15bad38,c0c4579b,336,c4b21548,...) at usb2_process+0x18b fork_exit(c079d350,c47d9b54,f15bad38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15bad70, ebp = 0 --- Tracing command usbus4 pid 32 tid 100062 td 0xc4b25b90 sched_switch(c4b25b90,0,104,18c,356a68b,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b25b90,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47d9b2c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47d9b2c,c47d9bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15b7cf8,c079d4db,c47d9b2c,...) at usb2_msleep+0x58 usb2_cv_wait(c47d9b2c,c47d9bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47d9b24,f15b7d38,c0c4579b,336,c4b217ec,...) at usb2_process+0x18b fork_exit(c079d350,c47d9b24,f15b7d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15b7d70, ebp = 0 --- Tracing command usbus4 pid 31 tid 100061 td 0xc4b27000 sched_switch(c4b27000,0,104,18c,51dbc1f1,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b27000,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47d9afc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47d9afc,c47d9bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15b4cf8,c079d4db,c47d9afc,...) at usb2_msleep+0x58 usb2_cv_wait(c47d9afc,c47d9bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47d9af4,f15b4d38,c0c4579b,336,c4b21a90,...) at usb2_process+0x18b fork_exit(c079d350,c47d9af4,f15b4d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15b4d70, ebp = 0 --- Tracing command usbus4 pid 30 tid 100060 td 0xc4b27250 sched_switch(c4b27250,0,104,18c,51dbaf69,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b27250,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47d9acc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47d9acc,c47d9bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15b1cf8,c079d4db,c47d9acc,...) at usb2_msleep+0x58 usb2_cv_wait(c47d9acc,c47d9bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47d9ac4,f15b1d38,c0c4579b,336,c4b21d34,...) at usb2_process+0x18b fork_exit(c079d350,c47d9ac4,f15b1d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15b1d70, ebp = 0 --- Tracing command usbus3 pid 29 tid 100059 td 0xc4b274a0 sched_switch(c4b274a0,0,104,18c,51dba00a,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b274a0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47d0b5c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47d0b5c,c47d0bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15aecf8,c079d4db,c47d0b5c,...) at usb2_msleep+0x58 usb2_cv_wait(c47d0b5c,c47d0bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47d0b54,f15aed38,c0c4579b,336,c4b22000,...) at usb2_process+0x18b fork_exit(c079d350,c47d0b54,f15aed38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15aed70, ebp = 0 --- Tracing command usbus3 pid 28 tid 100058 td 0xc4b276f0 sched_switch(c4b276f0,0,104,18c,3564889,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b276f0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47d0b2c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47d0b2c,c47d0bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15abcf8,c079d4db,c47d0b2c,...) at usb2_msleep+0x58 usb2_cv_wait(c47d0b2c,c47d0bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47d0b24,f15abd38,c0c4579b,336,c4b222a4,...) at usb2_process+0x18b fork_exit(c079d350,c47d0b24,f15abd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15abd70, ebp = 0 --- Tracing command usbus3 pid 27 tid 100057 td 0xc47fc6f0 sched_switch(c47fc6f0,0,104,18c,51775686,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c47fc6f0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47d0afc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47d0afc,c47d0bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15a8cf8,c079d4db,c47d0afc,...) at usb2_msleep+0x58 usb2_cv_wait(c47d0afc,c47d0bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47d0af4,f15a8d38,c0c4579b,336,c4b22548,...) at usb2_process+0x18b fork_exit(c079d350,c47d0af4,f15a8d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15a8d70, ebp = 0 --- Tracing command usbus3 pid 26 tid 100056 td 0xc47fc940 sched_switch(c47fc940,0,104,18c,51774821,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c47fc940,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47d0acc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47d0acc,c47d0bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15a5cf8,c079d4db,c47d0acc,...) at usb2_msleep+0x58 usb2_cv_wait(c47d0acc,c47d0bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47d0ac4,f15a5d38,c0c4579b,336,c4b227ec,...) at usb2_process+0x18b fork_exit(c079d350,c47d0ac4,f15a5d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15a5d70, ebp = 0 --- Tracing command usbus2 pid 25 tid 100055 td 0xc47fcb90 sched_switch(c47fcb90,0,104,18c,5177391d,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c47fcb90,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47ccb5c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47ccb5c,c47ccbfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f15a2cf8,c079d4db,c47ccb5c,...) at usb2_msleep+0x58 usb2_cv_wait(c47ccb5c,c47ccbfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47ccb54,f15a2d38,c0c4579b,336,c46a47ec,...) at usb2_process+0x18b fork_exit(c079d350,c47ccb54,f15a2d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf15a2d70, ebp = 0 --- Tracing command usbus2 pid 24 tid 100054 td 0xc4b0c000 sched_switch(c4b0c000,0,104,18c,3560900,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0c000,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47ccb2c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47ccb2c,c47ccbfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f159fcf8,c079d4db,c47ccb2c,...) at usb2_msleep+0x58 usb2_cv_wait(c47ccb2c,c47ccbfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47ccb24,f159fd38,c0c4579b,336,c46a4a90,...) at usb2_process+0x18b fork_exit(c079d350,c47ccb24,f159fd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf159fd70, ebp = 0 --- Tracing command usbus2 pid 23 tid 100053 td 0xc4b0c250 sched_switch(c4b0c250,0,104,18c,51125ddc,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0c250,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47ccafc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47ccafc,c47ccbfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f159ccf8,c079d4db,c47ccafc,...) at usb2_msleep+0x58 usb2_cv_wait(c47ccafc,c47ccbfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47ccaf4,f159cd38,c0c4579b,336,c46a4d34,...) at usb2_process+0x18b fork_exit(c079d350,c47ccaf4,f159cd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf159cd70, ebp = 0 --- Tracing command usbus2 pid 22 tid 100052 td 0xc4b0c4a0 sched_switch(c4b0c4a0,0,104,18c,51124ea2,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0c4a0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47ccacc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47ccacc,c47ccbfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f1599cf8,c079d4db,c47ccacc,...) at usb2_msleep+0x58 usb2_cv_wait(c47ccacc,c47ccbfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47ccac4,f1599d38,c0c4579b,336,c4b0f000,...) at usb2_process+0x18b fork_exit(c079d350,c47ccac4,f1599d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1599d70, ebp = 0 --- Tracing command usbus1 pid 21 tid 100051 td 0xc4b0c6f0 sched_switch(c4b0c6f0,0,104,18c,51123fc6,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0c6f0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47c6b5c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47c6b5c,c47c6bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f1596cf8,c079d4db,c47c6b5c,...) at usb2_msleep+0x58 usb2_cv_wait(c47c6b5c,c47c6bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47c6b54,f1596d38,c0c4579b,336,c4b0f2a4,...) at usb2_process+0x18b fork_exit(c079d350,c47c6b54,f1596d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1596d70, ebp = 0 --- Tracing command usbus1 pid 20 tid 100050 td 0xc4b0c940 sched_switch(c4b0c940,0,104,18c,35593c7,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0c940,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47c6b2c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47c6b2c,c47c6bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f1593cf8,c079d4db,c47c6b2c,...) at usb2_msleep+0x58 usb2_cv_wait(c47c6b2c,c47c6bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47c6b24,f1593d38,c0c4579b,336,c4b0f548,...) at usb2_process+0x18b fork_exit(c079d350,c47c6b24,f1593d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1593d70, ebp = 0 --- Tracing command usbus1 pid 19 tid 100049 td 0xc4b0cb90 sched_switch(c4b0cb90,0,104,18c,50ade717,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0cb90,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47c6afc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47c6afc,c47c6bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f1590cf8,c079d4db,c47c6afc,...) at usb2_msleep+0x58 usb2_cv_wait(c47c6afc,c47c6bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47c6af4,f1590d38,c0c4579b,336,c4b0f7ec,...) at usb2_process+0x18b fork_exit(c079d350,c47c6af4,f1590d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1590d70, ebp = 0 --- Tracing command usbus1 pid 18 tid 100048 td 0xc4b0d000 sched_switch(c4b0d000,0,104,18c,50add5c8,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0d000,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47c6acc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47c6acc,c47c6bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f158dcf8,c079d4db,c47c6acc,...) at usb2_msleep+0x58 usb2_cv_wait(c47c6acc,c47c6bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47c6ac4,f158dd38,c0c4579b,336,c4b0fa90,...) at usb2_process+0x18b fork_exit(c079d350,c47c6ac4,f158dd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf158dd70, ebp = 0 --- Tracing command usbus0 pid 17 tid 100047 td 0xc4b0d250 sched_switch(c4b0d250,0,104,18c,50adc5c3,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0d250,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47c1b5c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47c1b5c,c47c1bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f158acf8,c079d4db,c47c1b5c,...) at usb2_msleep+0x58 usb2_cv_wait(c47c1b5c,c47c1bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47c1b54,f158ad38,c0c4579b,336,c4b0fd34,...) at usb2_process+0x18b fork_exit(c079d350,c47c1b54,f158ad38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf158ad70, ebp = 0 --- Tracing command usbus0 pid 16 tid 100046 td 0xc4b0d4a0 sched_switch(c4b0d4a0,0,104,18c,35533c9,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4b0d4a0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47c1b2c,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47c1b2c,c47c1bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f1587cf8,c079d4db,c47c1b2c,...) at usb2_msleep+0x58 usb2_cv_wait(c47c1b2c,c47c1bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47c1b24,f1587d38,c0c4579b,336,c45782a4,...) at usb2_process+0x18b fork_exit(c079d350,c47c1b24,f1587d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1587d70, ebp = 0 --- Tracing command usbus0 pid 15 tid 100045 td 0xc4751940 sched_switch(c4751940,0,104,18c,5042d01e,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4751940,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47c1afc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47c1afc,c47c1bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f1584cf8,c079d4db,c47c1afc,...) at usb2_msleep+0x58 usb2_cv_wait(c47c1afc,c47c1bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47c1af4,f1584d38,c0c4579b,336,c4578548,...) at usb2_process+0x18b fork_exit(c079d350,c47c1af4,f1584d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1584d70, ebp = 0 --- Tracing command usbus0 pid 14 tid 100044 td 0xc4751b90 sched_switch(c4751b90,0,104,18c,5042bd45,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4751b90,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c47c1acc,0,c0c39536,0,0,...) at sleepq_wait+0x63 _sleep(c47c1acc,c47c1bfc,0,c0c39536,0,...) at _sleep+0x35b usb2_msleep(c0c39536,0,f1581cf8,c079d4db,c47c1acc,...) at usb2_msleep+0x58 usb2_cv_wait(c47c1acc,c47c1bfc,c0c39495,51,c0d9cc00,...) at usb2_cv_wait+0x23 usb2_process(c47c1ac4,f1581d38,c0c4579b,336,c45787ec,...) at usb2_process+0x18b fork_exit(c079d350,c47c1ac4,f1581d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1581d70, ebp = 0 --- Tracing command sctp_iterator pid 8 tid 100043 td 0xc47fb000 sched_switch(c47fb000,0,104,18c,22563fd1,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c47fb000,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c0f0743c,0,c0c61af7,0,0,...) at sleepq_wait+0x63 _sleep(c0f0743c,c0f07350,0,c0c61af7,0,...) at _sleep+0x35b sctp_iterator_thread(0,f157ed38,c0c4579b,336,c4578a90,...) at sctp_iterator_thread+0x60 fork_exit(c096a1e0,0,f157ed38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf157ed70, ebp = 0 --- Tracing command fdc0 pid 7 tid 100040 td 0xc47fb6f0 sched_switch(c47fb6f0,0,104,18c,74a33f07,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,4c,...) at mi_switch+0x200 sleepq_switch(c47fb6f0,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c47cf43c,4c,c0c40257,0,0,...) at sleepq_timedwait+0x6b _sleep(c47cf43c,c47cf4f0,4c,c0c40257,3e8,...) at _sleep+0x329 fdc_thread(c47cf400,f1572d38,c0c4579b,336,c4578d34,...) at fdc_thread+0x2be fork_exit(c0b36bc0,c47cf400,f1572d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1572d70, ebp = 0 --- Tracing command fw0_probe pid 6 tid 100038 td 0xc47fbb90 sched_switch(c47fbb90,0,104,18c,773c271f,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c47fbb90,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4800000,5c,c0c40257,100,0,...) at sleepq_wait_sig+0x17 _sleep(c4800000,c4804488,15c,c0c40257,0,...) at _sleep+0x344 fw_bus_probe_thread(c4800000,f1562d38,c0c4579b,336,c46a4000,...) at fw_bus_probe_thread+0xa08 fork_exit(c063e440,c4800000,f1562d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1562d70, ebp = 0 --- Tracing command xpt_thrd pid 5 tid 100025 td 0xc47516f0 sched_switch(c47516f0,0,104,18c,52ac1790,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,4c,...) at mi_switch+0x200 sleepq_switch(c47516f0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c0d65ad4,4c,c0be0cd8,0,0,...) at sleepq_wait+0x63 _sleep(c0d65ad4,c0d65aec,4c,c0be0cd8,0,...) at _sleep+0x35b xpt_scanner_thread(0,c420bd38,c0c4579b,336,c46a42a4,...) at xpt_scanner_thread+0x41 fork_exit(c047d1f0,0,c420bd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc420bd70, ebp = 0 --- Tracing command yarrow pid 13 tid 100017 td 0xc4680940 sched_switch(c4680940,0,104,18c,a36d9a48,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4680940,0,c0c4df6b,26a,2,...) at sleepq_switch+0x15f sleepq_timedwait(c0d98ae4,0,c0c40257,2,0,...) at sleepq_timedwait+0x6b _sleep(c0d98ae4,0,0,c0c40257,64,...) at _sleep+0x329 pause(c0c40257,64,c0c26d1e,113,0,...) at pause+0x47 random_kthread(0,c41f3d38,c0c4579b,336,c46a4548,...) at random_kthread+0x1ef fork_exit(c0716440,0,c41f3d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41f3d70, ebp = 0 --- Tracing command g_down pid 4 tid 100015 td 0xc457b250 sched_switch(c457b250,0,104,18c,a9c40784,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,4c,...) at mi_switch+0x200 sleepq_switch(c457b250,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c0d96864,4c,c0c40257,0,0,...) at sleepq_timedwait+0x6b _sleep(c0d96864,c0d967c8,24c,c0c40257,64,...) at _sleep+0x329 g_io_schedule_down(c457b250,0,c0c4191f,74,0,...) at g_io_schedule_down+0x6b g_down_procbody(0,c41edd38,c0c4579b,336,c4577000,...) at g_down_procbody+0x8d fork_exit(c0803bd0,0,c41edd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41edd70, ebp = 0 --- Tracing command g_up pid 3 tid 100014 td 0xc457b4a0 sched_switch(c457b4a0,0,104,18c,a9ce809f,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,4c,...) at mi_switch+0x200 sleepq_switch(c457b4a0,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c0d96860,4c,c0c40257,0,0,...) at sleepq_timedwait+0x6b _sleep(c0d96860,c0d967e8,24c,c0c40257,64,...) at _sleep+0x329 g_io_schedule_up(c457b4a0,0,c0c4191f,5d,0,...) at g_io_schedule_up+0x133 g_up_procbody(0,c41ead38,c0c4579b,336,c45772a4,...) at g_up_procbody+0x8d fork_exit(c0803c60,0,c41ead38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41ead70, ebp = 0 --- Tracing command g_event pid 2 tid 100013 td 0xc457b6f0 sched_switch(c457b6f0,0,104,18c,a1456596,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,4c,...) at mi_switch+0x200 sleepq_switch(c457b6f0,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c0d96858,4c,c0c40257,0,0,...) at sleepq_timedwait+0x6b _sleep(c0d96858,0,4c,c0c40257,64,...) at _sleep+0x329 g_event_procbody(0,c41e7d38,c0c4579b,336,c4577548,...) at g_event_procbody+0xcb fork_exit(c0803cf0,0,c41e7d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41e7d70, ebp = 0 --- Tracing command intr pid 12 tid 100042 td 0xc47fb250 fork_trampoline() at fork_trampoline Tracing command intr pid 12 tid 100041 td 0xc47fb4a0 sched_switch(c47fb4a0,0,109,18c,52a72073,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c4575170,...) at mi_switch+0x200 ithread_loop(c48ed330,f1575d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c48ed330,f1575d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1575d70, ebp = 0 --- Tracing command intr pid 12 tid 100039 td 0xc47fb940 sched_switch(c47fb940,0,109,18c,559e51fd,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c47f9770,...) at mi_switch+0x200 ithread_loop(c48e3760,f1565d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c48e3760,f1565d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1565d70, ebp = 0 --- Tracing command intr pid 12 tid 100036 td 0xc47fc250 sched_switch(c47fc250,0,109,18c,4fe4fc1b,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45be1f0,...) at mi_switch+0x200 ithread_loop(c47fa910,f1559d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c47fa910,f1559d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1559d70, ebp = 0 --- Tracing command intr pid 12 tid 100035 td 0xc47fc4a0 sched_switch(c47fc4a0,0,109,18c,5dc27a7d,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45be4f0,...) at mi_switch+0x200 ithread_loop(c47fa180,f1551d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c47fa180,f1551d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1551d70, ebp = 0 --- Tracing command intr pid 12 tid 100034 td 0xc4750000 fork_trampoline() at fork_trampoline Tracing command intr pid 12 tid 100033 td 0xc4750250 sched_switch(c4750250,0,109,18c,7ef64950,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45be2f0,...) at mi_switch+0x200 ithread_loop(c47a7440,f153fd38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c47a7440,f153fd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf153fd70, ebp = 0 --- Tracing command intr pid 12 tid 100032 td 0xc47504a0 sched_switch(c47504a0,0,109,18c,7e725718,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45be370,...) at mi_switch+0x200 ithread_loop(c47a7680,f153bd38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c47a7680,f153bd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf153bd70, ebp = 0 --- Tracing command intr pid 12 tid 100031 td 0xc47506f0 sched_switch(c47506f0,0,109,18c,522cccda,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45be3f0,...) at mi_switch+0x200 ithread_loop(c47a7170,f1537d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c47a7170,f1537d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf1537d70, ebp = 0 --- Tracing command intr pid 12 tid 100030 td 0xc4750940 sched_switch(c4750940,0,109,18c,a9cdacd7,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45be0f0,...) at mi_switch+0x200 ithread_loop(c4791460,c434dd38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c4791460,c434dd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc434dd70, ebp = 0 --- Tracing command intr pid 12 tid 100029 td 0xc4750b90 sched_switch(c4750b90,0,109,18c,6ad087c3,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c477a670,...) at mi_switch+0x200 ithread_loop(c4789630,c4247d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c4789630,c4247d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc4247d70, ebp = 0 --- Tracing command intr pid 12 tid 100028 td 0xc4751000 sched_switch(c4751000,0,109,18c,52a81cdd,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c4574c70,...) at mi_switch+0x200 ithread_loop(c474f400,c423ad38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c474f400,c423ad38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc423ad70, ebp = 0 --- Tracing command intr pid 12 tid 100027 td 0xc4751250 sched_switch(c4751250,0,109,18c,73a4aaf0,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c474e4f0,...) at mi_switch+0x200 ithread_loop(c474d880,c4211d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c474d880,c4211d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc4211d70, ebp = 0 --- Tracing command intr pid 12 tid 100026 td 0xc47514a0 sched_switch(c47514a0,0,109,18c,7ad85b81,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c474e5f0,...) at mi_switch+0x200 ithread_loop(c474d8a0,c420ed38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c474d8a0,c420ed38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc420ed70, ebp = 0 --- Tracing command intr pid 12 tid 100020 td 0xc4680250 sched_switch(c4680250,0,109,18c,66ea4a34,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c474e770,...) at mi_switch+0x200 ithread_loop(c474d930,c41fcd38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c474d930,c41fcd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41fcd70, ebp = 0 --- Tracing command intr pid 12 tid 100019 td 0xc46804a0 sched_switch(c46804a0,0,109,18c,3de70659,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c474e7f0,...) at mi_switch+0x200 ithread_loop(c474d940,c41f9d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c474d940,c41f9d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41f9d70, ebp = 0 --- Tracing command intr pid 12 tid 100012 td 0xc457b940 fork_trampoline() at fork_trampoline Tracing command intr pid 12 tid 100011 td 0xc457bb90 sched_switch(c457bb90,0,109,18c,bd6fec3c,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45bdcf0,...) at mi_switch+0x200 ithread_loop(c45761e0,c41e1d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c45761e0,c41e1d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41e1d70, ebp = 0 --- Tracing command intr pid 12 tid 100010 td 0xc45bf000 sched_switch(c45bf000,0,109,18c,9ded629e,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45bdd70,...) at mi_switch+0x200 ithread_loop(c45761f0,c41ded38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c45761f0,c41ded38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41ded70, ebp = 0 --- Tracing command intr pid 12 tid 100009 td 0xc45bf250 sched_switch(c45bf250,0,109,18c,3da399c1,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45bddf0,...) at mi_switch+0x200 ithread_loop(c4576200,c41dbd38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c4576200,c41dbd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41dbd70, ebp = 0 --- Tracing command intr pid 12 tid 100008 td 0xc45bf4a0 sched_switch(c45bf4a0,0,109,18c,a36ab957,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45bde70,...) at mi_switch+0x200 ithread_loop(c4576210,c41d8d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c4576210,c41d8d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41d8d70, ebp = 0 --- Tracing command intr pid 12 tid 100007 td 0xc4579000 sched_switch(c4579000,0,109,18c,ab40337a,...) at sched_switch+0x437 mi_switch(109,0,c0c45a1a,4e3,c45bdef0,...) at mi_switch+0x200 ithread_loop(c4576220,c41d5d38,c0c4579b,336,c45777ec,...) at ithread_loop+0x1f6 fork_exit(c083def0,c4576220,c41d5d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41d5d70, ebp = 0 --- Tracing command idle pid 11 tid 100006 td 0xc4579250 cpustop_handler(1,c41d1c24,c0b7ddbd,c086dec8,efba65fb,...) at cpustop_handler+0x32 ipi_nmi_handler(c086dec8,efba65fb,7fff2143,369e99,c4577a90,...) at ipi_nmi_handler+0x2f trap(c41d1c30) at trap+0x2d calltrap() at calltrap+0x6 --- trap 0x13, eip = 0xc0b55665, esp = 0xc41d1c70, ebp = 0xc41d1c70 --- acpi_cpu_c1(0,ffffffff,c41d1cd8,0,c0883a31,...) at acpi_cpu_c1+0x5 acpi_cpu_idle(c41d1cb4,c0b6c5db,0,c41d1cf8,c0883cfe,...) at acpi_cpu_idle+0x11c cpu_idle_acpi(0,c41d1cf8,c0883cfe,0,c41d1cd8,...) at cpu_idle_acpi+0x1b cpu_idle(0,c41d1cd8,c0c4b84d,a06,c4579250,...) at cpu_idle+0x1b sched_idletd(0,c41d1d38,c0c4579b,336,c4577a90,...) at sched_idletd+0x21e fork_exit(c0883ae0,0,c41d1d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41d1d70, ebp = 0 --- Tracing command idle pid 11 tid 100005 td 0xc45794a0 sched_switch(c45794a0,0,60c,187,aa591015,...) at sched_switch+0x437 mi_switch(60c,0,c0c4b84d,813,1,...) at mi_switch+0x200 sched_preempt(c45794a0,1,1f4,c41cec70,c0b6139e,...) at sched_preempt+0x9f ipi_bitmap_handler(8,28,28,c48f9a18,c48f9a00,...) at ipi_bitmap_handler+0x34 Xipi_intr_bitmap_handler() at Xipi_intr_bitmap_handler+0x2e --- interrupt, eip = 0xc0b55665, esp = 0xc41cec70, ebp = 0xc41cec70 --- acpi_cpu_c1(0,ffffffff,c41cecd8,1,c0883a31,...) at acpi_cpu_c1+0x5 acpi_cpu_idle(c41cecb4,c0b6c5db,1,c41cecf8,c0883cfe,...) at acpi_cpu_idle+0x11c cpu_idle_acpi(1,c41cecf8,c0883cfe,1,c41cecd8,...) at cpu_idle_acpi+0x1b cpu_idle(1,c41cecd8,c0c4b84d,a06,c45794a0,...) at cpu_idle+0x1b sched_idletd(0,c41ced38,c0c4579b,336,c4577a90,...) at sched_idletd+0x21e fork_exit(c0883ae0,0,c41ced38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41ced70, ebp = 0 --- Tracing command idle pid 11 tid 100004 td 0xc45796f0 cpustop_handler(4,c41cbc24,c0b7ddbd,c41cbbb4,c0851b14,...) at cpustop_handler+0x32 ipi_nmi_handler(c41cbbb4,c0851b14,c0d98d30,4,c4577a90,...) at ipi_nmi_handler+0x2f trap(c41cbc30) at trap+0x2d calltrap() at calltrap+0x6 --- trap 0x13, eip = 0xc0b55665, esp = 0xc41cbc70, ebp = 0xc41cbc70 --- acpi_cpu_c1(0,ffffffff,c41cbcd8,2,c0883a31,...) at acpi_cpu_c1+0x5 acpi_cpu_idle(c41cbcb4,c0b6c5db,1,c41cbcf8,c0883cfe,...) at acpi_cpu_idle+0x11c cpu_idle_acpi(1,c41cbcf8,c0883cfe,1,c41cbcd8,...) at cpu_idle_acpi+0x1b cpu_idle(1,c41cbcd8,c0c4b84d,a06,c45796f0,...) at cpu_idle+0x1b sched_idletd(0,c41cbd38,c0c4579b,336,c4577a90,...) at sched_idletd+0x21e fork_exit(c0883ae0,0,c41cbd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41cbd70, ebp = 0 --- Tracing command idle pid 11 tid 100003 td 0xc4579940 cpustop_handler(8,c41c8c24,c0b7ddbd,c41c8bb4,c0851b14,...) at cpustop_handler+0x32 ipi_nmi_handler(c41c8bb4,c0851b14,c0d98d68,4,c4577a90,...) at ipi_nmi_handler+0x2f trap(c41c8c30) at trap+0x2d calltrap() at calltrap+0x6 --- trap 0x13, eip = 0xc0b55665, esp = 0xc41c8c70, ebp = 0xc41c8c70 --- acpi_cpu_c1(0,ffffffff,c41c8cd8,3,c0883a31,...) at acpi_cpu_c1+0x5 acpi_cpu_idle(c41c8cb4,c0b6c5db,0,c41c8cf8,c0883cfe,...) at acpi_cpu_idle+0x11c cpu_idle_acpi(0,c41c8cf8,c0883cfe,0,c41c8cd8,...) at cpu_idle_acpi+0x1b cpu_idle(0,c41c8cd8,c0c4b84d,a06,c4579940,...) at cpu_idle+0x1b sched_idletd(0,c41c8d38,c0c4579b,336,c4577a90,...) at sched_idletd+0x21e fork_exit(c0883ae0,0,c41c8d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41c8d70, ebp = 0 --- Tracing command init pid 1 tid 100002 td 0xc4579b90 sched_switch(c4579b90,0,104,18c,800ec143,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,5c,...) at mi_switch+0x200 sleepq_switch(c4579b90,0,c0c4df6b,189,5c,...) at sleepq_switch+0x15f sleepq_catch_signals(c0c4df6b,159,0,100,100,...) at sleepq_catch_signals+0xb6 sleepq_wait_sig(c4577d34,5c,c0c507e9,100,0,...) at sleepq_wait_sig+0x17 _sleep(c4577d34,c4577dbc,15c,c0c507e9,0,...) at _sleep+0x344 kern_wait(c4579b90,ffffffff,c41c4c74,2,0,...) at kern_wait+0xac6 wait4(c4579b90,c41c4cf8,10,c41c4d38,c0d2d328,...) at wait4+0x3b syscall(c41c4d38) at syscall+0x2b4 Xint0x80_syscall() at Xint0x80_syscall+0x20 --- syscall (7, FreeBSD ELF32, wait4), eip = 0x8054c7f, esp = 0xbfbfe84c, ebp = 0xbfbfe868 --- Tracing command audit pid 10 tid 100001 td 0xc457b000 sched_switch(c457b000,0,104,18c,52a9bb54,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c457b000,0,c0c4df6b,247,c457b000,...) at sleepq_switch+0x15f sleepq_wait(c0f10d80,0,c41c1c9c,1,0,...) at sleepq_wait+0x63 _cv_wait(c0f10d80,c0f10d64,c0c6ce2f,194,0,...) at _cv_wait+0x240 audit_worker(0,c41c1d38,c0c4579b,336,c4578000,...) at audit_worker+0x84 fork_exit(c0a60390,0,c41c1d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41c1d70, ebp = 0 --- Tracing command kernel pid 0 tid 100037 td 0xc47fc000 sched_switch(c47fc000,0,104,18c,aa494a06,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c47fc000,0,c0c4df6b,247,c47fc000,...) at sleepq_switch+0x15f sleepq_wait(c4808780,0,c0c4a7c9,c0c40257,0,...) at sleepq_wait+0x63 msleep_spin(c4808780,c480879c,c0c40257,0,c0c483d2,...) at msleep_spin+0x21d taskqueue_thread_loop(c480449c,f155fd38,c0c4579b,336,c0d96920,...) at taskqueue_thread_loop+0x8e fork_exit(c089a250,c480449c,f155fd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xf155fd70, ebp = 0 --- Tracing command kernel pid 0 tid 100024 td 0xc45bf6f0 sched_switch(c45bf6f0,0,104,18c,52bc90ca,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c45bf6f0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c472b200,0,c0c40257,0,0,...) at sleepq_wait+0x63 _sleep(c472b200,c472b21c,0,c0c40257,0,...) at _sleep+0x35b taskqueue_thread_loop(c0d68784,c4208d38,c0c4579b,336,c0d96920,...) at taskqueue_thread_loop+0xb4 fork_exit(c089a250,c0d68784,c4208d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc4208d70, ebp = 0 --- Tracing command kernel pid 0 tid 100023 td 0xc45bf940 sched_switch(c45bf940,0,104,18c,52bc805e,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c45bf940,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c472b200,0,c0c40257,0,0,...) at sleepq_wait+0x63 _sleep(c472b200,c472b21c,0,c0c40257,0,...) at _sleep+0x35b taskqueue_thread_loop(c0d68784,c4205d38,c0c4579b,336,c0d96920,...) at taskqueue_thread_loop+0xb4 fork_exit(c089a250,c0d68784,c4205d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc4205d70, ebp = 0 --- Tracing command kernel pid 0 tid 100022 td 0xc45bfb90 sched_switch(c45bfb90,0,104,18c,52bc6dc6,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c45bfb90,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c472b200,0,c0c40257,0,0,...) at sleepq_wait+0x63 _sleep(c472b200,c472b21c,0,c0c40257,0,...) at _sleep+0x35b taskqueue_thread_loop(c0d68784,c4202d38,c0c4579b,336,c0d96920,...) at taskqueue_thread_loop+0xb4 fork_exit(c089a250,c0d68784,c4202d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc4202d70, ebp = 0 --- Tracing command kernel pid 0 tid 100021 td 0xc4680000 sched_switch(c4680000,0,104,18c,52b65c4b,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4680000,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c472b240,0,c0c40257,0,0,...) at sleepq_wait+0x63 _sleep(c472b240,c472b25c,0,c0c40257,0,...) at _sleep+0x35b taskqueue_thread_loop(c0d971e4,c41ffd38,c0c4579b,336,c0d96920,...) at taskqueue_thread_loop+0xb4 fork_exit(c089a250,c0d971e4,c41ffd38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41ffd70, ebp = 0 --- Tracing command kernel pid 0 tid 100018 td 0xc46806f0 sched_switch(c46806f0,0,104,18c,7adacb59,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c46806f0,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c472b380,0,c0c40257,0,0,...) at sleepq_wait+0x63 _sleep(c472b380,c472b39c,0,c0c40257,0,...) at _sleep+0x35b taskqueue_thread_loop(c0dab5e8,c41f6d38,c0c4579b,336,c0d96920,...) at taskqueue_thread_loop+0xb4 fork_exit(c089a250,c0dab5e8,c41f6d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41f6d70, ebp = 0 --- Tracing command kernel pid 0 tid 100016 td 0xc4680b90 sched_switch(c4680b90,0,104,18c,809fbe6a,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,0,...) at mi_switch+0x200 sleepq_switch(c4680b90,0,c0c4df6b,247,0,...) at sleepq_switch+0x15f sleepq_wait(c455fc80,0,c0c40257,0,0,...) at sleepq_wait+0x63 _sleep(c455fc80,c455fc9c,0,c0c40257,0,...) at _sleep+0x35b taskqueue_thread_loop(c0daa120,c41f0d38,c0c4579b,336,c0d96920,...) at taskqueue_thread_loop+0xb4 fork_exit(c089a250,c0daa120,c41f0d38) at fork_exit+0xb8 fork_trampoline() at fork_trampoline+0x8 --- trap 0, eip = 0, esp = 0xc41f0d70, ebp = 0 --- Tracing command kernel pid 0 tid 100000 td 0xc0d96bd0 sched_switch(c0d96bd0,0,104,18c,7fe87620,...) at sched_switch+0x437 mi_switch(104,0,c0c4df6b,1d2,44,...) at mi_switch+0x200 sleepq_switch(c0d96bd0,0,c0c4df6b,26a,0,...) at sleepq_switch+0x15f sleepq_timedwait(c0d96920,44,c0c4c0c2,0,0,...) at sleepq_timedwait+0x6b _sleep(c0d96920,0,44,c0c4c0c2,2710,...) at _sleep+0x329 scheduler(0,141ec00,141ec00,141e000,1425000,...) at scheduler+0x23e mi_startup() at mi_startup+0x96 begin() at begin+0x2c db:1:allt> call doadump Dumping 1023 MB (2 chunks) chunk 0: 1MB (159 pages) ... ok chunk 1: 1023MB (261888 pages) 1008 992 976 960 944 928 912 896 880 864 848 832 816 800 784 768 752 736 720 704 688 672 656 640 624 608 592 576 560 544 528 512 496 480 464 448 432 416 400 384 368 352 336 320 304 288 272 256 240 224 208 192 176 160 144 128 112 96 80 64 48 32 16 ... ok Dump complete = 0xf db:1:doadump> reset cpu_reset: Restarting BSP cpu_reset_proxy: Stopped CPU 1 (kgdb) bt #0 doadump () at pcpu.h:246 #1 0xc04bfa09 in db_fncall (dummy1=0xc088f7fa, dummy2=0x0, dummy3=0xffffffff, dummy4=0xf3f64444 "XDöó\001") at ../../../ddb/db_command.c:548 #2 0xc04bfe3f in db_command (last_cmdp=0xc0d66a5c, cmd_table=0x0, dopager=0x0) at ../../../ddb/db_command.c:445 #3 0xc04bfef4 in db_command_script (command=0xc0d679e8 "call doadump") at ../../../ddb/db_command.c:516 #4 0xc04c3ff0 in db_script_exec (scriptname=0xc0d672c0 "doadump", warnifnotfound=Variable "warnifnotfound" is not available. ) at ../../../ddb/db_script.c:302 #5 0xc04c4081 in db_run_cmd (addr=0x0, have_addr=0x0, count=0x0, modif=0xf3f6457c "\220Eöó") at ../../../ddb/db_script.c:375 #6 0xc04bfe3f in db_command (last_cmdp=0xc0d66a5c, cmd_table=0x0, dopager=0x0) at ../../../ddb/db_command.c:445 #7 0xc04bfef4 in db_command_script (command=0xc0d67920 "run pho") at ../../../ddb/db_command.c:516 #8 0xc04c3ff0 in db_script_exec (scriptname=0xf3f64688 "kdb.enter.panic", warnifnotfound=Variable "warnifnotfound" is not available. ) at ../../../ddb/db_script.c:302 #9 0xc04c40d7 in db_script_kdbenter (eventname=0xc0c49c1b "panic") at ../../../ddb/db_script.c:324 #10 0xc04c1db8 in db_trap (type=0x3, code=0x0) at ../../../ddb/db_main.c:228 #11 0xc088f676 in kdb_trap (type=0x3, code=0x0, tf=0xf3f647c4) at ../../../kern/subr_kdb.c:534 #12 0xc0b7e37b in trap (frame=0xf3f647c4) at ../../../i386/i386/trap.c:685 #13 0xc0b60cab in calltrap () at ../../../i386/i386/exception.s:165 #14 0xc088f7fa in kdb_enter (why=0xc0c49c1b "panic", msg=0xc0c49c1b "panic") at cpufunc.h:71 #15 0xc08617f6 in panic (fmt=0xc0c71796 "uiomove EFAULT %jx %jx %d\n") at ../../../kern/kern_shutdown.c:559 #16 0xc0aa007d in vm_fault_hold (map=0xc4f1a570, vaddr=0x0, fault_type=0x1, fault_flags=0x0, m_hold=0x0) at ../../../vm/vm_fault.c:254 #17 0xc0aa2033 in vm_fault (map=0xc4f1a570, vaddr=0xbfbff000, fault_type=Variable "fault_type" is not available. ) at ../../../vm/vm_fault.c:1014 #18 0xc08a876f in proc_rwmem (p=0xc4f92d34, uio=0xf3f64c54) at ../../../kern/sys_process.c:271 #19 0xc07f90aa in procfs_doprocmem (td=0xc52366f0, p=0xc4f92d34, pn=0xc48f5a80, sb=0x0, uio=0xf3f64c54) at ../../../fs/procfs/procfs_mem.c:68 #20 0xc07fcb60 in pfs_read (va=0xf3f64ad4) at pseudofs_internal.h:138 #21 0xc0b89ab5 in VOP_READ_APV (vop=0xc0d2ab20, a=0xf3f64ad4) at vnode_if.c:824 #22 0xc08faa81 in vn_read_wired_chunk (fp=0xc4c216c8, uio=0xf3f64c54, active_cred=0xc4544300, flags=0x0, ioflag=0x0, td=0xc52366f0) at vnode_if.h:355 #23 0xc08f81f7 in do_vn_rw_chunked (fp=0xc4c216c8, uio=0xf3f64c54, active_cred=0xc4544300, flags=0x0, ioflag=0x0, td=0xc52366f0, m_hold=0xf3f64b60, vn_chunk_func=0xc08fa9d0 ) at ../../../kern/vfs_vnops.c:558 #24 0xc08f8949 in vn_read (fp=0xc4c216c8, uio=0xf3f64c54, active_cred=0xc4544300, flags=0x0, td=0xc52366f0) at ../../../kern/vfs_vnops.c:695 #25 0xc08a3b86 in dofileread (td=0xc52366f0, fd=0x5, fp=0xc4c216c8, auio=0xf3f64c54, offset=0xffffffffffffffff, flags=0x0) at file.h:227 #26 0xc08a3eb8 in kern_readv (td=0xc52366f0, fd=0x5, auio=0xf3f64c54) at ../../../kern/sys_generic.c:236 #27 0xc08a3fcf in read (td=0xc52366f0, uap=0xf3f64cf8) at ../../../kern/sys_generic.c:152 #28 0xc0b7dab4 in syscall (frame=0xf3f64d38) at ../../../i386/i386/trap.c:1073 #29 0xc0b60d10 in Xint0x80_syscall () at ../../../i386/i386/exception.s:261 #30 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) (kgdb) f 18 #18 0xc08a876f in proc_rwmem (p=0xc4f92d34, uio=0xf3f64c54) at ../../../kern/sys_process.c:271 271 error = vm_fault(map, pageno, reqprot, fault_flags); (kgdb) l 266 len = min(PAGE_SIZE - page_offset, uio->uio_resid); 267 268 /* 269 * Fault the page on behalf of the process 270 */ 271 error = vm_fault(map, pageno, reqprot, fault_flags); 272 if (error) { 273 error = EFAULT; 274 break; 275 } (kgdb) p pageno $3 = 0xbfbff000 (kgdb) p *uio $4 = {uio_iov = 0xf3f64c78, uio_iovcnt = 0x1, uio_offset = 0xbfbffff0, uio_resid = 0x10, uio_segflg = UIO_USERSPACE, uio_rw = UIO_READ, uio_td = 0xc52366f0, uio_flags = 0x281ac020} (kgdb) f 27 #27 0xc08a3fcf in read (td=0xc52366f0, uap=0xf3f64cf8) at ../../../kern/sys_generic.c:152 152 error = kern_readv(td, uap->fd, &auio); (kgdb) l 140 135 int 136 read(td, uap) 137 struct thread *td; 138 struct read_args *uap; 139 { 140 struct uio auio; 141 struct iovec aiov; 142 int error; 143 144 if (uap->nbyte > INT_MAX) (kgdb) l 145 return (EINVAL); 146 aiov.iov_base = uap->buf; 147 aiov.iov_len = uap->nbyte; 148 auio.uio_iov = &aiov; 149 auio.uio_iovcnt = 1; 150 auio.uio_resid = uap->nbyte; 151 auio.uio_segflg = UIO_USERSPACE; 152 error = kern_readv(td, uap->fd, &auio); 153 return(error); 154 } (kgdb) p auio $8 = {uio_iov = 0xf3f64c78, uio_iovcnt = 0x1, uio_offset = 0xbfbffff0, uio_resid = 0x10, uio_segflg = UIO_USERSPACE, uio_rw = UIO_READ, uio_td = 0xc52366f0, uio_flags = 0x281ac020} (kgdb) git diff master..HEAD diff --git a/sys/amd64/amd64/trap.c b/sys/amd64/amd64/trap.c index fee3caf..8390526 100644 --- a/sys/amd64/amd64/trap.c +++ b/sys/amd64/amd64/trap.c @@ -742,7 +742,7 @@ trap_pfault(frame, usermode) PROC_UNLOCK(p); /* Fault in the user page: */ - rv = vm_fault(map, va, ftype, + rv = vm_fault(map, eva, ftype, (ftype & VM_PROT_WRITE) ? VM_FAULT_DIRTY : VM_FAULT_NORMAL); @@ -754,7 +754,7 @@ trap_pfault(frame, usermode) * Don't have to worry about process locking or stacks in the * kernel. */ - rv = vm_fault(map, va, ftype, VM_FAULT_NORMAL); + rv = vm_fault(map, eva, ftype, VM_FAULT_NORMAL); } if (rv == KERN_SUCCESS) return (0); diff --git a/sys/conf/files b/sys/conf/files index 33b4c6f..624a6eb 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -1931,6 +1931,7 @@ kern/kern_poll.c optional device_polling kern/kern_priv.c standard kern/kern_proc.c standard kern/kern_prot.c standard +kern/kern_rangelock.c standard kern/kern_resource.c standard kern/kern_rmlock.c standard kern/kern_rwlock.c standard diff --git a/sys/dev/cxgb/ulp/tom/cxgb_cpl_socket.c b/sys/dev/cxgb/ulp/tom/cxgb_cpl_socket.c index 76237fb..0d0ef86 100644 --- a/sys/dev/cxgb/ulp/tom/cxgb_cpl_socket.c +++ b/sys/dev/cxgb/ulp/tom/cxgb_cpl_socket.c @@ -91,7 +91,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include static int (*pru_sosend)(struct socket *so, struct sockaddr *addr, diff --git a/sys/dev/cxgb/ulp/tom/cxgb_ddp.c b/sys/dev/cxgb/ulp/tom/cxgb_ddp.c index a54598c..1c3953d 100644 --- a/sys/dev/cxgb/ulp/tom/cxgb_ddp.c +++ b/sys/dev/cxgb/ulp/tom/cxgb_ddp.c @@ -90,7 +90,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #define MAX_SCHEDULE_TIMEOUT 300 diff --git a/sys/dev/cxgb/ulp/tom/cxgb_vm.c b/sys/dev/cxgb/ulp/tom/cxgb_vm.c deleted file mode 100644 index e7a3893..0000000 --- a/sys/dev/cxgb/ulp/tom/cxgb_vm.c +++ /dev/null @@ -1,166 +0,0 @@ -/************************************************************************** - -Copyright (c) 2007-2008, Chelsio Inc. -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Neither the name of the Chelsio Corporation nor the names of its - contributors may be used to endorse or promote products derived from - this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE -LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. - -***************************************************************************/ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -/* - * This routine takes a user's map, array of pages, number of pages, and flags - * and then does the following: - * - validate that the user has access to those pages (flags indicates read - * or write) - if not fail - * - validate that count is enough to hold range number of pages - if not fail - * - fault in any non-resident pages - * - if the user is doing a read force a write fault for any COWed pages - * - if the user is doing a read mark all pages as dirty - * - hold all pages - */ -int -vm_fault_hold_user_pages(vm_map_t map, vm_offset_t addr, vm_page_t *mp, - int count, vm_prot_t prot) -{ - vm_offset_t end, va; - int faults, rv; - pmap_t pmap; - vm_page_t m, *pages; - - pmap = vm_map_pmap(map); - pages = mp; - addr &= ~PAGE_MASK; - /* - * Check that virtual address range is legal - * This check is somewhat bogus as on some architectures kernel - * and user do not share VA - however, it appears that all FreeBSD - * architectures define it - */ - end = addr + (count * PAGE_SIZE); - if (end > VM_MAXUSER_ADDRESS) { - log(LOG_WARNING, "bad address passed to vm_fault_hold_user_pages"); - return (EFAULT); - } - - /* - * First optimistically assume that all pages are resident - * (and R/W if for write) if so just mark pages as held (and - * dirty if for write) and return - */ - vm_page_lock_queues(); - for (pages = mp, faults = 0, va = addr; va < end; - va += PAGE_SIZE, pages++) { - /* - * page queue mutex is recursable so this is OK - * it would be really nice if we had an unlocked - * version of this so we were only acquiring the - * pmap lock 1 time as opposed to potentially - * many dozens of times - */ - *pages = m = pmap_extract_and_hold(pmap, va, prot); - if (m == NULL) { - faults++; - continue; - } - /* - * Preemptively mark dirty - the pages - * will never have the modified bit set if - * they are only changed via DMA - */ - if (prot & VM_PROT_WRITE) - vm_page_dirty(m); - - } - vm_page_unlock_queues(); - - if (faults == 0) - return (0); - - /* - * Pages either have insufficient permissions or are not present - * trigger a fault where neccessary - * - */ - rv = 0; - for (pages = mp, va = addr; va < end; va += PAGE_SIZE, pages++) { - /* - * Account for a very narrow race where the page may be - * taken away from us before it is held - */ - while (*pages == NULL) { - rv = vm_fault(map, va, prot, - (prot & VM_PROT_WRITE) ? VM_FAULT_DIRTY : VM_FAULT_NORMAL); - if (rv) - goto error; - *pages = pmap_extract_and_hold(pmap, va, prot); - } - } - return (0); -error: - log(LOG_WARNING, - "vm_fault bad return rv=%d va=0x%zx\n", rv, va); - vm_page_lock_queues(); - for (pages = mp, va = addr; va < end; va += PAGE_SIZE, pages++) - if (*pages) { - vm_page_unhold(*pages); - *pages = NULL; - } - vm_page_unlock_queues(); - return (EFAULT); -} - -void -vm_fault_unhold_pages(vm_page_t *mp, int count) -{ - - KASSERT(count >= 0, ("negative count %d", count)); - vm_page_lock_queues(); - while (count--) { - vm_page_unhold(*mp); - mp++; - } - vm_page_unlock_queues(); -} diff --git a/sys/dev/cxgb/ulp/tom/cxgb_vm.h b/sys/dev/cxgb/ulp/tom/cxgb_vm.h deleted file mode 100644 index 7532e20..0000000 --- a/sys/dev/cxgb/ulp/tom/cxgb_vm.h +++ /dev/null @@ -1,39 +0,0 @@ -/************************************************************************** - -Copyright (c) 2007-2008, Chelsio Inc. -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Neither the name of the Chelsio Corporation nor the names of its - contributors may be used to endorse or promote products derived from - this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE -LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. - - -$FreeBSD$ - -***************************************************************************/ -#ifndef CXGB_VM_H_ -#define CXGB_VM_H_ - -int vm_fault_hold_user_pages(vm_map_t map, vm_offset_t addr, - vm_page_t *mp, int count, vm_prot_t prot); -void vm_fault_unhold_pages(vm_page_t *mp, int count); - -#endif diff --git a/sys/i386/i386/trap.c b/sys/i386/i386/trap.c index e967104..153b7da 100644 --- a/sys/i386/i386/trap.c +++ b/sys/i386/i386/trap.c @@ -820,7 +820,7 @@ trap_pfault(frame, usermode, eva) PROC_UNLOCK(p); /* Fault in the user page: */ - rv = vm_fault(map, va, ftype, + rv = vm_fault(map, eva, ftype, (ftype & VM_PROT_WRITE) ? VM_FAULT_DIRTY : VM_FAULT_NORMAL); @@ -832,7 +832,7 @@ trap_pfault(frame, usermode, eva) * Don't have to worry about process locking or stacks in the * kernel. */ - rv = vm_fault(map, va, ftype, VM_FAULT_NORMAL); + rv = vm_fault(map, eva, ftype, VM_FAULT_NORMAL); } if (rv == KERN_SUCCESS) return (0); diff --git a/sys/kern/kern_rangelock.c b/sys/kern/kern_rangelock.c new file mode 100644 index 0000000..7a45c13 --- /dev/null +++ b/sys/kern/kern_rangelock.c @@ -0,0 +1,151 @@ +/*- + * Copyright (c) 2009 Konstantin Belousov + * All rights reserved. + * + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include +#include + +void +rangelock_init(struct rangelock *lock) +{ + + TAILQ_INIT(&lock->rl_waiters); + lock->rl_currdep = NULL; +} + +void +rangelock_destroy(struct rangelock *lock) +{ + + KASSERT(TAILQ_EMPTY(&lock->rl_waiters), ("Dangling waiters")); +} + +static int +rangelock_incompatible(const struct rl_q_entry *e1, const struct rl_q_entry *e2) +{ + + if ((e1->rl_q_flags & RL_LOCK_TYPE_MASK) == RL_LOCK_READ && + (e2->rl_q_flags & RL_LOCK_TYPE_MASK) == RL_LOCK_READ) + return (0); +#define IN_RANGE(a, e) (a <= e->rl_q_start && a < e->rl_q_end) + if (IN_RANGE(e1->rl_q_start, e2) || IN_RANGE(e2->rl_q_start, e1) || + IN_RANGE(e1->rl_q_end, e2) || IN_RANGE(e2->rl_q_end, e1)) + return (1); +#undef IN_RANGE + return (0); +} + +static void +rangelock_calc_block(struct rangelock *lock) +{ + struct rl_q_entry *entry, *entry1, *whead; + + if (lock->rl_currdep == TAILQ_FIRST(&lock->rl_waiters) && + lock->rl_currdep != NULL) + lock->rl_currdep = TAILQ_NEXT(lock->rl_currdep, rl_q_link); + for (entry = lock->rl_currdep; entry; + entry = TAILQ_NEXT(entry, rl_q_link)) { + TAILQ_FOREACH(entry1, &lock->rl_waiters, rl_q_link) { + if (rangelock_incompatible(entry, entry1)) + goto out; + if (entry1 == entry) + break; + } + } +out: + lock->rl_currdep = entry; + TAILQ_FOREACH(whead, &lock->rl_waiters, rl_q_link) { + if (whead == lock->rl_currdep) + break; + if (!(whead->rl_q_flags & RL_LOCK_GRANTED)) { + whead->rl_q_flags |= RL_LOCK_GRANTED; + wakeup(whead); + } + } +} + +static void +rangelock_unlock_vp_locked(struct vnode *vp, struct rl_q_entry *entry) +{ + + ASSERT_VI_LOCKED(vp, "rangelock"); + KASSERT(entry != vp->v_rl.rl_currdep, ("stuck currdep")); + TAILQ_REMOVE(&vp->v_rl.rl_waiters, entry, rl_q_link); + rangelock_calc_block(&vp->v_rl); + VI_UNLOCK(vp); +} + +void +rangelock_unlock(struct vnode *vp, void *cookie) +{ + struct rl_q_entry *entry; + + entry = cookie; + VI_LOCK(vp); + rangelock_unlock_vp_locked(vp, entry); +} + +void * +rangelock_unlock_range(struct vnode *vp, void *cookie, off_t base, size_t len) +{ + struct rl_q_entry *entry; + + entry = cookie; + VI_LOCK(vp); + KASSERT(entry->rl_q_flags & RL_LOCK_GRANTED, ("XXX")); + KASSERT(entry->rl_q_start == base, ("XXX")); + KASSERT(entry->rl_q_end >= base + len, ("XXX")); + if (entry->rl_q_end == base + len) { + rangelock_unlock_vp_locked(vp, cookie); + return (NULL); + } + entry->rl_q_end = base + len; + rangelock_calc_block(&vp->v_rl); + VI_UNLOCK(vp); + return (cookie); +} + +static void * +rangelock_enqueue(struct vnode *vp, struct rl_q_entry *entry) +{ + + VI_LOCK(vp); + TAILQ_INSERT_TAIL(&vp->v_rl.rl_waiters, entry, rl_q_link); + if (vp->v_rl.rl_currdep == NULL) + vp->v_rl.rl_currdep = entry; + rangelock_calc_block(&vp->v_rl); + while (!(entry->rl_q_flags & RL_LOCK_GRANTED)) + msleep(entry, &vp->v_interlock, 0, "range", 0); + VI_UNLOCK(vp); + return (entry); +} + +void * +rangelock_rlock(struct vnode *vp, struct rl_q_entry *entry, off_t base, + size_t len) +{ + + entry->rl_q_flags = RL_LOCK_READ; + entry->rl_q_start = base; + entry->rl_q_end = base + len; + return (rangelock_enqueue(vp, entry)); +} + +void * +rangelock_wlock(struct vnode *vp, struct rl_q_entry *entry, off_t base, + size_t len) +{ + + entry->rl_q_flags = RL_LOCK_WRITE; + entry->rl_q_start = base; + entry->rl_q_end = base + len; + return (rangelock_enqueue(vp, entry)); +} diff --git a/sys/kern/kern_subr.c b/sys/kern/kern_subr.c index ce1afd2..e2cd1a9 100644 --- a/sys/kern/kern_subr.c +++ b/sys/kern/kern_subr.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #ifdef ZERO_COPY_SOCKETS #include #include @@ -138,7 +139,8 @@ uiomove(void *cp, int n, struct uio *uio) int error = 0; int save = 0; - KASSERT(uio->uio_rw == UIO_READ || uio->uio_rw == UIO_WRITE, + KASSERT(uio->uio_rw == UIO_READ || uio->uio_rw == UIO_WRITE || + uio->uio_rw == UIO_NOCOPY, ("uiomove: mode")); KASSERT(uio->uio_segflg != UIO_USERSPACE || uio->uio_td == curthread, ("uiomove proc")); @@ -164,10 +166,25 @@ uiomove(void *cp, int n, struct uio *uio) case UIO_USERSPACE: if (ticks - PCPU_GET(switchticks) >= hogticks) uio_yield(); + if (td->td_pflags & TDP_VMUIODEADLK) { + td->td_iov_base = (uintptr_t)iov->iov_base; + td->td_iov_len = iov->iov_len; + } if (uio->uio_rw == UIO_READ) error = copyout(cp, iov->iov_base, cnt); else error = copyin(iov->iov_base, cp, cnt); + if (error == EFAULT && td->td_faultaddr != 0 && + (td->td_pflags & TDP_VMUIODEADLK)) { + KASSERT(td->td_faultaddr >= (uintptr_t)iov->iov_base && + td->td_faultaddr < (uintptr_t)iov->iov_base + cnt, + ("faultaddr %jx outside region %p %d\n", + (uintmax_t)td->td_faultaddr, + iov->iov_base, iov->iov_len)); + error = ERESTART; + fwduio(uio, td->td_faultaddr - (uintptr_t) + iov->iov_base); + } if (error) goto out; break; @@ -181,10 +198,7 @@ uiomove(void *cp, int n, struct uio *uio) case UIO_NOCOPY: break; } - iov->iov_base = (char *)iov->iov_base + cnt; - iov->iov_len -= cnt; - uio->uio_resid -= cnt; - uio->uio_offset += cnt; + fwduio(uio, cnt); cp = (char *)cp + cnt; n -= cnt; } @@ -544,6 +558,7 @@ copyinuio(struct iovec *iovp, u_int iovcnt, struct uio **uiop) uio->uio_segflg = UIO_USERSPACE; uio->uio_offset = -1; uio->uio_resid = 0; + uio->uio_flags = 0; for (i = 0; i < iovcnt; i++) { if (iov->iov_len > INT_MAX - uio->uio_resid) { free(uio, M_IOV); @@ -569,3 +584,25 @@ cloneuio(struct uio *uiop) bcopy(uiop->uio_iov, uio->uio_iov, iovlen); return (uio); } + +void +fwduio(struct uio *uio, int cnt) +{ + + uio->uio_iov->iov_base = (char *)uio->uio_iov->iov_base + cnt; + uio->uio_iov->iov_len -= cnt; + uio->uio_resid -= cnt; + uio->uio_offset += cnt; +} + +void +copyuio(struct uio *dst, struct uio *src) +{ + struct iovec *dst_iovec; + + dst_iovec = dst->uio_iov; + *dst = *src; + dst->uio_iov = dst_iovec; + bcopy(src->uio_iov, dst->uio_iov, src->uio_iovcnt * + sizeof(struct iovec)); +} diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index 8c26b13..e3867d6 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -871,6 +871,7 @@ vdestroy(struct vnode *vp) /* XXX Elsewhere we can detect an already freed vnode via NULL v_op. */ vp->v_op = NULL; #endif + rangelock_destroy(&vp->v_rl); lockdestroy(vp->v_vnlock); mtx_destroy(&vp->v_interlock); mtx_destroy(BO_MTX(bo)); @@ -1025,6 +1026,7 @@ alloc: if ((mp->mnt_kern_flag & MNTK_NOKNOTE) != 0) vp->v_vflag |= VV_NOKNOTE; } + rangelock_init(&vp->v_rl); *vpp = vp; return (0); diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c index 3cc6f22..9e94b58 100644 --- a/sys/kern/vfs_vnops.c +++ b/sys/kern/vfs_vnops.c @@ -60,8 +60,12 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include +#include +#include + #include static fo_rdwr_t vn_read; @@ -363,37 +367,68 @@ vn_rdwr(rw, vp, base, len, offset, segflg, ioflg, active_cred, file_cred, int *aresid; struct thread *td; { - struct uio auio; - struct iovec aiov; + struct uio auio, auio_clone; + struct iovec aiov, aiov_clone; struct mount *mp; struct ucred *cred; - int error; + vm_page_t *m_hold; + struct rl_q_entry rl_entry; + void *rl_cookie; + int wired_pages, error; VFS_ASSERT_GIANT(vp->v_mount); + auio.uio_iov = &aiov; + auio.uio_iovcnt = 1; + aiov.iov_base = base; + aiov.iov_len = len; + auio.uio_resid = len; + auio.uio_offset = offset; + auio.uio_segflg = segflg; + auio.uio_rw = rw; + auio.uio_td = td; + error = 0; + + if ((ioflg & IO_NODELOCKED) == 0) { + if (rw == UIO_READ) + rl_cookie = rangelock_rlock(vp, &rl_entry, + offset, len); + else + rl_cookie = rangelock_wlock(vp, &rl_entry, + offset, len); + } else + rl_cookie = NULL; + + m_hold = NULL; + if (segflg == UIO_USERSPACE) { + m_hold = malloc(sizeof(vm_page_t) * (btoc(len) + 1), M_IOV, + M_WAITOK); + aiov_clone = aiov; + auio_clone = auio; + auio_clone.uio_iov = &aiov_clone; + error = vm_wireuio(&auio, m_hold, + round_page((vm_offset_t)base + len) - + trunc_page((vm_offset_t)base), + &wired_pages); + if (error) { + free(m_hold, M_IOV); + goto out; + } + } + if ((ioflg & IO_NODELOCKED) == 0) { mp = NULL; if (rw == UIO_WRITE) { if (vp->v_type != VCHR && (error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) - return (error); + goto out_unwire; vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); } else vn_lock(vp, LK_SHARED | LK_RETRY); } ASSERT_VOP_LOCKED(vp, "IO_NODELOCKED with no vp lock held"); - auio.uio_iov = &aiov; - auio.uio_iovcnt = 1; - aiov.iov_base = base; - aiov.iov_len = len; - auio.uio_resid = len; - auio.uio_offset = offset; - auio.uio_segflg = segflg; - auio.uio_rw = rw; - auio.uio_td = td; - error = 0; #ifdef MAC if ((ioflg & IO_NOMACCHECK) == 0) { if (rw == UIO_READ) @@ -424,6 +459,14 @@ vn_rdwr(rw, vp, base, len, offset, segflg, ioflg, active_cred, file_cred, vn_finished_write(mp); VOP_UNLOCK(vp, 0); } +out_unwire: + if (segflg == UIO_USERSPACE) { + vm_unwireuio(&auio_clone, m_hold, wired_pages); + free(m_hold, M_IOV); + } +out: + if (rl_cookie != NULL) + rangelock_unlock(vp, rl_cookie); return (error); } @@ -485,68 +528,215 @@ vn_rdwr_inchunks(rw, vp, base, len, offset, segflg, ioflg, active_cred, return (error); } +static int uio_hold_pages = 12; +SYSCTL_INT(_vfs, OID_AUTO, uio_hold_pages, CTLFLAG_RW, &uio_hold_pages, 0, + "The max amount of held pages for one i/o chunk"); +static int uio_short = 128; +SYSCTL_INT(_vfs, OID_AUTO, uio_short, CTLFLAG_RW, &uio_short, 0, + "The length of the short i/o"); + +typedef int (*vn_chunk_func_t)(struct file *, struct uio *, struct ucred *, + int, int, struct thread *); + +static int +do_vn_rw_chunked(struct file *fp, struct uio *uio, struct ucred *active_cred, + int flags, int ioflag, struct thread *td, vm_page_t *m_hold, + vn_chunk_func_t vn_chunk_func) +{ + struct uio *uio_clone; + int error, wire_bytes, io_chunk, total_cnt, cnt; + int first_chunk, wired_pages; + + if (uio->uio_segflg != UIO_USERSPACE || fp->f_vnode->v_type != VREG) + return (vn_chunk_func(fp, uio, active_cred, flags, ioflag, td)); + + uio_clone = cloneuio(uio); + KASSERT(!(td->td_pflags & TDP_VMUIODEADLK), + ("Nested TDP_VMUIODEADLK")); + td->td_pflags |= TDP_VMUIODEADLK; + td->td_faultaddr = 0; + error = vn_chunk_func(fp, uio, active_cred, flags, ioflag, td); + td->td_pflags &= ~TDP_VMUIODEADLK; + if (error != ERESTART || td->td_faultaddr == 0) + goto out; + + first_chunk = 1; + if (uio->uio_flags & UIO_ROLLBACK) { + cnt = uio_clone->uio_resid - uio->uio_resid; + copyuio(uio, uio_clone); + if (cnt > 0) { + uio->uio_rw = UIO_NOCOPY; + uiomove(NULL, cnt, uio); + uio->uio_rw = uio_clone->uio_rw; + first_chunk = 0; + } + } + while (uio->uio_resid > 0) { + io_chunk = min(uio_hold_pages * PAGE_SIZE, uio->uio_resid); /* XXXKIB */ + wire_bytes = round_page(io_chunk); + error = vm_wireuio(uio, m_hold, wire_bytes, &wired_pages); + if (error != 0) { + if (!first_chunk) + error = 0; + break; + } + copyuio(uio_clone, uio); + total_cnt = uio->uio_resid; + uio->uio_resid = io_chunk; + error = vn_chunk_func(fp, uio, active_cred, flags, ioflag, td); + vm_unwireuio(uio_clone, m_hold, wired_pages); + cnt = io_chunk - uio->uio_resid; + uio->uio_resid = total_cnt - cnt; + if (error != 0) { + if (!first_chunk) + error = 0; + break; + } + if (cnt == 0) + break; + first_chunk = 0; + } + out: + free(uio_clone, M_IOV); + return (error); +} + +static struct mtx * +vn_lock_foffset(struct file *fp) +{ + struct mtx *mtxp; + + mtxp = mtx_pool_find(mtxpool_sleep, fp); + mtx_lock(mtxp); + while (fp->f_vnread_flags & FOFFSET_LOCKED) { + fp->f_vnread_flags |= FOFFSET_LOCK_WAITING; + msleep(&fp->f_vnread_flags, mtxp, PUSER -1, + "vnread offlock", 0); + } + fp->f_vnread_flags |= FOFFSET_LOCKED; + mtx_unlock(mtxp); + return (mtxp); +} + +static void +vn_unlock_foffset(struct file *fp, struct mtx *mtxp) +{ + + mtx_lock(mtxp); + if (fp->f_vnread_flags & FOFFSET_LOCK_WAITING) + wakeup(&fp->f_vnread_flags); + fp->f_vnread_flags = 0; + mtx_unlock(mtxp); +} + +static inline int +vn_read_wired_chunk(struct file *fp, struct uio *uio, struct ucred *active_cred, + int flags, int ioflag, struct thread *td) +{ + struct vnode *vp; + int error, vfslocked; + + vp = fp->f_vnode; + + vfslocked = VFS_LOCK_GIANT(vp->v_mount); + vn_lock(vp, LK_SHARED | LK_RETRY); + + ioflag |= sequential_heuristic(uio, fp); + +#ifdef MAC + error = mac_vnode_check_read(active_cred, fp->f_cred, vp); + if (error == 0) +#endif + error = VOP_READ(vp, uio, ioflag, fp->f_cred); + fp->f_nextoff = uio->uio_offset; + VOP_UNLOCK(vp, 0); + VFS_UNLOCK_GIANT(vfslocked); + return (error); +} + /* * File table vnode read routine. */ static int -vn_read(fp, uio, active_cred, flags, td) - struct file *fp; - struct uio *uio; - struct ucred *active_cred; - struct thread *td; - int flags; +vn_read(struct file *fp, struct uio *uio, struct ucred *active_cred, int flags, + struct thread *td) { struct vnode *vp; - int error, ioflag; + vm_page_t m_hold[uio_hold_pages]; struct mtx *mtxp; - int vfslocked; + struct rl_q_entry rl_entry; + void *rl_cookie; + int ioflag; + int error; KASSERT(uio->uio_td == td, ("uio_td %p is not td %p", uio->uio_td, td)); - mtxp = NULL; - vp = fp->f_vnode; ioflag = 0; if (fp->f_flag & FNONBLOCK) ioflag |= IO_NDELAY; if (fp->f_flag & O_DIRECT) ioflag |= IO_DIRECT; - vfslocked = VFS_LOCK_GIANT(vp->v_mount); + vp = fp->f_vnode; + /* * According to McKusick the vn lock was protecting f_offset here. * It is now protected by the FOFFSET_LOCKED flag. */ if ((flags & FOF_OFFSET) == 0) { - mtxp = mtx_pool_find(mtxpool_sleep, fp); - mtx_lock(mtxp); - while(fp->f_vnread_flags & FOFFSET_LOCKED) { - fp->f_vnread_flags |= FOFFSET_LOCK_WAITING; - msleep(&fp->f_vnread_flags, mtxp, PUSER -1, - "vnread offlock", 0); - } - fp->f_vnread_flags |= FOFFSET_LOCKED; - mtx_unlock(mtxp); - vn_lock(vp, LK_SHARED | LK_RETRY); + mtxp = vn_lock_foffset(fp); uio->uio_offset = fp->f_offset; } else - vn_lock(vp, LK_SHARED | LK_RETRY); + mtxp = NULL; /* gcc */ + if (vp->v_type == VREG) + rl_cookie = rangelock_rlock(vp, &rl_entry, uio->uio_offset, + uio->uio_resid); + else + rl_cookie = NULL; + error = do_vn_rw_chunked(fp, uio, active_cred, flags, ioflag, td, + m_hold, vn_read_wired_chunk); + if (rl_cookie != NULL) + rangelock_unlock(vp, rl_cookie); + if ((flags & FOF_OFFSET) == 0) { + fp->f_offset = uio->uio_offset; + vn_unlock_foffset(fp, mtxp); + } + return (error); +} - ioflag |= sequential_heuristic(uio, fp); +static inline int +vn_write_wired_chunk(struct file *fp, struct uio *uio, + struct ucred *active_cred, int flags, int ioflag, struct thread *td) +{ + struct mount *mp; + struct vnode *vp; + int error, vfslocked; + mp = NULL; + vp = fp->f_vnode; + vfslocked = VFS_LOCK_GIANT(vp->v_mount); + if (vp->v_type == VREG) + bwillwrite(); + if (vp->v_type != VCHR) { + error = vn_start_write(vp, &mp, V_WAIT | PCATCH); + if (error != 0) + goto unlock; + } + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); + if ((flags & FOF_OFFSET) == 0) + uio->uio_offset = fp->f_offset; + ioflag |= sequential_heuristic(uio, fp); #ifdef MAC - error = mac_vnode_check_read(active_cred, fp->f_cred, vp); + error = mac_vnode_check_write(active_cred, fp->f_cred, vp); if (error == 0) #endif - error = VOP_READ(vp, uio, ioflag, fp->f_cred); - if ((flags & FOF_OFFSET) == 0) { + error = VOP_WRITE(vp, uio, ioflag, fp->f_cred); + if ((flags & FOF_OFFSET) == 0) fp->f_offset = uio->uio_offset; - mtx_lock(mtxp); - if (fp->f_vnread_flags & FOFFSET_LOCK_WAITING) - wakeup(&fp->f_vnread_flags); - fp->f_vnread_flags = 0; - mtx_unlock(mtxp); - } fp->f_nextoff = uio->uio_offset; VOP_UNLOCK(vp, 0); + if (vp->v_type != VCHR) + vn_finished_write(mp); +unlock: VFS_UNLOCK_GIANT(vfslocked); return (error); } @@ -555,24 +745,18 @@ vn_read(fp, uio, active_cred, flags, td) * File table vnode write routine. */ static int -vn_write(fp, uio, active_cred, flags, td) - struct file *fp; - struct uio *uio; - struct ucred *active_cred; - struct thread *td; - int flags; +vn_write(struct file *fp, struct uio *uio, struct ucred *active_cred, int flags, + struct thread *td) { struct vnode *vp; - struct mount *mp; - int error, ioflag; - int vfslocked; + vm_page_t m_hold[uio_hold_pages]; + struct rl_q_entry rl_entry; + void *rl_cookie; + int ioflag, error; KASSERT(uio->uio_td == td, ("uio_td %p is not td %p", uio->uio_td, td)); vp = fp->f_vnode; - vfslocked = VFS_LOCK_GIANT(vp->v_mount); - if (vp->v_type == VREG) - bwillwrite(); ioflag = IO_UNIT; if (vp->v_type == VREG && (fp->f_flag & O_APPEND)) ioflag |= IO_APPEND; @@ -583,27 +767,23 @@ vn_write(fp, uio, active_cred, flags, td) if ((fp->f_flag & O_FSYNC) || (vp->v_mount && (vp->v_mount->mnt_flag & MNT_SYNCHRONOUS))) ioflag |= IO_SYNC; - mp = NULL; - if (vp->v_type != VCHR && - (error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) - goto unlock; - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); - if ((flags & FOF_OFFSET) == 0) - uio->uio_offset = fp->f_offset; - ioflag |= sequential_heuristic(uio, fp); -#ifdef MAC - error = mac_vnode_check_write(active_cred, fp->f_cred, vp); - if (error == 0) -#endif - error = VOP_WRITE(vp, uio, ioflag, fp->f_cred); - if ((flags & FOF_OFFSET) == 0) - fp->f_offset = uio->uio_offset; - fp->f_nextoff = uio->uio_offset; - VOP_UNLOCK(vp, 0); - if (vp->v_type != VCHR) - vn_finished_write(mp); -unlock: - VFS_UNLOCK_GIANT(vfslocked); + if (vp->v_type == VREG) { + if ((ioflag & IO_APPEND) || !(flags & FOF_OFFSET)) + /* + * For appenders, punt and lock the whole + * range. It also protects f_offset. + */ + rl_cookie = rangelock_wlock(vp, &rl_entry, + 0, (size_t)-1); + else + rl_cookie = rangelock_wlock(vp, &rl_entry, + uio->uio_offset, uio->uio_resid); + } else + rl_cookie = NULL; + error = do_vn_rw_chunked(fp, uio, active_cred, flags, ioflag, td, + m_hold, vn_write_wired_chunk); + if (rl_cookie != NULL) + rangelock_unlock(vp, rl_cookie); return (error); } diff --git a/sys/modules/cxgb/tom/Makefile b/sys/modules/cxgb/tom/Makefile index 2b8750a..d2566fd 100644 --- a/sys/modules/cxgb/tom/Makefile +++ b/sys/modules/cxgb/tom/Makefile @@ -5,7 +5,7 @@ CXGB = ${.CURDIR}/../../../dev/cxgb KMOD= tom SRCS= cxgb_tom.c cxgb_cpl_io.c cxgb_listen.c cxgb_tom_sysctl.c cxgb_cpl_socket.c -SRCS+= cxgb_ddp.c cxgb_vm.c cxgb_l2t.c cxgb_tcp_offload.c +SRCS+= cxgb_ddp.c cxgb_l2t.c cxgb_tcp_offload.c SRCS+= opt_compat.h opt_inet.h opt_inet6.h opt_ipsec.h opt_mac.h SRCS+= opt_tcpdebug.h opt_ddb.h opt_sched.h opt_global.h opt_ktr.h SRCS+= device_if.h bus_if.h pci_if.h diff --git a/sys/sys/proc.h b/sys/sys/proc.h index 96f811d..9ce96da 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -236,6 +236,9 @@ struct thread { struct file *td_fpop; /* (k) file referencing cdev under op */ int td_dbgflags; /* (c) Userland debugger flags */ struct osd td_osd; /* (k) Object specific data. */ + vm_offset_t td_faultaddr; /* (k) fault address for TDP_VMUIODEADLK */ + vm_offset_t td_iov_base; /* (k) the region where VMUIODEADLK ... */ + size_t td_iov_len; /* (k) ... is handled */ #define td_endzero td_base_pri /* Copied during fork1() or thread_sched_upcall(). */ @@ -353,7 +356,7 @@ do { \ #define TDP_COWINPROGRESS 0x00000010 /* Snapshot copy-on-write in progress. */ #define TDP_ALTSTACK 0x00000020 /* Have alternate signal stack. */ #define TDP_DEADLKTREAT 0x00000040 /* Lock aquisition - deadlock treatment. */ -#define TDP_UNUSED80 0x00000080 /* available. */ +#define TDP_VMUIODEADLK 0x00000080 /* Non-blocking vm_fault required. */ #define TDP_NOSLEEPING 0x00000100 /* Thread is not allowed to sleep on a sq. */ #define TDP_OWEUPC 0x00000200 /* Call addupc() at next AST. */ #define TDP_ITHREAD 0x00000400 /* Thread is an interrupt thread. */ diff --git a/sys/sys/rangelock.h b/sys/sys/rangelock.h new file mode 100644 index 0000000..4a5ac1e --- /dev/null +++ b/sys/sys/rangelock.h @@ -0,0 +1,50 @@ +/*- + * Copyright (c) 2009 Konstantin Belousov + * All rights reserved. + * + * $FreeBSD$ + */ + +#ifndef _SYS_RANGELOCK_H +#define _SYS_RANGELOCK_H + +#include +#include +#include +#include +#include + +#ifdef _KERNEL + +struct vnode; + +struct rl_q_entry +{ + TAILQ_ENTRY(rl_q_entry) rl_q_link; + size_t rl_q_start, rl_q_end; + int rl_q_flags; +}; + +#define RL_LOCK_READ 0x0001 +#define RL_LOCK_WRITE 0x0002 +#define RL_LOCK_TYPE_MASK 0x0003 +#define RL_LOCK_GRANTED 0x0004 + +struct rangelock +{ + TAILQ_HEAD(, rl_q_entry) rl_waiters; + struct rl_q_entry *rl_currdep; +}; + +void rangelock_init(struct rangelock *lock); +void rangelock_destroy(struct rangelock *lock); +void rangelock_unlock(struct vnode *vp, void *cookie); +void *rangelock_unlock_range(struct vnode *vp, void *cookie, off_t base, + size_t len); +void *rangelock_rlock(struct vnode *vp, struct rl_q_entry *entry, + off_t base, size_t len); +void *rangelock_wlock(struct vnode *vp, struct rl_q_entry *entry, + off_t base, size_t len); +#endif + +#endif diff --git a/sys/sys/uio.h b/sys/sys/uio.h index 871f93a..6a7cce7 100644 --- a/sys/sys/uio.h +++ b/sys/sys/uio.h @@ -68,8 +68,11 @@ struct uio { enum uio_seg uio_segflg; /* address space */ enum uio_rw uio_rw; /* operation */ struct thread *uio_td; /* owner */ + int uio_flags; }; +#define UIO_ROLLBACK 0x0001 + /* * Limits * @@ -100,6 +103,8 @@ int uiomove_frombuf(void *buf, int buflen, struct uio *uio); int uiomove_fromphys(struct vm_page *ma[], vm_offset_t offset, int n, struct uio *uio); int uiomoveco(void *cp, int n, struct uio *uio, int disposable); +void fwduio(struct uio *uip, int cnt); +void copyuio(struct uio *dst, struct uio *src); #else /* !_KERNEL */ diff --git a/sys/sys/vnode.h b/sys/sys/vnode.h index 0a3d1dc..af760a5 100644 --- a/sys/sys/vnode.h +++ b/sys/sys/vnode.h @@ -38,6 +38,7 @@ #include #include #include +#include #include #include #include @@ -168,7 +169,8 @@ struct vnode { */ struct vpollinfo *v_pollinfo; /* G Poll events, p for *v_pi */ struct label *v_label; /* MAC label for vnode */ - struct lockf *v_lockf; /* Byte-level lock list */ + struct lockf *v_lockf; /* Byte-level adv lock list */ + struct rangelock v_rl; /* Byte-range lock */ }; #endif /* defined(_KERNEL) || defined(_KVM_VNODE) */ diff --git a/sys/ufs/ffs/ffs_vnops.c b/sys/ufs/ffs/ffs_vnops.c index 1abb994..34d75e5 100644 --- a/sys/ufs/ffs/ffs_vnops.c +++ b/sys/ufs/ffs/ffs_vnops.c @@ -632,8 +632,8 @@ ffs_write(ap) struct buf *bp; struct thread *td; ufs_lbn_t lbn; - off_t osize; - int seqcount; + off_t osize, s_size; + int seqcount, s_resid; int blkoffset, error, flags, ioflag, resid, size, xfersize; vp = ap->a_vp; @@ -707,6 +707,7 @@ ffs_write(ap) lbn = lblkno(fs, uio->uio_offset); blkoffset = blkoff(fs, uio->uio_offset); xfersize = fs->fs_bsize - blkoffset; + s_size = ip->i_size; if (uio->uio_resid < xfersize) xfersize = uio->uio_resid; if (uio->uio_offset + xfersize > ip->i_size) @@ -734,8 +735,10 @@ ffs_write(ap) * the prior contents of the pages exposed to a userland * mmap(). XXX deal with uiomove() errors a better way. */ - if ((bp->b_flags & B_CACHE) == 0 && fs->fs_bsize <= xfersize) + if ((bp->b_flags & B_CACHE) == 0 /*&& fs->fs_bsize <= xfersize*/) { vfs_bio_clrbuf(bp); + flags |= BA_CLRBUF; + } if (ioflag & IO_DIRECT) bp->b_flags |= B_DIRECT; if ((ioflag & (IO_SYNC|IO_INVAL)) == (IO_SYNC|IO_INVAL)) @@ -750,6 +753,7 @@ ffs_write(ap) if (size < xfersize) xfersize = size; + s_resid = uio->uio_resid; error = uiomove((char *)bp->b_data + blkoffset, (int)xfersize, uio); if ((ioflag & (IO_VMIO|IO_DIRECT)) && @@ -757,6 +761,41 @@ ffs_write(ap) bp->b_flags |= B_RELBUF; } + if (error == ERESTART && !(flags & BA_CLRBUF)) { + /* + * When uiomove() failed due to vm_fault + * cowardly refused to process a dangerous + * page-in, and the previous content of the + * buffer is garbage, e.g. because supposed + * transfer length was big enough to cover the + * whole buffer, discard it. + */ + if (LIST_EMPTY(&bp->b_dep)) { + bp->b_flags |= B_RELBUF | B_NOCACHE | B_INVAL; + brelse(bp); + } else { + /* + * But cannot discard the buffer with + * dependencies. Since the buffer is + * newly allocated, fill it with + * zeros. If the buffer extended the + * file, truncate. + */ + vfs_bio_clrbuf(bp); + if (ioflag & IO_SYNC) + bwrite(bp); + else + bawrite(bp); + ffs_truncate(vp, s_size, + IO_NORMAL | (ioflag & IO_SYNC), ap->a_cred, + uio->uio_td); + } + uio->uio_offset -= s_resid - uio->uio_resid; + uio->uio_resid = s_resid; + uio->uio_flags |= UIO_ROLLBACK; + break; + } + /* * If IO_SYNC each buffer is written synchronously. Otherwise * if we have a severe page deficiency write the buffer @@ -808,6 +847,8 @@ ffs_write(ap) ap->a_cred, uio->uio_td); uio->uio_offset -= resid - uio->uio_resid; uio->uio_resid = resid; + if (error == ERESTART) + uio->uio_flags |= UIO_ROLLBACK; } } else if (resid > uio->uio_resid && (ioflag & IO_SYNC)) error = ffs_update(vp, 1); diff --git a/sys/vm/vm_extern.h b/sys/vm/vm_extern.h index 475a20e..f2b4d16 100644 --- a/sys/vm/vm_extern.h +++ b/sys/vm/vm_extern.h @@ -34,11 +34,13 @@ #define _VM_EXTERN_H_ struct buf; +struct iovec; struct proc; struct vmspace; struct vmtotal; struct mount; struct vnode; +struct uio; #ifdef _KERNEL @@ -56,6 +58,9 @@ void swapout_procs(int); int useracc(void *, int, int); int vm_fault(vm_map_t, vm_offset_t, vm_prot_t, int); void vm_fault_copy_entry(vm_map_t, vm_map_t, vm_map_entry_t, vm_map_entry_t); +int vm_fault_hold_user_pages(vm_map_t map, vm_offset_t addr, + vm_page_t *mp, int count, vm_prot_t prot); +void vm_fault_unhold_pages(vm_page_t *mp, int count); void vm_fault_unwire(vm_map_t, vm_offset_t, vm_offset_t, boolean_t); int vm_fault_wire(vm_map_t, vm_offset_t, vm_offset_t, boolean_t, boolean_t); int vm_forkproc(struct thread *, struct proc *, struct thread *, struct vmspace *, int); @@ -84,5 +89,9 @@ int vm_thread_new(struct thread *td, int pages); int vm_thread_new_altkstack(struct thread *td, int pages); void vm_thread_swapin(struct thread *td); void vm_thread_swapout(struct thread *td); +int vm_wireuio(struct uio *uiop, struct vm_page *m_hold[], int wire_bytes, + int *wired_pages); +void vm_unwireuio(struct uio *, struct vm_page *m_hold[], int wired_pages); + #endif /* _KERNEL */ #endif /* !_VM_EXTERN_H_ */ diff --git a/sys/vm/vm_fault.c b/sys/vm/vm_fault.c index 3a21616..d354c92 100644 --- a/sys/vm/vm_fault.c +++ b/sys/vm/vm_fault.c @@ -1,4 +1,30 @@ /*- + +Copyright (c) 2007-2008, Chelsio Inc. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Neither the name of the Chelsio Corporation nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * Copyright (c) 1994 John S. Dyson @@ -206,9 +232,9 @@ unlock_and_deallocate(struct faultstate *fs) * The map in question must be referenced, and remains so. * Caller may hold no locks. */ -int -vm_fault(vm_map_t map, vm_offset_t vaddr, vm_prot_t fault_type, - int fault_flags) +static int +vm_fault_hold(vm_map_t map, vm_offset_t vaddr, vm_prot_t fault_type, + int fault_flags, struct vm_page **m_hold) { vm_prot_t prot; int is_first_object_locked, result; @@ -220,8 +246,20 @@ vm_fault(vm_map_t map, vm_offset_t vaddr, vm_prot_t fault_type, int faultcount, ahead, behind; struct faultstate fs; struct vnode *vp; + struct thread *td; int locked, error; + td = curthread; + if (td->td_pflags & TDP_VMUIODEADLK) { + KASSERT(td->td_iov_base <= vaddr && + vaddr < td->td_iov_base + td->td_iov_len, + ("uiomove EFAULT %jx %jx %d\n", (uintmax_t)vaddr, + (uintmax_t)td->td_iov_base, td->td_iov_len)); + td->td_faultaddr = vaddr; + return (KERN_VMUIODEADLOCK); + } + vaddr = trunc_page(vaddr); + hardfault = 0; growstack = TRUE; PCPU_INC(cnt.v_vm_faults); @@ -949,6 +987,10 @@ vnode_locked: } else { vm_page_activate(fs.m); } + if (m_hold != NULL) { + *m_hold = fs.m; + vm_page_hold(fs.m); + } vm_page_unlock_queues(); vm_page_wakeup(fs.m); @@ -964,6 +1006,14 @@ vnode_locked: return (KERN_SUCCESS); } +int +vm_fault(vm_map_t map, vm_offset_t vaddr, vm_prot_t fault_type, + int fault_flags) +{ + + return (vm_fault_hold(map, vaddr, fault_type, fault_flags, NULL)); +} + /* * vm_fault_prefault provides a quick way of clustering * pagefaults into a processes address space. It is a "cousin" @@ -1360,3 +1410,108 @@ vm_fault_additional_pages(m, rbehind, rahead, marray, reqpage) /* return number of pages */ return i; } + +/* + * This routine takes a user's map, array of pages, number of pages, and flags + * and then does the following: + * - validate that the user has access to those pages (flags indicates read + * or write) - if not fail + * - validate that count is enough to hold range number of pages - if not fail + * - fault in any non-resident pages + * - if the user is doing a read force a write fault for any COWed pages + * - if the user is doing a read mark all pages as dirty + * - hold all pages + */ +int +vm_fault_hold_user_pages(vm_map_t map, vm_offset_t addr, vm_page_t *mp, + int count, vm_prot_t prot) +{ + vm_offset_t end, va; + int faults, rv; + pmap_t pmap; + vm_page_t m, *pages; + + pmap = vm_map_pmap(map); + pages = mp; + addr &= ~PAGE_MASK; + + /* + * Check that virtual address range is legal. + * This check is somewhat bogus as on some architectures kernel + * and user do not share VA - however, it appears that all FreeBSD + * architectures define it + */ + end = addr + (count * PAGE_SIZE); + if (end > VM_MAXUSER_ADDRESS) + return (EFAULT); + + /* + * First optimistically assume that all pages are resident + * (and R/W if for write) if so just mark pages as held (and + * dirty if for write) and return. + */ + vm_page_lock_queues(); + for (pages = mp, faults = 0, va = addr; va < end; + va += PAGE_SIZE, pages++) { + /* + * Page queue mutex is recursable so this is OK. + * It would be really nice if we had an unlocked + * version of this so we were only acquiring the + * pmap lock 1 time as opposed to potentially + * many dozens of times. + */ + *pages = m = pmap_extract_and_hold(pmap, va, prot); + if (m == NULL) { + faults++; + continue; + } + + /* + * Preemptively mark dirty - the pages will never have + * the modified bit set if they are only changed via + * DMA. + */ + if (prot & VM_PROT_WRITE) + vm_page_dirty(m); + } + vm_page_unlock_queues(); + + if (faults == 0) + return (0); + + /* + * Pages either have insufficient permissions or are not present + * trigger a fault where neccessary. + */ + rv = 0; + for (pages = mp, va = addr; va < end; va += PAGE_SIZE, pages++) { + rv = vm_fault_hold(map, va, prot, (prot & VM_PROT_WRITE) ? + VM_FAULT_DIRTY : VM_FAULT_NORMAL, pages); + if (rv) + goto error; + } + return (0); + +error: + vm_page_lock_queues(); + for (pages = mp, va = addr; va < end; va += PAGE_SIZE, pages++) + if (*pages) { + vm_page_unhold(*pages); + *pages = NULL; + } + vm_page_unlock_queues(); + return (EFAULT); +} + +void +vm_fault_unhold_pages(vm_page_t *mp, int count) +{ + + KASSERT(count >= 0, ("negative count %d", count)); + vm_page_lock_queues(); + while (count--) { + vm_page_unhold(*mp); + mp++; + } + vm_page_unlock_queues(); +} diff --git a/sys/vm/vm_kern.c b/sys/vm/vm_kern.c index 96fe61b..20dd38f 100644 --- a/sys/vm/vm_kern.c +++ b/sys/vm/vm_kern.c @@ -356,7 +356,7 @@ retry: vm_page_unlock_queues(); } VM_OBJECT_UNLOCK(kmem_object); - vm_map_delete(map, addr, addr + size); + vm_map_delete(map, addr, addr + size, FALSE); vm_map_unlock(map); return (0); } @@ -380,11 +380,6 @@ retry: panic("kmem_malloc: entry not found or misaligned"); entry->wired_count = 1; - /* - * At this point, the kmem_object must be unlocked because - * vm_map_simplify_entry() calls vm_object_deallocate(), which - * locks the kmem_object. - */ vm_map_simplify_entry(map, entry); /* @@ -458,7 +453,8 @@ kmem_free_wakeup(map, addr, size) { vm_map_lock(map); - (void) vm_map_delete(map, trunc_page(addr), round_page(addr + size)); + (void) vm_map_delete(map, trunc_page(addr), round_page(addr + size), + FALSE); if (map->needs_wakeup) { map->needs_wakeup = FALSE; vm_map_wakeup(map); diff --git a/sys/vm/vm_map.c b/sys/vm/vm_map.c index 32fdfde..3f19a49 100644 --- a/sys/vm/vm_map.c +++ b/sys/vm/vm_map.c @@ -454,26 +454,50 @@ _vm_map_lock(vm_map_t map, const char *file, int line) } void -_vm_map_unlock(vm_map_t map, const char *file, int line) +_vm_map_unlock(vm_map_t map, boolean_t process_freelist, const char *file, + int line) { vm_map_entry_t free_entry, entry; vm_object_t object; + struct vnode *vp; + struct mount *mp; - free_entry = map->deferred_freelist; - map->deferred_freelist = NULL; + free_entry = NULL; /* to please gcc */ + if (process_freelist) { + free_entry = map->deferred_freelist; + map->deferred_freelist = NULL; + } if (map->system_map) _mtx_unlock_flags(&map->system_mtx, 0, file, line); else _sx_xunlock(&map->lock, file, line); + if (!process_freelist) + return; + while (free_entry != NULL) { entry = free_entry; free_entry = free_entry->next; + KASSERT((entry->eflags & MAP_ENTRY_LINKED) == 0 && + (entry->eflags & MAP_ENTRY_UNLINKED) != 0 && + (entry->eflags & MAP_ENTRY_ON_FREELIST) != 0, + ("vm_map_unlock: eflags %p", entry)); + if ((entry->eflags & MAP_ENTRY_IS_SUB_MAP) == 0) { object = entry->object.vm_object; + mp = NULL; + if (entry->eflags & MAP_ENTRY_VN_WRITECNT) { + vp = object->handle; + vn_start_write(vp, &mp, V_WAIT); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); + vp->v_writecount--; + VOP_UNLOCK(vp, 0); + } vm_object_deallocate(object); + if (mp != NULL) + vn_finished_write(mp); } vm_map_entry_dispose(map, entry); @@ -630,7 +654,7 @@ vm_map_unlock_and_wait(vm_map_t map, int timo) { mtx_lock(&map_sleep_mtx); - vm_map_unlock(map); + _vm_map_unlock(map, FALSE, LOCK_FILE, LOCK_LINE); return (msleep(&map->root, &map_sleep_mtx, PDROP | PVM, "vmmaps", timo)); } @@ -692,6 +716,9 @@ _vm_map_init(vm_map_t map, vm_offset_t min, vm_offset_t max) { map->header.next = map->header.prev = &map->header; +#ifdef INVARIANTS + map->header.eflags = MAP_ENTRY_LINKED; +#endif map->needs_wakeup = FALSE; map->system_map = 0; map->min_offset = min; @@ -742,6 +769,135 @@ vm_map_entry_create(vm_map_t map) } /* + * vm_map_entry_inc_vn_wcnt: [ internal use only ] + * + * Increments v_writecount for the vnode that backs writeable + * mapping by the entry. To satisfy lock order between map lock + * and vnode lock, map lock might be dropped. In this case, the + * entry is marked as in transition to prevent entry removal. + + * The increment is postponed for the map entry that is in + * transition, when the transition was not set by the caller. In + * this case, MAP_ENTRY_VN_WRITECNT flag is transfered to + * MAP_ENTRY_DEFER_WRITECNT, and the owner of the transition + * state should call this function before lifting the + * MAP_ENTRY_IN_TRANSITION flag. + * + * When called from vm_map_clip_start of vm_map_entry_clip_end + * and going to drop the map lock, protect both the entry and the + * second part of the clipped region, that is passed in the + * neighbour parameter. + */ +static void +vm_map_entry_inc_vn_wcnt(vm_map_t map, vm_map_entry_t entry, + vm_map_entry_t neighbour, boolean_t transition_owner) +{ + struct vnode *vp; + vm_offset_t start, end, n_start, n_end; + boolean_t clear_transition, need_wakeup; + int last_timestamp; + + VM_MAP_ASSERT_LOCKED(map); + KASSERT((entry->eflags & MAP_ENTRY_LINKED) != 0 && + (entry->eflags & MAP_ENTRY_UNLINKED) == 0 && + (entry->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_entry_inc_vn_wcnt: eflags1 %p", entry)); + KASSERT(neighbour == NULL || entry->eflags == neighbour->eflags, + ("vm_map_entry_inc_vn_wcnt: wrong neighbour")); + + if ((entry->eflags & (MAP_ENTRY_VN_WRITECNT | + MAP_ENTRY_DEFER_WRITECNT)) == 0) + return; + KASSERT((entry->eflags & MAP_ENTRY_VN_WRITECNT) == 0 || + (entry->eflags & MAP_ENTRY_DEFER_WRITECNT) == 0, + ("vm_map_entry_inc_vn_wcnt: both %p", entry)); + KASSERT(!transition_owner || + (entry->eflags & MAP_ENTRY_IN_TRANSITION) != 0, + ("transition_owner but no transition %p", entry)); + if (!transition_owner && + (entry->eflags & MAP_ENTRY_IN_TRANSITION) != 0) { + if ((entry->eflags & MAP_ENTRY_VN_WRITECNT) != 0) { + entry->eflags &= ~MAP_ENTRY_VN_WRITECNT; + entry->eflags |= MAP_ENTRY_DEFER_WRITECNT; + } + return; + } + if ((entry->eflags & MAP_ENTRY_IN_TRANSITION) != 0) { + KASSERT(transition_owner, ("not transition owner %p", entry)); + clear_transition = FALSE; + } else { + clear_transition = TRUE; + entry->eflags |= MAP_ENTRY_IN_TRANSITION; + if (neighbour != NULL) + neighbour->eflags |= MAP_ENTRY_IN_TRANSITION; + } + start = entry->start; + end = entry->end; + if (neighbour != NULL) { + n_start = neighbour->start; + n_end = neighbour->end; + } else + n_start = n_end = 0; + vp = entry->object.vm_object->handle; + vhold(vp); + if (vn_lock(vp, LK_EXCLUSIVE | LK_NOWAIT) == 0) + goto incr; + last_timestamp = map->timestamp; + vm_map_unlock(map); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); + vm_map_lock(map); + if (last_timestamp + 1 != map->timestamp) { + if (!vm_map_lookup_entry(map, start, &entry)) + panic("vm_map_entry_inc_vn_wcnt: lost entry"); + if (clear_transition && neighbour != NULL && + !vm_map_lookup_entry(map, n_start, &neighbour)) + panic("vm_map_entry_inc_vn_wcnt: lost neighbour entry"); + } +incr: + for (need_wakeup = FALSE; entry != &map->header && entry->start < end; + entry = entry->next) { + /* + * Only clipping is allowed for an entry marked as in + * transition. Make a single pass to increment + * v_writecount for all clip splinters and fix their + * flags accordingly. + */ + KASSERT(entry->object.vm_object != NULL && + entry->object.vm_object->type == OBJT_VNODE && + entry->object.vm_object->handle == (void *)vp, + ("vm_map_entry_inc_vn_wcnt: not a clip")); + KASSERT((entry->eflags & MAP_ENTRY_LINKED) != 0 && + (entry->eflags & MAP_ENTRY_UNLINKED) == 0 && + (entry->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_entry_inc_vn_wcnt: eflags2 %p", entry)); + vp->v_writecount += 1; + entry->eflags &= ~MAP_ENTRY_DEFER_WRITECNT; + entry->eflags |= MAP_ENTRY_VN_WRITECNT; + if (clear_transition) { + if (entry->eflags & MAP_ENTRY_NEEDS_WAKEUP) { + entry->eflags &= ~MAP_ENTRY_NEEDS_WAKEUP; + need_wakeup = TRUE; + } + entry->eflags &= ~MAP_ENTRY_IN_TRANSITION; + } + } + VOP_UNLOCK(vp, 0); + vdrop(vp); + if (clear_transition && neighbour != NULL) { + for (; neighbour != &map->header && neighbour->start < n_end; + neighbour = neighbour->next) { + if (neighbour->eflags & MAP_ENTRY_NEEDS_WAKEUP) { + neighbour->eflags &= ~MAP_ENTRY_NEEDS_WAKEUP; + need_wakeup = TRUE; + } + neighbour->eflags &= ~MAP_ENTRY_IN_TRANSITION; + } + } + if (need_wakeup) + vm_map_wakeup(map); +} + +/* * vm_map_entry_set_behavior: * * Set the expected access behavior, either normal, random, or @@ -919,6 +1075,9 @@ vm_map_entry_link(vm_map_t map, entry->next->start) - entry->end; vm_map_entry_set_max_free(entry); map->root = entry; +#ifdef INVARIANTS + entry->eflags |= MAP_ENTRY_LINKED; +#endif } static void @@ -928,6 +1087,11 @@ vm_map_entry_unlink(vm_map_t map, vm_map_entry_t next, prev, root; VM_MAP_ASSERT_LOCKED(map); + KASSERT((entry->eflags & MAP_ENTRY_LINKED) != 0 && + (entry->eflags & MAP_ENTRY_UNLINKED) == 0 && + (entry->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_entry_unlink: eflags %p", entry)); + if (entry != map->root) vm_map_entry_splay(entry->start, map->root); if (entry->left == NULL) @@ -948,6 +1112,10 @@ vm_map_entry_unlink(vm_map_t map, map->nentries--; CTR3(KTR_VM, "vm_map_entry_unlink: map %p, nentries %d, entry %p", map, map->nentries, entry); +#ifdef INVARIANTS + entry->eflags &= ~MAP_ENTRY_LINKED; + entry->eflags |= MAP_ENTRY_UNLINKED; +#endif } /* @@ -1005,6 +1173,10 @@ vm_map_lookup_entry( *entry = &map->header; else if (address >= cur->start && cur->end > address) { *entry = cur; + KASSERT(((*entry)->eflags & MAP_ENTRY_LINKED) != 0 && + ((*entry)->eflags & MAP_ENTRY_UNLINKED) == 0 && + ((*entry)->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_lookup_entry: eflags %p", *entry)); return (TRUE); } else if ((locked = vm_map_locked(map)) || sx_try_upgrade(&map->lock)) { @@ -1025,6 +1197,10 @@ vm_map_lookup_entry( */ if (address >= cur->start) { *entry = cur; + KASSERT(((*entry)->eflags & MAP_ENTRY_LINKED) != 0 && + ((*entry)->eflags & MAP_ENTRY_UNLINKED) == 0 && + ((*entry)->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_lookup_entry: eflags %p", *entry)); if (cur->end > address) return (TRUE); } else @@ -1043,6 +1219,10 @@ vm_map_lookup_entry( cur = cur->left; } else if (cur->end > address) { *entry = cur; + KASSERT(((*entry)->eflags & MAP_ENTRY_LINKED) != 0 && + ((*entry)->eflags & MAP_ENTRY_UNLINKED) == 0 && + ((*entry)->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_lookup_entry: eflags %p", *entry)); return (TRUE); } else { if (cur->right == NULL) { @@ -1052,6 +1232,10 @@ vm_map_lookup_entry( cur = cur->right; } } + KASSERT(((*entry)->eflags & MAP_ENTRY_LINKED) != 0 && + ((*entry)->eflags & MAP_ENTRY_UNLINKED) == 0 && + ((*entry)->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_lookup_entry: eflags %p", *entry)); return (FALSE); } @@ -1076,6 +1260,7 @@ vm_map_insert(vm_map_t map, vm_object_t object, vm_ooffset_t offset, vm_map_entry_t prev_entry; vm_map_entry_t temp_entry; vm_eflags_t protoeflags; + struct vnode *vp; VM_MAP_ASSERT_LOCKED(map); @@ -1189,12 +1374,21 @@ vm_map_insert(vm_map_t map, vm_object_t object, vm_ooffset_t offset, new_entry->protection = prot; new_entry->max_protection = max; new_entry->wired_count = 0; + new_entry->pin_count = 0; /* * Insert the new entry into the list */ vm_map_entry_link(map, prev_entry, new_entry); map->size += new_entry->end - new_entry->start; + if (object != NULL && object->type == OBJT_VNODE && + (new_entry->max_protection & VM_PROT_WRITE) != 0 && + (cow & MAP_COPY_ON_WRITE) == 0) { + vp = object->handle; + ASSERT_VOP_ELOCKED(vp, "vm_map_insert inc v_writecount"); + vp->v_writecount++; + new_entry->eflags |= MAP_ENTRY_VN_WRITECNT; + } #if 0 /* @@ -1321,7 +1515,7 @@ vm_map_fixed(vm_map_t map, vm_object_t object, vm_ooffset_t offset, end = start + length; vm_map_lock(map); VM_MAP_RANGE_CHECK(map, start, end); - (void) vm_map_delete(map, start, end); + (void) vm_map_delete(map, start, end, TRUE); result = vm_map_insert(map, object, offset, start, end, prot, max, cow); vm_map_unlock(map); @@ -1384,6 +1578,11 @@ vm_map_simplify_entry(vm_map_t map, vm_map_entry_t entry) vm_map_entry_t next, prev; vm_size_t prevsize, esize; + KASSERT((entry->eflags & MAP_ENTRY_LINKED) != 0 && + (entry->eflags & MAP_ENTRY_UNLINKED) == 0 && + (entry->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_simplify_entry: eflags %p", entry)); + if (entry->eflags & (MAP_ENTRY_IN_TRANSITION | MAP_ENTRY_IS_SUB_MAP)) return; @@ -1398,25 +1597,19 @@ vm_map_simplify_entry(vm_map_t map, vm_map_entry_t entry) (prev->protection == entry->protection) && (prev->max_protection == entry->max_protection) && (prev->inheritance == entry->inheritance) && - (prev->wired_count == entry->wired_count)) { + (prev->wired_count == entry->wired_count) && + (prev->pin_count == entry->pin_count)) { vm_map_entry_unlink(map, prev); entry->start = prev->start; entry->offset = prev->offset; if (entry->prev != &map->header) vm_map_entry_resize_free(map, entry->prev); - /* - * If the backing object is a vnode object, - * vm_object_deallocate() calls vrele(). - * However, vrele() does not lock the vnode - * because the vnode has additional - * references. Thus, the map lock can be kept - * without causing a lock-order reversal with - * the vnode lock. - */ - if (prev->object.vm_object) - vm_object_deallocate(prev->object.vm_object); - vm_map_entry_dispose(map, prev); + prev->next = map->deferred_freelist; + map->deferred_freelist = prev; +#ifdef INVARIANTS + prev->eflags |= MAP_ENTRY_ON_FREELIST; +#endif } } @@ -1431,17 +1624,17 @@ vm_map_simplify_entry(vm_map_t map, vm_map_entry_t entry) (next->protection == entry->protection) && (next->max_protection == entry->max_protection) && (next->inheritance == entry->inheritance) && - (next->wired_count == entry->wired_count)) { + (next->wired_count == entry->wired_count) && + (next->pin_count == entry->pin_count)) { vm_map_entry_unlink(map, next); entry->end = next->end; vm_map_entry_resize_free(map, entry); - /* - * See comment above. - */ - if (next->object.vm_object) - vm_object_deallocate(next->object.vm_object); - vm_map_entry_dispose(map, next); + next->next = map->deferred_freelist; + map->deferred_freelist = next; +#ifdef INVARIANTS + next->eflags |= MAP_ENTRY_ON_FREELIST; +#endif } } } @@ -1452,10 +1645,10 @@ vm_map_simplify_entry(vm_map_t map, vm_map_entry_t entry) * the specified address; if necessary, * it splits the entry into two. */ -#define vm_map_clip_start(map, entry, startaddr) \ +#define vm_map_clip_start(map, entry, startaddr) \ { \ - if (startaddr > entry->start) \ - _vm_map_clip_start(map, entry, startaddr); \ + if (startaddr > (*entry)->start) \ + _vm_map_clip_start(map, entry, startaddr); \ } /* @@ -1463,10 +1656,14 @@ vm_map_simplify_entry(vm_map_t map, vm_map_entry_t entry) * the entry must be split. */ static void -_vm_map_clip_start(vm_map_t map, vm_map_entry_t entry, vm_offset_t start) +_vm_map_clip_start(vm_map_t map, vm_map_entry_t *pentry, vm_offset_t start) { - vm_map_entry_t new_entry; + vm_map_entry_t entry, new_entry; + int last_timestamp; + entry = *pentry; + KASSERT((entry->eflags & MAP_ENTRY_IS_HOLDER) == 0, + ("Holder %p in vm_map_clip_start", entry)); VM_MAP_ASSERT_LOCKED(map); /* @@ -1486,7 +1683,7 @@ _vm_map_clip_start(vm_map_t map, vm_map_entry_t entry, vm_offset_t start) if (entry->object.vm_object == NULL && !map->system_map) { vm_object_t object; object = vm_object_allocate(OBJT_DEFAULT, - atop(entry->end - entry->start)); + atop(entry->end - entry->start)); entry->object.vm_object = object; entry->offset = 0; } @@ -1502,6 +1699,13 @@ _vm_map_clip_start(vm_map_t map, vm_map_entry_t entry, vm_offset_t start) if ((entry->eflags & MAP_ENTRY_IS_SUB_MAP) == 0) { vm_object_reference(new_entry->object.vm_object); + last_timestamp = map->timestamp; + vm_map_entry_inc_vn_wcnt(map, new_entry, entry, FALSE); + if (last_timestamp != map->timestamp && + last_timestamp + 1 != map->timestamp) { + if (!vm_map_lookup_entry(map, start, pentry)) + panic("vm_map_clip_start: lost entry"); + } } } @@ -1514,7 +1718,7 @@ _vm_map_clip_start(vm_map_t map, vm_map_entry_t entry, vm_offset_t start) */ #define vm_map_clip_end(map, entry, endaddr) \ { \ - if ((endaddr) < (entry->end)) \ + if ((endaddr) < ((*entry)->end)) \ _vm_map_clip_end((map), (entry), (endaddr)); \ } @@ -1523,9 +1727,20 @@ _vm_map_clip_start(vm_map_t map, vm_map_entry_t entry, vm_offset_t start) * the entry must be split. */ static void -_vm_map_clip_end(vm_map_t map, vm_map_entry_t entry, vm_offset_t end) +_vm_map_clip_end(vm_map_t map, vm_map_entry_t *pentry, vm_offset_t end) { - vm_map_entry_t new_entry; + vm_map_entry_t entry, new_entry; + int last_timestamp; + vm_offset_t entry_start; + + entry = *pentry; + KASSERT((entry->eflags & MAP_ENTRY_IS_HOLDER) == 0, + ("Holder %p in vm_map_clip_end", entry)); + KASSERT((entry->eflags & MAP_ENTRY_LINKED) != 0 && + (entry->eflags & MAP_ENTRY_UNLINKED) == 0 && + (entry->eflags & MAP_ENTRY_ON_FREELIST) == 0, + ("vm_map_clip_end: eflags %p", entry)); + VM_MAP_ASSERT_LOCKED(map); @@ -1557,6 +1772,14 @@ _vm_map_clip_end(vm_map_t map, vm_map_entry_t entry, vm_offset_t end) if ((entry->eflags & MAP_ENTRY_IS_SUB_MAP) == 0) { vm_object_reference(new_entry->object.vm_object); + entry_start = entry->start; + last_timestamp = map->timestamp; + vm_map_entry_inc_vn_wcnt(map, new_entry, entry, FALSE); + if (last_timestamp != map->timestamp && + last_timestamp + 1 != map->timestamp) { + if (!vm_map_lookup_entry(map, entry_start, pentry)) + panic("vm_map_clip_end: lost entry"); + } } } @@ -1593,11 +1816,11 @@ vm_map_submap( VM_MAP_RANGE_CHECK(map, start, end); if (vm_map_lookup_entry(map, start, &entry)) { - vm_map_clip_start(map, entry, start); + vm_map_clip_start(map, &entry, start); } else entry = entry->next; - vm_map_clip_end(map, entry, end); + vm_map_clip_end(map, &entry, end); if ((entry->start == start) && (entry->end == end) && ((entry->eflags & MAP_ENTRY_COW) == 0) && @@ -1732,7 +1955,10 @@ vm_map_protect(vm_map_t map, vm_offset_t start, vm_offset_t end, VM_MAP_RANGE_CHECK(map, start, end); if (vm_map_lookup_entry(map, start, &entry)) { - vm_map_clip_start(map, entry, start); + if (entry->eflags & MAP_ENTRY_IS_HOLDER) + entry = entry->next; + else + vm_map_clip_start(map, &entry, start); } else { entry = entry->next; } @@ -1746,7 +1972,8 @@ vm_map_protect(vm_map_t map, vm_offset_t start, vm_offset_t end, vm_map_unlock(map); return (KERN_INVALID_ARGUMENT); } - if ((new_prot & current->max_protection) != new_prot) { + if (!(current->eflags & MAP_ENTRY_IS_HOLDER) && + (new_prot & current->max_protection) != new_prot) { vm_map_unlock(map); return (KERN_PROTECTION_FAILURE); } @@ -1761,7 +1988,12 @@ vm_map_protect(vm_map_t map, vm_offset_t start, vm_offset_t end, while ((current != &map->header) && (current->start < end)) { vm_prot_t old_prot; - vm_map_clip_end(map, current, end); + if (current->eflags & MAP_ENTRY_IS_HOLDER) { + current = current->next; + continue; + } + + vm_map_clip_end(map, ¤t, end); old_prot = current->protection; if (set_max) @@ -1840,8 +2072,12 @@ vm_map_madvise( VM_MAP_RANGE_CHECK(map, start, end); if (vm_map_lookup_entry(map, start, &entry)) { - if (modify_map) - vm_map_clip_start(map, entry, start); + if (modify_map) { + if (entry->eflags & MAP_ENTRY_IS_HOLDER) + entry = entry->next; + else + vm_map_clip_start(map, &entry, start); + } } else { entry = entry->next; } @@ -1857,10 +2093,11 @@ vm_map_madvise( (current != &map->header) && (current->start < end); current = current->next ) { - if (current->eflags & MAP_ENTRY_IS_SUB_MAP) + if ((current->eflags & (MAP_ENTRY_IS_SUB_MAP | + MAP_ENTRY_IS_HOLDER))) continue; - vm_map_clip_end(map, current, end); + vm_map_clip_end(map, ¤t, end); switch (behav) { case MADV_NORMAL: @@ -1907,7 +2144,8 @@ vm_map_madvise( ) { vm_offset_t useStart; - if (current->eflags & MAP_ENTRY_IS_SUB_MAP) + if ((current->eflags & (MAP_ENTRY_IS_SUB_MAP | + MAP_ENTRY_IS_HOLDER))) continue; pindex = OFF_TO_IDX(current->offset); @@ -1969,15 +2207,18 @@ vm_map_inherit(vm_map_t map, vm_offset_t start, vm_offset_t end, } vm_map_lock(map); VM_MAP_RANGE_CHECK(map, start, end); - if (vm_map_lookup_entry(map, start, &temp_entry)) { + if (vm_map_lookup_entry(map, start, &temp_entry) && + (temp_entry->eflags & MAP_ENTRY_IS_HOLDER) == 0) { entry = temp_entry; - vm_map_clip_start(map, entry, start); + vm_map_clip_start(map, &entry, start); } else entry = temp_entry->next; while ((entry != &map->header) && (entry->start < end)) { - vm_map_clip_end(map, entry, end); - entry->inheritance = new_inheritance; - vm_map_simplify_entry(map, entry); + if (!(entry->eflags & MAP_ENTRY_IS_HOLDER)) { + vm_map_clip_end(map, &entry, end); + entry->inheritance = new_inheritance; + vm_map_simplify_entry(map, entry); + } entry = entry->next; } vm_map_unlock(map); @@ -2059,8 +2300,8 @@ vm_map_unwire(vm_map_t map, vm_offset_t start, vm_offset_t end, last_timestamp = map->timestamp; continue; } - vm_map_clip_start(map, entry, start); - vm_map_clip_end(map, entry, end); + vm_map_clip_start(map, &entry, start); + vm_map_clip_end(map, &entry, end); /* * Mark the entry in case the map lock is released. (See * above.) @@ -2100,6 +2341,10 @@ done: } entry = first_entry; while (entry != &map->header && entry->start < end) { + if ((entry->eflags & MAP_ENTRY_IS_HOLDER) != 0) { + entry = entry->next; + continue; + } if (rv == KERN_SUCCESS && (!user_unwire || (entry->eflags & MAP_ENTRY_USER_WIRED))) { if (user_unwire) @@ -2116,6 +2361,8 @@ done: } KASSERT(entry->eflags & MAP_ENTRY_IN_TRANSITION, ("vm_map_unwire: in-transition flag missing")); + if (entry->eflags & MAP_ENTRY_DEFER_WRITECNT) + vm_map_entry_inc_vn_wcnt(map, entry, NULL, TRUE); entry->eflags &= ~MAP_ENTRY_IN_TRANSITION; if (entry->eflags & MAP_ENTRY_NEEDS_WAKEUP) { entry->eflags &= ~MAP_ENTRY_NEEDS_WAKEUP; @@ -2205,8 +2452,8 @@ vm_map_wire(vm_map_t map, vm_offset_t start, vm_offset_t end, last_timestamp = map->timestamp; continue; } - vm_map_clip_start(map, entry, start); - vm_map_clip_end(map, entry, end); + vm_map_clip_start(map, &entry, start); + vm_map_clip_end(map, &entry, end); /* * Mark the entry in case the map lock is released. (See * above.) @@ -2305,6 +2552,10 @@ done: } entry = first_entry; while (entry != &map->header && entry->start < end) { + if ((entry->eflags & MAP_ENTRY_IS_HOLDER) != 0) { + entry = entry->next; + continue; + } if ((entry->eflags & MAP_ENTRY_WIRE_SKIPPED) != 0) goto next_entry_done; if (rv == KERN_SUCCESS) { @@ -2332,6 +2583,8 @@ done: next_entry_done: KASSERT(entry->eflags & MAP_ENTRY_IN_TRANSITION, ("vm_map_wire: in-transition flag missing")); + if (entry->eflags & MAP_ENTRY_DEFER_WRITECNT) + vm_map_entry_inc_vn_wcnt(map, entry, NULL, TRUE); entry->eflags &= ~(MAP_ENTRY_IN_TRANSITION|MAP_ENTRY_WIRE_SKIPPED); if (entry->eflags & MAP_ENTRY_NEEDS_WAKEUP) { entry->eflags &= ~MAP_ENTRY_NEEDS_WAKEUP; @@ -2506,21 +2759,30 @@ vm_map_entry_delete(vm_map_t map, vm_map_entry_t entry) * map. */ int -vm_map_delete(vm_map_t map, vm_offset_t start, vm_offset_t end) +vm_map_delete(vm_map_t map, vm_offset_t start, vm_offset_t end, + boolean_t fixed) { - vm_map_entry_t entry; - vm_map_entry_t first_entry; + vm_map_entry_t entry, first_entry, tmp_entry, holder_entry; + unsigned int last_timestamp; + vm_offset_t saved_start; VM_MAP_ASSERT_LOCKED(map); /* * Find the start of the region, and clip it */ +reclip_start: if (!vm_map_lookup_entry(map, start, &first_entry)) entry = first_entry->next; else { entry = first_entry; - vm_map_clip_start(map, entry, start); + if (entry->eflags & MAP_ENTRY_IS_HOLDER) { + entry->eflags |= MAP_ENTRY_NEEDS_WAKEUP; + (void) vm_map_unlock_and_wait(map, 0); + vm_map_lock(map); + goto reclip_start; + } + vm_map_clip_start(map, &entry, start); } /* @@ -2529,6 +2791,7 @@ vm_map_delete(vm_map_t map, vm_offset_t start, vm_offset_t end) while ((entry != &map->header) && (entry->start < end)) { vm_map_entry_t next; + saved_start = entry->start; /* * Wait for wiring or unwiring of an entry to complete. * Also wait for any system wirings to disappear on @@ -2536,16 +2799,54 @@ vm_map_delete(vm_map_t map, vm_offset_t start, vm_offset_t end) */ if ((entry->eflags & MAP_ENTRY_IN_TRANSITION) != 0 || (vm_map_pmap(map) != kernel_pmap && - vm_map_entry_system_wired_count(entry) != 0)) { - unsigned int last_timestamp; - vm_offset_t saved_start; - vm_map_entry_t tmp_entry; - - saved_start = entry->start; + vm_map_entry_system_wired_count(entry) != 0) || + entry->pin_count != 0) { entry->eflags |= MAP_ENTRY_NEEDS_WAKEUP; last_timestamp = map->timestamp; + + if (start < saved_start && fixed) { + /* + * Create the transient entry that + * holds already freed address space. + */ + holder_entry = vm_map_entry_create(map); + holder_entry->start = start; + holder_entry->end = saved_start; + holder_entry->object.vm_object = NULL; + holder_entry->offset = 0; + holder_entry->eflags = MAP_ENTRY_IN_TRANSITION | + MAP_ENTRY_IS_HOLDER; + holder_entry->protection = VM_PROT_NONE; + holder_entry->max_protection = VM_PROT_NONE; + holder_entry->inheritance = VM_INHERIT_NONE; + holder_entry->wired_count = 0; + holder_entry->pin_count = 0; + vm_map_entry_link(map, entry->prev, holder_entry); + } (void) vm_map_unlock_and_wait(map, 0); vm_map_lock(map); + + if (start < saved_start && fixed) { + + /* + * Holder entry may be clipped, but + * not removed. + */ + if (!vm_map_lookup_entry(map, start, &holder_entry)) + panic("vm_map_delete: lost holder"); + while (holder_entry->start < saved_start) { + tmp_entry = holder_entry->next; + KASSERT(holder_entry->eflags & MAP_ENTRY_IS_HOLDER, + ("vm_map_delete: not holder %p", holder_entry)); + if (holder_entry->eflags & MAP_ENTRY_NEEDS_WAKEUP) + vm_map_wakeup(map); + if (holder_entry->object.vm_object != NULL) + vm_object_deallocate(holder_entry->object.vm_object); + vm_map_entry_unlink(map, holder_entry); + vm_map_entry_dispose(map, holder_entry); + holder_entry = tmp_entry; + } + } if (last_timestamp + 1 != map->timestamp) { /* * Look again for the entry because the map was @@ -2558,13 +2859,13 @@ vm_map_delete(vm_map_t map, vm_offset_t start, vm_offset_t end) entry = tmp_entry->next; else { entry = tmp_entry; - vm_map_clip_start(map, entry, + vm_map_clip_start(map, &entry, saved_start); } } continue; } - vm_map_clip_end(map, entry, end); + vm_map_clip_end(map, &entry, end); next = entry->next; @@ -2584,10 +2885,21 @@ vm_map_delete(vm_map_t map, vm_offset_t start, vm_offset_t end) * page frames may be reallocated, and any modify bits * will be set in the wrong object!) */ + last_timestamp = map->timestamp; vm_map_entry_delete(map, entry); entry->next = map->deferred_freelist; map->deferred_freelist = entry; - entry = next; +#ifdef INVARIANTS + entry->eflags |= MAP_ENTRY_ON_FREELIST; +#endif + if (last_timestamp + 1 == map->timestamp) + entry = next; + else if (!vm_map_lookup_entry(map, saved_start, &tmp_entry)) + entry = tmp_entry->next; + else { + entry = tmp_entry; + vm_map_clip_start(map, &entry, saved_start); + } } return (KERN_SUCCESS); } @@ -2605,7 +2917,7 @@ vm_map_remove(vm_map_t map, vm_offset_t start, vm_offset_t end) vm_map_lock(map); VM_MAP_RANGE_CHECK(map, start, end); - result = vm_map_delete(map, start, end); + result = vm_map_delete(map, start, end, FALSE); vm_map_unlock(map); return (result); } @@ -2847,6 +3159,7 @@ vmspace_fork(struct vmspace *vm1) new_entry->eflags &= ~(MAP_ENTRY_USER_WIRED | MAP_ENTRY_IN_TRANSITION); new_entry->wired_count = 0; + new_entry->pin_count = 0; /* * Insert the entry into the new map -- we know we're @@ -2874,6 +3187,7 @@ vmspace_fork(struct vmspace *vm1) new_entry->eflags &= ~(MAP_ENTRY_USER_WIRED | MAP_ENTRY_IN_TRANSITION); new_entry->wired_count = 0; + new_entry->pin_count = 0; new_entry->object.vm_object = NULL; vm_map_entry_link(new_map, new_map->header.prev, new_entry); @@ -2884,11 +3198,22 @@ vmspace_fork(struct vmspace *vm1) } old_entry = old_entry->next; } + unlock_and_return: vm_map_unlock(old_map); - if (vm2 != NULL) + if (vm2 != NULL) { + for (new_entry = new_map->header.next; + new_entry != &new_map->header; new_entry = new_entry->next) { + if ((new_entry->eflags & MAP_ENTRY_DEFER_WRITECNT) != 0) { + new_entry->eflags &= ~MAP_ENTRY_DEFER_WRITECNT; + new_entry->eflags |= MAP_ENTRY_VN_WRITECNT; + } + if ((new_entry->eflags & MAP_ENTRY_VN_WRITECNT) != 0) + vm_map_entry_inc_vn_wcnt(new_map, new_entry, + NULL, FALSE); + } vm_map_unlock(new_map); - + } return (vm2); } @@ -2973,8 +3298,13 @@ vm_map_stack(vm_map_t map, vm_offset_t addrbos, vm_size_t max_ssize, /* Now set the avail_ssize amount. */ if (rv == KERN_SUCCESS) { - if (prev_entry != &map->header) - vm_map_clip_end(map, prev_entry, bot); + if (prev_entry != &map->header) { + if (prev_entry->eflags & MAP_ENTRY_IS_HOLDER) { + vm_map_unlock(map); + return (KERN_NO_SPACE); + } + vm_map_clip_end(map, &prev_entry, bot); + } new_entry = prev_entry->next; if (new_entry->end != top || new_entry->start != bot) panic("Bad entry start/end for new stack entry"); @@ -3144,8 +3474,16 @@ Retry: /* Adjust the available stack space by the amount we grew. */ if (rv == KERN_SUCCESS) { - if (prev_entry != &map->header) - vm_map_clip_end(map, prev_entry, addr); + if (prev_entry != &map->header) { + if ((prev_entry->eflags & MAP_ENTRY_IS_HOLDER) && + (addr < prev_entry->end)) { + vm_map_delete(map, addr, + stack_entry->start, FALSE); + vm_map_unlock(map); + return (KERN_NO_SPACE); + } + vm_map_clip_end(map, &prev_entry, addr); + } new_entry = prev_entry->next; KASSERT(new_entry == stack_entry->prev, ("foo")); KASSERT(new_entry->end == stack_entry->start, ("foo")); @@ -3179,6 +3517,13 @@ Retry: stack_entry->offset, (vm_size_t)(stack_entry->end - stack_entry->start), (vm_size_t)grow_amount)) { + if (next_entry != &map->header && + (next_entry->eflags & MAP_ENTRY_IS_HOLDER) && + (addr > next_entry->start)) { + vm_map_unlock(map); + return (KERN_NO_SPACE); + } + map->size += (addr - stack_entry->end); /* Update the current entry. */ stack_entry->end = addr; @@ -3187,7 +3532,7 @@ Retry: rv = KERN_SUCCESS; if (next_entry != &map->header) - vm_map_clip_start(map, next_entry, addr); + vm_map_clip_start(map, &next_entry, addr); } else rv = KERN_FAILURE; } @@ -3527,6 +3872,167 @@ vm_map_lookup_done(vm_map_t map, vm_map_entry_t entry) vm_map_unlock_read(map); } +static boolean_t +vm_map_unpin_entries(vm_map_t map, struct uio *uiop, int pinned_entries) +{ + vm_offset_t start; + struct iovec *iov; + vm_map_entry_t entry; + int i, acc, wire; + boolean_t need_wakeup; + + iov = uiop->uio_iov; + need_wakeup = FALSE; + + for (i = 0, acc = 0; acc < pinned_entries; iov++, i++) { + KASSERT(i < uiop->uio_iovcnt, ("wireio: iovcnt overflow %d %d %d", + i, uiop->uio_iovcnt, pinned_entries)); + wire = round_page(iov->iov_len); + if (acc + wire > pinned_entries) + wire = pinned_entries - acc; + start = trunc_page((vm_offset_t)iov->iov_base); + for (;;) { + if (!vm_map_lookup_entry(map, start, &entry)) { +#ifdef INVARIANTS + panic("vm_unwireuio: hole"); +#endif + } + KASSERT(entry->pin_count > 0, ("pin_count %p", entry)); + if (--entry->pin_count == 0 && + (entry->eflags & MAP_ENTRY_NEEDS_WAKEUP)) { + entry->eflags &= ~MAP_ENTRY_NEEDS_WAKEUP; + need_wakeup = TRUE; + } + if (entry->end >= start + wire) { + acc += wire; + break; + } else { + acc += entry->end - start; + wire -= entry->end - start; + start = entry->end; + } + } + } + return (need_wakeup); +} + +/* + * vm_wireuio + * + * Given userspace struct uio, we set up vm state such that after the + * successfull return there will be no page faults during uiomove with + * this uio until vm_unwireuio is called. At most wire_bytes bytes of + * the user address space are held. + * + * Function performs this by first pinning all map entries that will + * be referenced. This guarantees that our ranges of user address + * space cannot be remmapped during the operation. Then, all accessed + * pages are faulted in and held. + */ +int +vm_wireuio(struct uio *uiop, struct vm_page *m_hold[], int wire_bytes, + int *wired_pages) +{ + vm_map_t map; + vm_offset_t start, start1; + struct iovec *iov; + vm_map_entry_t entry; + struct vm_page **m_hold1; + int i, acc, wire, wire_pages, pinned_entries, rv, prot; + int error; + boolean_t need_wakeup; + + KASSERT(round_page(wire_bytes) == wire_bytes, + ("wireuio: wire_bytes is not page-size aligned")); + KASSERT(uiop->uio_segflg == UIO_USERSPACE, + ("wireuio: !UIO_USERSPACE")); + + error = 0; + prot = uiop->uio_rw == UIO_READ ? VM_PROT_WRITE : VM_PROT_READ; + m_hold1 = m_hold; + pinned_entries = 0; + *wired_pages = 0; + map = &uiop->uio_td->td_proc->p_vmspace->vm_map; + iov = uiop->uio_iov; + + /* + * Do the pass over iov. + */ + for (i = 0, acc = 0; acc < wire_bytes; iov++, i++) { + wire = round_page(iov->iov_len); + if (acc + wire > wire_bytes) + wire = wire_bytes - acc; + acc += wire; + wire_pages = btoc(wire); + start1 = start = trunc_page((vm_offset_t)iov->iov_base); + if (start < vm_map_min(map) || start + wire > vm_map_max(map) || + start > start + wire) { + error = EINVAL; + goto fault; + } + vm_map_lock(map); + + /* + * Pin each entry referenced by addresses in iov. + */ + for (;;) { + if (!vm_map_lookup_entry(map, start1, &entry) || + (entry->eflags & MAP_ENTRY_IS_HOLDER)) + goto fault_map_locked; + entry->pin_count++; + if (entry->end >= start1 + wire) { + pinned_entries += wire; + break; + } else { + pinned_entries += entry->end - start1; + wire -= entry->end - start1; + start1 = entry->end; + } + } + vm_map_unlock(map); + + /* + * If entries are successfully pinned, the + * corresponding pages are faulted in and held. + */ + rv = vm_fault_hold_user_pages(map, start, m_hold1, wire_pages, + prot); + if (rv != KERN_SUCCESS) { + error = EFAULT; + goto fault; + } + *wired_pages += wire_pages; + m_hold1 += wire_pages; + } + return (0); + fault: + vm_map_lock(map); + fault_map_locked: + need_wakeup = vm_map_unpin_entries(map, uiop, pinned_entries); + vm_map_unlock(map); + vm_fault_unhold_pages(m_hold, *wired_pages); + if (need_wakeup) + vm_map_wakeup(map); + return (error); +} + +void +vm_unwireuio(struct uio *uiop, struct vm_page *m_hold[], int wired_pages) +{ + vm_map_t map; + boolean_t need_wakeup; + + map = &uiop->uio_td->td_proc->p_vmspace->vm_map; + + vm_fault_unhold_pages(m_hold, wired_pages); + + vm_map_lock(map); + need_wakeup = vm_map_unpin_entries(map, uiop, ctob(wired_pages)); + vm_map_unlock(map); + if (need_wakeup) + vm_map_wakeup(map); +} + #include "opt_ddb.h" #ifdef DDB #include diff --git a/sys/vm/vm_map.h b/sys/vm/vm_map.h index 70c3a0b..9310718 100644 --- a/sys/vm/vm_map.h +++ b/sys/vm/vm_map.h @@ -114,6 +114,7 @@ struct vm_map_entry { vm_inherit_t inheritance; /* inheritance */ int wired_count; /* can be paged if = 0 */ vm_pindex_t lastr; /* last read */ + unsigned pin_count; /* non-exclusive pin count */ }; #define MAP_ENTRY_NOSYNC 0x0001 @@ -133,11 +134,22 @@ struct vm_map_entry { #define MAP_ENTRY_IN_TRANSITION 0x0100 /* entry being changed */ #define MAP_ENTRY_NEEDS_WAKEUP 0x0200 /* waiters in transition */ #define MAP_ENTRY_NOCOREDUMP 0x0400 /* don't include in a core */ +#define MAP_ENTRY_IS_HOLDER 0x0800 /* holds space for vm_map_fixed */ #define MAP_ENTRY_GROWS_DOWN 0x1000 /* Top-down stacks */ #define MAP_ENTRY_GROWS_UP 0x2000 /* Bottom-up stacks */ -#define MAP_ENTRY_WIRE_SKIPPED 0x4000 +#define MAP_ENTRY_VN_WRITECNT 0x4000 /* writeable mapping for a vnode */ +#define MAP_ENTRY_DEFER_WRITECNT 0x8000 /* increment writecount when + dropping the transitioning state */ +#ifdef INVARIANTS +#define MAP_ENTRY_ON_FREELIST 0x10000 +#define MAP_ENTRY_LINKED 0x20000 +#define MAP_ENTRY_UNLINKED 0x40000 +#endif + +#define MAP_ENTRY_WIRE_SKIPPED 0x80000 + #ifdef _KERNEL static __inline u_char @@ -265,7 +277,8 @@ vmspace_pmap(struct vmspace *vmspace) */ void _vm_map_lock(vm_map_t map, const char *file, int line); -void _vm_map_unlock(vm_map_t map, const char *file, int line); +void _vm_map_unlock(vm_map_t map, boolean_t process_freelist, const char *file, + int line); void _vm_map_lock_read(vm_map_t map, const char *file, int line); void _vm_map_unlock_read(vm_map_t map, const char *file, int line); int _vm_map_trylock(vm_map_t map, const char *file, int line); @@ -277,7 +290,7 @@ int vm_map_unlock_and_wait(vm_map_t map, int timo); void vm_map_wakeup(vm_map_t map); #define vm_map_lock(map) _vm_map_lock(map, LOCK_FILE, LOCK_LINE) -#define vm_map_unlock(map) _vm_map_unlock(map, LOCK_FILE, LOCK_LINE) +#define vm_map_unlock(map) _vm_map_unlock(map, TRUE, LOCK_FILE, LOCK_LINE) #define vm_map_lock_read(map) _vm_map_lock_read(map, LOCK_FILE, LOCK_LINE) #define vm_map_unlock_read(map) _vm_map_unlock_read(map, LOCK_FILE, LOCK_LINE) #define vm_map_trylock(map) _vm_map_trylock(map, LOCK_FILE, LOCK_LINE) @@ -339,7 +352,7 @@ long vmspace_wired_count(struct vmspace *vmspace); #ifdef _KERNEL boolean_t vm_map_check_protection (vm_map_t, vm_offset_t, vm_offset_t, vm_prot_t); vm_map_t vm_map_create(pmap_t, vm_offset_t, vm_offset_t); -int vm_map_delete(vm_map_t, vm_offset_t, vm_offset_t); +int vm_map_delete(vm_map_t, vm_offset_t, vm_offset_t, boolean_t); int vm_map_find(vm_map_t, vm_object_t, vm_ooffset_t, vm_offset_t *, vm_size_t, int, vm_prot_t, vm_prot_t, int); int vm_map_fixed(vm_map_t, vm_object_t, vm_ooffset_t, vm_offset_t, vm_size_t, @@ -362,7 +375,7 @@ void vm_map_startup (void); int vm_map_submap (vm_map_t, vm_offset_t, vm_offset_t, vm_map_t); int vm_map_sync(vm_map_t, vm_offset_t, vm_offset_t, boolean_t, boolean_t); int vm_map_madvise (vm_map_t, vm_offset_t, vm_offset_t, int); -void vm_map_simplify_entry (vm_map_t, vm_map_entry_t); +void vm_map_simplify_entry(vm_map_t, vm_map_entry_t); void vm_init2 (void); int vm_map_stack (vm_map_t, vm_offset_t, vm_size_t, vm_prot_t, vm_prot_t, int); int vm_map_growstack (struct proc *p, vm_offset_t addr); @@ -371,5 +384,6 @@ int vm_map_unwire(vm_map_t map, vm_offset_t start, vm_offset_t end, int vm_map_wire(vm_map_t map, vm_offset_t start, vm_offset_t end, int flags); int vmspace_swap_count (struct vmspace *vmspace); + #endif /* _KERNEL */ #endif /* _VM_MAP_ */ diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c index 6cc0acc..e5ab46e 100644 --- a/sys/vm/vm_mmap.c +++ b/sys/vm/vm_mmap.c @@ -117,7 +117,7 @@ vmmapentry_rsrc_init(dummy) } static int vm_mmap_vnode(struct thread *, vm_size_t, vm_prot_t, vm_prot_t *, - int *, struct vnode *, vm_ooffset_t, vm_object_t *); + int *, struct vnode *, vm_ooffset_t, vm_object_t *, struct vnode **, int *); static int vm_mmap_cdev(struct thread *, vm_size_t, vm_prot_t, vm_prot_t *, int *, struct cdev *, vm_ooffset_t, vm_object_t *); static int vm_mmap_shm(struct thread *, vm_size_t, vm_prot_t, vm_prot_t *, @@ -593,7 +593,7 @@ munmap(td, uap) } #endif /* returns nothing but KERN_SUCCESS anyway */ - vm_map_delete(map, addr, addr + size); + vm_map_delete(map, addr, addr + size, FALSE); vm_map_unlock(map); return (0); } @@ -1142,7 +1142,8 @@ munlock(td, uap) int vm_mmap_vnode(struct thread *td, vm_size_t objsize, vm_prot_t prot, vm_prot_t *maxprotp, int *flagsp, - struct vnode *vp, vm_ooffset_t foff, vm_object_t *objp) + struct vnode *vp, vm_ooffset_t foff, vm_object_t *objp, + struct vnode **rvp, int *vfslocked) { struct vattr va; void *handle; @@ -1150,14 +1151,22 @@ vm_mmap_vnode(struct thread *td, vm_size_t objsize, struct mount *mp; struct cdevsw *dsw; struct ucred *cred; - int error, flags, type; - int vfslocked; + int error, flags, type, locktype; mp = vp->v_mount; cred = td->td_ucred; - vfslocked = VFS_LOCK_GIANT(mp); - if ((error = vget(vp, LK_SHARED, td)) != 0) { - VFS_UNLOCK_GIANT(vfslocked); + + /* + * Need to bump v_writecount for shared writable mapping in + * vm_map_insert. + */ + if ((*maxprotp & VM_PROT_WRITE) && (*flagsp & MAP_SHARED)) + locktype = LK_EXCLUSIVE; + else + locktype = LK_SHARED; + *vfslocked = VFS_LOCK_GIANT(mp); + if ((error = vget(vp, locktype, td)) != 0) { + VFS_UNLOCK_GIANT(*vfslocked); return (error); } flags = *flagsp; @@ -1173,13 +1182,15 @@ vm_mmap_vnode(struct thread *td, vm_size_t objsize, if (obj->handle != vp) { vput(vp); vp = (struct vnode*)obj->handle; - vget(vp, LK_SHARED, td); + vget(vp, locktype, td); } type = OBJT_VNODE; handle = vp; + *rvp = vp; } else if (vp->v_type == VCHR) { type = OBJT_DEVICE; handle = vp->v_rdev; + *rvp = vp; dsw = dev_refthread(handle); if (dsw == NULL) { @@ -1250,8 +1261,10 @@ vm_mmap_vnode(struct thread *td, vm_size_t objsize, vfs_mark_atime(vp, cred); done: - vput(vp); - VFS_UNLOCK_GIANT(vfslocked); + if (error != 0) { + vput(vp); + VFS_UNLOCK_GIANT(*vfslocked); + } return (error); } @@ -1355,8 +1368,9 @@ vm_mmap(vm_map_t map, vm_offset_t *addr, vm_size_t size, vm_prot_t prot, boolean_t fitit; vm_object_t object = NULL; int rv = KERN_SUCCESS; - int docow, error; + int docow, error, vfslocked; struct thread *td = curthread; + struct vnode *vp; if (size == 0) return (0); @@ -1390,6 +1404,9 @@ vm_mmap(vm_map_t map, vm_offset_t *addr, vm_size_t size, vm_prot_t prot, return (EINVAL); fitit = FALSE; } + vfslocked = 0; + vp = NULL; + /* * Lookup/allocate object. */ @@ -1400,7 +1417,7 @@ vm_mmap(vm_map_t map, vm_offset_t *addr, vm_size_t size, vm_prot_t prot, break; case OBJT_VNODE: error = vm_mmap_vnode(td, size, prot, &maxprot, &flags, - handle, foff, &object); + handle, foff, &object, &vp, &vfslocked); break; case OBJT_SWAP: error = vm_mmap_shm(td, size, prot, &maxprot, &flags, @@ -1448,6 +1465,10 @@ vm_mmap(vm_map_t map, vm_offset_t *addr, vm_size_t size, vm_prot_t prot, rv = vm_map_fixed(map, object, foff, *addr, size, prot, maxprot, docow); + if (vp != NULL) { + vput(vp); + VFS_UNLOCK_GIANT(vfslocked); + } if (rv != KERN_SUCCESS) { /* * Lose the object reference. Will destroy the diff --git a/sys/vm/vm_param.h b/sys/vm/vm_param.h index 2ff2603..d866925 100644 --- a/sys/vm/vm_param.h +++ b/sys/vm/vm_param.h @@ -125,6 +125,7 @@ struct xswdev { #define KERN_RESOURCE_SHORTAGE 6 #define KERN_NOT_RECEIVER 7 #define KERN_NO_ACCESS 8 +#define KERN_VMUIODEADLOCK 9 #ifndef ASSEMBLER #ifdef _KERNEL diff --git a/sys/vm/vm_unix.c b/sys/vm/vm_unix.c index 6bb9917..3bd2ddd 100644 --- a/sys/vm/vm_unix.c +++ b/sys/vm/vm_unix.c @@ -138,7 +138,7 @@ obreak(td, uap) do_map_wirefuture = TRUE; } } else if (new < old) { - rv = vm_map_delete(&vm->vm_map, new, old); + rv = vm_map_delete(&vm->vm_map, new, old, FALSE); if (rv != KERN_SUCCESS) { error = ENOMEM; goto done; diff --git a/tools/regression/file/uio/uio.c b/tools/regression/file/uio/uio.c new file mode 100644 index 0000000..d857605 --- /dev/null +++ b/tools/regression/file/uio/uio.c @@ -0,0 +1,116 @@ +/*- + * Copyright (c) 2009 Konstantin Belousov + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +int chunk_cnt = 1024; +int chunk_size = 1024; + +int +main(int argc, char *argv[]) +{ + struct iovec *wiov, *riov; + char **wdata, **rdata; + int fd, i; + ssize_t io_error; + + if (argc < 2) { + fprintf(stderr, "Usage: uio file [chunk count [chunk size]]\n"); + return (2); + } + fd = open(argv[1], O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + if (fd == -1) { + fprintf(stderr, "Failed to create %s: %s\n", + argv[1], strerror(errno)); + return (1); + } + + if (argc > 2) + chunk_cnt = atoi(argv[2]); + if (argc > 3) + chunk_size = atoi(argv[3]); + + wiov = calloc(chunk_cnt, sizeof(*wiov)); + wdata = calloc(chunk_cnt, sizeof(*wdata)); + + riov = calloc(chunk_cnt, sizeof(*riov)); + rdata = calloc(chunk_cnt, sizeof(*rdata)); + + for (i = 0; i < chunk_cnt; i++) { + rdata[i] = malloc(chunk_size); + riov[i].iov_base = rdata[i]; + riov[i].iov_len = chunk_size; + + wdata[i] = malloc(chunk_size); + memset(wdata[i], i, chunk_size); + wiov[i].iov_base = wdata[i]; + wiov[i].iov_len = chunk_size; + } + + io_error = writev(fd, wiov, chunk_cnt); + if (io_error == -1) { + fprintf(stderr, "write failed: %s\n", strerror(errno)); + return (1); + } else if (io_error != chunk_cnt * chunk_size) { + fprintf(stderr, "truncated write: %d %d\n", + io_error, chunk_cnt * chunk_size); + return (1); + } + + if (lseek(fd, 0, SEEK_SET) == -1) { + fprintf(stderr, "lseek failed: %s\n", strerror(errno)); + return (1); + } + + io_error = readv(fd, riov, chunk_cnt); + if (io_error == -1) { + fprintf(stderr, "read failed: %s\n", strerror(errno)); + return (1); + } else if (io_error != chunk_cnt * chunk_size) { + fprintf(stderr, "truncated read: %d %d\n", + io_error, chunk_cnt * chunk_size); + return (1); + } + + for (i = 0; i < chunk_cnt; i++) { + if (memcmp(rdata[i], wdata[i], chunk_size) != 0) { + fprintf(stderr, "chunk %d differs\n", i); + return (1); + } + } + + return (0); +} diff --git a/tools/regression/ufs/ba_clrbuf/ba_clrbuf.c b/tools/regression/ufs/ba_clrbuf/ba_clrbuf.c new file mode 100644 index 0000000..9376648 --- /dev/null +++ b/tools/regression/ufs/ba_clrbuf/ba_clrbuf.c @@ -0,0 +1,129 @@ +/*- + * Copyright (c) 2009 Konstantin Belousov + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +static const int blks = 2; + +static void +flush_buffers(int fd) +{ + struct stat st; + char *addr; + int error; + + printf("Flushing buffers\n"); + error = fstat(fd, &st); + if (error == -1) + err(2, "stat"); + fsync(fd); + addr = mmap(NULL, st.st_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + if (addr == (char *)-1) + err(2, "mmap"); + error = msync(addr, st.st_size, MS_SYNC | MS_INVALIDATE); + if (error == -1) + err(2, "msync"); + munmap(addr, st.st_size); +} + +int +main(int argc, char *argv[]) +{ + struct statfs fst; + char *data, *vrfy; + size_t sz; + int fd, i, error, ret; + + if (argc < 2) + errx(2, "Usage: ba_clrbuf file"); + + fd = open(argv[1], O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + if (fd == -1) + err(2, "Failed to create %s", argv[1]); + + if (fstatfs(fd, &fst) == -1) + err(2, "stat"); + + sz = fst.f_iosize * blks; + data = malloc(sz); + if (data == NULL) + err(2, "malloc"); + vrfy = malloc(sz); + if (vrfy == NULL) + err(2, "malloc"); + for (i = 0; i < (int)sz; i++) + data[i] = i; + error = write(fd, data, sz); + if (error == -1) + err(2, "write"); + else if (error != (int)sz) + errx(2, "Short write %d %d", error, sz); + + flush_buffers(fd); + + error = lseek(fd, 0, SEEK_SET); + if (error == -1) + err(2, "lseek 0"); + else if (error != 0) + errx(2, "lseek 0 returned %d", error); + error = write(fd, NULL, fst.f_iosize); + printf("faulty write, error %s\n", strerror(errno)); + + error = lseek(fd, 0, SEEK_SET); + if (error == -1) + err(2, "lseek 0/2"); + else if (error != 0) + errx(2, "lseek 0/2 returned %d", error); + error = read(fd, vrfy, sz); + if (error == -1) + err(2, "read"); + else if (error != (int)sz) + errx(2, "short read %d %d", error, sz); + + if (memcmp(data, vrfy, fst.f_iosize) != 0) { + printf("Zero block corrupted, byte at 0 is %x\n", + (unsigned char)vrfy[0]); + ret = 1; + } else { + printf("No corruption\n"); + ret = 0; + } + + return (ret); +}