Date: Mon, 12 Sep 2005 17:59:48 +0200 From: Rene Ladan <r.c.ladan@student.tue.nl> To: stable@freebsd.org Subject: Re: 6.0BETA4: panic: unrhdr has 9 allocations Message-ID: <20050912155948.GA1848@82-168-75-155-bbxl.xdsl.tiscali.nl> In-Reply-To: <20050912124039.GA723@82-168-75-155-bbxl.xdsl.tiscali.nl> References: <20050912124039.GA723@82-168-75-155-bbxl.xdsl.tiscali.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
--uAKRQypu60I7Lcqm
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Some kgdb'ing :
On Mon, Sep 12, 2005 at 02:40:40PM +0200, Rene Ladan wrote:
>=20
> FreeBSD 6.0-BETA4 #10: Sun Sep 4 22:19:26 CEST 2005 /usr/obj/usr/src/sys=
/RENE=20
>=20
[snip instructions]
[snip trap stuff/missing symbols]
> #22 0xc053dab5 in panic (fmt=3D0xc070380c "unrhdr has %u allocations")
> at /usr/src/sys/kern/kern_shutdown.c:537
> td =3D (struct thread *) 0xc1de5180
> bootopt =3D 256
> newpanic =3D 1
> ap =3D 0xcf174c14 "\t"
> buf =3D "unrhdr has 9 allocations", '\0' <repeats 231 times>
> #23 0xc0565e62 in delete_unrhdr (uh=3D0x0) at /usr/src/sys/kern/subr_unit=
.c:321
(kgdb) frame 23
#23 0xc0565e62 in delete_unrhdr (uh=3D0x0) at /usr/src/sys/kern/subr_unit.c=
:321
321 KASSERT(uh->busy =3D=3D 0, ("unrhdr has %u allocations", uh->busy));
(kgdb) l *0xc0565e62
0xc0565e62 is in delete_unrhdr (/usr/src/sys/kern/subr_unit.c:322).
317 delete_unrhdr(struct unrhdr *uh)
318 {
319=09
320 check_unrhdr(uh, __LINE__);
321 KASSERT(uh->busy =3D=3D 0, ("unrhdr has %u allocations", uh->busy));
322 KASSERT(uh->alloc =3D=3D 0, ("UNR memory leak in delete_unrhdr"));
323 Free(uh);
324 }
325=09
326 static __inline int
(kgdb) print uh
$1 =3D (struct unrhdr *) 0x0
NULL pointer derefence ! Which means that the value '9' in the panic
messge has no meaning.
[snip missing symbols]
> #34 0xc059dbab in vfs_unregister (vfc=3D0xc26457a0)
> at /usr/src/sys/kern/vfs_init.c:265
> vfsp =3D (struct vfsconf *) 0xc2645840
> error =3D 0
> maxtypenum =3D 0
(kgdb) frame 34
#34 0xc059dbab in vfs_unregister (vfc=3D0xc26457a0)
at /usr/src/sys/kern/vfs_init.c:265
265 error =3D (*vfc->vfc_vfsops->vfs_uninit)(vfsp);
(kgdb) l *0xc059dbab
0xc059dbab is in vfs_unregister (/usr/src/sys/kern/vfs_init.c:267).
262 if (vfsp->vfc_refcount)
263 return EBUSY;
264 if (vfc->vfc_vfsops->vfs_uninit !=3D NULL) {
265 error =3D (*vfc->vfc_vfsops->vfs_uninit)(vfsp);
266 if (error)
267 return (error);
268 }
269 TAILQ_REMOVE(&vfsconf, vfsp, vfc_list);
270 maxtypenum =3D VFS_GENERIC;
271 TAILQ_FOREACH(vfsp, &vfsconf, vfc_list)
(kgdb) print vfc
$2 =3D (struct vfsconf *) 0xc26457a0
(kgdb) print *vfc
$3 =3D {vfc_version =3D 426115360,=20
vfc_name =3D "procfs\000\000\000\000\000\000\000\000\000",=20
vfc_vfsops =3D 0xc26457e0, vfc_typenum =3D 5, vfc_refcount =3D 0,=20
vfc_flags =3D 524288, vfc_opts =3D 0x0, vfc_list =3D {tqe_next =3D 0x0,=
=20
tqe_prev =3D 0xc07373c8}}
(kgdb) print vfc->vfc_vfsops
$4 =3D (struct vfsops *) 0xc26457e0
(kgdb) print *vfc->vfc_vfsops
$5 =3D {vfs_mount =3D 0xc2644020, vfs_cmount =3D 0, vfs_unmount =3D 0xc271f=
3b0,=20
vfs_root =3D 0xc271f3f0, vfs_quotactl =3D 0xc059c7f0 <vfs_stdquotactl>,=
=20
vfs_statfs =3D 0xc271f420, vfs_sync =3D 0xc059ca00 <vfs_stdnosync>,=20
vfs_vget =3D 0xc059ca10 <vfs_stdvget>,=20
vfs_fhtovp =3D 0xc059ca20 <vfs_stdfhtovp>,=20
vfs_checkexp =3D 0xc059d270 <vfs_stdcheckexp>,=20
vfs_vptofh =3D 0xc059c7e0 <vfs_stdvptofh>, vfs_init =3D 0xc2644050,=20
vfs_uninit =3D 0xc2644070, vfs_extattrctl =3D 0xc059ca50 <vfs_stdextattrc=
tl>,=20
vfs_sysctl =3D 0xc059ca90 <vfs_stdsysctl>}
(kgdb) print *vfc->vfc_vfsops->vfs_uninit
$6 =3D {int (struct vfsconf *)} 0xc2644070
(kgdb) print *vfsp->vfc_vfsops->vfs_uninit
$10 =3D {vfc_version =3D 1668248176,=20
vfc_name =3D "fs", '\0' <repeats 11 times>, "=3Dd=C2", vfc_vfsops =3D 0xc=
2644010,=20
vfc_typenum =3D -1038294528, vfc_refcount =3D -1066149436,=20
vfc_flags =3D -1032710148, vfc_opts =3D 0xc27217fc, vfc_list =3D {
tqe_next =3D 0x30000, tqe_prev =3D 0xc19f16dc}}
(kgdb) print *vfsp->vfc_vfsops
$11 =3D {vfs_mount =3D 0x89c03155, vfs_cmount =3D 0x89c35de5,=20
vfs_unmount =3D 0x27bc8df6, vfs_root =3D 0, vfs_quotactl =3D 0x83e58955,=
=20
vfs_statfs =3D 0x4c70cec, vfs_sync =3D 0x64584024, vfs_vget =3D 0xc458bc2=
,=20
vfs_fhtovp =3D 0x8244489, vfs_checkexp =3D 0x8908458b, vfs_vptofh =3D 0xe=
8042444,=20
vfs_init =3D 0xdb2a0, vfs_uninit =3D 0xb48dc3c9, vfs_extattrctl =3D 0x26,=
=20
vfs_sysctl =3D 0x27bc8d00}
(kgdb) print *vfsp->vfc_vfsops->vfs_uninit
Cannot access memory at address 0xb48dc3c9
Huh? Something has gone out of kernel memory?
Regards,
Rene
--=20
GPG fingerprint =3D 5FFA 3959 3377 C697 8428 24D0 BF3E F4A9 AE33 5DCC
"It won't fit on the line."
-- me, 2001
--uAKRQypu60I7Lcqm
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFDJaX0vz70qa4zXcwRApopAKCSuz4nMXMpQrOxuQRPMQD9bCAs0wCgoJ0b
pzhqM/KDaBEdzP5P8pgYQXI=
=NpaK
-----END PGP SIGNATURE-----
--uAKRQypu60I7Lcqm--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050912155948.GA1848>