From owner-freebsd-bugs@FreeBSD.ORG Sat Sep 28 12:00:02 2013 Return-Path: Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D2D16D3B for ; Sat, 28 Sep 2013 12:00:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C07AB27EE for ; Sat, 28 Sep 2013 12:00:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r8SC019K097866 for ; Sat, 28 Sep 2013 12:00:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r8SC01KK097864; Sat, 28 Sep 2013 12:00:01 GMT (envelope-from gnats) Date: Sat, 28 Sep 2013 12:00:01 GMT Message-Id: <201309281200.r8SC01KK097864@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Zverev Andrey Subject: Re: kern/180098: [rm_rlock][mac_portacl][panic] recursed on non-recursive rmlock mac_policy_rm X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Zverev Andrey List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Sep 2013 12:00:02 -0000 The following reply was made to PR kern/180098; it has been noted by GNATS. From: Zverev Andrey To: , Cc: Subject: Re: kern/180098: [rm_rlock][mac_portacl][panic] recursed on non-recursive rmlock mac_policy_rm Date: Sat, 28 Sep 2013 15:55:46 +0400 I can repeat it on fresh -head (FreeBSD 10.0-ALPHA3 #12 r255906) panic: rm_rlock: recursed on non-recursive rmlock mac_policy_rm @ /usr/src/sys/security/mac/mac_framework.c:198 cpuid =3D 1 KDB: stack backtrace: db_trace_self_wrapper(c1116010,732f7273,732f6372,732f7379,72756365,...) at db_trace_self_wrapper+0x2d/frame 0xeb36b9c0 kdb_backtrace(c12d2fc3,1,c1110d09,eb36ba94,c1110d09,...) at kdb_backtrace+0x30/frame 0xeb36ba28 vpanic(c13f0778,100,c1110d09,eb36ba94,eb36ba94,...) at vpanic+0x11f/frame 0xeb36ba64 kassert_panic(c1110d09,c1144ba7,c1144b2d,c6,c111a3a8,...) at kassert_panic+0xea/frame 0xeb36ba88 _rm_rlock_debug(c156e764,eb36baf0,0,c1144b2d,c6) at _rm_rlock_debug+0x187/frame 0xeb36bab4 mac_policy_slock_nosleep(eb36baf0,c114d9a2,246,c72cfd00,eb36bb18,...) at mac_policy_slock_nosleep+0x3a/frame 0xeb36bad0 mac_priv_check(c6ece600,1ea,1a9,c0abaff4,c778c930,...) at mac_priv_check+0x68/frame 0xeb36bb20 priv_check_cred(c6ece600,1ea,0,1a9,2,...) at priv_check_cred+0x25/frame 0xeb36bb4c socket_check_bind(c6ece600,cf528d40,0,ce7246a0,2000000,...) at socket_check_bind+0x1d0/frame 0xeb36bb78 mac_socket_check_bind(c6ece600,cf528d40,ce7246a0,0,eb36bc08,...) at mac_socket_check_bind+0xb1/frame 0xeb36bbc8 kern_bindat(6,ce7246a0,1c,0,c778c930,...) at kern_bindat+0x121/frame 0xeb36bc20 sys_bind(c778c930,eb36bcc8,eb36bc5c,46,c1a25f60,...) at sys_bind+0x74/frame 0xeb36bc40 syscall(eb36bd08) at syscall+0x2de/frame 0xeb36bcfc Xint0x80_syscall() at Xint0x80_syscall+0x21/frame 0xeb36bcfc --- syscall (104, FreeBSD ELF32, sys_bind), eip =3D 0x2813d403, esp =3D 0xbfbfccfc, ebp =3D 0xbfbfdc84 --- KDB: enter: panic Reading symbols from /boot/kernel/snd_uaudio.ko.symbols...done. Loaded symbols for /boot/kernel/snd_uaudio.ko.symbols Reading symbols from /boot/kernel/ums.ko.symbols...done. Loaded symbols for /boot/kernel/ums.ko.symbols Reading symbols from /boot/kernel/ng_ubt.ko.symbols...done. Loaded symbols for /boot/kernel/ng_ubt.ko.symbols Reading symbols from /boot/kernel/netgraph.ko.symbols...done. Loaded symbols for /boot/kernel/netgraph.ko.symbols Reading symbols from /boot/kernel/ng_hci.ko.symbols...done. Loaded symbols for /boot/kernel/ng_hci.ko.symbols Reading symbols from /boot/kernel/ng_bluetooth.ko.symbols...done. Loaded symbols for /boot/kernel/ng_bluetooth.ko.symbols Reading symbols from /boot/kernel/ng_l2cap.ko.symbols...done. Loaded symbols for /boot/kernel/ng_l2cap.ko.symbols Reading symbols from /boot/kernel/ng_btsocket.ko.symbols...done. Loaded symbols for /boot/kernel/ng_btsocket.ko.symbols Reading symbols from /boot/kernel/ng_socket.ko.symbols...done. Loaded symbols for /boot/kernel/ng_socket.ko.symbols Reading symbols from /boot/kernel/linux.ko.symbols...done. Loaded symbols for /boot/kernel/linux.ko.symbols Reading symbols from /boot/kernel/nullfs.ko.symbols...done. Loaded symbols for /boot/kernel/nullfs.ko.symbols Reading symbols from /boot/kernel/linprocfs.ko.symbols...done. Loaded symbols for /boot/kernel/linprocfs.ko.symbols Reading symbols from /boot/kernel/linsysfs.ko.symbols...done. Loaded symbols for /boot/kernel/linsysfs.ko.symbols Reading symbols from /boot/kernel/tmpfs.ko.symbols...done. Loaded symbols for /boot/kernel/tmpfs.ko.symbols Reading symbols from /boot/kernel/fdescfs.ko.symbols...done. Loaded symbols for /boot/kernel/fdescfs.ko.symbols Reading symbols from /boot/kernel/mac_portacl.ko.symbols...done. Loaded symbols for /boot/kernel/mac_portacl.ko.symbols #0 doadump (textdump=3D0) at pcpu.h:232 232 pcpu.h: No such file or directory. in pcpu.h (kgdb) #0 doadump (textdump=3D0) at pcpu.h:232 #1 0xc0521fb1 in db_dump (dummy=3D-1062244387, dummy2=3D0, dummy3=3D-1, dummy4=3D0xeb36b764 "") at /usr/src/sys/ddb/db_command.c:543 #2 0xc0521a77 in db_command (cmd_table=3D) at /usr/src/sys/ddb/db_command.c:449 #3 0xc0521790 in db_command_loop () at /usr/src/sys/ddb/db_command.c:502 #4 0xc0524020 in db_trap (type=3D, code=3D2) at /usr/src/sys/ddb/db_main.c:231 #5 0xc0af7738 in kdb_trap (type=3D, code=3D, tf=3D) at /usr/src/sys/kern/subr_kdb.c:654 #6 0xc0fa6d3f in trap (frame=3D) at /usr/src/sys/i386/i386/trap.c:720 #7 0xc0f8fd5c in calltrap () at /usr/src/sys/i386/i386/exception.s:170 #8 0xc0af6fdd in kdb_enter (why=3D0xc1111a64 "panic", msg=3D) at cpufunc.h:71 #9 0xc0abe363 in vpanic (fmt=3D, ap=3D) at /usr/src/sys/kern/kern_shutdown.c:747 #10 0xc0abe21a in kassert_panic (fmt=3D) at /usr/src/sys/kern/kern_shutdown.c:642 #11 0xc0abb047 in _rm_rlock_debug (rm=3D0xc156e764, tracker=3D) at /usr/src/sys/kern/kern_rmlock.c:640 #12 0xc0ceb0aa in mac_policy_slock_nosleep (tracker=3D) at /usr/src/sys/security/mac/mac_framework.c:198 #13 0xc0cf22a8 in mac_priv_check (priv=3D490) at /usr/src/sys/security/mac/mac_priv.c:75 #14 0xc0aacc15 in priv_check_cred (cred=3D0xc6ece600, priv=3D490, = flags=3D0) at /usr/src/sys/kern/kern_priv.c:88 #15 0xd010cdf0 in socket_check_bind (cred=3D0xc6ece600, so=3D, solabel=3D0x0, sa=3D) at /usr/src/sys/modules/mac_portacl/../../security/mac_portacl/mac_portacl. c:428 #16 0xc0cf4291 in mac_socket_check_bind (so=3D0xcf528d40) at /usr/src/sys/security/mac/mac_socket.c:325 #17 0xc0b41091 in kern_bindat (td=3D0xc778c930, dirfd=3D-100, fd=3D, sa=3D0xffff) at /usr/src/sys/kern/uipc_syscalls.c:279 #18 0xc0b40ea4 in sys_bind (td=3D0x80, uap=3D) at /usr/src/sys/kern/uipc_syscalls.c:297 #19 0xc0fa7a0e in syscall (frame=3D) at subr_syscall.c:134 #20 0xc0f8fdf1 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:270 #21 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) Current language: auto; currently minimal (kgdb) It would be nice if someone can look at this before 10.0-RELEASE.