FreeBSD Mail Archives

Date:      Mon, 21 Oct 2002 14:30:30 -0700
From:      Lars Eggert <larse@ISI.EDU>
To:        Lars Eggert <larse@ISI.EDU>
Cc:        John Baldwin <jhb@FreeBSD.org>, current <current@FreeBSD.org>
Subject:   Re: panic: mtx_lock() of spin mutex
Message-ID:  <3DB471F6.5090509@isi.edu>
In-Reply-To: <XFMail.20021018123309.jhb@FreeBSD.org>
References:  <XFMail.20021018123309.jhb@FreeBSD.org> <3DB444FB.50202@isi.edu>


[-- Attachment #1 --]
Lars Eggert wrote:

> John Baldwin wrote:
> > On 18-Oct-2002 Lars Eggert wrote:
> >> John Baldwin wrote:
> >>
> >>> What is line 488 of src/sys/kern/kern_descrip.c?
> >>
> >> fhold(fp) in do_dup().
> >
> > Hrm.  You can try adding some KASSERT()'s that the reference
> > count of that struct file isn't zero or negative.
>
> fd_refcnt is an u_short, but I've added a KASSERT that makes sure it's
> not zero, and will test.

Just got the panic again, the KASSERT didn't fire, so the ref count is > 
0. Here's a backtrace with today's -current:

[root@nik: /etc] gdb -k /usr/obj/usr/src/sys/KERNEL-1.10/kernel.debug 
/var/crash/vmcore.2
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain 
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-undermydesk-freebsd"...
panic: from debugger
panic messages:
---
panic: mtx_lock() of spin mutex duI\M-@\M-4qI\M-@`\M^NN\M-@\^D @ 
/usr/src/sys/kern/kern_descrip.c:486
cpuid = 1; lapic.id = 02000000
panic: from debugger
cpuid = 1; lapic.id = 02000000
boot() called on cpu#1
Uptime: 19m11s
pfs_vncache_unload(): 6 entries remaining
Dumping 1023 MB
  16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 256 272 288 304 
320 336 352 368 384 400 416 432 448 464 480 496 512 528 544 560 576 592 
608 624 640 656 672 688 704 720 736 752 768 784 800 816 832 848 864 880 
896 912 928 944 960 976 992 1008
---
#0  doadump () at /usr/src/sys/kern/kern_shutdown.c:224
224		dumpsys(&dumper);
(kgdb) bt
#0  doadump () at /usr/src/sys/kern/kern_shutdown.c:224
#1  0xc02779de in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:355
#2  0xc0277fd7 in panic (fmt=0xc0413704 "from debugger") at 
/usr/src/sys/kern/kern_shutdown.c:508
#3  0xc01509d2 in db_panic () at /usr/src/sys/ddb/db_command.c:450
#4  0xc015080c in db_command (last_cmdp=0xc047bce0, cmd_table=0x0, 
aux_cmd_tablep=0xc04732dc,
     aux_cmd_tablep_end=0xc04732e0) at /usr/src/sys/ddb/db_command.c:346
#5  0xc0150a4a in db_command_loop () at /usr/src/sys/ddb/db_command.c:472
#6  0xc01536f5 in db_trap (type=3, code=0) at /usr/src/sys/ddb/db_trap.c:72
#7  0xc03d47f7 in kdb_trap (type=3, code=0, regs=0xeb73dbe8) at 
/usr/src/sys/i386/i386/db_interface.c:166
#8  0xc03ec35a in trap (frame=
       {tf_fs = 24, tf_es = -1069350896, tf_ds = 16, tf_edi = 
-955428240, tf_esi = 256, tf_ebp = -344728524, tf_isp = -344728556, 
tf_ebx = 0, tf_edx = 0, tf_ecx = 0, tf_eax = 18, tf_trapno = 3, tf_err = 
0, tf_eip = -1069724870, tf_cs = 8, tf_eflags = 658, tf_esp = 
-1069144858, tf_ss = -1069294790}) at /usr/src/sys/i386/i386/trap.c:605
#9  0xc03d5fc8 in calltrap () at {standard input}:99
#10 0xc0277fbf in panic (fmt=0x0) at /usr/src/sys/kern/kern_shutdown.c:494
#11 0xc026da07 in _mtx_lock_flags (m=0xc0497574, opts=0, file=0xc043acbf 
"/usr/src/sys/kern/kern_descrip.c", line=486)
     at /usr/src/sys/kern/kern_mutex.c:318
#12 0xc0259541 in do_dup (td=0xc70d5270, type=DUP_FIXED, old=-1, new=4, 
retval=0xc70d5304)
     at /usr/src/sys/kern/kern_descrip.c:486
#13 0xc0258793 in dup2 (td=0x0, uap=0x0) at 
/usr/src/sys/kern/kern_descrip.c:174
#14 0xc03ed066 in syscall (frame=
       {tf_fs = 135594031, tf_es = -1078067153, tf_ds = -1078067153, 
tf_edi = 4, tf_esi = 135637504, tf_ebp = -1078036088, tf_isp = 
-344728204, tf_ebx = -1, tf_edx = -1078037360, tf_ecx = 136126464, 
tf_eax = 90, tf_trapno = 12, tf_err = 2, tf_eip = 134842063, tf_cs = 31, 
tf_eflags = 646, tf_esp = -1078037316, tf_ss = 47})
     at /usr/src/sys/i386/i386/trap.c:1071
#15 0xc03d601d in Xint0x80_syscall () at {standard input}:141
---Can't read userspace from dump, or kernel process---

(kgdb) up 12
#12 0xc0259541 in do_dup (td=0xc70d5270, type=DUP_FIXED, old=-1, new=4, 
retval=0xc70d5304)
     at /usr/src/sys/kern/kern_descrip.c:486
486		fhold(fp);
(kgdb) list
481			FILEDESC_UNLOCK(fdp);
482			return (0);
483		}
484		fp = fdp->fd_ofiles[old];
485		KASSERT(fdp->fd_refcnt != 0, ("reference count is zero"));
486		fhold(fp);
487	
488		/*
489		 * Expand the table for the new descriptor if needed.  This may
490		 * block and drop and reacquire the filedesc lock.


Lars
-- 
Lars Eggert <larse@isi.edu>           USC Information Sciences Institute

[-- Attachment #2 --]
0�	*�H��
��0�10	+0�	*�H��
��	�0�80���fEr��t��cvE��.�0
	*�H��
0��10	UZA10UWestern Cape10U	Cape Town10U
Thawte Consulting1(0&UCertification Services Division1$0"UThawte Personal Freemail CA1+0)	*�H��
	personal-freemail@thawte.com0
000830000000Z
040827235959Z0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300��0
	*�H��
��0�����32�c�	%E>�nx'g��ڈ���D)�c5*mp<�ܮ��to0�3��4q��m���O�e�
�K���a����U�5��u�'��r���װ�����|CBPQ��<�9��T������If-	��k�i�N0L0)U"0 �010UPrivateLabel1-2970U�0�0U0
	*�H��
��1�KG]�q��Sl]y�=��&b�"��"��I�'{9����$����
*8�PU�l�
�L����G�l�X�1B	l�i�+�@]j�y��.%݊���
��Z��<�D�&i�H�Υ����bb��0�90���%A0
	*�H��
0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300
020824185339Z
030824185339Z0T10
UEggert1
0U*Lars10ULars Eggert10	*�H��
	
larse@isi.edu0�"0
	*�H��
�0�
��6F�x����ΰ7��a��ED��&0��+Dj�)ֽ�X��CUc��n�lei��jm�z~S�����0�J�j�W�V�~	1^����({�I�ݛL�j��Ӗ
a�����o:bP�}W���L��V�ܱ��욗cD��ɖ_��K�v.�����A(���W4���9�;�Z�8�-��uXE
6�b
@_0%�#d�`�����R�to5 L0���R`w��@7
�r	�H�����c�c�����	�U�3�%7N_o�V0T0*+e!000L2uMyffBNUbNJJcdZ2s0U0�
larse@isi.edu0U�00
	*�H��
��]�Ȕ��,�����fK<�������cj���R�Z�eL�an�@���Z6,��=
�fK�?y�O#��8��+�	����Ni�*LS��f���pQ��g<�(aӒ��$�k���Tx�_AL��1>ގ|S�0�90���%A0
	*�H��
0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300
020824185339Z
030824185339Z0T10
UEggert1
0U*Lars10ULars Eggert10	*�H��
	
larse@isi.edu0�"0
	*�H��
�0�
��6F�x����ΰ7��a��ED��&0��+Dj�)ֽ�X��CUc��n�lei��jm�z~S�����0�J�j�W�V�~	1^����({�I�ݛL�j��Ӗ
a�����o:bP�}W���L��V�ܱ��욗cD��ɖ_��K�v.�����A(���W4���9�;�Z�8�-��uXE
6�b
@_0%�#d�`�����R�to5 L0���R`w��@7
�r	�H�����c�c�����	�U�3�%7N_o�V0T0*+e!000L2uMyffBNUbNJJcdZ2s0U0�
larse@isi.edu0U�00
	*�H��
��]�Ȕ��,�����fK<�������cj���R�Z�eL�an�@���Z6,��=
�fK�?y�O#��8��+�	����Ni�*LS��f���pQ��g<�(aӒ��$�k���Tx�_AL��1>ގ|S�1��0��0��0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.30%A0	+��0	*�H��
	1	*�H��
0	*�H��
	1
021021213030Z0#	*�H��
	1l�p�?����k�.WX.0R	*�H��
	1E0C0
*�H��
0*�H��
�0
*�H��
@0+0
*�H��
(0��	+�71��0��0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.30%A0��*�H��
	1�����0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.30%A0
	*�H��
�ݿ7�U�S���
ɢ
((���
�|^�d1�
,!��UN׿�	[h�룪cߜ{�_�.��F�(�U�0�s����PiMt���ge�Y�]�iEk � ������{A��\^a�0����gv�w8��?�<�u��v]u)�bC`a��yy����=�te�4]��5�'�/#Z%NR?�Yu�o&��eJ=��W͑`kD�b
O��� ܗ��;@��z(��R�E�{Hd4����S
`�y/T�7

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DB471F6.5090509>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation