Date: Tue, 1 Feb 2011 13:51:40 -0500 From: John Baldwin <jhb@freebsd.org> To: Eugene Grosbein <egrosbein@rdtc.ru> Cc: freebsd-net@freebsd.org Subject: Re: panic: bufwrite: buffer is not busy??? Message-ID: <201102011351.40544.jhb@freebsd.org> In-Reply-To: <4D48513C.40503@rdtc.ru> References: <4D3011DB.9050900@frasunek.com> <4D4670C2.4050500@freebsd.org> <4D48513C.40503@rdtc.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday, February 01, 2011 1:30:20 pm Eugene Grosbein wrote:
> On 31.01.2011 14:20, Julian Elischer wrote:
>
> > replace with:
> >
> > 3504 if ((hook == NULL) ||
> > 3505 NG_HOOK_NOT_VALID(hook) ||
> > ((peer = NG_HOOK_PEER(hook)) == NULL) ||
> > 3506 NG_HOOK_NOT_VALID(peer) ||
> > ((peernode = NG_PEER_NODE(hook)) == NULL) ||
> > 3507 NG_NODE_NOT_VALID(peernode)) {
> > if (peer)
> > kassert((peernode != NULL), ("peer node NULL wile peer hook exists"));
> > 3508 NG_FREE_ITEM(item);
>
> This day I have updated panicing router to RELENG_8 and combined changes supposed
> by Julian and Gleb. After 8 hours it has just paniced again and could not finish
> to write crashdump again:
>
> Fatal trap 12: page fault while in kernel mode
> cpuid = 3; apic id = 06
> fault virtual address = 0x63
> fault code = supervisor read data, page not present
> instruction pointer = 0x20:0xffffffff803d4ccd
> stack pointer = 0x28:0xffffff80ebffc600
> frame pointer = 0x28:0xffffff80ebffc680
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 2390 (mpd5)
> trap number = 12
> panic: page fault
> cpuid = 3
> Uptime: 8h3m51s
> Dumping 4087 MB (3 chunks)
> chunk 0: 1MB (150 pages) ... ok
> chunk 1: 3575MB (915088 pages) 3559 3543panic: bufwrite: buffer is not busy???
> cpuid = 3
> Uptime: 8h3m52s
> Automatic reboot in 15 seconds - press a key on the console to abort
>
> # gdb kernel
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "amd64-marcel-freebsd"...
> (gdb) l *0xffffffff803d4ccd
> 0xffffffff803d4ccd is in ng_pppoe_disconnect (netgraph.h:191).
> 186 int line);
> 187
> 188 static __inline void
> 189 _chkhook(hook_p hook, char *file, int line)
> 190 {
> 191 if (hook->hk_magic != HK_MAGIC) {
> 192 printf("Accessing freed hook ");
> 193 dumphook(hook, file, line);
> 194 }
> 195 hook->lastline = line;
> (gdb) x/i 0xffffffff803d4ccd
> 0xffffffff803d4ccd <ng_pppoe_disconnect+301>: cmpl $0x78573011,0x64(%rbx)
So %rbx (hook) was -1 here. Perhaps the locking is insufficient for whatever
structure contains the hook pointer?
--
John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201102011351.40544.jhb>