From owner-freebsd-current@FreeBSD.ORG Wed Feb 6 11:29:37 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4DEC816A473; Wed, 6 Feb 2008 11:29:37 +0000 (UTC) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (comp.chem.msu.su [158.250.32.97]) by mx1.freebsd.org (Postfix) with ESMTP id 033D513C4EF; Wed, 6 Feb 2008 11:29:35 +0000 (UTC) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (localhost [127.0.0.1]) by comp.chem.msu.su (8.13.4/8.13.4) with ESMTP id m16BTWCW010289; Wed, 6 Feb 2008 14:29:32 +0300 (MSK) (envelope-from yar@comp.chem.msu.su) Received: (from yar@localhost) by comp.chem.msu.su (8.13.4/8.13.4/Submit) id m16BTVX9010288; Wed, 6 Feb 2008 14:29:31 +0300 (MSK) (envelope-from yar) Date: Wed, 6 Feb 2008 14:29:31 +0300 From: Yar Tikhiy To: Attilio Rao Message-ID: <20080206112930.GD7592@comp.chem.msu.su> References: <3bbf2fe10801300707u3fd121c0k199605c2f0be6cbf@mail.gmail.com> <790a9fff0801301352xa91a69ci3f08488dfcfc982@mail.gmail.com> <3bbf2fe10801310243tddedfeckbc4c94be87f0a4ca@mail.gmail.com> <20080131130210.GA37090@comp.chem.msu.su> <3bbf2fe10801310504j486924bdm86e0436597a42b09@mail.gmail.com> <790a9fff0801312241s346068b6s40fcae71ebbf546@mail.gmail.com> <20080201145051.GE79881@comp.chem.msu.su> <3bbf2fe10802011041t28e419c9n5f0f6f34d6450184@mail.gmail.com> <20080205162217.GA56373@comp.chem.msu.su> <3bbf2fe10802051156p1cc6ea67t7938a60e306323ce@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3bbf2fe10802051156p1cc6ea67t7938a60e306323ce@mail.gmail.com> User-Agent: Mutt/1.5.9i Cc: Kostik Belousov , Scot Hetzel , freebsd-current@freebsd.org, Doug Barton Subject: Re: panic: System call lstat returning with 1 locks held X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2008 11:29:37 -0000 On Tue, Feb 05, 2008 at 08:56:26PM +0100, Attilio Rao wrote: > 2008/2/5, Yar Tikhiy : > > On Fri, Feb 01, 2008 at 07:41:58PM +0100, Attilio Rao wrote: > > > 2008/2/1, Yar Tikhiy : > > > > [...] > > > > > It would be suitable for you to add DDB to your kernel config and see > > > a backtrace for it? > > > > > > DDB was there (my kernel was GENERIC + DEBUG_VFS_LOCKS,) but it > > failed, too. Fortunately, I've managed to save a dump with the > > whole call stack. Attached is the respective output from kgdb, > > showing multiple failures including the one in NTFS. > > Currently it is DDB which let it fail in witness after memory corruption. > But I'm more interested in the panic originator; so, as far as it is > unusable, can you please remove DDB option and try to get the panic > again? it should not give you the failing assertion without DDB. Sure, here it is, attached. By the way, not that I want to stop helping you, but I can provide you with a small NTFS image so that you can test the driver against it by yourself and save a few round-trips. :-) The crash session shown in the attachment was conducted using this NTFS image file: http://people.freebsd.org/~yar/debug/ntfs.bz2 Thanks! -- Yar [causing the panic] Enter full pathname of shell or RETURN for /bin/sh: # dumpon /dev/ad0s3b # mdconfig -a -f /root/ntfs WARNING: opening backing store: /root/ntfs readoGnly EOM_LABEL: Label for provider md0 is ntfs/TEST_NTFS. md0 # mount -r -t ntfs /dev/md0 /mnt # umount /mnt lock order reversal: 1st 0xc30566b8 ntfs (ntfs) @ /usr/src/sys/kern/vfs_subr.c:2361 2nd 0xc2fd4924 ntnode (ntnode) @ /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_s ubr.c:361 kernel trap 12 with interrupts disabled Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0xdeadc0ee fault code = supervisor read, page not present instruction pointer = 0x20:0xc0791e86 stack pointer = 0x28:0xd61559a0 frame pointer = 0x28:0xd61559a4 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = resume, IOPL = 0 current process = 39 (umount) trap number = 12 panic: page fault cpuid = 0 Uptime: 1m0s Physical memory: 499 MB Dumping 32 MB: 17 1 Dump complete Automatic reboot in 15 seconds - press a key on the console to abort [post-mortem kgdb session] Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0xdeadc0ee fault code = supervisor read, page not present instruction pointer = 0x20:0xc0791e86 stack pointer = 0x28:0xd61559a0 frame pointer = 0x28:0xd61559a4 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = resume, IOPL = 0 current process = 39 (umount) trap number = 12 panic: page fault cpuid = 0 Uptime: 1m0s Physical memory: 499 MB Dumping 32 MB: 17 1 #0 doadump () at pcpu.h:195 195 pcpu.h: No such file or directory. in pcpu.h (kgdb) where #0 doadump () at pcpu.h:195 #1 0xc075ba7e in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:417 #2 0xc075bd09 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:571 #3 0xc0a4580c in trap_fatal (frame=0xd6155960, eva=3735929070) at /usr/src/sys/i386/i386/trap.c:898 #4 0xc0a460e0 in trap (frame=0xd6155960) at /usr/src/sys/i386/i386/trap.c:279 #5 0xc0a2c97b in calltrap () at /usr/src/sys/i386/i386/exception.s:146 #6 0xc0791e86 in isitmychild (parent=0xdeadc0de, child=0xc0c00168) at /usr/src/sys/kern/subr_witness.c:1611 #7 0xc0793d9e in witness_checkorder (lock=0xc1474908, flags=Variable "flags" is not available. ) at /usr/src/sys/kern/subr_witness.c:966 #8 0xc074edcc in _mtx_lock_flags (m=0xc1474908, opts=0, file=0xc0af4e44 "/usr/src/sys/vm/uma_core.c", line=2257) at /usr/src/sys/kern/kern_mutex.c:179 #9 0xc095f398 in uma_zfree_arg (zone=0xc146d1e0, item=0xc2fd4900, udata=0xc2fd4fa8) at /usr/src/sys/vm/uma_core.c:2257 #10 0xc074bb1a in free (addr=0xc2fd4900, mtp=0xc2ff1000) at /usr/src/sys/kern/kern_malloc.c:441 #11 0xc2feda91 in ntfs_ntput (ip=0xc2fd4900) at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_subr.c:469 #12 0xc2feb654 in ntfs_reclaim (ap=0xd6155b04) at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_vnops.c:262 #13 0xc0a51195 in VOP_RECLAIM_APV (vop=0xc2ff1320, a=0xd6155b04) ---Type to continue, or q to quit--- at vnode_if.c:1566 #14 0xc07d848f in vgonel (vp=0xc3056660) at vnode_if.h:819 #15 0xc07d9f47 in vflush (mp=0xc2fb6a70, rootrefs=0, flags=1, td=0xc2fdf660) at /usr/src/sys/kern/vfs_subr.c:2406 #16 0xc2feabff in ntfs_unmount (mp=0xc2fb6a70, mntflags=134217728, td=0xc2fdf660) at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_vfsops.c:489 #17 0xc07d3756 in dounmount (mp=0xc2fb6a70, flags=134217728, td=0xc2fdf660) at /usr/src/sys/kern/vfs_mount.c:1286 #18 0xc07d3d20 in unmount (td=0xc2fdf660, uap=0xd6155cfc) at /usr/src/sys/kern/vfs_mount.c:1182 #19 0xc0a45ce3 in syscall (frame=0xd6155d38) at /usr/src/sys/i386/i386/trap.c:1034 #20 0xc0a2c9e0 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:203 #21 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?)