From owner-freebsd-current@FreeBSD.ORG  Tue Aug  9 11:40:17 2005
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: current@freebsd.org
Delivered-To: freebsd-current@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EEE3816A41F;
	Tue,  9 Aug 2005 11:40:16 +0000 (GMT)
	(envelope-from bzeeb-lists@lists.zabbadoz.net)
Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8518F43D48;
	Tue,  9 Aug 2005 11:40:16 +0000 (GMT)
	(envelope-from bzeeb-lists@lists.zabbadoz.net)
Received: from transport.cksoft.de (localhost [127.0.0.1])
	by transport.cksoft.de (Postfix) with ESMTP
	id 897221FFACC; Tue,  9 Aug 2005 13:40:12 +0200 (CEST)
Received: by transport.cksoft.de (Postfix, from userid 66)
	id 5F6241FFAD1; Tue,  9 Aug 2005 13:40:10 +0200 (CEST)
Received: by mail.int.zabbadoz.net (Postfix, from userid 1060)
	id 5D97E1538C; Tue,  9 Aug 2005 11:40:07 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.int.zabbadoz.net (Postfix) with ESMTP
	id 523B615384; Tue,  9 Aug 2005 11:40:07 +0000 (UTC)
Date: Tue, 9 Aug 2005 11:40:07 +0000 (UTC)
From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net
To: FreeBSD current mailing list <current@freebsd.org>
Message-ID: <Pine.BSF.4.53.0508091138160.90867@e0-0.zab2.int.zabbadoz.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de
Cc: ume@freebsd.org
Subject: LOR + panic in scope6.c
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Aug 2005 11:40:17 -0000

Hi,

HEAD as of yesterday + rwatson mega-commit from today.

lock order reversal
 1st 0xffffff0000ad6bf0 if_afdata (if_afdata) @ sys/netinet6/scope6.c:415
 2nd 0xffffffff8081dd30 user map (user map) @ sys/vm/vm_map.c:2997
KDB: stack backtrace:
witness_checkorder() at witness_checkorder+0x4ba
_sx_xlock() at _sx_xlock+0x51
vm_map_lookup() at vm_map_lookup+0x44
vm_fault() at vm_fault+0xb9
trap_pfault() at trap_pfault+0x13c
trap() at trap+0x1c5
calltrap() at calltrap+0x5
--- trap 0xc, rip = 0xffffffff804990a0, rsp = 0xffffffff809dc3f0, rbp = 0xffffffff809dc430 ---
in6_setscope() at in6_setscope+0x50
in6_ifdetach() at in6_ifdetach+0x24a
if_detach() at if_detach+0x39
ether_ifdetach() at ether_ifdetach+0x35
sk_attach() at sk_attach+0x51a
device_attach() at device_attach+0x292
bus_generic_attach() at bus_generic_attach+0x18
skc_attach() at skc_attach+0x6df
device_attach() at device_attach+0x292
bus_generic_attach() at bus_generic_attach+0x18
acpi_pci_attach() at acpi_pci_attach+0xf1
device_attach() at device_attach+0x292
bus_generic_attach() at bus_generic_attach+0x18
acpi_pcib_attach() at acpi_pcib_attach+0xf0
acpi_pcib_pci_attach() at acpi_pcib_pci_attach+0x97
device_attach() at device_attach+0x292
bus_generic_attach() at bus_generic_attach+0x18
acpi_pci_attach() at acpi_pci_attach+0xf1
device_attach() at device_attach+0x292
bus_generic_attach() at bus_generic_attach+0x18
acpi_pcib_attach() at acpi_pcib_attach+0xf0
acpi_pcib_acpi_attach() at acpi_pcib_acpi_attach+0xdb
device_attach() at device_attach+0x292
bus_generic_attach() at bus_generic_attach+0x18
acpi_attach() at acpi_attach+0x7f1
device_attach() at device_attach+0x292
bus_generic_attach() at bus_generic_attach+0x18
nexus_attach() at nexus_attach+0x19
device_attach() at device_attach+0x292
root_bus_configure() at root_bus_configure+0x1e
configure() at configure+0xa
mi_startup() at mi_startup+0xd3
btext() at btext+0x2c


Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x18
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xffffffff804990a0
stack pointer           = 0x10:0xffffffff809dc3f0
frame pointer           = 0x10:0xffffffff809dc430
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 0 (swapper)
[thread pid 0 tid 0 ]
Stopped at      in6_setscope+0x50:      movq    0x18(%rax),%r13

(gdb) l *0xffffffff804990a0
0xffffffff804990a0 is in in6_setscope (sys/netinet6/scope6.c:417).
412             u_int32_t zoneid = 0;
413             struct scope6_id *sid;
414
415             IF_AFDATA_LOCK(ifp);
416
417             sid = SID(ifp);
418
419     #ifdef DIAGNOSTIC
420             if (sid == NULL) { /* should not happen */
421                     panic("in6_setscope: scope array is NULL");


-- 
Bjoern A. Zeeb				bzeeb at Zabbadoz dot NeT