Site Navigation

Date:      Thu, 21 Apr 2005 11:35:05 -0700
From:      Kris Kennaway <kris@obsecurity.org>
To:        sparc64@FreeBSD.org, stable@FreeBSD.org
Subject:   lockmgr invariants panic on 5.4
Message-ID:  <20050421183504.GA93119@xor.obsecurity.org>

---

next in thread | raw e-mail | index | archive | help

---

--bg08WKrSYDhXBjb5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

I got the following when running 'umount' on a ufs system on an
up-to-date RELENG_5 sparc64 system (e4500):

panic: trap: memory address not aligned
cpuid = 7
KDB: enter: panic
Dumping 5120 MB (5 chunks)
  chunk at 0: 1073741824 bytes |\^H/\^H-\^H
---
#0  doadump () at ../../../kern/kern_shutdown.c:246
246             savectx(&dumppcb);
(kgdb) bt
#0  doadump () at ../../../kern/kern_shutdown.c:246
#1  0x00000000c0067940 in db_fncall (dummy1=0, dummy2=0, dummy3=11, dummy4=0xeef7c630 "")
    at ../../../ddb/db_command.c:531
#2  0x00000000c006764c in db_command (last_cmdp=0xc03f6a10, cmd_table=0x0, aux_cmd_tablep=0xc03b28b8,
    aux_cmd_tablep_end=0xc03b28d0) at ../../../ddb/db_command.c:349
#3  0x00000000c0067770 in db_command_loop () at ../../../ddb/db_command.c:455
#4  0x00000000c006a2d0 in db_trap (type=-285751232, code=0) at ../../../ddb/db_main.c:219
#5  0x00000000c0186de0 in kdb_trap (type=107, code=0, tf=0x1) at ../../../kern/subr_kdb.c:418
#6  0x00000000c02e9ca0 in trap (tf=0xeef7cac0) at ../../../sparc64/sparc64/trap.c:307
#7  0x00000000c01869bc in kdb_enter (msg=0x0) at ../../../kern/subr_kdb.c:238
#8  0x00000000c01869b4 in kdb_enter (msg=0xc038ef10 "panic") at ../../../kern/subr_kdb.c:238
#9  0x00000000c0169dec in panic (fmt=0xc03af0a8 "trap: %s") at ../../../kern/kern_shutdown.c:550
#10 0x00000000c02e9e2c in trap (tf=0xeef7cec0) at ../../../sparc64/sparc64/trap.c:369
#11 0x00000000c015ce48 in acquire (lkpp=0xc015ce4c, extflags=-1069529200, wanted=80)
    at ../../../kern/kern_lock.c:178
#12 0x00000000c015cdf8 in acquire (lkpp=0xeef7d1c0, extflags=16777280, wanted=1536)
    at ../../../kern/kern_lock.c:161
#13 0x00000000c015d390 in lockmgr (lkp=0xfffff8000457bbc0, flags=16973826,
    interlkp=0xfffff800f5643680, td=0xfffff800f9e39900) at ../../../kern/kern_lock.c:389
#14 0x00000000c02ab760 in ufs_lock (ap=0xeef7d370) at ../../../ufs/ufs/ufs_vnops.c:2000
#15 0x00000000c02ac5dc in ufs_vnoperate (ap=0xeef7d370) at ../../../ufs/ufs/ufs_vnops.c:2821
#16 0x00000000c01d94fc in vn_lock (vp=0xfffff800f5643680, flags=16908290, td=0xfffff800f9e39900)
    at vnode_if.h:1013
#17 0x00000000c01d88f0 in vn_read (fp=0xfffff800181e21c0, uio=0xeef7d5a0,
    active_cred=0xfffff8000142bb00, flags=0, td=0xfffff800f9e39900) at ../../../kern/vfs_vnops.c:544
#18 0x00000000c0194944 in dofileread (td=0xfffff800f9e39900, fp=0xfffff800181e21c0, fd=4,
    buf=0x4ae000, nbyte=2048, offset=-1, flags=0) at file.h:233
#19 0x00000000c01947d8 in read (td=0xfffff800f9e39900, uap=0xeef7d8c0)
    at ../../../kern/sys_generic.c:107
#20 0x00000000c02ea390 in syscall (tf=0xeef7d880) at ../../../sparc64/sparc64/trap.c:592
(kgdb) frame 11
#11 0x00000000c015ce48 in acquire (lkpp=0xc015ce4c, extflags=-1069529200, wanted=80)
    at ../../../kern/kern_lock.c:178
178                     if (lkp->lk_newlock != NULL) {
(kgdb) print *lkp
$3 = {lk_interlock = 0x0, lk_flags = 0, lk_sharecount = 0, lk_waitcount = 0, lk_exclusivecount = 0,
  lk_prio = 0, lk_wmesg = 0x0, lk_timo = 0, lk_lockholder = 0x0, lk_newlock = 0x0}
(kgdb) frame 12
#12 0x00000000c015cdf8 in acquire (lkpp=0xeef7d1c0, extflags=16777280, wanted=1536)
    at ../../../kern/kern_lock.c:161
161                     error = msleep(lkp, lkp->lk_interlock, lkp->lk_prio,
(kgdb) print *lkp
$4 = {lk_interlock = 0xdeadc0dedeadc0de, lk_flags = 3735929054, lk_sharecount = -559038242,
  lk_waitcount = -559038243, lk_exclusivecount = -8531, can not access 0xdeadc0de, invalid address (deadc0de)
can not access 0xdeadc0de, invalid address (deadc0de)
can not access 0xdeadc0de, invalid address (deadc0de)
can not access 0xdeadc0de, invalid address (deadc0de)
can not access 0xdeadc0de, invalid address (deadc0de)
can not access 0xdeadc0de, invalid address (deadc0de)
lk_prio = -16162,
  lk_wmesg = 0xdeadc0dedeadc0de <Address 0xdeadc0dedeadc0de out of bounds>, lk_timo = -559038242,
  lk_lockholder = 0xdeadc0dedeadc0de, lk_newlock = 0xdeadc0dedeadc0de}
(kgdb) frame 14
#14 0x00000000c02ab760 in ufs_lock (ap=0xeef7d370) at ../../../ufs/ufs/ufs_vnops.c:2000
2000            return (lockmgr(vp->v_vnlock, flags, VI_MTX(vp), ap->a_td));
(kgdb) print *vp
$6 = {v_interlock = {mtx_object = {lo_class = 0xc03d2998, lo_name = 0xc0399730 "vnode interlock",
      lo_type = 0xc0399730 "vnode interlock", lo_flags = 196608, lo_list = {
        tqe_next = 0xfffff800f70de3c0, tqe_prev = 0xfffff800f4e36d40}, lo_witness = 0xc0410e28},
    mtx_lock = 4, mtx_recurse = 0}, v_iflag = 0, v_usecount = 1, v_numoutput = 0, v_vxthread = 0x0,
  v_holdcnt = 28001, v_cleanblkhd = {tqh_first = 0xc0a85440, tqh_last = 0xc0a857c0},
  v_cleanblkroot = 0xc1b1d3c0, v_cleanbufcnt = 28001, v_dirtyblkhd = {tqh_first = 0x0,
    tqh_last = 0xfffff800f5643710}, v_dirtyblkroot = 0x0, v_dirtybufcnt = 0, v_vflag = 136,
  v_writecount = 0, v_object = 0xfffff800f59d88c0, v_lastw = 0, v_cstart = 0, v_lasta = 0, v_clen = 0,
  v_un = {vu_mountedhere = 0x0, vu_socket = 0x0, vu_spec = {vu_cdev = 0x0, vu_specnext = {
        sle_next = 0x0}}, vu_fifoinfo = 0x0}, v_freelist = {tqe_next = 0x0, tqe_prev = 0x0},
  v_nmntvnodes = {tqe_next = 0xfffff800f5642b40, tqe_prev = 0xfffff80005137830}, v_synclist = {
    le_next = 0x0, le_prev = 0xfffff800016113b8}, v_type = VREG, v_tag = 0xc03a41d8 "ufs",
  v_data = 0xfffff800f9262820, v_lock = {lk_interlock = 0xc0404748, lk_flags = 16777280,
    lk_sharecount = 0, lk_waitcount = 0, lk_exclusivecount = 0, lk_prio = 80,
    lk_wmesg = 0xc03a41d8 "ufs", lk_timo = 6, lk_lockholder = 0xffffffffffffffff, lk_newlock = 0x0},
  v_vnlock = 0xfffff800f56437c0, v_op = 0xfffff80001675200, v_mount = 0xfffff80005137800,
  v_cache_src = {lh_first = 0x0}, v_cache_dst = {tqh_first = 0x0, tqh_last = 0xfffff800f5643818},
  v_id = 493, v_dd = 0xfffff800f5643680, v_ddid = 0, v_pollinfo = 0x0, v_label = 0x0,
  v_cachedfs = 1050, v_cachedid = 5, v_bsize = 16384}
(kgdb)

Anything more I can drag from the core to debug this?

Kris

--bg08WKrSYDhXBjb5
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)

iD8DBQFCZ/JYWry0BWjoQKURAhG+AKDZ3MsyNTKSG2UyQiMMWBK8r0kC3gCg4WNp
D05vjf3RsjmA02PwbC7q7jo=
=WJbg
-----END PGP SIGNATURE-----

--bg08WKrSYDhXBjb5--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050421183504.GA93119>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact