From owner-freebsd-amd64@FreeBSD.ORG Wed Feb 25 18:44:13 2009 Return-Path: Delivered-To: freebsd-amd64@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 42F7B106566B for ; Wed, 25 Feb 2009 18:44:13 +0000 (UTC) (envelope-from cochard@gmail.com) Received: from mail-fx0-f158.google.com (mail-fx0-f158.google.com [209.85.220.158]) by mx1.freebsd.org (Postfix) with ESMTP id 9646D8FC0C for ; Wed, 25 Feb 2009 18:44:12 +0000 (UTC) (envelope-from cochard@gmail.com) Received: by fxm2 with SMTP id 2so118967fxm.43 for ; Wed, 25 Feb 2009 10:44:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type; bh=vmZ5CApihPiZtdycVfePTyRGS3OjKHjE36bQY7J2JEE=; b=kpSI1GH2JSEv1yO5ZqFlGA0MV+cgdkSdiTor/gBTTFwKWqOx9YMXpr9LqNQ4MYVDng lZtvA1n4E3p/yoqcy5ifz+S3mQJphxn+VJhtRCVhkymXzuWLUlI9+2iC61qVP6YmpuAM g7U56CLeL4KlGI7dsXFE2AQc3je2NLMCng02Y= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; b=pGcXpgDyzKXkEXqZfjStWzhkBXheboZ4fHaxSLj6R6qitqvki3y1dFVJjPd1CSrCyU t5UKq+6flue1+CeXCNOTbX+3bYui65zedDC1ZZdVBcWGYsBV/EE33SYd5znPUOD3Eb4s c9c0Dq1ICbvWuAi0KgUT+AjzFMtWFuQBSeMvc= MIME-Version: 1.0 Sender: cochard@gmail.com Received: by 10.181.147.3 with SMTP id z3mr123568bkn.71.1235585678653; Wed, 25 Feb 2009 10:14:38 -0800 (PST) In-Reply-To: <200902250919.19779.jhb@freebsd.org> References: <200902240640.n1O6eLg7058706@www.freebsd.org> <200902250919.19779.jhb@freebsd.org> Date: Wed, 25 Feb 2009 19:14:38 +0100 X-Google-Sender-Auth: 195a908db8908007 Message-ID: <3131aa530902251014y6606c3d7pb27b80d734140cd0@mail.gmail.com> From: =?ISO-8859-1?Q?Olivier_Cochard=2DLabb=E9?= To: John Baldwin X-Mailman-Approved-At: Wed, 25 Feb 2009 19:06:59 +0000 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-gnats-submit@freebsd.org, rnoland@freebsd.org, freebsd-amd64@freebsd.org Subject: Re: amd64/132042: drm module crash the system when closing gnome session X-BeenThere: freebsd-amd64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the AMD64 platform List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Feb 2009 18:44:13 -0000 Dear FreeBSD kernel guru, > > > This is drm specific and not amd64-specific. I know, but on the web page http://www.freebsd.org/send-pr.html, the category selection don't propose "drm". Then I choose the category related to the kernel that I'm using. > > Please go to frame 8 and 'p *m'. If the 'mtx_lock' member is 6, then the > mutex is destroyed and it is a use-after-free bug in drm(4). > (kgdb) frame 8 #8 0xffffffff802d47aa in _mtx_lock_sleep (m=0xffffff000348a968, tid=18446742974229954560, opts=Variable "opts" is not available. ) at /usr/src/sys/kern/kern_mutex.c:339 339 owner = (struct thread *)(v & ~MTX_FLAGMASK); (kgdb) p *m $1 = {lock_object = {lo_name = 0xffffffffaf198e0f "DRM IRQ lock", lo_type = 0xffffffffaf198e0f "DRM IRQ lock", lo_flags = 16908288, lo_witness_data = {lod_list = {stqe_next = 0x0}, lod_witness = 0x0}}, mtx_lock = 6, mtx_recurse = 0} The mtx_lock is 6, as you predicted. Regards, Olivier (reading gnu gdb documentation for understanding what "frame" and "p *m" mean)