From owner-freebsd-scsi@FreeBSD.ORG Wed May 18 06:04:31 2011 Return-Path: Delivered-To: freebsd-scsi@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EF83C106566B for ; Wed, 18 May 2011 06:04:31 +0000 (UTC) (envelope-from j@uriah.heep.sax.de) Received: from uriah.heep.sax.de (uriah.heep.sax.de [213.240.137.9]) by mx1.freebsd.org (Postfix) with ESMTP id 1A6788FC12 for ; Wed, 18 May 2011 06:04:30 +0000 (UTC) Received: by uriah.heep.sax.de (Postfix, from userid 107) id 70DF11E; Wed, 18 May 2011 08:04:29 +0200 (MET DST) Date: Wed, 18 May 2011 08:04:29 +0200 From: Joerg Wunsch To: freebsd-scsi@freebsd.org, Kostik Belousov Message-ID: <20110518060429.GA4146@uriah.heep.sax.de> References: <20110508085314.GA5364@uriah.heep.sax.de> <20110508094509.GT48734@deviant.kiev.zoral.com.ua> <20110508104543.GB5364@uriah.heep.sax.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20110508104543.GB5364@uriah.heep.sax.de> X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E X-GPG-Fingerprint: 5E84 F980 C3CA FD4B B584 1070 F48C A81B 69A8 5873 User-Agent: Mutt/1.5.20 (2009-06-14) Cc: Subject: Re: Panic when removing a SCSI device entry X-BeenThere: freebsd-scsi@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Joerg Wunsch List-Id: SCSI subsystem List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 May 2011 06:04:32 -0000 As Joerg Wunsch wrote: > > Please provide the full printout from the panic. Also, it would > > be useful to get the dump and do "p *dev" from the frame of > > destroy_devl(). I might need further information after the requested > > data is provided. > > Unfortunately, I somehow cannot get the system to provide a coredump. OK, it happened again last night, and I've got a DDB trace now. The panic is at a slightly different location (in notify_destroy()), but still a null pointer (apparently, dev->si_name is NULL now). [thread pid 33502 tid 100246 ] Stopped at strlen+0x8: cmpb $0,0(%edx) db> bt Tracing pid 33502 tid 100246 td 0xc8be92e0 strlen(0,c6dfc804,cc0b0e80,cc6e6800,e98804b8,...) at strlen+0x8 notify(ce0dc900,0,0,cc6e6800,c05ac3fb,...) at notify+0x3f destroy_devl(e98804f4,c0470a2b,ce0dc900,c07e9284,1,...) at destroy_devl+0x17b destroy_dev(ce0dc900,c07e9284,1,0,e988051c,...) at destroy_dev+0x10 sacleanup(cc0b0e80,c07f161b,12,0,e9880570,...) at sacleanup+0x8b camperiphfree(50,e9880994,c044b4de,e98809ac,c6e83c80,...) at camperiphfree+0x8f cam_periph_release_locked(cc0b0e80,0,cc0b0e80,e98809bc,c044b762,...) at cam_periph_release_locked+0x55 cam_periph_release(cc0b0e80,14c,cc814200,e98809fc,e98809e8,...) at cam_periph_release+0x60 saopen(cc814200,1,2000,c8be92e0,c07cc465,...) at saopen+0x263 giant_open(cc814200,1,2000,c8be92e0,e9880b08,...) at giant_open+0x93 devfs_open(e9880b08,e9880b30,c061c4fa,c0840e60,e9880b08,...) at devfs_open+0x102 VOP_OPEN_APV(c0840e60,e9880b08,c075ad1a,cacbe788,0,...) at VOP_OPEN_APV+0x42 vn_open_cred(e9880b78,e9880c2c,0,0,c7fba280,...) at vn_open_cred+0x4ba vn_open(e9880b78,e9880c2c,0,c7f49150,3,...) at vn_open+0x3b kern_openat(c8be92e0,ffffff9c,804a0bb,0,1,...) at kern_openat+0x12c kern_open(c8be92e0,804a0bb,0,0,6,...) at kern_open+0x35 open(c8be92e0,e9880cec,0,c,28176088,...) at open+0x30 syscallenter(c8be92e0,e9880ce4,e9880d1c,c07ad276,c8be92e0,...) at syscallenter+0x329 syscall(e9880d28) at syscall+0x34 Xint0x80_syscall() at Xint0x80_syscall+0x21 syscall (5, FreeBSD ELF32, open), eip = 0x2817608f, esp = 0xbfbfec7c, ebp = 0xbfbfee18 --- db> show reg cs 0x20 ds 0x28 es 0x28 fs 0x8 ss 0x28 eax 0 ecx 0x8 edx 0 ebx 0x2 esp 0xe9880468 ebp 0xe9880468 esi 0xce0dc900 edi 0xcc6e6800 eip 0xc0620568 strlen+0x8 efl 0x10202 strlen+0x8: cmpb $0,0(%edx) db> show cdev geom.ctl 0xc6d1a100 devctl 0xc6ccc700 console 0xc6ccc600 sndstat 0xc6ccc500 ptmx 0xc6ccc400 ctty 0xc6ccc300 mem 0xc6ccc200 kmem 0xc6db3800 audit 0xc6db3700 bpf 0xc6db3600 bpf0 0xc6db3500 null 0xc6db3400 zero 0xc6db3300 fd/0 0xc6db3200 stdin 0xc6db3100 fd/1 0xc6db3000 stdout 0xc6db2e00 fd/2 0xc6db2d00 stderr 0xc6db2c00 klog 0xc6db2b00 pci 0xc6db2a00 midistat 0xc6db2900 kbdmux0 0xc6db2700 kbd0 0xc6db2600 random 0xc6db2400 urandom 0xc6db2300 sysmouse 0xc6db2200 io 0xc6db2100 speaker 0xc6db2000 fido 0xc6d1be00 ata 0xc6d1bd00 acpi 0xc6d1b800 ttyu2 0xc6e7dd00 ttyu2.init 0xc6e7d800 ttyu2.lock 0xc6e7d700 cuau2 0xc6e7d600 cuau2.init 0xc6e7d500 cuau2.lock 0xc6e7d400 ttyu3 0xc6e7d000 ttyu3.init 0xc6e7ce00 ttyu3.lock 0xc6e7cd00 cuau3 0xc6e7cc00 cuau3.init 0xc6e7cb00 cuau3.lock 0xc6e7ca00 ttyu4 0xc6e7c600 ttyu4.init 0xc6e7c500 ttyu4.lock 0xc6e7c800 cuau4 0xc6e7c900 cuau4.init 0xc6e7d200 cuau4.lock 0xc6e7d300 ttyu5 0xc6e7e400 ttyu5.init 0xc6e7e500 ttyu5.lock 0xc6e7e600 cuau5 0xc6e7e700 cuau5.init 0xc6e7e800 cuau5.lock 0xc6e7e900 ttyu6 0xc6e7e000 ttyu6.init 0xc6f01e00 ttyu6.lock 0xc6f01d00 cuau6 0xc6f01c00 cuau6.init 0xc6f01b00 cuau6.lock 0xc6f01a00 ttyu7 0xc6f01600 ttyu7.init 0xc6f01500 ttyu7.lock 0xc6f01400 cuau7 0xc6f01300 cuau7.init 0xc6f01200 cuau7.lock 0xc6f01100 ttyu8 0xc6f00c00 ttyu8.init 0xc6f00b00 ttyu8.lock 0xc6f00a00 cuau8 0xc6f00900 cuau8.init 0xc6f00800 cuau8.lock 0xc6f00700 ttyu9 0xc6f00300 ttyu9.init 0xc6f00200 ttyu9.lock 0xc6f00100 cuau9 0xc6f00000 cuau9.init 0xc6e7fe00 cuau9.lock 0xc6e7fd00 ttyv0 0xc6f01000 ttyv1 0xc6f01800 ttyv2 0xc6fa5d00 ttyv3 0xc6fa5c00 ttyv4 0xc6fa5b00 ttyv5 0xc6fa5a00 ttyv6 0xc6fa5900 ttyv7 0xc6fa5800 ttyv8 0xc6fa5700 ttyv9 0xc6fa5600 ttyva 0xc6fa5500 ttyvb 0xc6fa5400 ttyvc 0xc6fa5300 ttyvd 0xc6fa5200 ttyve 0xc6fa5100 ttyvf 0xc6fa5000 consolectl 0xc6fa4e00 lpt0 0xc6fa4b00 lpt0.ctl 0xc6fa4a00 ppi0 0xc6fa4900 ttyu0 0xc6fa4600 ttyu0.init 0xc6fa4500 ttyu0.lock 0xc6fa4400 cuau0 0xc6fa4300 cuau0.init 0xc6fa4200 cuau0.lock 0xc6fa4100 usbctl 0xc71d6d00 mdctl 0xc71d6b00 devstat 0xc71d6a00 fd0 0xc71d6900 usb/0.1.0 0xc71d6700 ugen0.1 0xc71d6600 usb/1.1.0 0xc71d6500 ugen1.1 0xc71d6400 usb/0.1.1 0xc71d6300 usb/1.1.1 0xc71d5d00 xpt0 0xc71d5800 mixer0 0xc71d4a00 mixer1 0xc71d4000 mixer2 0xc7216a00 acd0 0xc7216100 ad4 0xc7216000 ad4s1 0xc7215e00 ad4s1b 0xc7215d00 ad4s1h 0xc7215c00 gvinum/sound 0xc728de00 gvinum/squid 0xc728dd00 gvinum/camel 0xc728dc00 gvinum/tmp 0xc728db00 gvinum/dump 0xc728da00 gvinum/bacula_db 0xc728d900 gvinum/junk 0xc728d800 gvinum/home 0xc728d700 gvinum/home_cvs 0xc728d600 gvinum/var 0xc728d500 gvinum/usr 0xc728d400 gvinum/local 0xc728d300 gvinum/root 0xc728d200 gvinum/obj 0xc728d100 gvinum/upload 0xc728d000 gvinum/mysql 0xc72a4400 gvinum/pdf 0xc72a4300 gvinum/distfiles 0xc72a4200 gvinum/news 0xc72a4100 gvinum/src 0xc72a4000 gvinum/ports 0xc72a3e00 gvinum/temp 0xc72a3d00 ufsid/4dd10a3a6f636a7d 0xc72a3100 usb/1.2.0 0xc72a2700 ugen1.2 0xc72a2600 usb/1.2.1 0xc7290800 cd0 0xc7290500 pass0 0xc7290700 pass1 0xc7290d00 pass2 0xc7290e00 da0 0xc72e8800 da0a 0xc72a2900 da0h 0xc72a2a00 da1 0xc72a2b00 ufsid/4856d98a00081994 0xc72a2c00 da1a 0xc72a2d00 da1h 0xc72e6700 usb/0.2.0 0xc72e7100 ugen0.2 0xc72e6e00 usb/0.2.1 0xc72e6c00 usb/0.3.0 0xc7375300 ugen0.3 0xc72a3400 usb/0.3.1 0xc7376d00 ukbd0 0xc7377200 kbd1 0xc72a3500 usb/0.4.0 0xc743a400 ugen0.4 0xc743a300 usb/0.4.1 0xc743a000 ums0 0xc7439500 usb/0.5.0 0xc7438c00 ugen0.5 0xc7438b00 usb/0.5.1 0xc7438a00 usb/0.6.0 0xc7501800 ugen0.6 0xc7501700 usb/0.6.2 0xc7501400 pf 0xc75d7500 nfslock 0xc7501a00 tap0 0xc7501100 apm0 0xc75d9600 dsp2.0 0xc82a3500 dsp1.0 0xc7f9dc00 dsp0.0 0xc7f9db00 pts/0 0xc8902d00 pts/1 0xc82a1600 pts/2 0xc89e0a00 pts/3 0xc8901a00 ptyp0 0xc8902c00 ttyp0 0xc82a3a00 pts/4 0xc819f100 pts/5 0xc89de200 pts/6 0xc8902600 tun0 0xc9f99300 pts/7 0xcc35a700 ptyp1 0xcc210a00 ttyp1 0xcc1b9600 pass3 0xce096c00 ch0 0xce113400 nsa0.0 0xcc814200 esa0.0 0xcdc50600 nsa0 0xcc81c800 esa0 0xcc871a00 sa0.1 0xce083c00 nsa0.1 0xccec1d00 esa0.1 0xccd63400 sa0.2 0xcc840e00 nsa0.2 0xcc7dc800 esa0.2 0xcc841500 sa0.3 0xce083400 nsa0.3 0xcdc50400 esa0.3 0xce084600 ptyp2 0xcf8b1000 ttyp2 0xcf929100 pass4 0xce989900 sa0.ctl 0xced5f400 sa0.0 0xce991100 nsa0.0 0xcea91c00 esa0.0 0xced17900 sa0 0xce71d500 nsa0 0xced60400 esa0 0xce956800 sa0.1 0xce68ab00 nsa0.1 0xceb10a00 esa0.1 0xced1f300 sa0.2 0xce6dd400 nsa0.2 0xcec9c800 esa0.2 0xce960100 sa0.3 0xcea91d00 nsa0.3 0xce9bb700 esa0.3 0xceb99d00 db> panic panic: from debugger cpuid = 0 Uptime: 1d5h4m38s Physical memory: 3575 MB Dumping 365 MB: 350 334 318 302 286 270 254 238 222 206 190 174 158 142 126 110 94 78 62 46 30 14 Dump complete Automatic reboot in 15 seconds - press a key on the console to abort --> Press a key on the console to reboot, --> or switch off the system now. Rebooting... As you can see, I've got a coredump this time, so I can run kgdb on that. Currently, I'm compiling an INVARIANTS kernel, and will boot that one soon - though I wonder whether it really makes sense here, as the picture is different from last time (due to Kostik's suggested patch?). One observation that comes to mind: with devices appearing and disappearing, the CAM subsystem sometimes suffers from some confusion if a device is still held open by the time it disappears on the bus. The device then appears in "camcontrol devlist" as just "sa0", without a pass device associated. When powering it on again, and reprobing it, it becomes "sa0, pass4, sa0" or such. -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)