From owner-freebsd-stable@FreeBSD.ORG Fri Apr 8 18:09:50 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C7B9116A4CF for ; Fri, 8 Apr 2005 18:09:50 +0000 (GMT) Received: from cyrus.watson.org (cyrus.watson.org [204.156.12.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 14E6D43D1F for ; Fri, 8 Apr 2005 18:09:50 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by cyrus.watson.org (Postfix) with ESMTP id 6342546B3D; Fri, 8 Apr 2005 14:09:49 -0400 (EDT) Date: Fri, 8 Apr 2005 19:10:26 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Doug White In-Reply-To: <20050408105348.M63918@carver.gumbysoft.com> Message-ID: <20050408190550.Q55142@fledge.watson.org> References: <20050408143925.GA67188@82-168-79-254-bbxl.xdsl.tiscali.nl> <20050408105348.M63918@carver.gumbysoft.com> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-194530164-1112983826=:55142" cc: stable@freebsd.org cc: Rene Ladan Subject: Re: 5.4-STABLE panic X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Apr 2005 18:09:50 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-194530164-1112983826=:55142 Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: QUOTED-PRINTABLE On Fri, 8 Apr 2005, Doug White wrote: > On Fri, 8 Apr 2005, Rene Ladan wrote: > >> has anyone seen this panic yet? It appears to be LOR-related : > > This is a tough one since it occured while ddb was active. How did you= =20 > cause this? This occurs because the low level syscons output routines incorrectly call= =20 into KQ while in the debugger. I was sure I had fixed this, but maybe=20 it's fixed only in -CURRENT. If that's the case, it needs to be MFC'd --= =20 not because it's a source of stability problems when running normally, but= =20 because it makes debugging other bugs harder. In this case, the real bug= =20 is up in the trap entries. Looking at my local CVS checkout, I see that I actually didn't commit the= =20 fix to HEAD either :-(. The patch is attached below, and is largely=20 untested. Robert N M Watson >> file=3D0xc05f619e "/usr/src/sys/kern/kern_event.c", line=3D1453) >> at /usr/src/sys/kern/subr_witness.c:709 >> =09lock_list =3D (struct lock_list_entry **) 0xf00 >> =09lle =3D (struct lock_list_entry *) 0x20 >> =09lock1 =3D (struct lock_instance *) 0xc13df000 >> =09lock2 =3D (struct lock_instance *) 0x0 >> =09class =3D (struct lock_class *) 0xc062045c >> =09w =3D (struct witness *) 0xc0648808 >> =09w1 =3D (struct witness *) 0xc0686b28 >> =09td =3D (struct thread *) 0xc13df000 >> ---Type to continue, or q to quit--- >> =09i =3D -1067755093 >> =09j =3D -910530880 >> =09__func__ =3D "witness_checkorder" >> #4 0xc048a5fa in _mtx_lock_flags (m=3D0xc1580110, opts=3D0, >> file=3D0xc05f619e "/usr/src/sys/kern/kern_event.c", line=3D1453) >> at /usr/src/sys/kern/kern_mutex.c:271 >> No locals. >> #5 0xc0476d25 in knote (list=3D0xc1580098, hint=3D0, islocked=3D0) >> at /usr/src/sys/kern/kern_event.c:1453 >> =09kq =3D (struct kqueue *) 0xc1580038 >> =09kn =3D (struct knote *) 0xc1580000 >> #6 0xc04c934e in ttwwakeup (tp=3D0xc1580000) at /usr/src/sys/kern/tty.c= :2394 >> No locals. >> #7 0xc05ba441 in scstart (tp=3D0xc1580000) >> at /usr/src/sys/dev/syscons/syscons.c:1369 >> =09rbp =3D (struct clist *) 0xc1580038 >> =09len =3D 0 >> =09buf =3D "\fzi=C1\200\a\000\000\000p\000\000\000zi=C1lg=BA=C9b`[=C0\fz= i=C1\200\a\000\000 \000\000\000\000p\000\000BK\000 \\g=BA=C9:z[=C0=C0\235h= =C0\fzi=C1\000zi=C1\000\a\000\000\224g=BA=C9\225a[=C0\000zi=C1\200\a\000\00= 0 \000\000\000\000\a\000\000\000\000\000\000\000zi=C1\000zi=C1=C0\235h=C0= =FF=FFg=BA=C9\016=C2[=C0\000zi=C1\200\a\000\000\000\000\000" >> =09scp =3D (scr_stat *) 0xc1697a00 >> #8 0xc05bd825 in scgetc (sc=3D0xc0689dc0, flags=3D3) >> at /usr/src/sys/dev/syscons/syscons.c:3211 >> ---Type to continue, or q to quit--- >> =09scp =3D (scr_stat *) 0xc1697a00 >> =09tp =3D (struct tty *) 0x0 >> =09c =3D 6 >> =09this_scr =3D -910530592 >> =09f =3D 0 >> =09i =3D 0 >> #9 0xc05ba899 in sccngetch (flags=3D2) >> at /usr/src/sys/dev/syscons/syscons.c:1555 >> =09fkey =3D {str =3D "\033[A", '\0' , len =3D 3 '\003'= } >> =09fkeycp =3D 3 >> =09scp =3D (scr_stat *) 0xc1697a00 >> =09p =3D (u_char *) 0x0 >> =09cur_mode =3D 1 >> =09c =3D -1067204928 >> #10 0xc05ba6e2 in sccncheckc (cd=3D0xc0634480) >> at /usr/src/sys/dev/syscons/syscons.c:1478 >> No locals. >> #11 0xc04cbc98 in cncheckc () at /usr/src/sys/kern/tty_cons.c:567 >> =09cnd =3D (struct cn_device *) 0xc066c480 >> =09cn =3D (struct consdev *) 0x0 >> =09c =3D 0 >> #12 0xc04cbc45 in cngetc () at /usr/src/sys/kern/tty_cons.c:548 >> =09c =3D 0 >> #13 0xc042a535 in db_readline (lstart=3D0xc063bec0 "c\n", lsize=3D120) >> ---Type to continue, or q to quit--- >> at /usr/src/sys/ddb/db_input.c:324 >> No locals. >> #14 0xc042a67a in db_read_line () at /usr/src/sys/ddb/db_lex.c:55 >> =09i =3D 0 >> #15 0xc0428d91 in db_command_loop () at /usr/src/sys/ddb/db_command.c:45= 3 >> No locals. >> #16 0xc042aef5 in db_trap (type=3D3, code=3D0) at /usr/src/sys/ddb/db_ma= in.c:221 >> =09jb =3D {{_jb =3D {-910530388, -910530416, -910530336, -1052905472, 0, >> -1069371754, 0, 0, 0, 0, -910530336, -1068824416}}} >> =09prev_jb =3D (void *) 0x0 >> =09bkpt =3D 0 >> #17 0xc04b0927 in kdb_trap (type=3D0, code=3D0, tf=3D0xc9ba6940) >> at /usr/src/sys/kern/subr_kdb.c:418 >> =09handled =3D -910530240 >> #18 0xc05d8948 in trap (frame=3D >> {tf_fs =3D -1051983848, tf_es =3D 16, tf_ds =3D -910557168, tf_edi= =3D 9, tf_esi =3D -1051954588, tf_ebp =3D -910530168, tf_isp =3D -91053019= 6, tf_ebx =3D -1067007556, tf_edx =3D 1, tf_ecx =3D -1056878592, tf_eax =3D= 31, tf_trapno =3D 3, tf_err =3D 0, tf_eip =3D -1068825056, tf_cs =3D 8, tf= _eflags =3D 646, tf_esp =3D -1067470996, tf_ss =3D -1067540423}) at /usr/sr= c/sys/i386/i386/trap.c:576 >> =09td =3D (struct thread *) 0xc13df000 >> =09p =3D (struct proc *) 0xc13e61c4 >> =09sticks =3D 0 >> =09i =3D 0 >> ---Type to continue, or q to quit--- >> =09ucode =3D 0 >> =09type =3D 3 >> =09code =3D 0 >> =09eva =3D 0 >> #19 0xc05c7d2a in calltrap () at /usr/src/sys/i386/i386/exception.s:140 >> No locals. Index: syscons.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/dev/syscons/syscons.c,v retrieving revision 1.433 diff -u -r1.433 syscons.c --- syscons.c=0927 Feb 2005 21:16:11 -0000=091.433 +++ syscons.c=094 Mar 2005 19:07:02 -0000 @@ -1457,9 +1457,11 @@ =09 scp->status |=3D CURSOR_ENABLED; =09 sc_draw_cursor_image(scp); =09} -=09tp =3D VIRTUAL_TTY(scp->sc, scp->index); -=09if (ISTTYOPEN(tp)) -=09 scstart(tp); +=09if (debugger =3D=3D 0) { +=09 tp =3D VIRTUAL_TTY(scp->sc, scp->index); +=09 if (ISTTYOPEN(tp)) +=09=09scstart(tp); +=09} } #endif /* !SC_NO_HISTORY */ @@ -3216,9 +3218,11 @@ =09=09=09 scp->status |=3D CURSOR_ENABLED; =09=09=09 sc_draw_cursor_image(scp); =09=09=09} -=09=09=09tp =3D VIRTUAL_TTY(sc, scp->index); -=09=09=09if (ISTTYOPEN(tp)) -=09=09=09 scstart(tp); +=09=09=09if (debugger =3D=3D 0) { +=09=09=09 tp =3D VIRTUAL_TTY(sc, scp->index); +=09=09=09 if (ISTTYOPEN(tp)) +=09=09=09=09scstart(tp); +=09=09=09} #endif =09=09 } =09=09} @@ -3547,6 +3551,9 @@ scr_stat *scp =3D arg; struct tty *tp; + if (debugger) +=09return; + if (ISGRAPHSC(scp) || (scp->sc->blink_in_progress <=3D 1)) { =09scp->sc->blink_in_progress =3D 0; =09mark_all(scp); --0-194530164-1112983826=:55142--