Date: Sat, 10 Oct 2015 19:06:07 -0400 (EDT) From: Rick Macklem <rmacklem@uoguelph.ca> To: Christian Kratzer <ck@cksoft.de> Cc: John Baldwin <jhb@freebsd.org>, freebsd-stable@freebsd.org Subject: Re: smbfs crashes since approx. 10.1-RELEASE Message-ID: <358885214.31305796.1444518367048.JavaMail.zimbra@uoguelph.ca> In-Reply-To: <alpine.BSF.2.20.1510091107010.71292@noc1.cksoft.de> References: <alpine.BSF.2.20.1510051157450.16263@noc1.cksoft.de> <2148690.gx9M0ZzrG1@ralph.baldwin.cx> <alpine.BSF.2.20.1510070844030.16263@noc1.cksoft.de> <3563189.eDHDcCgW5L@ralph.baldwin.cx> <alpine.BSF.2.20.1510091107010.71292@noc1.cksoft.de>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
Hi again,
Attached is a semantically equivalent patch to the one I posted a few
minutes ago, but I think this one is more readable.
Please let me know if you get it tested, rick
----- Original Message -----
> Hi John,
>
> the box crashed again running a 10-stable kernel with following patch of
> yours:
>
> On Wed, 7 Oct 2015, John Baldwin wrote:
> > Index: smb_iod.c
> > ===================================================================
> > --- smb_iod.c (revision 288952)
> > +++ smb_iod.c (working copy)
> > @@ -624,6 +624,13 @@
> > SMB_IOD_EVUNLOCK(iod);
> > } else
> > free(evp, M_SMBIOD);
> > + if (iod->iod_flags & SMBIOD_SHUTDOWN) {
> > + if (!STAILQ_EMPTY(&iod->iod_evlist))
> > + printf("%s: shutdown with pending
> > events\n",
> > + __func__);
> > + }
> > + return;
> > + }
> > }
> > #if 0
> > if (iod->iod_state == SMBIOD_ST_VCACTIVE) {
> >
>
> here is what I got on the kvm console:
>
> login: panic: Assertion mtx_unowned(m) failed at
> /usr/src/sys/kern/kern_mutex.c:955^M
> cpuid = 1^M
> KDB: stack backtrace:^M
> #0 0xffffffff80975bb0 at kdb_backtrace+0x60^M
> #1 0xffffffff8093baa6 at vpanic+0x126^M
> #2 0xffffffff8093b979 at kassert_panic+0x139^M
> #3 0xffffffff80921c47 at _mtx_destroy+0x77^M
> #4 0xffffffff81a1c114 at smb_iod_destroy+0xc4^M
> #5 0xffffffff81a12eea at smb_vc_free+0x1a^M
> #6 0xffffffff81a13e24 at sdp_trydestroy+0xb4^M
> #7 0xffffffff81a1cb36 at smbfs_unmount+0xd6^M
> #8 0xffffffff809d9e84 at dounmount+0x524^M
> #9 0xffffffff809d9936 at sys_unmount+0x3c6^M
> #10 0xffffffff80d42235 at amd64_syscall+0x265^M
> #11 0xffffffff80d25cfb at Xfast_syscall+0xfb^M
> Uptime: 19h48m28s^M
> Dumping 179 out of 999
> MB:..9%..18%..27%..36%..45%..54%..63%..72%..81%..98%^M
> Dump complete^M
> Automatic reboot in 15 seconds - press a key on the console to abort^M
>
> heres the crashinfo:
>
> panic: Assertion mtx_unowned(m) failed at
> /usr/src/sys/kern/kern_mutex.c:955
>
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you
> are
> welcome to change it and/or distribute copies of it under certain
> conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for
> details.
> This GDB was configured as "amd64-marcel-freebsd"...
>
> Unread portion of the kernel message buffer:
> panic: Assertion mtx_unowned(m) failed at
> /usr/src/sys/kern/kern_mutex.c:955
> cpuid = 1
> KDB: stack backtrace:
> #0 0xffffffff80975bb0 at kdb_backtrace+0x60
> #1 0xffffffff8093baa6 at vpanic+0x126
> #2 0xffffffff8093b979 at kassert_panic+0x139
> #3 0xffffffff80921c47 at _mtx_destroy+0x77
> #4 0xffffffff81a1c114 at smb_iod_destroy+0xc4
> #5 0xffffffff81a12eea at smb_vc_free+0x1a
> #6 0xffffffff81a13e24 at sdp_trydestroy+0xb4
> #7 0xffffffff81a1cb36 at smbfs_unmount+0xd6
> #8 0xffffffff809d9e84 at dounmount+0x524
> #9 0xffffffff809d9936 at sys_unmount+0x3c6
> #10 0xffffffff80d42235 at amd64_syscall+0x265
> #11 0xffffffff80d25cfb at Xfast_syscall+0xfb
> Uptime: 19h48m28s
> Dumping 179 out of 999
> MB:..9%..18%..27%..36%..45%..54%..63%..72%..81%..98%
>
> Reading symbols from /boot/kernel/smbfs.ko.symbols...done.
> Loaded symbols for /boot/kernel/smbfs.ko.symbols
> Reading symbols from /boot/kernel/libiconv.ko.symbols...done.
> Loaded symbols for /boot/kernel/libiconv.ko.symbols
> Reading symbols from /boot/kernel/libmchain.ko.symbols...done.
> Loaded symbols for /boot/kernel/libmchain.ko.symbols
> #0 doadump (textdump=<value optimized out>) at pcpu.h:219
> 219 pcpu.h: No such file or directory.
> in pcpu.h
> (kgdb) #0 doadump (textdump=<value optimized out>) at pcpu.h:219
> #1 0xffffffff8093b5f2 in kern_reboot (howto=260)
> at /usr/src/sys/kern/kern_shutdown.c:451
> #2 0xffffffff8093bae5 in vpanic (fmt=<value optimized out>,
> ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:758
> #3 0xffffffff8093b979 in kassert_panic (fmt=<value optimized out>)
> at /usr/src/sys/kern/kern_shutdown.c:646
> #4 0xffffffff80921c47 in _mtx_destroy (c=0xfffff80009284690)
> at /usr/src/sys/kern/kern_mutex.c:955
> #5 0xffffffff81a1c114 in smb_iod_destroy (iod=0xfffff80009284600)
> at /usr/src/sys/modules/smbfs/../../netsmb/smb_iod.c:706
> #6 0xffffffff81a12eea in smb_vc_free (cp=0xfffff8003a602a00)
> at /usr/src/sys/modules/smbfs/../../netsmb/smb_conn.c:499
> #7 0xffffffff81a13e24 in sdp_trydestroy (sdp=0xfffff8000a7cbc80)
> at /usr/src/sys/modules/smbfs/../../netsmb/smb_dev.c:166
> #8 0xffffffff81a1cb36 in smbfs_unmount (mp=0xfffff80039f88330,
> mntflags=<value optimized out>)
> at /usr/src/sys/modules/smbfs/../../fs/smbfs/smbfs_vfsops.c:297
> #9 0xffffffff809d9e84 in dounmount (mp=0xfffff80039f88330,
> flags=134217728,
> td=0xfffff8000f2b0000) at /usr/src/sys/kern/vfs_mount.c:1313
> #10 0xffffffff809d9936 in sys_unmount (td=0xfffff8000f2b0000,
> uap=0xfffffe003d67fb80) at /usr/src/sys/kern/vfs_mount.c:1205
> #11 0xffffffff80d42235 in amd64_syscall (td=0xfffff8000f2b0000,
> traced=0)
> at subr_syscall.c:134
> #12 0xffffffff80d25cfb in Xfast_syscall ()
> at /usr/src/sys/amd64/amd64/exception.S:396
> #13 0x000000080089190a in ?? ()
> Previous frame inner to this frame (corrupt stack?)
> Current language: auto; currently minimal
> (kgdb)
>
>
> I have kgdb710 from ports setup in case you need me to check something.
>
> Greetings
> Christian
>
> --
> Christian Kratzer CK Software GmbH
> Email: ck@cksoft.de Wildberger Weg 24/2
> Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
> Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
> Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
> Web: http://www.cksoft.de/
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
>
[-- Attachment #2 --]
--- smb_iod.c.orig 2015-10-10 18:53:34.000000000 -0400
+++ smb_iod.c 2015-10-10 18:58:54.000000000 -0400
@@ -619,6 +619,32 @@ smb_iod_main(struct smbiod *iod)
break;
}
if (evp->ev_type & SMBIOD_EV_SYNC) {
+ if (evp->ev_type & SMBIOD_EV_SHUTDOWN) {
+ smb_iod_sendall(iod);
+ smb_iod_recvall(iod);
+ SMB_IOD_EVLOCK(iod);
+ if (!STAILQ_EMPTY(&iod->iod_evlist)) {
+ /*
+ * If this printf occurs, the code here
+ * should be modified to do a loop
+ * free()ing all the entries still
+ * in the STAILQ.
+ */
+ printf("%s: shutdown with pending"
+ " events\n", __func__);
+ }
+ /*
+ * For the SMBIOD_EV_SHUTDOWN case, everything
+ * else should be performed before this point,
+ * since smb_iod_destroy() is able to proceed to
+ * destroy the mutexes and the *evp structure
+ * once the wakeup()/SMB_IOD_EVUNLOCK() is
+ * performed.
+ */
+ wakeup(evp);
+ SMB_IOD_EVUNLOCK(iod);
+ return;
+ }
SMB_IOD_EVLOCK(iod);
wakeup(evp);
SMB_IOD_EVUNLOCK(iod);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?358885214.31305796.1444518367048.JavaMail.zimbra>