Re: HEADS UP/STATUS: network locking

From: Wiktor Niesiobedzki <w_at_evip.pl>
Date: Wed, 17 Sep 2003 16:00:09 +0200
On Tue, Sep 16, 2003 at 09:29:07AM -0700, Sam Leffler wrote:
> 
> Please send me your kernel config and tell me again exactly what fails.  I
> will try to reproduce your problem.
> 
> 	Sam
After your yesterday/today commits, I got panic while doing netstat -an. On
the kernel from about two days ago, with manually added patches, the netstat
command render system unusable (with netstat process in LOCK state, or, in
other cases - (swi8: tty:sio clock) process in LOCK state). System has:
dc0: <3Com OfficeConnect 10/100B> port 0xe400-0xe4ff mem 0xe9000000-0xe90003ff
irq 10 at device 18.0 on pci0
rl0: <RealTek 8139 10/100BaseTX> port 0xe800-0xe8ff mem 0xe9001000-0xe90010ff
irq 12 at device 19.0 on pci0

It acts as a home router to my DSL line (over PPPoE).

If there's any other information I may provide, please let me know.

Kernel config attached

Cheers,

Wiktor Niesiobędzki

panic: page fault
panic messages:
---
Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x24
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc018a11b
stack pointer           = 0x10:0xcebaeae4
frame pointer           = 0x10:0xcebaeaf8
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 2914 (sshd)
trap number             = 12
panic: page fault

syncing disks, buffers remaining... 2236 2236

Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x24
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc018a11b
stack pointer           = 0x10:0xcd751c88
frame pointer           = 0x10:0xcd751c9c
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 23 (irq12: rl0)
trap number             = 12
panic: page fault
Uptime: 1h59m32s
Dumping 256 MB
 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240

(kgdb) bt
#0  doadump () at /usr/src/sys/kern/kern_shutdown.c:240
#1  0xc0194ef0 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:372
#2  0xc01952d8 in panic () at /usr/src/sys/kern/kern_shutdown.c:550
#3  0xc02a9e56 in trap_fatal (frame=0xcd751c48, eva=0) at /usr/src/sys/i386/i386/trap.c:818
#4  0xc02a9493 in trap (frame=
      {tf_fs = -1072037864, tf_es = 16, tf_ds = -847970288, tf_edi = 4, tf_esi = 16, tf_ebp = -847962980, tf_isp = -847963020, tf_ebx = 0, tf_edx = -1070828335, tf_ecx = -1030343792, tf_eax = 16, tf_trapno = 12, tf_err = 0, tf_eip = -1072127717, tf_cs = 8, tf_eflags = 66195, tf_esp = 1242790725, tf_ss = 66572650}) at /usr/src/sys/i386/i386/trap.c:251
#5  0xc02997a8 in calltrap () at {standard input}:102
#6  0xc018a559 in _mtx_lock_sleep (m=0x10, opts=0, file=0x0, line=0) at /usr/src/sys/kern/kern_mutex.c:635
#7  0xc017f014 in ithread_loop (arg=0xc0eac600) at /usr/src/sys/kern/kern_intr.c:533
#8  0xc017dcc1 in fork_exit (callout=0xc017ee50 <ithread_loop>, arg=0x0, frame=0x0) at /usr/src/sys/kern/kern_fork.c:796

(kgdb) fr 6
#6  0xc018a559 in _mtx_lock_sleep (m=0x10, opts=0, file=0x0, line=0) at /usr/src/sys/kern/kern_mutex.c:635
635                     propagate_priority(td);
(kgdb) l 635
630                      * Save who we're blocked on.
631                      */
632                     td->td_blocked = m;
633                     td->td_lockname = m->mtx_object.lo_name;
634                     TD_SET_LOCK(td);
635                     propagate_priority(td);
636
637                     if (LOCK_LOG_TEST(&m->mtx_object, opts))
638                             CTR3(KTR_LOCK,
639                                 "_mtx_lock_sleep: p %p blocked on [%p] %s", td, m,
(kgdb) fr 4
#4  0xc02a9493 in trap (frame=
      {tf_fs = -1072037864, tf_es = 16, tf_ds = -847970288, tf_edi = 4, tf_esi = 16, tf_ebp = -847962980, tf_isp = -847963020, tf_ebx = 0, tf_edx = -1070828335, tf_ecx = -1030343792, tf_eax = 16, tf_trapno = 12, tf_err = 0, tf_eip = -1072127717, tf_cs = 8, tf_eflags = 66195, tf_esp = 1242790725, tf_ss = 66572650}) at /usr/src/sys/i386/i386/trap.c:251
251                             trap_fatal(&frame, eva);
(kgdb) p/x frame.tf_eip
$1 = 0xc018a11b
(kgdb) disass 0xc018a11b
Dump of assembler code for function propagate_priority:
0xc018a090 <propagate_priority>:        push   %ebp
0xc018a091 <propagate_priority+1>:      mov    %esp,%ebp
0xc018a093 <propagate_priority+3>:      push   %edi
0xc018a094 <propagate_priority+4>:      push   %esi
0xc018a095 <propagate_priority+5>:      push   %ebx
0xc018a096 <propagate_priority+6>:      sub    $0x8,%esp
0xc018a099 <propagate_priority+9>:      mov    0x8(%ebp),%ecx
0xc018a09c <propagate_priority+12>:     movzbl 0xdd(%ecx),%esi
0xc018a0a3 <propagate_priority+19>:     mov    0x5c(%ecx),%ebx
0xc018a0a6 <propagate_priority+22>:     lea    0x0(%esi),%esi
0xc018a0a9 <propagate_priority+25>:     lea    0x0(%edi,1),%edi
0xc018a0b0 <propagate_priority+32>:     mov    0x1c(%ebx),%eax
0xc018a0b3 <propagate_priority+35>:     mov    $0x0,%ecx
0xc018a0b8 <propagate_priority+40>:     cmp    $0x4,%eax
0xc018a0bb <propagate_priority+43>:     je     0xc018a0c5 <propagate_priority+53>
0xc018a0bd <propagate_priority+45>:     mov    0x1c(%ebx),%eax
0xc018a0c0 <propagate_priority+48>:     mov    %eax,%ecx
0xc018a0c2 <propagate_priority+50>:     and    $0xfffffffc,%ecx
0xc018a0c5 <propagate_priority+53>:     test   %ecx,%ecx
0xc018a0c7 <propagate_priority+55>:     je     0xc018a18b <propagate_priority+251>
0xc018a0cd <propagate_priority+61>:     movzbl 0xdd(%ecx),%eax
0xc018a0d4 <propagate_priority+68>:     cmp    %esi,%eax
0xc018a0d6 <propagate_priority+70>:     jle    0xc018a18b <propagate_priority+251>
0xc018a0dc <propagate_priority+76>:     cmpl   $0x4,0xe4(%ecx)
0xc018a0e3 <propagate_priority+83>:     jne    0xc018a0f2 <propagate_priority+98>
0xc018a0e5 <propagate_priority+85>:     mov    %esi,%eax
0xc018a0e7 <propagate_priority+87>:     mov    %al,0xdd(%ecx)
0xc018a0ed <propagate_priority+93>:     jmp    0xc018a18b <propagate_priority+251>
0xc018a0f2 <propagate_priority+98>:     cmpl   $0x3,0xe4(%ecx)
0xc018a0f9 <propagate_priority+105>:    jne    0xc018a110 <propagate_priority+128>
0xc018a0fb <propagate_priority+107>:    mov    %esi,%edx
0xc018a0fd <propagate_priority+109>:    movzbl %dl,%eax
0xc018a100 <propagate_priority+112>:    mov    %eax,0x4(%esp,1)
0xc018a104 <propagate_priority+116>:    mov    %ecx,(%esp,1)
0xc018a107 <propagate_priority+119>:    call   0xc01ab810 <sched_prio>
0xc018a10c <propagate_priority+124>:    jmp    0xc018a18b <propagate_priority+251>
0xc018a10e <propagate_priority+126>:    mov    %esi,%esi
0xc018a110 <propagate_priority+128>:    mov    %esi,%eax
0xc018a112 <propagate_priority+130>:    mov    %al,0xdd(%ecx)
0xc018a118 <propagate_priority+136>:    mov    0x5c(%ecx),%ebx
0xc018a11b <propagate_priority+139>:    cmp    0x24(%ebx),%ecx
0xc018a11e <propagate_priority+142>:    je     0xc018a0b0 <propagate_priority+32>
0xc018a120 <propagate_priority+144>:    mov    0x24(%ecx),%edi
0xc018a123 <propagate_priority+147>:    mov    0x4(%edi),%eax
0xc018a126 <propagate_priority+150>:    mov    (%eax),%edx
0xc018a128 <propagate_priority+152>:    movzbl 0xdd(%edx),%eax
0xc018a12f <propagate_priority+159>:    cmp    %esi,%eax
0xc018a131 <propagate_priority+161>:    jle    0xc018a0b0 <propagate_priority+32>
0xc018a137 <propagate_priority+167>:    cmpl   $0x0,0x20(%ecx)
---Type <return> to continue, or q <return> to quit---
18a13b <propagate_priority+171>:    je     0xc018a145 <propagate_priority+181>
0xc018a13d <propagate_priority+173>:    mov    0x20(%ecx),%eax
0xc018a140 <propagate_priority+176>:    mov    %edi,0x24(%eax)
0xc018a143 <propagate_priority+179>:    jmp    0xc018a14b <propagate_priority+187>
0xc018a145 <propagate_priority+181>:    mov    0x24(%ecx),%eax
0xc018a148 <propagate_priority+184>:    mov    %eax,0x28(%ebx)
0xc018a14b <propagate_priority+187>:    mov    0x24(%ecx),%edx
0xc018a14e <propagate_priority+190>:    mov    0x20(%ecx),%eax
0xc018a151 <propagate_priority+193>:    mov    %eax,(%edx)
0xc018a153 <propagate_priority+195>:    mov    0x24(%ebx),%edx
0xc018a156 <propagate_priority+198>:    test   %edx,%edx
0xc018a158 <propagate_priority+200>:    je     0xc018a172 <propagate_priority+226>
0xc018a15a <propagate_priority+202>:    lea    0x0(%esi),%esi
0xc018a160 <propagate_priority+208>:    movzbl 0xdd(%edx),%eax
0xc018a167 <propagate_priority+215>:    cmp    %esi,%eax
0xc018a169 <propagate_priority+217>:    jg     0xc018a172 <propagate_priority+226>
0xc018a16b <propagate_priority+219>:    mov    0x20(%edx),%edx
0xc018a16e <propagate_priority+222>:    test   %edx,%edx
0xc018a170 <propagate_priority+224>:    jne    0xc018a160 <propagate_priority+208>
0xc018a172 <propagate_priority+226>:    mov    0x24(%edx),%eax
0xc018a175 <propagate_priority+229>:    mov    %eax,0x24(%ecx)
0xc018a178 <propagate_priority+232>:    mov    %edx,0x20(%ecx)
0xc018a17b <propagate_priority+235>:    mov    0x24(%edx),%eax
0xc018a17e <propagate_priority+238>:    mov    %ecx,(%eax)
0xc018a180 <propagate_priority+240>:    lea    0x20(%ecx),%eax
0xc018a183 <propagate_priority+243>:    mov    %eax,0x24(%edx)
0xc018a186 <propagate_priority+246>:    jmp    0xc018a0b0 <propagate_priority+32>
0xc018a18b <propagate_priority+251>:    add    $0x8,%esp
0xc018a18e <propagate_priority+254>:    pop    %ebx
0xc018a18f <propagate_priority+255>:    pop    %esi
0xc018a190 <propagate_priority+256>:    pop    %edi
0xc018a191 <propagate_priority+257>:    pop    %ebp
0xc018a192 <propagate_priority+258>:    ret
End of assembler dump.
Received on Wed Sep 17 2003 - 05:00:18 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:22 UTC