I may just have committed the fix for this a few minutes ago. See the patch in the e-mail I just posted for the committed change. I'll look in detail at the details below tomorrow morning. Thanks Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert_at_fledge.watson.org Principal Research Scientist, McAfee Research On Mon, 18 Oct 2004, Pawel Worach wrote: > Got this panic when a ssh client disconnected/died. > > 6.0-CURRENT Sun Oct 17 05:46:04 MEST 2004, UP, debug.mpsafenet=1 > dump+kernel.debug is still avail. if more info needed. > > ps. Why is the thread NULL in frame #28 and #27 ? > > -- sh game -- > # ident /boot/kernel/kernel.debug |grep uipc_socket > $FreeBSD: src/sys/kern/uipc_socket.c,v 1.213 2004/10/11 08:11:26 > rwatson Exp $ > $FreeBSD: src/sys/kern/uipc_socket2.c,v 1.137 2004/08/15 06:24:41 > jmg Exp $ > # ll /boot/kernel/kernel.debug > -rwxr-xr-x 1 root wheel 11385263 Oct 17 07:18 /boot/kernel/kernel.debug > > -- ddb game -- > db> tr > kdb_enter(c066f892,c06b9600,c066d845,ca219b18,c1195000) at kdb_enter+0x30 > panic(c066d845,c06af540,c133ee70,0,c0fe5900) at panic+0xd5 > soclose(c1304dec,ca219b5c,c048a9c0,c0c44840,c1278880) at soclose+0x39c > soo_close(c1278dd0,c0fe5900,0,c133ee70,c1278dd0) at soo_close+0x7d > fdrop_locked(c1278dd0,c0fe5900,c12f6500,c0fe5900,c133ed68) at > fdrop_locked+0xf0 > fdrop(c1278dd0,c0fe5900,c052c186,c06b8160,0,0,0,0,c133ed68,c0fe5900,c12f6500,2,0,0,0,c0c45e60,ffff01b6,c12787b4,0,c12787b4,ca219c0c) > at fdrop+0x5f > closef(c1278dd0,c0fe5900,c12787b4,c0fe5900,c051de0b) at closef+0x2b2 > fdfree(c0fe5900,c0691200,2,c04c8ae0,c0fe5900) at fdfree+0x486 > exit1(c0fe5900,ff00,ca219d40,c0652e00,c0fe5900) at exit1+0x64c > sys_exit(c0fe5900,ca219d14,4,ca219d3c,c04db206) at sys_exit+0x1d > syscall(2f,2f,2f,bfbfe560,ffffffff) at syscall+0x330 > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (1, FreeBSD ELF32, sys_exit), eip = 0x2830a1bb, esp = > 0xbfbfe4dc, ebp = 0xbfbfe4e8 --- > db> ps > pid proc uarea uid ppid pgrp flag stat wmesg wchan cmd > 2086 c1257600 cabbe000 1001 2085 2086 0004002 [SLPQ ttyin > 0xc1102010][SLP] tcsh > 2085 c12d1c00 cac25000 1001 2083 2083 0000100 [SLPQ select > 0xc06bd1e4][SLP] sshd > 2083 c135ae00 cac55000 0 436 2083 0000100 [SLPQ sbwait > 0xc1304d40][SLP] sshd > 1545 c135a000 cab69000 1001 1 1545 0004002 [RUNQ] tcsh > 1542 c115b200 ca492000 0 436 1542 0002100 [CPU 0] sshd > 523 c1257800 cabbf000 0 1 523 0004002 [SLPQ ttyin > 0xc10c9810][SLP] getty > 522 c1257e00 cabc2000 0 1 522 0004002 [SLPQ ttyin > 0xc10c5410][SLP] getty > 517 c1256e00 cab7e000 0 1 517 0000000 [SLPQ select > 0xc06bd1e4][SLP] inetd > 486 c1257a00 cabc0000 1002 1 486 0000100 [SLPQ select > 0xc06bd1e4][SLP] dhcpd > 457 c12d1600 cac22000 0 1 457 0000000 [SLPQ nanslp > 0xc06b9c0c][SLP] cron > 445 c1257c00 cabc1000 25 1 445 0000100 [SLPQ pause > 0xc1257c38][SLP] sendmail > 441 c12d1400 cac21000 0 1 441 0000100 [SLPQ select > 0xc06bd1e4][SLP] sendmail > 436 c12d1000 cac01000 0 1 436 0000100 [SLPQ select > 0xc06bd1e4][SLP] sshd > 421 c12cf400 cabee000 0 1 421 0000000 [SLPQ select > 0xc06bd1e4][SLP] ntpd > 407 c12cfa00 cabfe000 0 1 407 0000000 [SLPQ select > 0xc06bd1e4][SLP] lpd > 369 c1257200 cab80000 64 365 365 0000100 [SLPQ bpf > 0xc11b1d00][SLP] pflogd > 365 c1041a00 ca256000 0 1 365 0000000 [SLPQ sbwait > 0xc1274320][SLP] pflogd > 360 c1041800 ca255000 0 353 353 0000100 [SLPQ select > 0xc06bd1e4][SLP] rpc.lockd > 353 c1257400 cabbd000 0 1 353 0000000 [SLPQ select > 0xc06bd1e4][SLP] rpc.lockd > 348 c1041400 ca253000 0 1 348 0000000 [SLPQ select > 0xc06bd1e4][SLP] rpc.statd > 343 c115be00 ca4d4000 0 334 334 0000000 [SLPQ - > 0xc11aec00][SLP] nfsd > 342 c1256000 cab67000 0 334 334 0000000 [SLPQ - > 0xc11aee00][SLP] nfsd > 341 c1256200 cab78000 0 334 334 0000000 [SLPQ - > 0xc1254000][SLP] nfsd > 340 c1256400 cab79000 0 334 334 0000000 [SLPQ - > 0xc1254200][SLP] nfsd > 339 c1256600 cab7a000 0 334 334 0000000 [SLPQ - > 0xc1254400][SLP] nfsd > 338 c1256800 cab7b000 0 334 334 0000000 [SLPQ - > 0xc1254600][SLP] nfsd > 337 c1256a00 cab7c000 0 334 334 0000000 [SLPQ - > 0xc1254800][SLP] nfsd > 336 c1256c00 cab7d000 0 334 334 0000000 [SLPQ - > 0xc1254a00][SLP] nfsd > 334 c1257000 cab7f000 0 1 334 0000000 [SLPQ select > 0xc06bd1e4][SLP] nfsd > 325 c115b000 ca491000 0 1 325 0000000 [SLPQ select > 0xc06bd1e4][SLP] mountd > 273 c1041e00 ca258000 0 1 273 0000000 [SLPQ select > 0xc06bd1e4][SLP] rpcbind > 254 c1041600 ca254000 0 1 254 0000000 [SLPQ select > 0xc06bd1e4][SLP] syslogd > 234 c1041c00 ca257000 0 1 234 0000000 [SLPQ select > 0xc06bd1e4][SLP] devd > 47 c115b400 ca493000 0 0 0 0000204 [SLPQ - > 0xca4c0d08][SLP] schedcpu > 46 c115b600 ca4d0000 0 0 0 0000204 [SLPQ - > 0xc06c46cc][SLP] nfsiod 3 > 45 c115b800 ca4d1000 0 0 0 0000204 [SLPQ - > 0xc06c46c8][SLP] nfsiod 2 > 44 c115ba00 ca4d2000 0 0 0 0000204 [SLPQ - > 0xc06c46c4][SLP] nfsiod 1 > 43 c115bc00 ca4d3000 0 0 0 0000204 [SLPQ - > 0xc06c46c0][SLP] nfsiod 0 > 42 c0ff4c00 ca229000 0 0 0 0000204 [SLPQ syncer > 0xc06b998c][SLP] syncer > 41 c0ff4e00 ca22a000 0 0 0 0000204 [SLPQ vlruwt > 0xc0ff4e00][SLP] vnlru > 40 c103e000 ca22b000 0 0 0 0000204 [SLPQ psleep > 0xc06bd7ac][SLP] bufdaemon > 39 c103e200 ca22c000 0 0 0 000020c [SLPQ pgzero > 0xc06caf10][SLP] pagezero > 38 c103e400 ca22d000 0 0 0 0000204 [SLPQ psleep > 0xc06caf64][SLP] vmdaemon > 37 c103e600 ca22e000 0 0 0 0000204 [SLPQ psleep > 0xc06caf20][SLP] pagedaemon > 36 c103e800 ca22f000 0 0 0 0000204 [RUNQ] swi0: sio > 35 c103ea00 ca24e000 0 0 0 0000204 [SLPQ - > 0xc103d63c][SLP] fdc0 > 9 c103ec00 ca24f000 0 0 0 0000204 [SLPQ actask > 0xc079fa2c][SLP] acpi_task2 > 8 c103ee00 ca250000 0 0 0 0000204 [SLPQ actask > 0xc079fa2c][SLP] acpi_task1 > 7 c1041000 ca251000 0 0 0 0000204 [SLPQ actask > 0xc079fa2c][SLP] acpi_task0 > 34 c1041200 ca252000 0 0 0 0000204 [IWAIT] swi6: task queue > 6 c0fe4600 ca200000 0 0 0 0000204 [SLPQ - > 0xc103c300][SLP] kqueue taskq > 33 c0fe4800 ca201000 0 0 0 0000204 [IWAIT] swi5:+ > 32 c0fe4a00 ca202000 0 0 0 0000204 [IWAIT] swi6: acpitaskq > 5 c0fe4c00 ca203000 0 0 0 0000204 [SLPQ - > 0xc103c440][SLP] thread taskq > 31 c0fe4e00 ca204000 0 0 0 0000204 [IWAIT] swi6:+ > 30 c0ff4000 ca223000 0 0 0 0000204 [SLPQ - > 0xc06b1ae0][SLP] yarrow > 4 c0ff4200 ca224000 0 0 0 0000204 [SLPQ - > 0xc06b4528][SLP] g_down > 3 c0ff4400 ca225000 0 0 0 0000204 [SLPQ - > 0xc06b4524][SLP] g_up > 2 c0ff4600 ca226000 0 0 0 0000204 [SLPQ - > 0xc06b451c][SLP] g_event > 29 c0ff4800 ca227000 0 0 0 0000204 [IWAIT] swi1: net > 28 c0ff4a00 ca228000 0 0 0 0000204 [IWAIT] swi3: vm > 27 c0fc6200 c99ee000 0 0 0 000020c [RUNQ] swi4: clock sio > 26 c0fc6400 c99ef000 0 0 0 0000204 [IWAIT] irq15: ata1 > 25 c0fc6600 c99f0000 0 0 0 0000204 [IWAIT] irq14: ata0 > 24 c0fc6800 c9a0f000 0 0 0 0000204 [IWAIT] irq13: > 23 c0fc6a00 c9a10000 0 0 0 0000204 [IWAIT] irq12: > 22 c0fc6c00 c9a11000 0 0 0 0000204 [IWAIT] irq11: fxp0 > 21 c0fc6e00 c9a12000 0 0 0 0000204 [IWAIT] irq10: > 20 c0fe4000 ca1fd000 0 0 0 0000204 [IWAIT] irq9: xl0 acpi0 > 19 c0fe4200 ca1fe000 0 0 0 0000204 [IWAIT] irq8: rtc > 18 c0fe4400 ca1ff000 0 0 0 0000204 [IWAIT] irq7: > 17 c0fbf000 c99a9000 0 0 0 0000204 [IWAIT] irq6: fdc0 > 16 c0fbf200 c99e6000 0 0 0 0000204 [IWAIT] irq5: > 15 c0fbf400 c99e7000 0 0 0 0000204 [IWAIT] irq4: sio0 > 14 c0fbf600 c99e8000 0 0 0 0000204 [IWAIT] irq3: sio1 > 13 c0fbf800 c99e9000 0 0 0 0000204 [IWAIT] irq1: atkbd0 > 12 c0fbfa00 c99ea000 0 0 0 0000204 [IWAIT] irq0: clk > 11 c0fbfc00 c99eb000 0 0 0 000020c [Can run] idle > 1 c0fbfe00 c99ec000 0 0 1 0004200 [SLPQ wait > 0xc0fbfe00][SLP] init > 10 c0fc6000 c99ed000 0 0 0 0000204 [SLPQ ktrace > 0xc06b7bb8][SLP] ktrace > 0 c06b4620 c081f000 0 0 0 0000200 [SLPQ sched > 0xc06b4620][SLP] swapper > 1544 c12d1e00 cac26000 1001 1542 1542 0002100 zomb[INACTIVE] sshd > db> panic > panic: from debugger > Uptime: 12h11m42s > Dumping 191 MB > 16 32 48 64 80 96 112 128 144 160 176 > Dump complete > Automatic reboot in 15 seconds - press a key on the console to abort > > -- kgdb game -- > (kgdb) bt > #22 0x00000000 in ?? () > #23 0xc04d1fa0 in kdb_enter (msg=0x0) at cpufunc.h:56 > #24 0xc04b4715 in panic (fmt=0xc066d845 "sorele") at > /usr/src/sys/kern/kern_shutdown.c:525 > #25 0xc04f86dc in soclose (so=0xc1304dec) at > /usr/src/sys/kern/uipc_socket.c:473 > #26 0xc04e51ed in soo_close (fp=0xc1278dd0, td=0xc0fe5900) at > /usr/src/sys/kern/sys_socket.c:275 > #27 0xc048d6d0 in fdrop_locked (fp=0xc1278dd0, td=0x0) at file.h:289 > #28 0xc048bf4f in fdrop (fp=0xc1278dd0, td=0x0) at > /usr/src/sys/kern/kern_descrip.c:1897 > #29 0xc048bee2 in closef (fp=0xc1278dd0, td=0xc0fe5900) at > /usr/src/sys/kern/kern_descrip.c:1883 > #30 0xc048b496 in fdfree (td=0xc0fe5900) at > /usr/src/sys/kern/kern_descrip.c:1610 > #31 0xc049556c in exit1 (td=0xc0fe5900, rv=65280) at > /usr/src/sys/kern/kern_exit.c:237 > #32 0xc0494f1d in sys_exit (td=0x0, uap=0x0) at > /usr/src/sys/kern/kern_exit.c:94 > #33 0xc0652e00 in syscall (frame= > {tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = -1077942944, tf_esi > = -1, tf_ebp = -1077943064, tf_isp = -903766668, tf_ebx = 671987736, > tf_edx = 134703100, tf_ecx = 0, tf_eax = 1, tf_trapno = 12, tf_err = 2, > tf_eip = 674275771, tf_cs = 31, tf_eflags = 646, tf_esp = -1077943076, > tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:1001 > #34 0xc0642dff in Xint0x80_syscall () at > /usr/src/sys/i386/i386/exception.s:201 > #35 0x0000002f in ?? () > (kgdb) frame 25 > #25 0xc04f86dc in soclose (so=0xc1304dec) at > /usr/src/sys/kern/uipc_socket.c:473 > 473 sorele(so); > (kgdb) list > 468 } > 469 discard: > 470 SOCK_LOCK(so); > 471 KASSERT((so->so_state & SS_NOFDREF) == 0, ("soclose: > NOFDREF")); > 472 so->so_state |= SS_NOFDREF; > 473 sorele(so); > 474 return (error); > 475 } > 476 > 477 /* > (kgdb) print *so > $1 = {so_count = 0, so_type = 1, so_options = 0, so_linger = 0, so_state > = 8193, so_qstate = 0, so_pcb = 0x0, so_proto = 0xc0698ce0, > so_head = 0x0, so_incomp = {tqh_first = 0x0, tqh_last = 0xc1304e08}, > so_comp = {tqh_first = 0x0, tqh_last = 0xc1304e10}, so_list = { > tqe_next = 0x0, tqe_prev = 0x0}, so_qlen = 0, so_incqlen = 0, > so_qlimit = 0, so_timeo = 0, so_error = 0, so_sigio = 0x0, so_oobmark = 0, > so_aiojobq = {tqh_first = 0x0, tqh_last = 0xc1304e34}, so_rcv = > {sb_sel = {si_thrlist = {tqe_next = 0x0, tqe_prev = 0x0}, si_thread = 0x0, > si_note = {kl_lock = 0x0, kl_list = {slh_first = 0x0}}, si_flags > = 0}, sb_mtx = {mtx_object = {lo_class = 0xc06938dc, > lo_name = 0xc067264c "so_rcv", lo_type = 0xc067264c "so_rcv", > lo_flags = 131072, lo_list = {tqe_next = 0x0, tqe_prev = 0x0}, > lo_witness = 0x0}, mtx_lock = 3237894400, mtx_recurse = 0}, > sb_mb = 0x0, sb_mbtail = 0x0, sb_lastrecord = 0x0, sb_cc = 0, > sb_hiwat = 0, sb_mbcnt = 0, sb_mbmax = 0, sb_ctl = 0, sb_lowat = 0, > sb_timeo = 0, sb_flags = 0, sb_state = 0}, so_snd = {sb_sel = { > si_thrlist = {tqe_next = 0x0, tqe_prev = 0x0}, si_thread = 0x0, > si_note = {kl_lock = 0x0, kl_list = {slh_first = 0x0}}, si_flags = 0}, > sb_mtx = {mtx_object = {lo_class = 0xc06938dc, lo_name = 0xc0672645 > "so_snd", lo_type = 0xc0672645 "so_snd", lo_flags = 131072, > lo_list = {tqe_next = 0x0, tqe_prev = 0x0}, lo_witness = 0x0}, > mtx_lock = 4, mtx_recurse = 0}, sb_mb = 0x0, sb_mbtail = 0x0, > sb_lastrecord = 0x0, sb_cc = 0, sb_hiwat = 0, sb_mbcnt = 0, > sb_mbmax = 0, sb_ctl = 0, sb_lowat = 2048, sb_timeo = 0, sb_flags = 64, > sb_state = 16}, so_upcall = 0, so_upcallarg = 0x0, so_cred = > 0xc12f6500, so_label = 0x0, so_peerlabel = 0x0, so_gencnt = 3336, > so_emuldata = 0x0, so_accf = 0x0} > (kgdb) frame 30 > #30 0xc048b496 in fdfree (td=0xc0fe5900) at > /usr/src/sys/kern/kern_descrip.c:1610 > 1610 (void) closef(*fpp, td); > (kgdb) print td->td_proc->p_comm > $2 = "sshd\000er", '\0' <repeats 12 times> > (kgdb) print /d td->td_proc->p_pid > $3 = 1542 > (kgdb) printf "%s", msgbufp->msg_ptr > ... > <118>Oct 17 19:33:10 hostname sshd[1542]: fatal: mm_request_receive: > read: -1 > panic: sorele > KDB: enter: panic > panic: from debugger > Uptime: 12h11m42s > Dumping 191 MB > 16 32 48 64 80 96 112 128 144 160 176 > > -- > Pawel > _______________________________________________ > freebsd-current_at_freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org" >Received on Mon Oct 18 2004 - 20:26:25 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:18 UTC