Re: panic: System call lstat returning with 1 locks held

From: Yar Tikhiy <yar_at_comp.chem.msu.su>
Date: Tue, 5 Feb 2008 19:22:17 +0300
On Fri, Feb 01, 2008 at 07:41:58PM +0100, Attilio Rao wrote:
> 2008/2/1, Yar Tikhiy <yar_at_comp.chem.msu.su>:
[...]
> >  Fatal trap 12: page fault while in kernel mode
> >
> > cpuid = 0; apic id = 00
> >
> > fault virtual address   = 0xdeadc0ee
> >  fault code              = supervisor read, page not present
> >  instruction pointer     = 0x20:0xc07a0676
> >  stack pointer           = 0x28:0xd614e9a0
> >  frame pointer           = 0x28:0xd614e9a4
> >
> > code segment            = base 0x0, limit 0xfffff, type 0x1b
> >
> >                         = DPL 0, pres 1, def32 1, gran 1
> >
> > processor eflags        = resume, IOPL = 0
> >
> > current process         = 43 (umount)
> >  [thread pid 43 tid 100052 ]
> >  Stopped at      isitmychild+0x6:        movl    0x10(%eax),%ecx
> >  db> panic: Assertion !mtx_owned(&w_mtx) failed at /usr/src/sys/kern/subr_witness
> >  .c:959
> >  cpuid = 0
> >  Uptime: 2m14s
> >  Cannot dump. No dump device defined.
> >  Automatic reboot in 15 seconds - press a key on the console to abort
> 
> It would be suitable for you to add DDB to your kernel config and see
> a backtrace for it?

DDB was there (my kernel was GENERIC + DEBUG_VFS_LOCKS,) but it
failed, too.  Fortunately, I've managed to save a dump with the
whole call stack.  Attached is the respective output from kgdb,
showing multiple failures including the one in NTFS.

I'm keeping the dump so that I can dig deeper into it under your
guidance.  Thanks!

-- 
Yar

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0xdeadc0ee
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc07a0676
stack pointer           = 0x28:0xd615a9a0
frame pointer           = 0x28:0xd615a9a4
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = resume, IOPL = 0
current process         = 40 (umount)
panic: Assertion !mtx_owned(&w_mtx) failed at /usr/src/sys/kern/subr_witness.c:9                                              59
cpuid = 0
Uptime: 1m0s
Physical memory: 499 MB
Dumping 32 MB: 17 1

#0  doadump () at pcpu.h:195
195     pcpu.h: No such file or directory.
        in pcpu.h
(kgdb) where
#0  doadump () at pcpu.h:195
#1  0xc0768d4e in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:417
#2  0xc0769013 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:571
#3  0xc07a2839 in witness_checkorder (lock=0xc0dd2c2c, flags=Variable "flags" is not available.
)
    at /usr/src/sys/kern/subr_witness.c:959
#4  0xc075be7c in _mtx_lock_flags (m=0xc0dd2c2c, opts=0,
    file=0xc0b0f79f "/usr/src/sys/kern/subr_eventhandler.c", line=212)
    at /usr/src/sys/kern/kern_mutex.c:179
#5  0xc07903e9 in eventhandler_find_list (name=0xc0adccf5 "dcons_poll")
    at /usr/src/sys/kern/subr_eventhandler.c:212
#6  0xc055fd88 in dcons_os_checkc (dc=0xc0c015a0)
    at /usr/src/sys/dev/dcons/dcons_os.c:264
#7  0xc055feae in dcons_cngetc (cp=0xc0b6d9e0)
    at /usr/src/sys/dev/dcons/dcons_os.c:473
#8  0xc07b57a8 in cncheckc () at /usr/src/sys/kern/tty_cons.c:604
#9  0xc07b57e6 in cngetc () at /usr/src/sys/kern/tty_cons.c:582
#10 0xc0490d26 in db_readline (lstart=0xc0bf9740 "", lsize=120)
    at /usr/src/sys/ddb/db_input.c:323
#11 0xc04916fa in db_read_line () at /usr/src/sys/ddb/db_lex.c:56
#12 0xc0490066 in db_command_loop () at /usr/src/sys/ddb/db_command.c:462
#13 0xc049181d in db_trap (type=12, code=0) at /usr/src/sys/ddb/db_main.c:228
#14 0xc0792036 in kdb_trap (type=12, code=0, tf=0xd615a960)
    at /usr/src/sys/kern/subr_kdb.c:510
---Type <return> to continue, or q <return> to quit---
#15 0xc0a78b2f in trap_fatal (frame=0xd615a960, eva=3735929070)
    at /usr/src/sys/i386/i386/trap.c:889
#16 0xc0a79450 in trap (frame=0xd615a960) at /usr/src/sys/i386/i386/trap.c:279
#17 0xc0a5f2bb in calltrap () at /usr/src/sys/i386/i386/exception.s:146
#18 0xc07a0676 in isitmychild (parent=0xdeadc0de, child=0xc0ddeb28)
    at /usr/src/sys/kern/subr_witness.c:1611
#19 0xc07a286e in witness_checkorder (lock=0xc1474908, flags=Variable "flags" is not available.
)
    at /usr/src/sys/kern/subr_witness.c:966
#20 0xc075be7c in _mtx_lock_flags (m=0xc1474908, opts=0,
    file=0xc0b2e45f "/usr/src/sys/vm/uma_core.c", line=2257)
    at /usr/src/sys/kern/kern_mutex.c:179
#21 0xc0970508 in uma_zfree_arg (zone=0xc146d1e0, item=0xc2fbb100,
    udata=0xc2fbbfa8) at /usr/src/sys/vm/uma_core.c:2257
#22 0xc0758a8a in free (addr=0xc2fbb100, mtp=0xc2ffb000)
    at /usr/src/sys/kern/kern_malloc.c:441
#23 0xc2ff7a91 in ntfs_ntput (ip=0xc2fbb100)
    at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_subr.c:469
#24 0xc2ff5654 in ntfs_reclaim (ap=0xd615ab04)
    at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_vnops.c:262
#25 0xc0a84695 in VOP_RECLAIM_APV (vop=0xc2ffb320, a=0xd615ab04)
    at vnode_if.c:1566
#26 0xc07e819f in vgonel (vp=0xc2fea880) at vnode_if.h:819
#27 0xc07e9bb7 in vflush (mp=0xc2fc27d4, rootrefs=0, flags=1, td=0xc2fec440)
---Type <return> to continue, or q <return> to quit---
    at /usr/src/sys/kern/vfs_subr.c:2406
#28 0xc2ff4bff in ntfs_unmount (mp=0xc2fc27d4, mntflags=134217728,
    td=0xc2fec440) at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_vfsops.c:489
#29 0xc07e3416 in dounmount (mp=0xc2fc27d4, flags=134217728, td=0xc2fec440)
    at /usr/src/sys/kern/vfs_mount.c:1286
#30 0xc07e39e0 in unmount (td=0xc2fec440, uap=0xd615acfc)
    at /usr/src/sys/kern/vfs_mount.c:1182
#31 0xc0a79043 in syscall (frame=0xd615ad38)
    at /usr/src/sys/i386/i386/trap.c:1034
#32 0xc0a5f320 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:203
#33 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)
Received on Tue Feb 05 2008 - 15:22:21 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:26 UTC