Re: sctp panic in _mtx_lock_sleep when attempting to connect to a remote machine

From: Bruce Cran <bruce_at_cran.org.uk>
Date: Thu, 13 Aug 2009 19:36:59 +0100
On Wed, 12 Aug 2009 20:30:39 +0000 (UTC)
"Bjoern A. Zeeb" <bzeeb-lists_at_lists.zabbadoz.net> wrote:

> On Wed, 12 Aug 2009, Bruce Cran wrote:
> 
> Hi,
> 
> > I've found a way to reliably panic two machines running 8.0-BETA2.
> > It seems that there's a problem with SCTP connection requests being
> > made at the same time as other network traffic.
> > [...]

> unfrotunately the most intersting info is missing but it's likely that
> you are hitting this:
> http://lists.freebsd.org/pipermail/svn-src-stable-other/2009-August/000023.html
> 
> I you update to latest HEAD or stable/8, can you still reproduce it?
> 

I updated to RELENG_8 at around 1700 today and I can still reproduce it:
sometimes I just get the "Fatal trap 12" panic, but now I also see a
more helpful message:

panic: mtx_lock() of destroyed mutex
_at_ /usr/src/sys/netinet/sctp_output.c:12767

GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and
you are welcome to change it and/or distribute copies of it under
certain conditions. Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details. This GDB was configured as "amd64-marcel-freebsd"...

Unread portion of the kernel message buffer:
panic: mtx_lock() of destroyed mutex
_at_ /usr/src/sys/netinet/sctp_output.c:12767 cpuid = 1
KDB: enter: panic
Uptime: 49s
Physical memory: 4078 MB
Dumping 1251 MB:

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address	= 0x4 1236 1220 1204 1188 1172 1156 1140
1124 1108 1092 1076 1060 1044 1028 1012 996 980 964 948 932 916 900 884
868 852 836 820 804 788 772 756 740 724 708 692 676 660 644 628 612 596
580 564 548 532 516 500 484 468 452 436 420 404 388 372 356 340 324 308
292 276 260 244 228 212 196 180 164 148 132 116 100 84 68 52 36 20 4

Reading symbols from /boot/kernel/blank_saver.ko...Reading symbols
from /boot/kernel/blank_saver.ko.symbols...done. done.
Loaded symbols for /boot/kernel/blank_saver.ko
#0  doadump () at pcpu.h:223
223	pcpu.h: No such file or directory.
	in pcpu.h
(kgdb) #0  doadump () at pcpu.h:223
#1  0xffffffff80582023 in boot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:419
#2  0xffffffff805824ac in panic (fmt=Variable "fmt" is not available.
)
    at /usr/src/sys/kern/kern_shutdown.c:575
#3  0xffffffff80573b75 in _mtx_lock_flags (m=0x0, opts=0, 
    file=0xffffffff80980c58 "/usr/src/sys/netinet/sctp_output.c",
line=12767) at /usr/src/sys/kern/kern_mutex.c:195
#4  0xffffffff806c8252 in sctp_lower_sosend (so=0xffffff0004d19aa0,
addr=0x0, uio=0xffffff807987ca30, i_pak=Variable "i_pak" is not
available. )
    at /usr/src/sys/netinet/sctp_output.c:12767
#5  0xffffffff806ca749 in sctp_sosend (so=0xffffff0004d19aa0, addr=0x0, 
    uio=0xffffff807987ca30, top=0x0, control=0x0, flags=0, 
    p=0xffffff0004b81000) at /usr/src/sys/netinet/sctp_output.c:12336
#6  0xffffffff805f1c05 in kern_sendit (td=0xffffff0004b81000, s=3, 
    mp=0xffffff807987cb00, flags=0, control=0x0, segflg=UIO_USERSPACE)
    at /usr/src/sys/kern/uipc_syscalls.c:783
#7  0xffffffff805f1e0c in sendit (td=0xffffff0004b81000, s=3, 
    mp=0xffffff807987cb00, flags=0)
at /usr/src/sys/kern/uipc_syscalls.c:719 #8  0xffffffff805f1efd in
sendto (td=Variable "td" is not available. )
    at /usr/src/sys/kern/uipc_syscalls.c:835
#9  0xffffffff80862d3f in syscall (frame=0xffffff807987cc80)
    at /usr/src/sys/amd64/amd64/trap.c:984
#10 0xffffffff80849301 in Xfast_syscall ()
    at /usr/src/sys/amd64/amd64/exception.S:373
#11 0x0000000800c501dc in ?? ()
Previous frame inner to this frame (corrupt stack?)
(kgdb) 

-- 
Bruce
Received on Thu Aug 13 2009 - 16:37:05 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:53 UTC