Date: Mon, 22 Apr 2002 11:28:41 +0900 From: Jun Kuriyama <kuriyama@imgsrc.co.jp> To: Current <FreeBSD-current@FreeBSD.org> Subject: lock order reversal and panic in kern_descrip.c Message-ID: <7mpu0szcti.wl@waterblue.imgsrc.co.jp>
next in thread | raw e-mail | index | archive | help
Today's -current kernel. This happend when I invoke linux-netscape.
lock order reversal
1st 0xe7fdf134 filedesc structure (filedesc structure) @ ../../../kern/kern_descrip.c:1531
2nd 0xc0321ca0 filelist lock (filelist lock) @ ../../../kern/kern_descrip.c:1092
recursed on non-recursive lock (sleep mutex) filedesc structure @ ../../../kern/kern_descrip.c:1114
first acquired @ ../../../kern/kern_descrip.c:1531
panic: recurse
cpuid = 0; lapic.id = 00000000
Debugger("panic")
Stopped at Debugger+0x41: xorl %eax,%eax
db> trace
Debugger(c02d523a) at Debugger+0x41
panic(c02d8808,e7fdf134,0,c02d1af3,0) at panic+0xd8
witness_lock(e7fdf134,8,c02d1af3,45a) at witness_lock+0x198
_mtx_lock_flags(e7fdf134,0,c02d1af3,45a,e7a5be10) at _mtx_lock_flags+0x74
falloc(e7f8ed50,e805baa0,e805baa8,e7fdf134,0) at falloc+0xaf
fdcheckstd(e7f8ed50,e805bd20,e7f8ed50,bfbfc2d0,e7f8ec50) at fdcheckstd+0x1d7
execve(e7f8ed50,e805bcdc,e7f8ee2c,e7f8ec50,bfbffeb8) at execve+0x6ae
linux_execve(e7f8ed50,e805bd20,bfbfc2d0,84a9d2a,bfbfc2d0) at linux_execve+0x5b
syscall(85b002f,bfbf002f,bfbf002f,bfbfc2d0,84a9d2a) at syscall+0x223
syscall_with_err_pushed() at syscall_with_err_pushed+0x1b
--- syscall (11, FreeBSD ELF, nosys), eip = 0x2881990b, esp = 0xbfbfc298, ebp = 0xbfbfc2a8 ---
(kgdb) where
#0 doadump () at ../../../kern/kern_shutdown.c:213
#1 0xc01b26b8 in boot (howto=260) at ../../../kern/kern_shutdown.c:346
#2 0xc01b28c9 in panic (fmt=0xc02be36a "from debugger")
at ../../../kern/kern_shutdown.c:490
#3 0xc0131891 in db_panic (addr=-1071031351, have_addr=0, count=-1,
modif=0xe805b88c "") at ../../../ddb/db_command.c:449
#4 0xc013182f in db_command (last_cmdp=0xc03020e4, cmd_table=0xc0301f04,
aux_cmd_tablep=0xc02fc238, aux_cmd_tablep_end=0xc02fc23c)
at ../../../ddb/db_command.c:345
#5 0xc01318fb in db_command_loop () at ../../../ddb/db_command.c:471
#6 0xc0133c8f in db_trap (type=3, code=0) at ../../../ddb/db_trap.c:72
#7 0xc029590a in kdb_trap (type=3, code=0, regs=0xe805b988)
at ../../../i386/i386/db_interface.c:161
#8 0xc02a98ec in trap (frame={tf_fs = -403177448, tf_es = 16,
tf_ds = -403177456, tf_edi = -1070024964, tf_esi = 256,
tf_ebp = -402277936, tf_isp = -402277964, tf_ebx = -1070757880,
tf_edx = 0, tf_ecx = 0, tf_eax = 18, tf_trapno = 3, tf_err = 0,
tf_eip = -1071031351, tf_cs = 8, tf_eflags = 582, tf_esp = -1070645245,
tf_ss = -1070771654}) at ../../../i386/i386/trap.c:585
#9 0xc0295bc9 in Debugger (msg=0xc02d523a "panic") at machine/cpufunc.h:68
#10 0xc01b28b4 in panic (fmt=0xc02d8808 "recurse")
at ../../../kern/kern_shutdown.c:477
#11 0xc01ca3d8 in witness_lock (lock=0xe7fdf134, flags=8,
file=0xc02d1af3 "../../../kern/kern_descrip.c", line=1114)
at ../../../kern/subr_witness.c:533
#12 0xc01aad4c in _mtx_lock_flags (m=0xe7fdf134, opts=0,
file=0xc02d1af3 "../../../kern/kern_descrip.c", line=1114)
at ../../../kern/kern_mutex.c:314
#13 0xc019c3df in falloc (td=0xe7f8ed50, resultfp=0xe805baa0,
resultfd=0xe805baa8) at ../../../kern/kern_descrip.c:1114
#14 0xc019d01b in fdcheckstd (td=0xe7f8ed50)
at ../../../kern/kern_descrip.c:1532
#15 0xc01a04e2 in execve (td=0xe7f8ed50, uap=0xe805bcdc)
at ../../../kern/kern_exec.c:372
#16 0xe7cc3aff in ?? ()
#17 0xc02aa08f in syscall (frame={tf_fs = 140181551, tf_es = -1078001617,
tf_ds = -1078001617, tf_edi = -1077951792, tf_esi = 139107626,
tf_ebp = -1077951832, tf_isp = -402277004, tf_ebx = -1077951792,
tf_edx = 143628032, tf_ecx = -1077951676, tf_eax = 11, tf_trapno = 12,
tf_err = 2, tf_eip = 679581963, tf_cs = 31, tf_eflags = 582,
tf_esp = -1077951848, tf_ss = 47}) at ../../../i386/i386/trap.c:1022
#18 0xc02968dd in syscall_with_err_pushed ()
Cannot access memory at address 0xbfbfc2a8.
(kgdb) up 11
#11 0xc01ca3d8 in witness_lock (lock=0xe7fdf134, flags=8,
file=0xc02d1af3 "../../../kern/kern_descrip.c", line=1114)
at ../../../kern/subr_witness.c:533
533 panic("recurse");
(kgdb) list
528 printf(
529 "recursed on non-recursive lock (%s) %s @ %s:%d\n",
530 class->lc_name, lock->lo_name, file, line);
531 printf("first acquired @ %s:%d\n", lock1->li_file,
532 lock1->li_line);
533 panic("recurse");
534 }
535 CTR4(KTR_WITNESS, "%s: pid %d recursed on %s r=%d", __func__,
536 td->td_proc->p_pid, lock->lo_name,
537 lock1->li_flags & LI_RECURSEMASK);
--
Jun Kuriyama <kuriyama@imgsrc.co.jp> // IMG SRC, Inc.
<kuriyama@FreeBSD.org> // FreeBSD Project
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7mpu0szcti.wl>