panic: getnewbuf: locked buf
Pawel Worach
pawel.worach at telia.com
Sun Aug 22 18:47:26 PDT 2004
Hi,
Got this while running ssh host "tar cf - /usr/X11R6.8" | tar xf -
and firefox decided to crash.
FreeBSD corona 6.0-CURRENT FreeBSD 6.0-CURRENT #0: Sun Aug 22 19:15:47
CEST 2004 root at darkstar:/export/data/obj/usr/src/sys/CORONA i386
#0 doadump () at pcpu.h:159
#1 0xc04f9654 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:396
#2 0xc04f9a09 in panic (fmt=0xc06afa0b "getnewbuf: locked buf")
at /usr/src/sys/kern/kern_shutdown.c:552
#3 0xc054e71e in getnewbuf (slpflag=0, slptimeo=0, size=16384,
maxsize=16384)
at /usr/src/sys/kern/vfs_bio.c:1879
#4 0xc055010d in getblk (vp=0xc1785108, blkno=1, size=16384, slpflag=0,
slptimeo=0, flags=0) at /usr/src/sys/kern/vfs_bio.c:2586
#5 0xc05fc914 in ffs_balloc_ufs2 (vp=0xc1785108, startoffset=Unhandled
dwarf expression opcode 0x93
)
at /usr/src/sys/ufs/ffs/ffs_balloc.c:640
#6 0xc0614e0c in ffs_write (ap=0xcd69c9a8)
at /usr/src/sys/ufs/ffs/ffs_vnops.c:650
#7 0xc056ec9a in vn_rdwr (rw=UIO_WRITE, vp=0xc1785108, base=0x0,
len=49152,
offset=Unhandled dwarf expression opcode 0x93
) at vnode_if.h:432
#8 0xc056edc6 in vn_rdwr_inchunks (rw=UIO_WRITE, vp=0xc1785108,
base=0x805b000 <Address 0x805b000 out of bounds>, len=14770176,
offset=Unhandled dwarf expression opcode 0x93
)
at /usr/src/sys/kern/vfs_vnops.c:501
#9 0xc04c4c4a in elf32_coredump (td=0xc197ab00, vp=0xc1785108,
limit=Unhandled dwarf expression opcode 0x93
)
at pcpu.h:156
#10 0xc04ffbb4 in coredump (td=0xc197ab00) at
/usr/src/sys/kern/kern_sig.c:2634
#11 0xc04ff243 in sigexit (td=0xc197ab00, sig=10)
at /usr/src/sys/kern/kern_sig.c:2444
#12 0xc04e1587 in kse_thr_interrupt (td=0xc197ab00, uap=0xcd69cd14)
at /usr/src/sys/kern/kern_kse.c:240
#13 0xc06803c0 in syscall (frame=
{tf_fs = -1066991569, tf_es = 47, tf_ds = 47, tf_edi = 9, tf_esi
= 134627328, tf_ebp = 134623116, tf_isp = -848704140, tf_ebx =
681073276, tf_edx = 10, tf_ecx = 10, tf_eax = 382, tf_trapno = 12,
tf_err = 2, tf_eip = 681057579, tf_cs = 31, tf_eflags = 2097666, tf_esp
= 134622976, tf_ss = 47})
at /usr/src/sys/i386/i386/trap.c:1004
#14 0xc067051f in Xint0x80_syscall () at
/usr/src/sys/i386/i386/exception.s:201
#15 0xc067002f in dumpsys (di=Cannot access memory at address 0x8062f94
) at /usr/src/sys/i386/i386/dump_machdep.c:100
(kgdb) frame 3
#3 0xc054e71e in getnewbuf (slpflag=0, slptimeo=0, size=16384,
maxsize=16384)
at /usr/src/sys/kern/vfs_bio.c:1879
1879 panic("getnewbuf: locked buf");
(kgdb) list
1874 * Start freeing the bp. This is somewhat
involved. nbp
1875 * remains valid only for QUEUE_EMPTY[KVA] bp's.
1876 */
1877
1878 if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_NOWAIT, NULL)
!= 0)
1879 panic("getnewbuf: locked buf");
1880 bremfreel(bp);
1881 mtx_unlock(&bqlock);
1882
1883 if (qindex == QUEUE_CLEAN) {
(kgdb) print bp
$1 = (struct buf *) 0xc66b0658
(kgdb) print *bp
$2 = {b_io = {bio_cmd = 2 '\002', bio_flags = 2 '\002', bio_cflags = 0
'\0',
bio_pflags = 0 '\0', bio_dev = 0x0, bio_disk = 0x0,
bio_offset = 11293147136, bio_bcount = 16384,
bio_data = 0xc76c5000 <Address 0xc76c5000 out of bounds>, bio_error
= 0,
bio_resid = 0, bio_done = 0xc0551160 <bufdonebio>, bio_driver1 = 0x0,
bio_driver2 = 0x0, bio_caller1 = 0x0, bio_caller2 = 0xc66b0658,
bio_queue = {tqe_next = 0x0, tqe_prev = 0x0}, bio_attribute = 0x0,
bio_from = 0x0, bio_to = 0x0, bio_length = 0, bio_completed = 0,
bio_children = 6, bio_inbed = 0, bio_parent = 0x0, bio_t0 = {sec = 0,
frac = 0}, bio_task = 0, bio_task_arg = 0x0, bio_pblkno = 0},
b_op = 0xc06dca88, b_magic = 280038160, b_iodone = 0, b_blkno =
22056928,
b_offset = 1540096, b_vnbufs = {tqe_next = 0x0, tqe_prev = 0xc19d0140},
b_left = 0x0, b_right = 0x0, b_vflags = 0, b_freelist = {
tqe_next = 0xc66513c0, tqe_prev = 0xc0701f98}, b_qindex = 3,
b_flags = 139808, b_xflags = 0 '\0', b_lock = {lk_interlock =
0xc06fd468,
lk_flags = 2097664, lk_sharecount = 0, lk_waitcount = 1,
lk_exclusivecount = 0, lk_prio = 80, lk_wmesg = 0xc06af7a2 "bufwait",
lk_timo = 0, lk_lockholder = 0xffffffff, lk_newlock = 0x0},
b_bufsize = 0,
b_runningbufspace = 0,
b_kvabase = 0xc76c5000 <Address 0xc76c5000 out of bounds>,
b_kvasize = 16384, b_lblkno = 94, b_vp = 0x0, b_object = 0x0,
b_dirtyoff = 0, b_dirtyend = 0, b_rcred = 0x0, b_wcred = 0x0,
b_saveaddr = 0xc76c5000, b_pager = {pg_reqpage = 0}, b_cluster = {
cluster_head = {tqh_first = 0x0, tqh_last = 0xc66430ac},
cluster_entry = {
tqe_next = 0x0, tqe_prev = 0xc66430ac}}, b_pages = {
0x0 <repeats 32 times>}, b_npages = 0, b_dep = {lh_first = 0x0}}
(kgdb) frame 10
#10 0xc04ffbb4 in coredump (td=0xc197ab00) at
/usr/src/sys/kern/kern_sig.c:2634
2634 error = p->p_sysent->sv_coredump ?
(kgdb) print td->td_proc->p_comm
$3 = "firefox-bin\000n\000\000\000\000\000\000"
kernel.debug and vmcore saved if more info needed.
--
Pawel
More information about the freebsd-current
mailing list