panic: System call lstat returning with 1 locks held
Attilio Rao
attilio at freebsd.org
Wed Feb 6 05:49:52 PST 2008
2008/2/6, Yar Tikhiy <yar at comp.chem.msu.su>:
> On Tue, Feb 05, 2008 at 08:56:26PM +0100, Attilio Rao wrote:
> > 2008/2/5, Yar Tikhiy <yar at comp.chem.msu.su>:
> > > On Fri, Feb 01, 2008 at 07:41:58PM +0100, Attilio Rao wrote:
> > > > 2008/2/1, Yar Tikhiy <yar at comp.chem.msu.su>:
> > >
> > > [...]
> > >
>
> > > > It would be suitable for you to add DDB to your kernel config and see
> > > > a backtrace for it?
> > >
> > >
> > > DDB was there (my kernel was GENERIC + DEBUG_VFS_LOCKS,) but it
> > > failed, too. Fortunately, I've managed to save a dump with the
> > > whole call stack. Attached is the respective output from kgdb,
> > > showing multiple failures including the one in NTFS.
> >
> > Currently it is DDB which let it fail in witness after memory corruption.
> > But I'm more interested in the panic originator; so, as far as it is
> > unusable, can you please remove DDB option and try to get the panic
> > again? it should not give you the failing assertion without DDB.
>
>
> Sure, here it is, attached.
>
> By the way, not that I want to stop helping you, but I can provide
> you with a small NTFS image so that you can test the driver against
> it by yourself and save a few round-trips. :-) The crash session
> shown in the attachment was conducted using this NTFS image file:
>
> http://people.freebsd.org/~yar/debug/ntfs.bz2
>
> Thanks!
>
> --
> Yar
>
> [causing the panic]
>
>
> Enter full pathname of shell or RETURN for /bin/sh:
>
> # dumpon /dev/ad0s3b
> # mdconfig -a -f /root/ntfs
> WARNING: opening backing store: /root/ntfs readoGnly
> EOM_LABEL: Label for provider md0 is ntfs/TEST_NTFS.
> md0
> # mount -r -t ntfs /dev/md0 /mnt
> # umount /mnt
> lock order reversal:
> 1st 0xc30566b8 ntfs (ntfs) @ /usr/src/sys/kern/vfs_subr.c:2361
> 2nd 0xc2fd4924 ntnode (ntnode) @ /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_s
> ubr.c:361
>
> kernel trap 12 with interrupts disabled
>
>
>
> Fatal trap 12: page fault while in kernel mode
> cpuid = 0; apic id = 00
> fault virtual address = 0xdeadc0ee
> fault code = supervisor read, page not present
>
> instruction pointer = 0x20:0xc0791e86
> stack pointer = 0x28:0xd61559a0
> frame pointer = 0x28:0xd61559a4
>
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, def32 1, gran 1
> processor eflags = resume, IOPL = 0
>
> current process = 39 (umount)
> trap number = 12
> panic: page fault
>
> cpuid = 0
> Uptime: 1m0s
> Physical memory: 499 MB
> Dumping 32 MB: 17 1
>
> Dump complete
>
> Automatic reboot in 15 seconds - press a key on the console to abort
>
>
> [post-mortem kgdb session]
>
>
> Fatal trap 12: page fault while in kernel mode
> cpuid = 0; apic id = 00
> fault virtual address = 0xdeadc0ee
> fault code = supervisor read, page not present
>
> instruction pointer = 0x20:0xc0791e86
> stack pointer = 0x28:0xd61559a0
> frame pointer = 0x28:0xd61559a4
>
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, def32 1, gran 1
> processor eflags = resume, IOPL = 0
>
> current process = 39 (umount)
> trap number = 12
> panic: page fault
>
> cpuid = 0
> Uptime: 1m0s
> Physical memory: 499 MB
> Dumping 32 MB: 17 1
>
> #0 doadump () at pcpu.h:195
> 195 pcpu.h: No such file or directory.
> in pcpu.h
> (kgdb) where
> #0 doadump () at pcpu.h:195
>
> #1 0xc075ba7e in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:417
> #2 0xc075bd09 in panic (fmt=Variable "fmt" is not available.
>
> ) at /usr/src/sys/kern/kern_shutdown.c:571
>
> #3 0xc0a4580c in trap_fatal (frame=0xd6155960, eva=3735929070)
> at /usr/src/sys/i386/i386/trap.c:898
> #4 0xc0a460e0 in trap (frame=0xd6155960) at /usr/src/sys/i386/i386/trap.c:279
> #5 0xc0a2c97b in calltrap () at /usr/src/sys/i386/i386/exception.s:146
> #6 0xc0791e86 in isitmychild (parent=0xdeadc0de, child=0xc0c00168)
> at /usr/src/sys/kern/subr_witness.c:1611
> #7 0xc0793d9e in witness_checkorder (lock=0xc1474908, flags=Variable "flags" is not available.
> )
> at /usr/src/sys/kern/subr_witness.c:966
> #8 0xc074edcc in _mtx_lock_flags (m=0xc1474908, opts=0,
> file=0xc0af4e44 "/usr/src/sys/vm/uma_core.c", line=2257)
> at /usr/src/sys/kern/kern_mutex.c:179
> #9 0xc095f398 in uma_zfree_arg (zone=0xc146d1e0, item=0xc2fd4900,
> udata=0xc2fd4fa8) at /usr/src/sys/vm/uma_core.c:2257
> #10 0xc074bb1a in free (addr=0xc2fd4900, mtp=0xc2ff1000)
> at /usr/src/sys/kern/kern_malloc.c:441
> #11 0xc2feda91 in ntfs_ntput (ip=0xc2fd4900)
>
> at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_subr.c:469
>
> #12 0xc2feb654 in ntfs_reclaim (ap=0xd6155b04)
>
> at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_vnops.c:262
>
> #13 0xc0a51195 in VOP_RECLAIM_APV (vop=0xc2ff1320, a=0xd6155b04)
>
> ---Type <return> to continue, or q <return> to quit---
>
> at vnode_if.c:1566
> #14 0xc07d848f in vgonel (vp=0xc3056660) at vnode_if.h:819
> #15 0xc07d9f47 in vflush (mp=0xc2fb6a70, rootrefs=0, flags=1, td=0xc2fdf660)
> at /usr/src/sys/kern/vfs_subr.c:2406
> #16 0xc2feabff in ntfs_unmount (mp=0xc2fb6a70, mntflags=134217728,
> td=0xc2fdf660) at /usr/src/sys/modules/ntfs/../../fs/ntfs/ntfs_vfsops.c:489
> #17 0xc07d3756 in dounmount (mp=0xc2fb6a70, flags=134217728, td=0xc2fdf660)
> at /usr/src/sys/kern/vfs_mount.c:1286
> #18 0xc07d3d20 in unmount (td=0xc2fdf660, uap=0xd6155cfc)
> at /usr/src/sys/kern/vfs_mount.c:1182
> #19 0xc0a45ce3 in syscall (frame=0xd6155d38)
>
> at /usr/src/sys/i386/i386/trap.c:1034
>
> #20 0xc0a2c9e0 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:203
> #21 0x00000033 in ?? ()
>
> Previous frame inner to this frame (corrupt stack?)
Want to see if this bt has been helpful? :)
Can you try the attached patch and see if kernel rings a bell?:
http://www.freebsd.org/~attilio/ntfs_debug.diff
Thanks,
Attilio
--
Peace can only be achieved by understanding - A. Einstein
More information about the freebsd-current
mailing list