6.0-BETA3: 'kldunload linux' --> panic

Rene Ladan r.c.ladan at student.tue.nl
Tue Aug 23 12:11:21 GMT 2005 

The following panic can reliably be reproduced on a GENERIC 6.0-BETA3
kernel when loading linux support via /etc/rc.conf (linux_enable="YES")
and then issuing "kldunload linux".

I'll leave the crash dump around.

% kgdb -n 95

[...]

Unread portion of the kernel message buffer:
panic: witness_destroy: lock (sleep mutex) linux osname is not initialized
cpuid = 0
KDB: enter: panic
Dumping 191 MB (2 chunks)
  chunk 0: 1MB (159 pages) ... ok
  chunk 1: 191MB (48880 pages) 175 159 143 127 111 95 79 63 47 31 15

#0  doadump () at pcpu.h:165
165	pcpu.h: No such file or directory.
	in pcpu.h
(kgdb) bt f
#0  doadump () at pcpu.h:165
No locals.
#1  0xc0475ae6 in db_fncall (dummy1=0, dummy2=0, dummy3=1999,
    dummy4=0xcf021a38 "\200Ø\235À") at /usr/src/sys/ddb/db_command.c:489
	fn_addr = -1066784304
	args = {0, -821945852, -1064888387, -1062909536, 28, -821945852,
  -1069058507, 32, -1063899200, 2}
	nargs = 0
	retval = 547703424
	t = 0
#2  0xc0475862 in db_command (last_cmdp=0xc09dcf84, cmd_table=0x0,
    aux_cmd_tablep=0xc095a0c0, aux_cmd_tablep_end=0xc095a0dc)
    at /usr/src/sys/ddb/db_command.c:349
	cmd = (struct command *) 0xc0963140
	t = 0
	modif = "\200Ø\235À\000\000\000\000T\032\002Ï\r\000\000\000à\034§À\r\000\000\000\001\000\000\000t\032\002ÏÆæ\211À I¥À\aK\000 d\035§À\000_€À\200Ø\235Àx\000\000\000\200Ø\235À\000\000\000\000\230\032\002Ï1\177GÀbê\222À°{GÀ\000\000\000\000\020\000\000\000\000\000\000\000\200Ø\235ÀÆqGÀ\200Ø\235À8Ð\235Àx\000\000\000ü\032\002Ï"
	addr = 0
	count = 1999
	have_addr = 0
	result = 0
#3  0xc0475975 in db_command_loop () at /usr/src/sys/ddb/db_command.c:455
No locals.
#4  0xc0477ae5 in db_trap (type=3, code=0) at /usr/src/sys/ddb/db_main.c:221
	jb = {{_jb = {-821945604, -821945632, -821945552, 1, 0, -1069057402,
      0, 0, 0, 0, -821945552, -1066657536}}}
	prev_jb = (void *) 0x0
	bkpt = 0
#5  0xc06c19ae in kdb_trap (type=0, code=0, tf=0xcf021b98)
    at /usr/src/sys/kern/subr_kdb.c:473
	did_stop_cpus = 1
	handled = -821945448
#6  0xc08c2468 in trap (frame=
      {tf_fs = 8, tf_es = 40, tf_ds = -821952472, tf_edi = 256, tf_esi = 1, tf_ebp = -821945376, tf_isp = -821945404, tf_ebx = -821945316, tf_edx = 0, tf_ecx = -1056755712, tf_eax = 18, tf_trapno = 3, tf_err = 0, tf_eip = -1066658176, tf_cs = 32, tf_eflags = 646, tf_esp = -1064104898, tf_ss = -1064113900})
    at /usr/src/sys/i386/i386/trap.c:601
	td = (struct thread *) 0xc24db300
	p = (struct proc *) 0xc24fc830
	sticks = 3473021836
	i = 0
	ucode = 0
	type = 3
	code = 0
	eva = 0
#7  0xc08ac43a in calltrap () at /usr/src/sys/i386/i386/exception.s:139
No locals.
#8  0x00000008 in ?? ()
No symbol table info available.
#9  0x00000028 in ?? ()
No symbol table info available.
#10 0xcf020028 in ?? ()
No symbol table info available.
#11 0x00000100 in ?? ()
No symbol table info available.
#12 0x00000001 in ?? ()
No symbol table info available.
#13 0xcf021be0 in ?? ()
No symbol table info available.
#14 0xcf021bc4 in ?? ()
No symbol table info available.
#15 0xcf021c1c in ?? ()
No symbol table info available.
#16 0x00000000 in ?? ()
No symbol table info available.
#17 0xc1033000 in ?? ()
No symbol table info available.
#18 0x00000012 in ?? ()
No symbol table info available.
#19 0x00000003 in ?? ()
No symbol table info available.
#20 0x00000000 in ?? ()
No symbol table info available.
#21 0xc06c1680 in kdb_enter (msg=0x0) at cpufunc.h:60
No locals.
#22 0xc06a337e in panic (fmt=0xc09323ad "%s: lock (%s) %s is not initialized")
    at /usr/src/sys/kern/kern_shutdown.c:537
	td = (struct thread *) 0xc24db300
	bootopt = 256
	newpanic = 1
	ap = 0xcf021c1c "µ}\216Àè\232\224ÀþÈ2ÂÀæ2Â\020Î2ÂL\034\002ÏX\230iÀÀæ2ÂíÈ\222À"
	buf = "witness_destroy: lock (sleep mutex) linux osname is not initialized", '\0' <repeats 188 times>
#23 0xc06cd5a9 in witness_destroy (lock=0xc232e6c0)
    at /usr/src/sys/kern/subr_witness.c:567
	w = (struct witness *) 0xc232e6c0
	__func__ = "witness_destroy"
#24 0xc0699858 in mtx_destroy (m=0xc232e6c0)
    at /usr/src/sys/kern/kern_mutex.c:875
No locals.
#25 0xc0691b60 in linker_file_sysuninit (lf=0x0)
    at /usr/src/sys/kern/kern_linker.c:238
	start = (struct sysinit **) 0xc232ce10
	stop = (struct sysinit **) 0xc232ce18
	sipp = (struct sysinit **) 0xc232ce10
	xipp = (struct sysinit **) 0x0
	save = (struct sysinit *) 0x0
#26 0xc0692384 in linker_file_unload (file=0xc222eb00, flags=0)
    at /usr/src/sys/kern/kern_linker.c:539
	mod = 0x0
	next = 0x0
	ml = 0x0
	nextml = 0x0
	cp = (struct common_symbol *) 0x0
	error = 0
	i = 0
#27 0xc0692c3a in kern_kldunload (td=0xc222eb00, fileid=0, flags=0)
    at /usr/src/sys/kern/kern_linker.c:828
	lf = 0xc222eb00
	error = 2
#28 0xc0692cdc in kldunloadf (td=0x0, uap=0x0)
    at /usr/src/sys/kern/kern_linker.c:858
No locals.
#29 0xc08c2e30 in syscall (frame=
      {tf_fs = 59, tf_es = 59, tf_ds = 59, tf_edi = 4, tf_esi = -1077940798, tf_ebp = -1077941080, tf_isp = -821944988, tf_ebx = 1, tf_edx = -1077940798, tf_ecx = 1, tf_eax = 444, tf_trapno = 0, tf_err = 2, tf_eip = 671855983, tf_cs = 51, tf_eflags = 582, tf_esp = -1077942212, tf_ss = 59})
    at /usr/src/sys/i386/i386/trap.c:986
	params = 0xbfbfe840 <Address 0xbfbfe840 out of bounds>
	callp = (struct sysent *) 0xc0990150
	td = (struct thread *) 0xc24db300
	p = (struct proc *) 0xc24fc830
	orig_tf_eflags = 582
	sticks = 3
	error = 0
	narg = 2
	args = {4, 0, -1064543505, -1063413248, -821945036, 0, 0, 671524056}
	code = 444
#30 0xc08ac48f in Xint0x80_syscall ()
    at /usr/src/sys/i386/i386/exception.s:200
No locals.
#31 0x0000003b in ?? ()
No symbol table info available.
#32 0x0000003b in ?? ()
No symbol table info available.
#33 0x0000003b in ?? ()
No symbol table info available.
#34 0x00000004 in ?? ()
No symbol table info available.
#35 0xbfbfedc2 in ?? ()
No symbol table info available.
#36 0xbfbfeca8 in ?? ()
No symbol table info available.
#37 0xcf021d64 in ?? ()
No symbol table info available.
#38 0x00000001 in ?? ()
No symbol table info available.
#39 0xbfbfedc2 in ?? ()
No symbol table info available.
#40 0x00000001 in ?? ()
No symbol table info available.
#41 0x000001bc in ?? ()
No symbol table info available.
#42 0x00000000 in ?? ()
No symbol table info available.
#43 0x00000002 in ?? ()
No symbol table info available.
#44 0x280bb56f in ?? ()
No symbol table info available.
#45 0x00000033 in ?? ()
No symbol table info available.
#46 0x00000246 in ?? ()
No symbol table info available.
#47 0xbfbfe83c in ?? ()
No symbol table info available.
#48 0x0000003b in ?? ()
No symbol table info available.
#49 0x00000000 in ?? ()
No symbol table info available.
#50 0x00000000 in ?? ()
No symbol table info available.
#51 0x00000000 in ?? ()
No symbol table info available.
#52 0x00000000 in ?? ()
No symbol table info available.
#53 0x0872a000 in ?? ()
No symbol table info available.
#54 0xc24fc830 in ?? ()
No symbol table info available.
#55 0xc24db300 in ?? ()
No symbol table info available.
#56 0xcf0219b0 in ?? ()
No symbol table info available.
#57 0xcf02198c in ?? ()
No symbol table info available.
#58 0xc1465600 in ?? ()
No symbol table info available.
#59 0xc06b7a90 in sched_switch (td=0xbfbfedc2, newtd=0x1, flags=Cannot access memory at address 0xbfbfecb8)
    at /usr/src/sys/kern/sched_4bsd.c:973
	kg = (struct ksegrp *) 0x0
	p = (struct proc *) 0x4
Previous frame inner to this frame (corrupt stack?)
(kgdb) q
--
GPG fingerprint = 5FFA 3959 3377 C697 8428  24D0 BF3E F4A9 AE33 5DCC

"It won't fit on the line."
		-- me, 2001
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050823/607fd818/attachment.bin

More information about the freebsd-stable mailing list