Lars Eggert wrote:
Just got the panic again, the KASSERT didn't fire, so the ref count is > 0. Here's a backtrace with today's -current:John Baldwin wrote: > On 18-Oct-2002 Lars Eggert wrote: >> John Baldwin wrote: >> >>> What is line 488 of src/sys/kern/kern_descrip.c? >> >> fhold(fp) in do_dup(). > > Hrm. You can try adding some KASSERT()'s that the reference > count of that struct file isn't zero or negative.fd_refcnt is an u_short, but I've added a KASSERT that makes sure it's not zero, and will test.
[root@nik: /etc] gdb -k /usr/obj/usr/src/sys/KERNEL-1.10/kernel.debug /var/crash/vmcore.2
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-undermydesk-freebsd"...
panic: from debugger
panic messages:
---
panic: mtx_lock() of spin mutex duI\M-@\M-4qI\M-@`\M^NN\M-@\^D @ /usr/src/sys/kern/kern_descrip.c:486
cpuid = 1; lapic.id = 02000000
panic: from debugger
cpuid = 1; lapic.id = 02000000
boot() called on cpu#1
Uptime: 19m11s
pfs_vncache_unload(): 6 entries remaining
Dumping 1023 MB
16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 256 272 288 304 320 336 352 368 384 400 416 432 448 464 480 496 512 528 544 560 576 592 608 624 640 656 672 688 704 720 736 752 768 784 800 816 832 848 864 880 896 912 928 944 960 976 992 1008
---
#0 doadump () at /usr/src/sys/kern/kern_shutdown.c:224
224 dumpsys(&dumper);
(kgdb) bt
#0 doadump () at /usr/src/sys/kern/kern_shutdown.c:224
#1 0xc02779de in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:355
#2 0xc0277fd7 in panic (fmt=0xc0413704 "from debugger") at /usr/src/sys/kern/kern_shutdown.c:508
#3 0xc01509d2 in db_panic () at /usr/src/sys/ddb/db_command.c:450
#4 0xc015080c in db_command (last_cmdp=0xc047bce0, cmd_table=0x0, aux_cmd_tablep=0xc04732dc,
aux_cmd_tablep_end=0xc04732e0) at /usr/src/sys/ddb/db_command.c:346
#5 0xc0150a4a in db_command_loop () at /usr/src/sys/ddb/db_command.c:472
#6 0xc01536f5 in db_trap (type=3, code=0) at /usr/src/sys/ddb/db_trap.c:72
#7 0xc03d47f7 in kdb_trap (type=3, code=0, regs=0xeb73dbe8) at /usr/src/sys/i386/i386/db_interface.c:166
#8 0xc03ec35a in trap (frame=
{tf_fs = 24, tf_es = -1069350896, tf_ds = 16, tf_edi = -955428240, tf_esi = 256, tf_ebp = -344728524, tf_isp = -344728556, tf_ebx = 0, tf_edx = 0, tf_ecx = 0, tf_eax = 18, tf_trapno = 3, tf_err = 0, tf_eip = -1069724870, tf_cs = 8, tf_eflags = 658, tf_esp = -1069144858, tf_ss = -1069294790}) at /usr/src/sys/i386/i386/trap.c:605
#9 0xc03d5fc8 in calltrap () at {standard input}:99
#10 0xc0277fbf in panic (fmt=0x0) at /usr/src/sys/kern/kern_shutdown.c:494
#11 0xc026da07 in _mtx_lock_flags (m=0xc0497574, opts=0, file=0xc043acbf "/usr/src/sys/kern/kern_descrip.c", line=486)
at /usr/src/sys/kern/kern_mutex.c:318
#12 0xc0259541 in do_dup (td=0xc70d5270, type=DUP_FIXED, old=-1, new=4, retval=0xc70d5304)
at /usr/src/sys/kern/kern_descrip.c:486
#13 0xc0258793 in dup2 (td=0x0, uap=0x0) at /usr/src/sys/kern/kern_descrip.c:174
#14 0xc03ed066 in syscall (frame=
{tf_fs = 135594031, tf_es = -1078067153, tf_ds = -1078067153, tf_edi = 4, tf_esi = 135637504, tf_ebp = -1078036088, tf_isp = -344728204, tf_ebx = -1, tf_edx = -1078037360, tf_ecx = 136126464, tf_eax = 90, tf_trapno = 12, tf_err = 2, tf_eip = 134842063, tf_cs = 31, tf_eflags = 646, tf_esp = -1078037316, tf_ss = 47})
at /usr/src/sys/i386/i386/trap.c:1071
#15 0xc03d601d in Xint0x80_syscall () at {standard input}:141
---Can't read userspace from dump, or kernel process---
(kgdb) up 12
#12 0xc0259541 in do_dup (td=0xc70d5270, type=DUP_FIXED, old=-1, new=4, retval=0xc70d5304)
at /usr/src/sys/kern/kern_descrip.c:486
486 fhold(fp);
(kgdb) list
481 FILEDESC_UNLOCK(fdp);
482 return (0);
483 }
484 fp = fdp->fd_ofiles[old];
485 KASSERT(fdp->fd_refcnt != 0, ("reference count is zero"));
486 fhold(fp);
487
488 /*
489 * Expand the table for the new descriptor if needed. This may
490 * block and drop and reacquire the filedesc lock.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
