Subject: kern/13077: vnode deadlock occurd when I pulled out my wavelan-card (wi0)
To: None <gnats-bugs@gnats.netbsd.org>
From: None <lha@stacken.kth.se>
List: netbsd-bugs
Date: 06/01/2001 02:44:55
>Number: 13077
>Category: kern
>Synopsis: vnode deadlock occurd when pulled out wavelan-card (wi0)
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu May 31 17:44:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Love
>Release: NetBSD 1.5V built May 26
>Organization:
Stacken Computer Club
>Environment:
System: NetBSD nutcracker.dynarc.se 1.5V NetBSD 1.5V (NUTCRACKER) #17: Sat May 26 10:44:27 CEST 2001 lha@nutcracker.dynarc.se:/usr/src/sys/arch/i386/compile/NUTCRACKER i386
Architecture: i386
Machine: i386
>Description:
The found the error when I tried to suspend and zzz hang.
Below are the parts of the debugging sesssion. After looking
around the computer froze up with haning vnodes all over the
crash. Last in the log is my failed attempt to reboot the
computer from ddb.
And because of kern/13076 couldn't get crash dump for
postmortem debugging :(
Proc 0xcb1bb558 as the cardslot0 and proc 0xcb4391d8 was the
dhclient trying exit since my /etc/apm/suspend kills it.
(gdb) proc 0xcb1bb558
(gdb) bt
#0 mi_switch (p=0xcb1bb558) at ../../../../kern/kern_synch.c:870
#1 0xc01c4a2e in bpendtsleep () at ../../../../kern/kern_synch.c:466
#2 0xc01e61d1 in vgonel (vp=0xcb47f618, p=0xcb1bb558)
at ../../../../kern/vfs_subr.c:1637
#3 0xc01e61a1 in vgone (vp=0xcb47f618) at ../../../../kern/vfs_subr.c:1617
#4 0xc01e643e in vcount (vp=0xcb365084) at ../../../../kern/vfs_subr.c:1783
#5 0xc01f608d in spec_close (v=0xcb1c8dec)
at ../../../../miscfs/specfs/spec_vnops.c:573
#6 0xc0306e14 in ufsspec_close (v=0xcb1c8dec)
at ../../../../ufs/ufs/ufs_vnops.c:1773
#7 0xc01ebd58 in VOP_CLOSE (vp=0xcb365084, fflag=4, cred=0xffffffff, p=0x0)
at ../../../../kern/vnode_if.c:289
#8 0xc01e6079 in vclean (vp=0xcb365084, flags=8, p=0xcb1bb558)
at ../../../../kern/vfs_subr.c:1520
#9 0xc01e61e3 in vgonel (vp=0xcb365084, p=0xcb1bb558)
at ../../../../kern/vfs_subr.c:1644
#10 0xc01e61a1 in vgone (vp=0xcb365084) at ../../../../kern/vfs_subr.c:1617
#11 0xc01ee5ed in genfs_revoke (v=0xcb1c8e80)
at ../../../../miscfs/genfs/genfs_vnops.c:291
#12 0xc01ebfa3 in VOP_REVOKE (vp=0xcb47f618, flags=1)
at ../../../../kern/vnode_if.c:588
#13 0xc01e640a in vdevgone (maj=23, minl=0, minh=0, type=VCHR)
at ../../../../kern/vfs_subr.c:1757
#14 0xc020309a in bpfdetach (ifp=0xc0b0a02c) at ../../../../net/bpf.c:1271
#15 0xc020836a in ether_ifdetach (ifp=0xc0b0a02c)
at ../../../../net/if_ethersubr.c:1045
#16 0xc013ba1f in wi_detach (sc=0xc0b0a000) at ../../../../dev/ic/wi.c:1756
#17 0xc0411a20 in wi_pcmcia_detach (self=0xc0b0a000, flags=1)
at ../../../../dev/pcmcia/if_wi_pcmcia.c:426
#18 0xc01c8e51 in config_detach (dev=0xc0b0a000, flags=1)
at ../../../../kern/subr_autoconf.c:484
#19 0xc03ffc10 in pcmcia_card_detach (dev=0xc093a400, flags=1)
at ../../../../dev/pcmcia/pcmcia.c:238
#20 0xc03f61ce in cardslot_event_thread (arg=0xc08d8680)
at ../../../../dev/cardbus/cardslot.c:424
(gdb) fr 13
#13 0xc01e640a in vdevgone (maj=23, minl=0, minh=0, type=VCHR)
at ../../../../kern/vfs_subr.c:1757
1757 VOP_REVOKE(vp, REVOKEALL);
(gdb) p mn
$4 = 0
(gdb) p minh
$5 = 0
(gdb) fr 7
#7 0xc01ebd58 in VOP_CLOSE (vp=0xcb365084, fflag=4, cred=0xffffffff, p=0x0)
at ../../../../kern/vnode_if.c:289
289 return (VCALL(vp, VOFFSET(vop_close), &a));
(gdb) p *vp
$25 = {v_uvm = {u_obj = {vmobjlock = {lock_data = 0}, pgops = 0xc059b080,
memq = {tqh_first = 0x0, tqh_last = 0xcb36508c}, uo_npages = 0,
uo_refs = 2}, u_flags = 2816, u_nio = 0, u_size = 0}, v_writecount = 0,
v_holdcnt = 0, v_lastr = 0, v_id = 196843, v_mount = 0xc0958400,
v_op = 0xc08dbf00, v_freelist = {tqe_next = 0xcb3bfb60,
tqe_prev = 0xcb3ef358}, v_mntvnodes = {le_next = 0xcb487984,
le_prev = 0xcb375a30}, v_cleanblkhd = {lh_first = 0x0}, v_dirtyblkhd = {
lh_first = 0x0}, v_synclist = {le_next = 0x0, le_prev = 0x0},
v_type = VCHR, v_un = {vu_mountedhere = 0xc09afca0, vu_socket = 0xc09afca0,
vu_specinfo = 0xc09afca0, vu_fifoinfo = 0xc09afca0}, v_lease = 0x0,
v_lastw = 0, v_cstart = 0, v_lasta = 0, v_clen = 0, v_ralen = 0,
v_maxra = 0, v_lock = {lk_interlock = {lock_data = 0}, lk_flags = 17408,
lk_sharecount = 0, lk_exclusivecount = 1, lk_recurselevel = 0,
lk_waitcount = 0, lk_wmesg = 0xc04663c5 "vnlock", lk_un = {lk_un_sleep = {
lk_sleep_lockholder = 4, lk_sleep_prio = 20, lk_sleep_timo = 0},
lk_un_spin = {lk_spin_cpu = 4}}}, v_glock = {lk_interlock = {
lock_data = 0}, lk_flags = 0, lk_sharecount = 0, lk_exclusivecount = 0,
lk_recurselevel = 0, lk_waitcount = 0, lk_wmesg = 0xc04663cc "glock",
lk_un = {lk_un_sleep = {lk_sleep_lockholder = -1, lk_sleep_prio = 20,
lk_sleep_timo = 0}, lk_un_spin = {lk_spin_cpu = 4294967295}}},
v_vnlock = 0xcb365108, v_tag = VT_UFS, v_data = 0xcb364468}
(gdb) p *vp->v_mount
$26 = {mnt_list = {cqe_next = 0xc0958600, cqe_prev = 0xc0597f38},
mnt_op = 0xc059adc0, mnt_vnodecovered = 0x0, mnt_syncer = 0xcb1f1960,
mnt_vnodelist = {lh_first = 0xcb4742a8}, mnt_lock = {lk_interlock = {
lock_data = 0}, lk_flags = 0, lk_sharecount = 0, lk_exclusivecount = 0,
lk_recurselevel = 0, lk_waitcount = 0, lk_wmesg = 0xc0466302 "vfslock",
lk_un = {lk_un_sleep = {lk_sleep_lockholder = -1, lk_sleep_prio = 20,
lk_sleep_timo = 0}, lk_un_spin = {lk_spin_cpu = 4294967295}}},
mnt_flag = -2147463168, mnt_maxsymlinklen = 60, mnt_fs_bshift = 13,
mnt_dev_bshift = 9, mnt_stat = {f_type = 1, f_oflags = 20480,
f_bsize = 1024, f_iosize = 8192, f_blocks = 49774, f_bfree = 12501,
f_bavail = 10012, f_files = 12542, f_ffree = 10610, f_fsid = {val = {0,
1931}}, f_owner = 0, f_flags = -2147463168, f_syncwrites = 2193,
f_asyncwrites = 10046, f_spare = {0},
f_fstypename = "ffs", '\000' <repeats 12 times>,
f_mntonname = "/", '\000' <repeats 88 times>,
f_mntfromname = "/dev/wd0a", '\000' <repeats 80 times>},
mnt_data = 0xc0958200, mnt_wcnt = 0, mnt_unmounter = 0x0}
(gdb) fr 11
#11 0xc01ee5ed in genfs_revoke (v=0xcb1c8e80)
at ../../../../miscfs/genfs/genfs_vnops.c:291
291 vgone(vq);
(gdb) list
286 for (vq = *vp->v_hashchain; vq; vq = vq->v_specnext) {
287 if (vq->v_rdev != vp->v_rdev ||
288 vq->v_type != vp->v_type || vp == vq)
b289 continue;
290 simple_unlock(&spechash_slock);
291 vgone(vq);
292 break;
293 }
294 if (vq == NULLVP)
295 simple_unlock(&spechash_slock);
#13 0xc01e640a in vdevgone (maj=23, minl=0, minh=0, type=VCHR)
at ../../../../kern/vfs_subr.c:1757
1757 VOP_REVOKE(vp, REVOKEALL);
(gdb) p vp
$73 = (struct vnode *) 0xcb47f618
(gdb) fr 10
#10 0xc01e61a1 in vgone (vp=0xcb365084) at ../../../../kern/vfs_subr.c:1617
1617 vgonel(vp, p);
(gdb) p *ap
$46 = {a_desc = 0x0, a_vp = 0xc059b080, a_flags = 0}
(gdb) p ap->a_vp
$47 = (struct vnode *) 0xc059b080
(gdb) p vp
$48 = (struct vnode *) 0xcb47f618
(gdb) p *vp->v_un.vu_specinfo->si_hashchain
$49 = (struct vnode *) 0xcb521dd4
(gdb) p $->v_un.vu_specinfo->si_specnext
$50 = (struct vnode *) 0xcb51d7e4
(gdb)
$51 = (struct vnode *) 0xcb3408b4
(gdb)
$52 = (struct vnode *) 0xcb471454
(gdb)
$53 = (struct vnode *) 0xcb4e18e8
(gdb)
$54 = (struct vnode *) 0xcb34e8cc
(gdb)
$55 = (struct vnode *) 0xcb51f050
(gdb)
$56 = (struct vnode *) 0xcb47f618
(gdb)
$57 = (struct vnode *) 0xcb4690f0
(gdb)
$58 = (struct vnode *) 0xcb365084
(gdb)
$59 = (struct vnode *) 0xcb3f18fc
(gdb)
$60 = (struct vnode *) 0xcb339548
(gdb)
$61 = (struct vnode *) 0x0
(gdb) p $58->v_un.vu_specinfo->si_rdev
$62 = 5888
(gdb) p vp->v_un.vu_specinfo->si_rdev
$63 = 5888
(gdb) p vp->v_tag
$64 = VT_UFS
(gdb) bt
#0 mi_switch (p=0xcb4391d8) at ../../../../kern/kern_synch.c:870
#1 0xc01c4a2e in bpendtsleep () at ../../../../kern/kern_synch.c:466
#2 0xc01ebb3d in vn_lock (vp=0xcb365084, flags=131074)
at ../../../../kern/vfs_vnops.c:606
#3 0xc01eb42e in vn_close (vp=0xcb365084, flags=3, cred=0xc09cda00,
p=0xcb4391d8) at ../../../../kern/vfs_vnops.c:225
#4 0xc01ebb8f in vn_closefile (fp=0xcb1def30, p=0xcb4391d8)
at ../../../../kern/vfs_vnops.c:628
#5 0xc01ba02f in closef (fp=0xcb1def30, p=0xcb4391d8)
at ../../../../kern/kern_descrip.c:1048
#6 0xc01b9e52 in fdfree (p=0xcb4391d8) at ../../../../kern/kern_descrip.c:925
#7 0xc01bb841 in exit1 (p=0xcb4391d8, rv=15)
at ../../../../kern/kern_exit.c:176
#8 0xc01c307a in sigexit (p=0xcb4391d8, signum=15)
at ../../../../kern/kern_sig.c:1305
#9 0xc01c2e27 in postsig (signum=15) at ../../../../kern/kern_sig.c:1198
#10 0xc0325b7e in syscall_plain (frame={tf_es = -1078001633,
tf_ds = 135266335, tf_edi = -1077948000, tf_esi = 0,
tf_ebp = -1077947936, tf_ebx = -1077948048, tf_edx = 10,
tf_ecx = -1077948000, tf_eax = 4, tf_trapno = 3, tf_err = 2,
tf_eip = 134730771, tf_cs = 23, tf_eflags = 643, tf_esp = -1077948152,
tf_ss = 31, tf_vm86_es = 0, tf_vm86_ds = 0, tf_vm86_fs = 0,
tf_vm86_gs = 0}) at machine/userret.h:90
---Type <return> to continue, or q <return> to quit---
#11 0xc0100cde in syscall1 ()
can not access 0xbfbfd1e0, kvm_read: Bad address
can not access 0xbfbfd1e0, kvm_read: Bad address
Error accessing memory address 0xbfbfd1e0: Bad address.
May 30 03:14:49 nutcracker syslogd: restart
May 30 03:14:49 nutcracker /netbsd: syncing disks... 2 1 1 1 done
May 30 03:14:49 nutcracker /netbsd: panic: unmount: dangling vnode
May 30 03:14:49 nutcracker /netbsd: Begin traceback...
May 30 03:14:49 nutcracker /netbsd: dounmount(c09b3c00,80000,c05c3700) at dounmount+0x1da
May 30 03:14:49 nutcracker /netbsd: vfs_unmountall(c05c3700,100,0,c0595a2c,c05c3700) at vfs_unmountall+0x5b
May 30 03:14:49 nutcracker /netbsd: vfs_shutdown(0,cb1d2c64,c01a20d0,100,0) at vfs_shutdown+0x1eb
May 30 03:14:49 nutcracker /netbsd: cpu_reboot(100,0,100,cb1d2d0c,c01a1d80) at cpu_reboot+0x3b
May 30 03:14:49 nutcracker /netbsd: db_sifting_cmd(1,0,c03c8895,cb1d2c94,0) at db_sifting_cmd
May 30 03:14:50 nutcracker /netbsd: db_command(c0595a2c,c045be7c,c045c0ee) at db_command+0x1ec
May 30 03:14:50 nutcracker /netbsd: db_command_loop(c031b324) at db_command_loop+0x82
May 30 03:14:50 nutcracker /netbsd: db_trap(1,0,1,cb1d2dc0,1) at db_trap+0x102
May 30 03:14:50 nutcracker /netbsd: kdb_trap(1,0,cb1d2dc0) at kdb_trap+0xc6
May 30 03:14:50 nutcracker /netbsd: trap() at trap+0x168
May 30 03:14:50 nutcracker /netbsd: --- trap (number 1) ---
May 30 03:14:50 nutcracker /netbsd: cpu_Debugger(c093cd00,c094100a,cb1d2e44,c03cb8e9,c093cd00) at cpu_Debugger+0x4
May 30 03:14:50 nutcracker /netbsd: internal_command(c093cd00,cb1d2e50,f420,1b,1) at internal_command+0x17c
May 30 03:14:50 nutcracker /netbsd: wskbd_translate(c05bf360,2,1,c090da00,c05bf660) at wskbd_translate+0xdd
May 30 03:14:50 nutcracker /netbsd: wskbd_input(c093cd00,2,1,1,2) at wskbd_input+0x53
May 30 03:14:50 nutcracker /netbsd: pckbd_input(c090da00,1) at pckbd_input+0x4e
May 30 03:14:50 nutcracker /netbsd: pckbcintr(c08d8380) at pckbcintr+0xf7
May 30 03:14:50 nutcracker /netbsd: Xintr1() at Xintr1+0x70
May 30 03:14:50 nutcracker /netbsd: --- interrupt ---
May 30 03:14:50 nutcracker /netbsd: idle(cb1bbc78) at idle+0x20
May 30 03:14:50 nutcracker /netbsd: bpendtsleep(c05a6a18,28,c046a9f0,64,0) at bpendtsleep
May 30 03:14:50 nutcracker /netbsd: sched_sync(cb1bbc78) at sched_sync+0x173
May 30 03:14:50 nutcracker /netbsd: End traceback...
>How-To-Repeat:
Dunno, in the 6 month I've had this computer, this has never
happend before.
>Fix:
Not a clue.
>Release-Note:
>Audit-Trail:
>Unformatted: