netbsd-bugs: kern/22175: panic: kernel debugging assertion failed: SIMPLEQ_EMPTY(&sa->sa

Subject: kern/22175: panic: kernel debugging assertion failed: SIMPLEQ_EMPTY(&sa->sa_upcalls) == 0
To: None <gnats-bugs@gnats.netbsd.org>
From: None <dogcow@babymeat.com>
List: netbsd-bugs
Date: 07/18/2003 00:38:53
>Number:         22175
>Category:       kern
>Synopsis:       panic: kernel debugging assertion failed: SIMPLEQ_EMPTY(&sa->sa_upcalls) == 0
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jul 18 07:39:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:     Tom Spindler
>Release:        NetBSD 1.6U
>Organization:
	
>Environment:
	
	
System: NetBSD beefcake.babymeat.com 1.6U NetBSD 1.6U (DEBUGBEEFCAKE) #21: Sat Jul 12 22:36:11 PDT 2003 dogcow@beefcake.babymeat.com:/usr/src/sys/arch/i386/compile/DEBUGBEEFCAKE i386
Architecture: i386
Machine: i386
>Description:
Yet another crash from kill '9-ing phoenix, after it went into 100% cpuland.
#3  0xc02904b3 in __assert () at ../../../../../../lib/libkern/__assert.c:47
47              panic("kernel %sassertion \"%s\" failed: file \"%s\", line %d",
(gdb) info frame
Stack level 3, frame at 0xd3cebbac:
 eip = 0xc02904b3 in __assert (../../../../../../lib/libkern/__assert.c:47); 
    saved eip 0xc01bf01d
 called by frame at 0xd3cebf3c, caller of frame at 0xd3cebb7c
 Arglist at 0xd3cebbac, args: t=0xc02b6fe9 "debugging ", 
    f=0xc02b6fce "../../../../kern/kern_sa.c", l=840, 
    e=0xc02b75c0 "SIMPLEQ_EMPTY(&sa->sa_upcalls) == 0"
 Locals at 0xd3cebbac, Previous frame's sp is 0x0
 Saved registers:
  ebp at 0xd3cebbac, eip at 0xd3cebbb0
(gdb) up
#4  0xc01bf01d in sa_upcall_userret (l=0xd3b7ed84)
    at ../../../../kern/kern_sa.c:840
840             KDASSERT(SIMPLEQ_EMPTY(&sa->sa_upcalls) == 0);
(gdb) print *sa
$2 = {sa_lock = {lock_data = 0}, sa_flag = 0, sa_upcall = 0xbd77d9c0, 
  sa_vp = 0xd3b7e904, sa_woken = 0x0, sa_idle = 0x0, sa_concurrency = 1, 
  sa_lwpcache = {lh_first = 0x0}, sa_ncached = 0, sa_stacks = 0xc0949600, 
  sa_nstacks = 0, sa_upcalls = {sqh_first = 0x0, sqh_last = 0xd3bcb02c}}
(gdb) up
#5  0xc0234361 in upcallret (l=0xd3b7ed84) at machine/userret.h:100
100                     sa_upcall_userret(l);
(gdb) print *l
$4 = {l_forw = 0xc03336a8, l_back = 0x0, l_list = {le_next = 0xd3b7ef04, 
    le_prev = 0xd3b7e80c}, l_zlist = {le_next = 0xdeadbeef, 
    le_prev = 0xdeadbeef}, l_proc = 0xd3bb56a0, l_sibling = {
    le_next = 0xd3b7e584, le_prev = 0xd3b7e820}, l_cpu = 0xc030c3c0, 
  l_flag = 2097156, l_stat = 7, l_lid = 2, l_swtime = 1614, l_slptime = 0, 
  l_wchan = 0x0, l_tsleep_ch = {c_list = {cq_next = 0xc0319d80, 
      cq_prev = 0xd3722d40}, c_func = 0xc01c3cb8 <endtsleep>, 
    c_arg = 0xd3b7ed84, c_time = 13808050, c_flags = 0}, 
  l_wmesg = 0xc02c26f4 "anonget2", l_holdcnt = 1, l_ctxlink = 0x0, 
  l_priority = 79 'O', l_usrpri = 79 'O', l_private = 0xdeadbeef, 
  l_locks = -559038737, l_addr = 0xd3ce8000, l_md = {md_regs = 0xd3cebfa8, 
    md_flags = 1, md_tss_sel = 632}}

	
>How-To-Repeat:
Wait for a pthreads-using process to hit 99% cpu and not do anything.
kill -9 it. a good portion of the time, panic.
	
>Fix:
	
presumably, don't run a debug kernel
>Release-Note:
>Audit-Trail:
>Unformatted: