NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/38981: FFS+softdep panic on !cv_has_waiters(&bp->b_done) (vfs_subr2.c:551)
Note: There was a bad value `' for the field `Class'.
It was set to the default value of `sw-bug'.
>Number: 38981
>Category: kern
>Synopsis: FFS+softdep panic on !cv_has_waiters(&bp->b_done)
>(vfs_subr2.c:551)
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Jun 18 15:45:00 +0000 2008
>Originator: Reinoud Zandijk
>Release: NetBSD 4.99.64
>Organization:
NetBSD
>Environment:
System: NetBSD aardappel.13thmonkey.org 4.99.55 NetBSD 4.99.55 (GENERIC) #0:
Sun Mar 2 21:22:35 CET 2008
reinoud%heethoofdje.13thmonkey.org@localhost:/usr/sources/cvs.netbsd.org/src/sys/arch/i386/compile/GENERIC
i386
Architecture: i386
Machine: i386
>Description:
When mounting a filesystem (in my case a vnd) with softdep it can panic on the
folowing:
panic: kernel diagnostic assertion "!cv_has_waiters(&bp->b_done)" failed: file
"../../../../kern/vfs_subr2.c", line 551
A full backtrace gives:
#4 0xc09ca723 in __kernassert (t=0xc0a6465f "diagnostic ", f=0xc0a64642
"../../../../kern/vfs_subr2.c",
l=551, e=0xc0a6484d "!cv_has_waiters(&bp->b_done)") at
../../../../../../lib/libkern/__assert.c:50
50 panic("kernel %sassertion \"%s\" failed: file \"%s\", line %d",
(gdb) up
# 5 0xc060121a in reassignbuf (bp=0xc128ee20, vp=0xc7424cf8) at
../../../../kern/vfs_subr2.c:551
551 KASSERT(!cv_has_waiters(&bp->b_done));
(gdb) list
546
547 KASSERT(mutex_owned(&bufcache_lock));
548 KASSERT(bp->b_objlock == &vp->v_interlock);
549 KASSERT(mutex_owned(&vp->v_interlock));
550 KASSERT((bp->b_cflags & BC_BUSY) != 0);
551 KASSERT(!cv_has_waiters(&bp->b_done));
552
553 /*
554 * Delete from old vnode list, if on one.
555 */
(gdb) print *bp
$1 = {b_u = {u_actq = {tqe_next = 0x0, tqe_prev = 0xc110cff0}, u_work =
{wk_dummy = 0x0}}, b_iodone = 0,
b_error = 0, b_resid = 0, b_flags = 1024, b_prio = 2, b_bufsize = 16384,
b_bcount = 16384, b_dev = 3584,
b_data = 0xc7834000, b_blkno = 5556992, b_rawblkno = 5556992, b_proc = 0x0,
b_saveaddr = 0x0,
b_private = 0x0, b_dcookie = 0, b_busy = {cv_opaque = {0x0, 0xc128ee70},
cv_wmesg = 0xc0a6378d "biolock"},
b_refcnt = 1, b_dep = {lh_first = 0xc12e205c}, b_hash = {le_next = 0x0,
le_prev = 0xc128ed3c},
b_vnbufs = {le_next = 0xc128ecd8, le_prev = 0xc7424d74}, b_freelist =
{tqe_next = 0xc13b4390,
tqe_prev = 0xc12976fc}, b_lblkno = 5556992, b_freelistindex =-1, b_cflags =
16, b_vp = 0xc7424cf8,
b_done = {cv_opaque = {0xc623fa00, 0xc623fac0}, cv_wmesg = 0xc0a63795
"biowait"}, b_oflags = 128,
b_objlock = 0xc7424cf8}
(gdb) up
#6 0xc05f3956 in bdirty (bp=0xc128ee20) at ../../../../kern/vfs_bio.c:957
957 reassignbuf(bp, bp->b_vp);
(gdb) list
952 CLR(bp->b_cflags, BC_AGE);
953
954 if (!ISSET(bp->b_oflags, BO_DELWRI)) {
955 SET(bp->b_oflags, BO_DELWRI);
956 curlwp->l_ru.ru_oublock++;
957 reassignbuf(bp, bp->b_vp);
958 }
959 }
960
961
(gdb) up
#7 0xc04b9e6b in handle_written_inodeblock (inodedep=0xc129b0bc, bp=0xc128ee20)
at ../../../../ufs/ffs/ffs_softdep.c:4234
4234 bdirty(bp);
(gdb) list
4229 * marked dirty so that its will eventually get written back in
4230 * its correct form.
4231 */
4232 if (hadchanges) {
4233 mutex_enter(bp->b_objlock);
4234 bdirty(bp);
4235 mutex_exit(bp->b_objlock);
4236 }
4237 /*
4238 * Process any allocdirects that completed during the update.
(gdb) up
#8 0xc04b91f6 in softdep_disk_write_complete (bp=0xc128ee20) at
../../../../ufs/ffs/ffs_softdep.c:3889
3889 if (handle_written_inodeblock(WK_INODEDEP(wk),
bp))
(gdb) list
3884 if (handle_written_filepage(WK_PAGEDEP(wk), bp))
3885 worklist_insert(&reattach, wk);
3886 continue;
3887
3888 case D_INODEDEP:
3889 if (handle_written_inodeblock(WK_INODEDEP(wk),
bp))
3890 worklist_insert(&reattach, wk);
3891 continue;
3892
3893 case D_BMSAFEMAP:
(gdb) up
#9 0xc05f4f2d in biodone2 (bp=0xc128ee20) at ../../../../kern/vfs_bio.c:1509
1509 (*bioopsp->io_complete)(bp);
(gdb) list
1504 biodone2(buf_t *bp)
1505 {
1506 void (*callout)(buf_t *);
1507
1508 if (bioopsp != NULL)
1509 (*bioopsp->io_complete)(bp);
1510
1511 mutex_enter(bp->b_objlock);
1512 /* Note that the transfer is done. */
1513 if (ISSET(bp->b_oflags, BO_DONE))
(gdb) up
#10 0xc05f4ea9 in biodone (bp=0xc128ee20) at ../../../../kern/vfs_bio.c:1499
1499 biodone2(bp);
(gdb) list
1494 TAILQ_INSERT_TAIL(&curcpu()->ci_data.cpu_biodone, bp,
b_actq);
1495 softint_schedule(biodone_sih);
1496 splx(s);
1497 } else {
1498 /* Process now - the buffer may be freed soon. */
1499 biodone2(bp);
1500 }
1501 }
1502
1503 static void
(gdb) up
#11 0xc054cfb4 in vndiodone (bp=0xc1296e70) at ../../../../dev/vnd.c:877
877 biodone(obp);
(gdb) list
872 wakeup(&vnd->sc_tab);
873 }
874 obp->b_error = bp->b_error;
875 obp->b_resid = bp->b_resid;
876 VND_PUTXFER(vnd, vnx);
877 biodone(obp);
878 }
879
880 /* ARGSUSED */
881 static int
(gdb) up
#12 0xc05f5030 in biodone2 (bp=0xc1296e70) at ../../../../kern/vfs_bio.c:1529
1529 (*callout)(bp);
(gdb) list
1524 /* Note callout done, then call out. */
1525 KASSERT(!cv_has_waiters(&bp->b_done));
1526 KERNEL_LOCK(1, NULL); /* XXXSMP */
1527 bp->b_iodone = NULL;
1528 mutex_exit(bp->b_objlock);
1529 (*callout)(bp);
1530 KERNEL_UNLOCK_ONE(NULL); /* XXXSMP */
1531 } else if (ISSET(bp->b_flags, B_ASYNC)) {
1532 /* If async, release. */
1533 KASSERT(!cv_has_waiters(&bp->b_done));
(gdb) up
#13 0xc05f4ea9 in biodone (bp=0xc1296e70) at ../../../../kern/vfs_bio.c:1499
1499 biodone2(bp);
(gdb) list
1494 TAILQ_INSERT_TAIL(&curcpu()->ci_data.cpu_biodone, bp,
b_actq);
1495 softint_schedule(biodone_sih);
1496 splx(s);
1497 } else {
1498 /* Process now - the buffer may be freed soon. */
1499 biodone2(bp);
1500 }
1501 }
1502
1503 static void
(gdb) up
#14 0xc05f61db in nestiobuf_done (mbp=0xc1296e70, donebytes=16384, error=0) at
../../../../kern/vfs_bio.c:2007
2007 biodone(mbp);
(gdb) list
2002 mbp->b_resid -= donebytes;
2003 if (error)
2004 mbp->b_error = error;
2005 if (mbp->b_resid == 0) {
2006 mutex_exit(mbp->b_objlock);
2007 biodone(mbp);
2008 } else
2009 mutex_exit(mbp->b_objlock);
2010 }
2011
(gdb) up
#15 0xc05f601e in nestiobuf_iodone (bp=0xc1335a6c) at
../../../../kern/vfs_bio.c:1950
1950 nestiobuf_done(mbp, donebytes, error);
(gdb) list
1945 }
1946
1947 donebytes = bp->b_bufsize;
1948
1949 putiobuf(bp);
1950 nestiobuf_done(mbp, donebytes, error);
1951 }
1952
1953 /*
1954 * nestiobuf_setup: setup a "nested" buffer.
(gdb) up
#16 0xc05f5030 in biodone2 (bp=0xc1335a6c) at ../../../../kern/vfs_bio.c:1529
1529 (*callout)(bp);
(gdb) list
1524 /* Note callout done, then call out. */
1525 KASSERT(!cv_has_waiters(&bp->b_done));
1526 KERNEL_LOCK(1, NULL); /* XXXSMP */
1527 bp->b_iodone = NULL;
1528 mutex_exit(bp->b_objlock);
1529 (*callout)(bp);
1530 KERNEL_UNLOCK_ONE(NULL); /* XXXSMP */
1531 } else if (ISSET(bp->b_flags, B_ASYNC)) {
1532 /* If async, release. */
1533 KASSERT(!cv_has_waiters(&bp->b_done));
(gdb) up
#17 0xc05f4ea9 in biodone (bp=0xc1335a6c) at ../../../../kern/vfs_bio.c:1499
1499 biodone2(bp);
(gdb) list
1494 TAILQ_INSERT_TAIL(&curcpu()->ci_data.cpu_biodone, bp,
b_actq);
1495 softint_schedule(biodone_sih);
1496 splx(s);
1497 } else {
1498 /* Process now - the buffer may be freed soon. */
1499 biodone2(bp);
1500 }
1501 }
1502
1503 static void
(gdb) up
#18 0xc0442163 in nfs_doio (bp=0xc1335a6c) at ../../../../nfs/nfs_bio.c:1187
1187 biodone(bp);
(gdb) list
1182 error = nfs_doio_read(bp, uiop);
1183 } else {
1184 error = nfs_doio_write(bp, uiop);
1185 }
1186 bp->b_resid = uiop->uio_resid;
1187 biodone(bp);
1188 return (error);
1189 }
1190
1191 /*
(gdb) up
#19 0xc046f632 in nfssvc_iod (arg=0xc6233060) at
../../../../nfs/nfs_syscalls.c:1062
1062 (void)nfs_doio(bp);
(gdb) list
1057 if (nmp->nm_bufqlen < 2 * nmp->nm_bufqiods) {
1058 cv_broadcast(&nmp->nm_aiocv);
1059 }
1060 mutex_exit(&nmp->nm_lock);
1061 KERNEL_LOCK(1, curlwp);
1062 (void)nfs_doio(bp);
1063 KERNEL_UNLOCK_LAST(curlwp);
1064 mutex_enter(&nmp->nm_lock);
1065 /*
1066 * If there are more than one iod on this
mount,
>How-To-Repeat:
mount vnd/wd with ffs with softdep enabled and either cvs update or copy a
large tree like src on to it; overwriting might trigger it earlier.
>Fix:
unknown
>Unformatted:
Home |
Main Index |
Thread Index |
Old Index