~/FreeBSD/www/x.41.html

GENERIC HEAD from Jan 15 11:21 UTC + jhb@'s spinlock.patch, vmcore.144

GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD 6.0-CURRENT #0: Sat Jan 15 13:02:23 CET 2005
    pho@current.osted.lan:/usr/src/sys/i386/compile/PHO
WARNING: WITNESS option enabled, expect reduced performance.
ACPI APIC Table: <A M I  OEMAPIC >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.14-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0xf13  Stepping = 3
  Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM>
real memory  = 267583488 (255 MB)
avail memory = 252448768 (240 MB)
:
mount root from ufs:/dev/ad0s1a
freebsd4_sigreturn: eflags = 0x0
freebsd4_sigreturn: eflags = 0x0
:
freebsd4_sigreturn: eflags = 0x0
freebsd4_sigreturn: eflags = 0x0
dev = ad0s1e, block = 386872, fs = /tmp
panic: ffs_blkfree: freeing free block
cpuid = 0
KDB: enter: panic
[thread pid 56 tid 100077 ]
Stopped at      kdb_enter+0x2c: leave
db> where
Tracing pid 56 tid 100077 td 0xc1759a10
kdb_enter(c0823373,100,c1759a10,16f940,523) at kdb_enter+0x2c
panic(c0838cff,c0838cdf,c173a880,5e738,0) at panic+0x190
ffs_blkfree(c1789800,c17b533c,5e738,0,4000) at ffs_blkfree+0x390
indir_trunc(174760,0,0,c,0,ce769c4c) at indir_trunc+0x1bf
handle_workitem_freeblocks(0,0,0,73,0) at handle_workitem_freeblocks+0x2e6
process_worklist_item(41ea3a6c,0,0,c16a3708,c16a370c) at process_worklist_item+0x1c0
softdep_process_worklist(0,8e,41ea3a6c,1,0) at softdep_process_worklist+0x6a
sched_sync(0,ce769d48,0,c0661de4,0) at sched_sync+0x4b0
fork_exit(c0661de4,0,ce769d48) at fork_exit+0x79
fork_trampoline() at fork_trampoline+0x8
--- trap 0x1, eip = 0, esp = 0xce769d7c, ebp = 0 ---
db> show pcpu
cpuid        = 0
curthread    = 0xc1759a10: pid 56 "syncer"
curpcb       = 0xce769da0
fpcurthread  = none
idlethread   = 0xc151f5c0: pid 11 "idle: cpu0"
APIC ID      = 0
currentldt   = 0x28
spin locks held:
db> call doadump
Dumping 255 MB
 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240
Dump complete
0x1d
db> reset

(kgdb) bt
#0  doadump () at pcpu.h:159
#1  0xc04652d6 in db_fncall (dummy1=0xc0628484, dummy2=0x0, dummy3=0xffffffff, dummy4=0xce76998c "") at ../../../ddb/db_command.c:531
#2  0xc046566c in db_command_loop () at ../../../ddb/db_command.c:349
#3  0xc0467098 in db_trap (type=0x3, code=0x0) at ../../../ddb/db_main.c:228
#4  0xc062884a in kdb_trap (type=0x3, code=0x0, tf=0xce769ab4) at ../../../kern/subr_kdb.c:421
#5  0xc07b68bc in trap (frame=
      {tf_fs = 0xce760018, tf_es = 0xc0620010, tf_ds = 0xc0820010, tf_edi = 0xc0838cff, tf_esi = 0x1, tf_ebp = 0xce769af4, tf_isp = 0xce769ae0, tf_ebx = 0xce769b20, tf_edx = 0xc0823373, tf_ecx = 0xc08e8200, tf_eax = 0xc082550d, tf_trapno = 0x3, tf_err = 0x0, tf_eip = 0xc0628484, tf_cs = 0x8, tf_eflags = 0x286, tf_esp = 0xce769b14, tf_ss = 0xc0610a54}) at ../../../i386/i386/trap.c:573
#6  0xc07a51aa in calltrap () at ../../../i386/i386/exception.s:139
#7  0xce760018 in ?? ()
#8  0xc0620010 in MD5Transform (state=0x1, block=0x0) at ../../../kern/md5c.c:311
#9  0xc0610a54 in panic (fmt=---Can't read userspace from dump, or kernel process---

) at ../../../kern/kern_shutdown.c:548
#10 0xc0732710 in ffs_blkfree (fs=0xc1789800, devvp=0xc17b533c, bno=0x5e738, size=0x4000, inum=0x174af) at ../../../ufs/ffs/ffs_alloc.c:1791
#11 0xc0740ddb in indir_trunc (freeblks=0xc277c500, dbn=0x174760, level=0x0, lbn=0xc, countp=0xce769c4c)
    at ../../../ufs/ffs/ffs_softdep.c:2626
#12 0xc07411fe in handle_workitem_freeblocks (freeblks=0xc277c500, flags=0x0) at ../../../ufs/ffs/ffs_softdep.c:2481
#13 0xc0743268 in process_worklist_item (matchmnt=0x0, flags=0x0) at ../../../ufs/ffs/ffs_softdep.c:757
#14 0xc0745d86 in softdep_process_worklist (matchmnt=0x0) at ../../../ufs/ffs/ffs_softdep.c:623
#15 0xc0662294 in sched_sync () at ../../../kern/vfs_subr.c:1594
#16 0xc05fe135 in fork_exit (callout=0xc0661de4 <sched_sync>, arg=0x0, frame=0xce769d48) at ../../../kern/kern_fork.c:788
#17 0xc07a520c in fork_trampoline () at ../../../i386/i386/exception.s:208
(kgdb) f 10
#10 0xc0732710 in ffs_blkfree (fs=0xc1789800, devvp=0xc17b533c, bno=0x5e738, size=0x4000, inum=0x174af) at ../../../ufs/ffs/ffs_alloc.c:1791
1791                                    panic("ffs_blkfree: freeing free frag");
(kgdb) l
1786                    for (i = 0; i < frags; i++) {
1787                            if (isset(blksfree, cgbno + i)) {
1788                                    printf("dev = %s, block = %jd, fs = %s\n",
1789                                        devtoname(dev), (intmax_t)(bno + i),
1790                                        fs->fs_fsmnt);
1791                                    panic("ffs_blkfree: freeing free frag");
1792                            }
1793                            setbit(blksfree, cgbno + i);
1794                    }
1795                    cgp->cg_cs.cs_nffree += i;
(kgdb) info loc
cgp = (struct cg *) 0xc861a000
bp = (struct buf *) 0xc66774c0
fragno = 0x523
cgbno = 0x2918
cgblkno = Unhandled dwarf expression opcode 0x93