GENERIC HEAD from Feb 5 09:19 UTC + FULL_PREEMPTION + mpsafe_vfs = 1 , vmcore.167
Deadlock.
GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-CURRENT #0: Sat Feb 5 17:54:46 CET 2005
pho@current.osted.lan:/usr/src/sys/i386/compile/PHO
WARNING: WITNESS option enabled, expect reduced performance.
ACPI APIC Table: <A M I OEMAPIC >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.14-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf13 Stepping = 3
Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM>
real memory = 267583488 (255 MB)
avail memory = 252379136 (240 MB)
:
mount root from ufs:/dev/ad0s1a
rl0: link state changed to DOWN
~KDB: enter: Line break on console
[thread pid 10348 tid 100184 ]
Stopped at kdb_enter+0x2b: nop
db> where
Tracing pid 10348 tid 100184 td 0xc20395c0
kdb_enter(c0843801) at kdb_enter+0x2b
siointr1(c1696400,c095e3e0,0,c0843611,56f) at siointr1+0xce
siointr(c1696400) at siointr+0x21
intr_execute_handlers(c1510090,cf282d44,4,bfbfe9b8,c07ad0c3) at intr_execute_handlers+0x9d
lapic_handle_intr(34) at lapic_handle_intr+0x2e
Xapic_isr1() at Xapic_isr1+0x33
--- interrupt, eip = 0x8048f2a, esp = 0xbfbfe9a0, ebp = 0xbfbfe9b8 ---
db> show pcpu
cpuid = 0
curthread = 0xc20395c0: pid 10348 "swap"
curpcb = 0xcf282da0
fpcurthread = none
idlethread = 0xc151f5c0: pid 11 "idle: cpu0"
APIC ID = 0
currentldt = 0x30
spin locks held:
db> show alllocks
Process 10385 (sh) thread 0xc2413170 (100301)
exclusive sleep mutex process lock r = 0 (0xc1f51068) locked @ kern/kern_fork.c:300
exclusive sx allproc r = 0 (0xc08f6360) locked @ kern/kern_fork.c:287
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10372 (tcp) thread 0xc2095730 (100255)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10370 (tcp) thread 0xc189d730 (100115)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10369 (tcp) thread 0xc2725730 (100451)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10368 (tcp) thread 0xc2726a10 (100479)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10367 (tcp) thread 0xc1f2a170 (100141)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10366 (tcp) thread 0xc27268a0 (100478)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10365 (tcp) thread 0xc2413b80 (100308)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10346 (sysctl) thread 0xc2729cf0 (100549)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 551 (top) thread 0xc189d000 (100110)
exclusive sx sysctl lock r = 0 (0xc08f6920) locked @ kern/kern_sysctl.c:1335
Process 448 (cron) thread 0xc162b8a0 (100066)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
db> call print_uptime
Uptime: 2h12m2s
0x3
db> c
~KDB: enter: Line break on console
[thread pid 10348 tid 100184 ]
Stopped at kdb_enter+0x2b: nop
db> call print_uptime
Uptime: 3h1m53s
0x4
db> where
Tracing pid 10348 tid 100184 td 0xc20395c0
kdb_enter(c0843801) at kdb_enter+0x2b
siointr1(c1696400,c095e3e0,0,c0843611,56f) at siointr1+0xce
siointr(c1696400) at siointr+0x21
intr_execute_handlers(c1510090,cf282d44,4,bfbfe9b8,c07ad0c3) at intr_execute_handlers+0x9d
lapic_handle_intr(34) at lapic_handle_intr+0x2e
Xapic_isr1() at Xapic_isr1+0x33
--- interrupt, eip = 0x8048f30, esp = 0xbfbfe9a0, ebp = 0xbfbfe9b8 ---
db> show alllocks
Process 10385 (sh) thread 0xc2413170 (100301)
exclusive sleep mutex process lock r = 0 (0xc1f51068) locked @ kern/kern_fork.c:300
exclusive sx allproc r = 0 (0xc08f6360) locked @ kern/kern_fork.c:287
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10372 (tcp) thread 0xc2095730 (100255)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10370 (tcp) thread 0xc189d730 (100115)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10369 (tcp) thread 0xc2725730 (100451)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10368 (tcp) thread 0xc2726a10 (100479)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10367 (tcp) thread 0xc1f2a170 (100141)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10366 (tcp) thread 0xc27268a0 (100478)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10365 (tcp) thread 0xc2413b80 (100308)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 10346 (sysctl) thread 0xc2729cf0 (100549)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
Process 551 (top) thread 0xc189d000 (100110)
exclusive sx sysctl lock r = 0 (0xc08f6920) locked @ kern/kern_sysctl.c:1335
Process 448 (cron) thread 0xc162b8a0 (100066)
shared sx proctree r = 0 (0xc08f63a0) locked @ kern/kern_fork.c:278
db> where 10385
Tracing pid 10385 tid 100301 td 0xc2413170
sched_switch(c2413170,0,2) at sched_switch+0x17f
mi_switch(2,0,c08f62a0,0,c0826d29) at mi_switch+0x264
critical_exit(c08cb1a0) at critical_exit+0x86
intr_execute_handlers(c08cb1a0,cf43fc08,cf43fc6c,c1f51000,7) at intr_execute_handlers+0xba
atpic_handle_intr(0) at atpic_handle_intr+0x92
Xatpic_intr0() at Xatpic_intr0+0x20
--- interrupt, eip = 0xc0613637, esp = 0xcf43fc4c, ebp = 0xcf43fc58 ---
lim_rlimit(c1f51000,7,cf43fc6c,8,c0822ad4) at lim_rlimit+0x3b
lim_cur(c1f51000,7) at lim_cur+0x15
fork1(c2413170,14,0,cf43fce4,c1f51068) at fork1+0x19c
fork(c2413170,cf43fd14,0,3,246) at fork+0x18
syscall(2f,2f,2f,806824c,806a000) at syscall+0x213
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (2, FreeBSD ELF32, fork), eip = 0x281279b3, esp = 0xbfbfe90c, ebp = 0xbfbfe928 ---
db> show pcpu
cpuid = 0
curthread = 0xc20395c0: pid 10348 "swap"
curpcb = 0xcf282da0
fpcurthread = none
idlethread = 0xc151f5c0: pid 11 "idle: cpu0"
APIC ID = 0
currentldt = 0x30
spin locks held:
db> call doadump
Dumping 255 MB
16 32 48 64 80 96 112 128 144 160 176 192 208 224 240
Dump complete
0xf
db> reset
(kgdb) p *(struct sx *)0xc08f63a0
$1 = {sx_object = {lo_class = 0xc088774c, lo_name = 0xc0824d21 "proctree", lo_type = 0xc0824d21 "proctree", lo_flags = 0x3b0000, lo_list = {
tqe_next = 0xc08f63e0, tqe_prev = 0xc08f6370}, lo_witness = 0xc0907618}, sx_lock = 0xc08f51f8, sx_cnt = 0xa, sx_shrd_cv = {
cv_description = 0xc0824d21 "proctree", cv_waiters = 0x0}, sx_shrd_wcnt = 0x0, sx_excl_cv = {cv_description = 0xc0824d21 "proctree",
cv_waiters = 0x0}, sx_excl_wcnt = 0x0, sx_xholder = 0x0}
(kgdb) btp 10385
frame 0 at 0xcf43fb50: ebp cf43fba0, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf43fba0: ebp cf43fbc4, eip 0xc0625926 <critical_exit+134>: push $0x254
frame 2 at 0xcf43fbc4: ebp cf43fbe4, eip 0xc07b0a5a <intr_execute_handlers+186>: add $0x4,%esp
frame 3 at 0xcf43fbe4: ebp cf43fc00, eip 0xc07c15ae <atpic_handle_intr+146>: lea 0xfffffff4(%ebp),%esp
frame 4 at 0xcf43fc00: ebp cf43fc58, eip 0xc07acda0 <Xatpic_intr0+32>: add $0x4,%esp
frame 5 at 0xcf43fc58: ebp cf43fc7c, eip 0xc06135f1 <lim_cur+21>: mov 0xfffffff0(%ebp),%eax
frame 6 at 0xcf43fc7c: ebp cf43fccc, eip 0xc0600640 <fork1+412>: add $0x8,%esp
frame 7 at 0xcf43fccc: ebp cf43fcec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 8 at 0xcf43fcec: ebp cf43fd40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 10372
frame 0 at 0xcf361bbc: ebp cf361c0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf361c0c: ebp cf361c24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf361c24: ebp cf361c30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf361c30: ebp cf361c58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf361c58: ebp cf361c74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcf361c74: ebp cf361ccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcf361ccc: ebp cf361cec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcf361cec: ebp cf361d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 10370
frame 0 at 0xcf0d2bbc: ebp cf0d2c0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf0d2c0c: ebp cf0d2c24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf0d2c24: ebp cf0d2c30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf0d2c30: ebp cf0d2c58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf0d2c58: ebp cf0d2c74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcf0d2c74: ebp cf0d2ccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcf0d2ccc: ebp cf0d2cec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcf0d2cec: ebp cf0d2d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 10369
frame 0 at 0xcf698bbc: ebp cf698c0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf698c0c: ebp cf698c24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf698c24: ebp cf698c30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf698c30: ebp cf698c58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf698c58: ebp cf698c74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcf698c74: ebp cf698ccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcf698ccc: ebp cf698cec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcf698cec: ebp cf698d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 10368
frame 0 at 0xcf6dabbc: ebp cf6dac0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf6dac0c: ebp cf6dac24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf6dac24: ebp cf6dac30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf6dac30: ebp cf6dac58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf6dac58: ebp cf6dac74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcf6dac74: ebp cf6daccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcf6daccc: ebp cf6dacec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcf6dacec: ebp cf6dad40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 10367
frame 0 at 0xcf171bbc: ebp cf171c0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf171c0c: ebp cf171c24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf171c24: ebp cf171c30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf171c30: ebp cf171c58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf171c58: ebp cf171c74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcf171c74: ebp cf171ccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcf171ccc: ebp cf171cec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcf171cec: ebp cf171d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 10366
frame 0 at 0xcf6d7bbc: ebp cf6d7c0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf6d7c0c: ebp cf6d7c24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf6d7c24: ebp cf6d7c30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf6d7c30: ebp cf6d7c58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf6d7c58: ebp cf6d7c74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcf6d7c74: ebp cf6d7ccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcf6d7ccc: ebp cf6d7cec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcf6d7cec: ebp cf6d7d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 10365
frame 0 at 0xcf454bbc: ebp cf454c0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf454c0c: ebp cf454c24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf454c24: ebp cf454c30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf454c30: ebp cf454c58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf454c58: ebp cf454c74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcf454c74: ebp cf454ccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcf454ccc: ebp cf454cec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcf454cec: ebp cf454d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 10346
frame 0 at 0xcf764bbc: ebp cf764c0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf764c0c: ebp cf764c24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf764c24: ebp cf764c30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf764c30: ebp cf764c58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf764c58: ebp cf764c74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcf764c74: ebp cf764ccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcf764ccc: ebp cf764cec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcf764cec: ebp cf764d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 551
frame 0 at 0xcf0c3adc: ebp cf0c3b2c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcf0c3b2c: ebp cf0c3b44, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcf0c3b44: ebp cf0c3b50, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcf0c3b50: ebp cf0c3b78, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcf0c3b78: ebp cf0c3b94, eip 0xc0619968 <_sx_slock+104>: decl 0x2c(%ebx)
frame 5 at 0xcf0c3b94: ebp cf0c3bc0, eip 0xc060f7f0 <sysctl_kern_proc+332>: movl $0x0,0xffffffe8(%ebp)
frame 6 at 0xcf0c3bc0: ebp cf0c3bec, eip 0xc061bd53 <sysctl_root+283>: mov %eax,%edx
frame 7 at 0xcf0c3bec: ebp cf0c3c40, eip 0xc061bf24 <userland_sysctl+244>: mov %eax,%ebx
frame 8 at 0xcf0c3c40: ebp cf0c3cec, eip 0xc061bddb <__sysctl+119>: mov %eax,%ebx
frame 9 at 0xcf0c3cec: ebp cf0c3d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) btp 448
frame 0 at 0xcc706bbc: ebp cc706c0c, eip 0xc061a718 <mi_switch+612>: add $0xc,%esp
frame 1 at 0xcc706c0c: ebp cc706c24, eip 0xc0631c4c <sleepq_switch+224>: add $0x8,%esp
frame 2 at 0xcc706c24: ebp cc706c30, eip 0xc0631e2c <sleepq_wait+48>: push $0x220
frame 3 at 0xcc706c30: ebp cc706c58, eip 0xc05f12fd <cv_wait+377>: mov (%ebx),%eax
frame 4 at 0xcc706c58: ebp cc706c74, eip 0xc0619b0c <_sx_xlock+104>: decl 0x38(%ebx)
frame 5 at 0xcc706c74: ebp cc706ccc, eip 0xc06005d7 <fork1+307>: mov 0x8(%ebp),%eax
frame 6 at 0xcc706ccc: ebp cc706cec, eip 0xc060032c <fork+24>: mov %eax,%edx
frame 7 at 0xcc706cec: ebp cc706d40, eip 0xc07bf223 <syscall+531>: mov %eax,%ebx
(kgdb) p *(struct thread *)0xc2413170
$3 = {td_proc = 0xc1f51000, td_ksegrp = 0xc184b8a0, td_plist = {tqe_next = 0x0, tqe_prev = 0xc1f51010}, td_kglist = {tqe_next = 0x0,
tqe_prev = 0xc184b8ac}, td_slpq = {tqe_next = 0x0, tqe_prev = 0xcc70fc4c}, td_lockq = {tqe_next = 0x0, tqe_prev = 0xcf416c28},
td_runq = {tqe_next = 0x0, tqe_prev = 0xc184b8b4}, td_selq = {tqh_first = 0x0, tqh_last = 0x0}, td_sleepqueue = 0xc1e68580,
td_turnstile = 0xc2042800, td_tid = 0x187cd, td_flags = 0x1000000, td_inhibitors = 0x0, td_pflags = 0x0, td_dupfd = 0x0, td_wchan = 0x0,
td_wmesg = 0x0, td_lastcpu = 0x0, td_oncpu = 0xff, td_locks = 0x0, td_blocked = 0x0, td_ithd = 0x0, td_lockname = 0x0, td_contested = {
lh_first = 0x0}, td_sleeplocks = 0xc0943528, td_intr_nesting_level = 0x1, td_pinned = 0x0, td_mailbox = 0x0, td_ucred = 0xc1ab7900,
td_standin = 0x0, td_upcall = 0x0, td_sticks = 0x3, td_uuticks = 0x0, td_usticks = 0x0, td_intrval = 0x0, td_oldsigmask = {__bits = {0x0,
0x0, 0x0, 0x0}}, td_sigmask = {__bits = {0x0, 0x0, 0x0, 0x0}}, td_siglist = {__bits = {0x0, 0x0, 0x0, 0x0}}, td_waitset = 0x0,
td_umtxq = 0x0, td_generation = 0x7, td_sigstk = {ss_sp = 0x0, ss_size = 0x0, ss_flags = 0x4}, td_kflags = 0x0, td_xsig = 0x0,
td_profil_addr = 0x0, td_profil_ticks = 0x0, td_base_pri = 0xd8, td_priority = 0xd8, td_pcb = 0xcf43fda0, td_state = TDS_RUNQ,
td_retval = {0x0, 0x0}, td_slpcallout = {c_links = {sle = {sle_next = 0xc156d83c}, tqe = {tqe_next = 0xc156d83c, tqe_prev = 0xc65bc710}},
c_time = 0x5056ce, c_arg = 0xc2413170, c_func = 0xc0632284 <sleepq_timeout>, c_flags = 0xa}, td_frame = 0xcf43fd48,
td_kstack_obj = 0xc1e969cc, td_kstack = 0xcf43e000, td_kstack_pages = 0x2, td_altkstack_obj = 0x0, td_altkstack = 0x0,
td_altkstack_pages = 0x0, td_critnest = 0x2, td_md = {md_savecrit = 0x46}, td_sched = 0xc24132bc}
(kgdb) l *fork1+412
0xc0600640 is in fork1 (../../../kern/kern_fork.c:301).
(kgdb) l kern_fork.c:280
277 /* We have to lock the process tree while we look for a pid. */
278 sx_slock(&proctree_lock);
279
280 /*
281 * Although process entries are dynamically created, we still keep
282 * a global limit on the maximum number we will create. Don't allow
283 * a nonprivileged user to use the last ten processes; don't let root
284 * exceed the limit. The variable nprocs is the current number of
285 * processes, maxproc is the limit.
286 */
287 sx_xlock(&allproc_lock);
288 uid = td->td_ucred->cr_ruid;
289 if ((nprocs >= maxproc - 10 &&
290 suser_cred(td->td_ucred, SUSER_RUID) != 0) ||
291 nprocs >= maxproc) {
292 error = EAGAIN;
293 goto fail;
294 }
295
296 /*
297 * Increment the count of procs running with this uid. Don't allow
298 * a nonprivileged user to exceed their current limit.
299 */
300 PROC_LOCK(p1);
301 ok = chgproccnt(td->td_ucred->cr_ruidinfo, 1,
302 (uid != 0) ? lim_cur(p1, RLIMIT_NPROC) : 0);
303 PROC_UNLOCK(p1);
304 if (!ok) {
305 error = EAGAIN;
306 goto fail;
307 }
308
309 /*
310 * Increment the nprocs resource before blocking can occur. There
311 * are hard-limits as to the number of processes that can run.
312 */
313 nprocs++;
(kgdb) l *sysctl_kern_proc+332
0xc060f7f0 is in sysctl_kern_proc (../../../kern/kern_proc.c:960).
955 }
956 error = sysctl_wire_old_buffer(req, 0);
957 if (error != 0)
958 return (error);
959 sx_slock(&allproc_lock);
960 for (doingzomb=0 ; doingzomb < 2 ; doingzomb++) {
961 if (!doingzomb)
962 p = LIST_FIRST(&allproc);
963 else
964 p = LIST_FIRST(&zombproc);
(kgdb) p allproc_lock
$4 = {sx_object = {lo_class = 0xc088774c, lo_name = 0xc0824d19 "allproc", lo_type = 0xc0824d19 "allproc", lo_flags = 0x3b0000, lo_list = {
tqe_next = 0xc08f63a0, tqe_prev = 0xc0952250}, lo_witness = 0xc09075f0}, sx_lock = 0xc08f59fc, sx_cnt = 0xffffffff, sx_shrd_cv = {
cv_description = 0xc0824d19 "allproc", cv_waiters = 0x9}, sx_shrd_wcnt = 0x9, sx_excl_cv = {cv_description = 0xc0824d19 "allproc",
cv_waiters = 0x9}, sx_excl_wcnt = 0x9, sx_xholder = 0xc2413170}
(kgdb) p/d (*(struct proc *)0xc1f51000).p_pid
$6 = 10385