netbsd-bugs: kern/8531: panic via vn

Subject: kern/8531: panic via vn_lock via procmail
To: None <gnats-bugs@gnats.netbsd.org>
From: None <proff@suburbia.net>
List: netbsd-bugs
Date: 10/01/1999 21:40:56
>Number:         8531
>Category:       kern
>Synopsis:       panic via vn_lock via procmail
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people (Kernel Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Oct  1 21:35:01 1999
>Last-Modified:
>Originator:     Julian Assange
>Organization:
	
>Release:        <NetBSD-current source date> NetBSD-current 1.4k
>Environment:
	
System: NetBSD uws.net 1.4K NetBSD 1.4K (UWS) #45: Sat Oct 2 03:10:16 EST 1999 root@uws.net:/orb/s/netbsd/usr/src/sys/arch/i386/compile/UWS i386


>Description:
	
#0  0xf01abf76 in lockstatus (lkp=0xfc9e6b74)
    at ../../../../kern/kern_lock.c:313
#1  0xf027fa47 in cpu_reboot (howto=260, bootstr=0x0)
    at ../../../../arch/i386/i386/machdep.c:1211
#2  0xf01ba019 in panic (fmt=0xf01abf76 "lockmgr: locking against myself")
    at ../../../../kern/subr_prf.c:217
#3  0xf01ac5be in lockmgr (lkp=0xfc8f20a0, flags=65554, interlkp=0xfc8f209c)
    at ../../../../kern/kern_lock.c:508
#4  0xf01daadf in genfs_lock (v=0xfc9e6bb8)
    at ../../../../miscfs/genfs/genfs_vnops.c:318
#5  0xf01d9cbb in vn_lock (vp=0xfc8f2010, flags=65554)
    at ../../../../sys/vnode_if.h:755
#6  0xf01d2acb in vget (vp=0xfc8f2010, flags=65554)
    at ../../../../kern/vfs_subr.c:913
#7  0xf0259a0b in ffs_sync (mp=0xf067de00, waitfor=2, cred=0xf0631f80,
    p=0xf034af04) at ../../../../ufs/ffs/ffs_vfsops.c:827
#8  0xf01d4d68 in sys_sync (p=0xf034af04, v=0x0, retval=0x0)
    at ../../../../kern/vfs_syscalls.c:535
#9  0xf01d3f6a in vfs_shutdown () at ../../../../kern/vfs_subr.c:2088
#10 0xf027fa1f in cpu_reboot (howto=256, bootstr=0x0)
    at ../../../../arch/i386/i386/machdep.c:1198
#11 0xf01ba019 in panic (fmt=0xf01abf76 "lockmgr: locking against myself")
    at ../../../../kern/subr_prf.c:217
#12 0xf01ac5be in lockmgr (lkp=0xfc8f20a0, flags=65538, interlkp=0xfc8f209c)
    at ../../../../kern/kern_lock.c:508
#13 0xf01daadf in genfs_lock (v=0xfc9e6cd8)
    at ../../../../miscfs/genfs/genfs_vnops.c:318
#14 0xf01d9cbb in vn_lock (vp=0xfc8f2010, flags=65538)
    at ../../../../sys/vnode_if.h:755
#15 0xf01d2acb in vget (vp=0xfc8f2010, flags=65538)
    at ../../../../kern/vfs_subr.c:913
#16 0xf02650fc in ufs_ihashget (dev=1028, inum=46354)
    at ../../../../ufs/ufs/ufs_ihash.c:111
#17 0xf0259b35 in ffs_vget (mp=0xf067de00, ino=46354, vpp=0xfc9e6dbc)
    at ../../../../ufs/ffs/ffs_vfsops.c:885
#18 0xf0253a32 in ffs_valloc (v=0xfc9e6dc0)
    at ../../../../ufs/ffs/ffs_alloc.c:575
#19 0xf02690b0 in ufs_makeinode (mode=33024, dvp=0xfc8f2010, vpp=0xfc9e6eec,
    cnp=0xfc9e6f00) at ../../../../sys/vnode_if.h:933
#20 0xf0266b06 in ufs_create (v=0xfc9e6e0c)
    at ../../../../ufs/ufs/ufs_vnops.c:110
#21 0xf01d8fec in vn_open (ndp=0xfc9e6edc, fmode=2562, cmode=256)
    at ../../../../sys/vnode_if.h:96
#22 0xf01d5560 in sys_open (p=0xfc9cb514, v=0xfc9e6f88, retval=0xfc9e6f80)
    at ../../../../kern/vfs_syscalls.c:963
#23 0xf0286b26 in syscall (frame={tf_es = 31, tf_ds = 31, tf_edi = 2561,
      tf_esi = 292, tf_ebp = -272639616, tf_ebx = 4, tf_edx = 70400,
      tf_ecx = 70400, tf_eax = 5, tf_trapno = 3, tf_err = 2,
      tf_eip = 1074374947, tf_cs = 23, tf_eflags = 518, tf_esp = -272639644,
      tf_ss = 31, tf_vm86_es = 0, tf_vm86_ds = 0, tf_vm86_fs = 0,
      tf_vm86_gs = 0}) at ../../../../arch/i386/i386/trap.c:753

(gdb) sel 23
(gdb) p p
$1 = (struct proc *) 0xfc9cb514
(gdb) p *p
$2 = {p_forw = 0xf0347b50, p_back = 0x0, p_list = {le_next = 0xfca283dc,
    le_prev = 0xf034f8b8}, p_cred = 0xfc6f9360, p_fd = 0xf085c300,
  p_cwdi = 0xfc6fa540, p_stats = 0xfc9e5190, p_limit = 0xfc8a5ab0,
  p_vmspace = 0xfca3f880, p_sigacts = 0xfc9676b0, p_exitsig = 20,
  p_flag = 16644, p_unused = 0 '\000', p_stat = 2 '\002', p_pad1 = "\000",
  p_pid = 3965, p_hash = {le_next = 0x0, le_prev = 0xf062d9f4}, p_pglist = {
    le_next = 0x0, le_prev = 0xfc706458}, p_pptr = 0xfca283dc, p_sibling = {
    le_next = 0x0, le_prev = 0xfca28434}, p_children = {lh_first = 0x0},
  p_oppid = 0, p_dupfd = -5, p_estcpu = 1, p_cpticks = 1, p_pctcpu = 0,
  p_wchan = 0x0, p_wmesg = 0xf01ce013 "biowait", p_swtime = 0, p_slptime = 0,
  p_realtimer = {it_interval = {tv_sec = 0, tv_usec = 0}, it_value = {
      tv_sec = 0, tv_usec = 0}}, p_rtime = {tv_sec = 0, tv_usec = 10975},
  p_uticks = 0, p_sticks = 1, p_iticks = 0, p_traceflag = 0, p_tracep = 0x0,
  p_siglist = {__bits = {0, 0, 0, 0}}, p_sigcheck = 0 '\000',
  p_textvp = 0xfc8f26d0, p_locks = 2, p_simple_locks = 0, p_holdcnt = 0,
  p_emul = 0xf02fff14, p_sigmask = {__bits = {0, 0, 0, 0}}, p_sigignore = {
    __bits = {2583334912, 0, 0, 0}}, p_sigcatch = {__bits = {1610637319, 0, 0,
      0}}, p_priority = 17 '\021', p_usrpri = 51 '3', p_nice = 20 '\024',
  p_comm = "procmail\000\000\000\000\000\000\000\000", p_pgrp = 0xfc706450,
  p_ctxlink = 0x0, p_thread = 0x0, p_addr = 0xfc9e5000, p_md = {
    md_regs = 0xfc9e6fb0, md_flags = 0}, p_xstat = 0, p_acflag = 2,
  p_ru = 0xfca26004}

i.e procmail almost certainly concurrently opening a users mail spool.

It is worth nothing that upon reboot one users Mailbox was found to be DUP'd
>How-To-Repeat:
	
>Fix:
	
>Audit-Trail:
>Unformatted: