From ntarmos@Gatekeeper.ceid.upatras.gr  Thu Jun  3 09:30:12 2004
Return-Path: <ntarmos@Gatekeeper.ceid.upatras.gr>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6839C16A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  3 Jun 2004 09:30:12 -0700 (PDT)
Received: from hermes.ceid.upatras.gr (hermes.ceid.upatras.gr [150.140.141.168])
	by mx1.FreeBSD.org (Postfix) with SMTP id 222E843D3F
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  3 Jun 2004 09:30:01 -0700 (PDT)
	(envelope-from ntarmos@Gatekeeper.ceid.upatras.gr)
Received: (qmail 9919 invoked by uid 1004); 3 Jun 2004 16:29:55 -0000
Received: from ntarmos@Gatekeeper.ceid.upatras.gr by hermes by uid 1001 with qmail-scanner-1.21st 
 (clamscan: 0.70-rc. spamassassin: 2.63.  Clear:RC:1(150.140.141.181):. 
 Processed in 0.020832 secs); 03 Jun 2004 16:29:55 -0000
Received: from diogenis.ceid.upatras.gr (150.140.141.181)
  by hermes.ceid.upatras.gr with SMTP; 3 Jun 2004 16:29:55 -0000
Received: (qmail 26566 invoked from network); 3 Jun 2004 16:29:55 -0000
Received: from gatekeeper.ceid.upatras.gr (150.140.143.235)
  by diogenis.ceid.upatras.gr with SMTP; 3 Jun 2004 16:29:55 -0000
Received: by Gatekeeper.ceid.upatras.gr (Postfix, from userid 1001)
	id DCFB427C; Thu,  3 Jun 2004 19:29:42 +0300 (EEST)
Message-Id: <20040603162942.DCFB427C@Gatekeeper.ceid.upatras.gr>
Date: Thu,  3 Jun 2004 19:29:42 +0300 (EEST)
From: Nikos Ntarmos <ntarmos@ceid.upatras.gr>
Reply-To: Nikos Ntarmos <ntarmos@ceid.upatras.gr>
To: FreeBSD-gnats-submit@freebsd.org
Cc: ntarmos@ceid.upatras.gr
Subject: Giant-owned panic when compiling with lang/compaq-cc
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         67538
>Category:       alpha
>Synopsis:       Giant-owned panic when compiling with lang/compaq-cc
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-alpha
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 03 09:40:24 PDT 2004
>Closed-Date:    Mon Jun 07 14:12:31 GMT 2004
>Last-Modified:  Mon Jun 07 14:12:31 GMT 2004
>Originator:     Nikos Ntarmos
>Release:        FreeBSD 5.2-CURRENT alpha
>Organization:
NetCInS Lab. - CEID - UPatras - Greece
>Environment:
System: FreeBSD Gatekeeper.ceid.upatras.gr 5.2-CURRENT FreeBSD 5.2-CURRENT #17: Wed Jun 2 01:26:26 EEST 2004 root@Gatekeeper.ceid.upatras.gr:/vinum/usr.cur/obj/vinum/usr.cur/src/sys/GATEKEEPER alpha


	DEC Alpha 164SX, 21164PC 533MHz
	FreeBSD 5.2-CURRENT (as of Jun 2, but reproduceable in older revisions as well)
>Description:
Compiling a C program with lang/compaq-cc on my 164SX (PCA56) panics the machine with:
panic: mutex Giant owned at /vinum/usr.cur/src/sys/kern/kern_thread.c:1445
at line 742 in file /vinum/usr.cur/src/sys/kern/kern_mutex.c
Stack backtrace:
db_print_backtrace() at 0xfffffc0000573418 = db_print_backtrace+0x18
backtrace() at 0xfffffc000043f52c = backtrace+0x2c
__panic() at 0xfffffc000043f690 = __panic+0x150
_mtx_assert() at 0xfffffc0000433e0c = _mtx_assert+0xec
thread_wait() at 0xfffffc0000450650 = thread_wait+0x30
kern_wait() at 0xfffffc0000423b90 = kern_wait+0x430
linux_wait4() at 0xfffffe0002ab9550 = linux_wait4+0x58
syscall() at 0xfffffc00005831dc = syscall+0x35c
XentSys() at 0xfffffc0000573f50 = XentSys+0x64
--- syscall (365) ---
--- user mode ---
panic

Calling doadump() after this produces a seemingly irrelevant dump:
[root@Gatekeeper]:/var/crash# gdb -k /boot/kernel/kernel.debug vmcore.0
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "alpha-undermydesk-freebsd"...
panic: mutex Giant owned at /vinum/usr.cur/src/sys/kern/kern_thread.c:1445
panic messages:
---
---
Reading symbols from /boot/kernel/vinum.ko...done.
Loaded symbols for /boot/kernel/vinum.ko
Reading symbols from /boot/kernel/osf1.ko...done.
Loaded symbols for /boot/kernel/osf1.ko
Reading symbols from /boot/kernel/linux.ko...done.
Loaded symbols for /boot/kernel/linux.ko
#0  0xfffffc000043f008 in doadump ()
    at /vinum/usr.cur/src/sys/kern/kern_shutdown.c:235
235             savectx(&dumppcb);
(kgdb) bt
#0  0xfffffc000043f008 in doadump ()
    at /vinum/usr.cur/src/sys/kern/kern_shutdown.c:235
#1  0xfffffc0000387660 in db_fncall (dummy1=0, dummy2=0, dummy3=0, dummy4=0x0)
    at /vinum/usr.cur/src/sys/ddb/db_command.c:551
#2  0xfffffc0000387284 in db_command (last_cmdp=0xfffffc00006b3c00,
    cmd_table=0x0, aux_cmd_tablep=0xfffffc0000666af8,
    aux_cmd_tablep_end=0xfffffc0000666b18)
    at /vinum/usr.cur/src/sys/ddb/db_command.c:348
#3  0xfffffc0000387438 in db_command_loop ()
    at /vinum/usr.cur/src/sys/ddb/db_command.c:475
#4  0xfffffc000038bb08 in db_trap (type=0, code=0)
    at /vinum/usr.cur/src/sys/ddb/db_trap.c:73
#5  0xfffffc0000572b40 in kdb_trap (a0=1, a1=0, a2=0, entry=3,
    regs=0xfffffe0012c8d948)
    at /vinum/usr.cur/src/sys/alpha/alpha/db_interface.c:208
#6  0xfffffc0000582db8 in trap (a0=1, a1=10, a2=28704, entry=3,
    framep=0xfffffe0012c8d948) at /vinum/usr.cur/src/sys/alpha/alpha/trap.c:378
#7  0xfffffc0000572cb8 in Debugger (msg=)
    at /vinum/usr.cur/src/sys/alpha/alpha/db_interface.c:277
(kgdb)
>How-To-Repeat:
Try compiling the following source code using lang/compaq-cc:
-- begin source code --

#include <unistd.h>
#include <stdlib.h>
      
#define MAXARRAY 250000
      
struct shr_data {
  unsigned long int   Pinakas[MAXARRAY];
};
  
void QUICKSORT( struct shr_data *array,
                unsigned long int l,
                unsigned long int r )
{
  unsigned long int tmp, i = l + 1, k = r - 1;

  while( i <= k ) { 
    if ( array->Pinakas[ i ] < array->Pinakas[ l ] )
      i ++;
    else {
      tmp = array->Pinakas[ i ];
      array->Pinakas[ i ] = array->Pinakas[ k ];
      array->Pinakas[ k ] = tmp;
      k --;
    }
  }   

  k ++;
  i --;
  
  tmp = array->Pinakas[ l ];
  array->Pinakas[ l ] = array->Pinakas[ i ];
  array->Pinakas[ i ] = tmp;
                
  if ( l < i ) QUICKSORT( array, l, i );
  if ( r > k ) QUICKSORT( array, k, r );
}
      
int main()
{
  struct shr_data* array;
  unsigned long i;
      
  srandom( getpid() );
  array = (struct shr_data*)malloc(sizeof(struct shr_data));
  
  for ( i = 0; i < 250000; i ++ )
    array->Pinakas[ i ] = random();
  
  QUICKSORT( array, 0, 250000 );
  
  free(array);
  return 0;
}

-- end source code --
I'll try to narrow down the source code that results in the crash. Just send-pr'ed this to add a data-point (and probably get some feedback). IMO this is a linux-emu-related problem. If I manage to get a working core (why does ddb get borked?), I'll follow-up to this.
>Fix:

	


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: jhb 
State-Changed-When: Fri Jun 4 06:53:09 PDT 2004 
State-Changed-Why:  
Fix committed to CURRENT to mark linux_wait4() as MP safe.  Please verify 
that this fixes the problem, thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=67538 

From: Nikos Ntarmos <ntarmos@ceid.upatras.gr>
To: John Baldwin <jhb@FreeBSD.org>
Cc: freebsd-alpha@freebsd.org, freebsd-gnats-submit@freebsd.org
Subject: Re: alpha/67538: Giant-owned panic when compiling with lang/compaq-cc
Date: Mon, 7 Jun 2004 15:05:01 +0300

 Hi there.
 
 The problems seems to be fixed -- at least I can't reproduce it
 locally. Thanks :)
 
 \n\n
 
 -- 
  Nikos "Noth" Ntarmos    | < ntarmos at ceid dot upatras dot gr >
  NetCINS Lab. @ C.E.I.D. | [ http://{noth,p2p}.ceid.upatras.gr/ ]
  U. of Patras - Greece   | ( 38.2594N, 21.7428E ) ( 1024D / CF95160A )
State-Changed-From-To: feedback->closed 
State-Changed-By: jhb 
State-Changed-When: Mon Jun 7 14:12:07 GMT 2004 
State-Changed-Why:  
Submitter reports that the problem is now fixed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=67538 
>Unformatted:
