GENERIC HEAD from Dec 1 10:04 UTC + Jeff's "SMP VFS Part 2" patch 2
GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2004 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-CURRENT #0: Thu Dec 2 08:05:54 CET 2004
pho@current.osted.lan:/usr/src/sys/i386/compile/PHO
WARNING: WITNESS option enabled, expect reduced performance.
ACPI APIC Table: <A M I OEMAPIC >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.14-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf13 Stepping = 3
Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM>
real memory = 267583488 (255 MB)
avail memory = 252448768 (240 MB)
:
mount root from ufs:/dev/ad0s1a
WARNING: / was not properly dismounted
ppanic: bremfree: buffer not on a queue.
cpuid = 0
KDB: enter: panic
[thread pid 56 tid 100077 ]
Stopped at kdb_enter+0x2c: leave
db> where
Tracing pid 56 tid 100077 td 0xc175ba80
kdb_enter(c0813d46,104,c175ba80,c6645a60,c6645a60) at kdb_enter+0x2c
panic(c081ae3e,c6645a60,ce769c8c,c064f837,c6645a60) at panic+0x17c
bremfree(c6645a60,c081bd87,ce769c80,c06062dc,c1788bdc) at bremfree+0x62
vfs_bio_awrite(c6645a60,64,0,c1788c10,c1788bdc) at vfs_bio_awrite+0x33
vop_stdfsync(ce769ce0,d,41af2cde,1,0) at vop_stdfsync+0x185
sched_sync(0,ce769d48,0,c065e354,0) at sched_sync+0x3ff
fork_exit(c065e354,0,ce769d48) at fork_exit+0x7e
fork_trampoline() at fork_trampoline+0x8
--- trap 0x1, eip = 0, esp = 0xce769d7c, ebp = 0 ---
db> call doadump
Dumping 255 MB
16 32 48 64 80 96 112 128 144 160 176 192 208 224 240
Dump complete
0x2e
db> reset
up 0+00:39:15 15:55:02
panic: wrong b_bufobj 0 should be 0xc1c9a7c0
panic: bremfree: buffer not on a queue.
#9 0xc060d808 in panic (fmt=0xc081ae3e "bremfree: buffer not on a queue.")
at ../../../kern/kern_shutdown.c:544
#10 0xc064f0b2 in bremfree (bp=0xc6645a60) at ../../../kern/vfs_bio.c:650
#11 0xc064f837 in vfs_bio_awrite (bp=0xc6645a60) at ../../../kern/vfs_bio.c:1733
#12 0xc065800d in vop_stdfsync (ap=0xce769ce0) at ../../../kern/vfs_default.c:568
#13 0xc065e753 in sched_sync () at vnode_if.h:627
#14 0xc05fae96 in fork_exit (callout=0xc065e354 <sched_sync>, arg=0x0, frame=0xce769d48)
at ../../../kern/kern_fork.c:800
#15 0xc0798ebc in fork_trampoline () at ../../../i386/i386/exception.s:209
(kgdb) frame 10
#10 0xc064f0b2 in bremfree (bp=0xc6645a60) at ../../../kern/vfs_bio.c:650
650 KASSERT((bp->b_flags & B_REMFREE) == 0 && bp->b_qindex != QUEUE_NONE,
(kgdb) p *bp
$1 = {b_bufobj = 0xc1788c10, b_bcount = 0x4000, b_caller1 = 0x0,
b_data = 0xc7c6a000 "°\201\001", b_error = 0x0, b_iocmd = 0x2, b_ioflags = 0x2,
b_iooffset = 0xb860000, b_resid = 0x0, b_iodone = 0, b_blkno = 0x5c300,
b_offset = 0xb860000, b_bobufs = {tqe_next = 0xc6660a28, tqe_prev = 0xc1788c24},
b_left = 0x0, b_right = 0xc6660a28, b_vflags = 0x1, b_freelist = {
tqe_next = 0xc6675b20, tqe_prev = 0xc6663efc}, b_qindex = 0x2,
b_flags = 0xa00202a0, b_xflags = 0x1, b_lock = {lk_interlock = 0xc08d5610,
lk_flags = 0x400, lk_sharecount = 0x0, lk_waitcount = 0x0, lk_exclusivecount = 0x1,
lk_prio = 0x50, lk_wmesg = 0xc081a747 "bufwait", lk_timo = 0x0,
lk_lockholder = 0xc1bb6180, lk_newlock = 0x0}, b_bufsize = 0x4000,
b_runningbufspace = 0x0, b_kvabase = 0xc7c6a000 "°\201\001", b_kvasize = 0x4000,
b_lblkno = 0x5c300, b_vp = 0xc1788bdc, b_dirtyoff = 0x0, b_dirtyend = 0x0,
b_rcred = 0x0, b_wcred = 0x0, b_saveaddr = 0xc7c6a000, b_pager = {pg_reqpage = 0x0},
b_cluster = {cluster_head = {tqh_first = 0x0, tqh_last = 0xc6677be0},
cluster_entry = {tqe_next = 0x0, tqe_prev = 0xc6677be0}}, b_pages = {0xc1154218,
0xc115e460, 0xc11875a8, 0xc11743f0, 0x0 <repeats 28 times>}, b_npages = 0x4,
b_dep = {lh_first = 0xc1cd5580}}
(kgdb) p *(struct buf *)0xc1c9a7c0
$2 = {b_bufobj = 0xc1c9a78c, b_bcount = 0x0, b_caller1 = 0xc1c9a7c4, b_data = 0x0,
b_error = 0x0, b_iocmd = 0x0, b_ioflags = 0x0, b_iooffset = 0xc1c9a7d4,
b_resid = 0x0, b_iodone = 0, b_blkno = 0xc0878eb000000000,
b_offset = 0xc1c8c21000004000, b_bobufs = {tqe_next = 0x0, tqe_prev = 0xc16a3744},
b_left = 0xc1c9a78c, b_right = 0xc1c9a78c, b_vflags = 0x8, b_freelist = {
tqe_next = 0x3, tqe_prev = 0x0}, b_qindex = 0x0, b_flags = 0x0, b_xflags = 0x0,
b_lock = {lk_interlock = 0x0, lk_flags = 0x0, lk_sharecount = 0x0,
lk_waitcount = 0x0, lk_exclusivecount = 0x0, lk_prio = 0x0, lk_wmesg = 0x0,
lk_timo = 0x0, lk_lockholder = 0xc1c9a678, lk_newlock = 0xc1c90a64},
b_bufsize = 0x1, b_runningbufspace = 0xc081ad25, b_kvabase = 0xc1bd9230 "",
b_kvasize = 0xc08d528c, b_lblkno = 0x1000440, b_vp = 0x0, b_dirtyoff = 0x500001,
b_dirtyend = 0xc081ad25, b_rcred = 0x33, b_wcred = 0xc1c5e780, b_saveaddr = 0x0,
b_pager = {pg_reqpage = 0xc1c9a850}, b_cluster = {cluster_head = {
tqh_first = 0xc169a400, tqh_last = 0xc16a9c00}, cluster_entry = {
tqe_next = 0xc169a400, tqe_prev = 0xc16a9c00}}, b_pages = {0x0, 0xc1b3faa0,
0xc1b3fab0, 0x5a3, 0xc1c9a78c, 0x0, 0x0, 0x0, 0xc0871d64, 0xc081cb58, 0xc081cb58,
0x30000, 0xc1c9a78c, 0xc1c90574, 0xc08dca38, 0x4, 0x0, 0x100, 0x0, 0x0, 0x0,
0xc1c9a8a0, 0x0, 0xc1c9a8d8, 0x0, 0x0, 0x0, 0xc1c9a8e8, 0x0, 0x0, 0x0, 0x0},
b_npages = 0xc0878eb0, b_dep = {lh_first = 0x4000}}