Opened 3 years ago

Last modified 3 years ago

#17705 new bug

_mutex_lock(): double lock in WebPositive (with YouTube and Google open)

Reported by: scph1001 Owned by: nobody
Priority: normal Milestone: Unscheduled
Component: System/Kernel Version: R1/Development
Keywords: Cc:
Blocked By: Blocking:
Platform: All

Description (last modified by scph1001)

I had one tab open which had a paused (short) YouTube video. I opened a new tab and started to type into Google which was very slow, the system then entered KDL (full system crash) when I pressed enter to search. Not sure if Google or YouTube is the culprit here. Latest development commit compiled from source, running in QEMU with 1.6G of memory allocated. The lines about memory and resource pages seem relevant so I've included them.

slab memory manager: created area 0xffffffff99801000 (10560)
low resource pages: normal -> note
low resource pages: note -> normal
low resource pages: normal -> note
slab memory manager: created area 0xffffffff9a001000 (14011)
low resource pages: critical -> note
low resource pages: note -> normal
low resource pages: normal -> note
low resource pages: note -> normal
low resource pages: normal -> note
low resource pages: note -> normal
low resource pages: normal -> note
low resource pages: critical -> note
low resource pages: note -> normal
low resource pages: normal -> note
low resource pages: note -> normal
low resource pages: normal -> note
low resource pages: note -> normal
low resource pages: normal -> note
low resource pages: critical -> note
low resource pages: critical -> note
Last message repeated 3 times.
low resource pages: critical -> warning
low resource pages: critical -> note
Last message repeated 2 times.
Last message repeated 3 times.
low resource pages: note -> warning
PANIC: _mutex_lock(): double lock of 0xffffffff986ec088 by thread 3245
Welcome to Kernel Debugging Land...
Thread 3245 "BUrlProtocol.HTTP" running on CPU 0
stack trace for thread 3245 "BUrlProtocol.HTTP"
    kernel stack: 0xffffffff86869000 to 0xffffffff8686e000
      user stack: 0x00007fc78ce74000 to 0x00007fc78ceb4000
frame                       caller             <image>:function + offset
 0 ffffffff8686d868 (+  24) ffffffff8014436c   <kernel_x86_64> arch_debug_call_with_fault_handler + 0x16
 1 ffffffff8686d880 (+  80) ffffffff800ae278   <kernel_x86_64> debug_call_with_fault_handler + 0x78
 2 ffffffff8686d8d0 (+  96) ffffffff800af893   <kernel_x86_64> kernel_debugger_loop(char const*, char const*, __va_list_tag*, int) + 0xf3
 3 ffffffff8686d930 (+  80) ffffffff800afc2e   <kernel_x86_64> kernel_debugger_internal(char const*, char const*, __va_list_tag*, int) + 0x6e
 4 ffffffff8686d980 (+ 240) ffffffff800aff87   <kernel_x86_64> panic + 0xb7
 5 ffffffff8686da70 (+  80) ffffffff80095e24   <kernel_x86_64> _mutex_lock + 0x1a4
 6 ffffffff8686dac0 (+  64) ffffffff80096485   <kernel_x86_64> mutex_switch_lock + 0x55
 7 ffffffff8686db00 (+  48) ffffffff8013dcc5   <kernel_x86_64> vm_cache_acquire_locked_page_cache + 0xa5
 8 ffffffff8686db30 (+  48) ffffffff8012f787   <kernel_x86_64> free_cached_page(vm_page*, bool) + 0x17
 9 ffffffff8686db60 (+ 160) ffffffff801300c5   <kernel_x86_64> free_cached_pages(unsigned int, bool) + 0x1c5
10 ffffffff8686dc00 (+ 128) ffffffff8013075b   <kernel_x86_64> reserve_pages(unsigned int, int, bool) + 0x2ab
11 ffffffff8686dc80 (+ 112) ffffffff80116234   <kernel_x86_64> MemoryManager::_MapChunk(VMArea*, unsigned long, unsigned long, unsigned long, unsigned int) + 0x94
12 ffffffff8686dcf0 (+ 176) ffffffff80117b23   <kernel_x86_64> MemoryManager::AllocateRaw(unsigned long, unsigned int, void*&) + 0x1c3
13 ffffffff8686dda0 (+  64) ffffffff80113d06   <kernel_x86_64> realloc + 0x146
14 ffffffff8686dde0 (+ 320) ffffffff801222b8   <kernel_x86_64> vm_resize_area(int, unsigned long, bool) + 0x6a8
15 ffffffff8686df20 (+  16) ffffffff80145e5f   <kernel_x86_64> x86_64_syscall_entry + 0xfb
user iframe at 0xffffffff8686df30 (end = 0xffffffff8686dff8)
 rax 0xc7                  rbx 0x108c0               rcx 0x1ab66e8764c
 rdx 0x0                   rsi 0x60110000            rdi 0x2899
 rbp 0x7fc78ceb30a0         r8 0x10df229b83a0         r9 0x0
 r10 0x10df3b7e0610        r11 0x287                 r12 0x600f97b0
 r13 0x1ab671a5310         r14 0x3                   r15 0x60110000
 rip 0x1ab66e8764c         rsp 0x7fc78ceb3048     rflags 0x287
 vector: 0x63, error code: 0x0
16 ffffffff8686df30 (+140497077424496) 000001ab66e8764c   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0x3e64c
17 00007fc78ceb30a0 (+  64) 000001ab66f1114f   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0xc814f
18 00007fc78ceb30e0 (+  80) 000001ab66f11518   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0xc8518
19 00007fc78ceb3130 (+  48) 000001ab66f11be0   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0xc8be0
20 00007fc78ceb3160 (+ 176) 000001d5d9c33bbb   </boot/system/lib/libnetwork.so@0x000001d5d9c1e000> <unknown> + 0x15bbb
21 00007fc78ceb3210 (+ 368) 000001d5d9c343ae   </boot/system/lib/libnetwork.so@0x000001d5d9c1e000> <unknown> + 0x163ae
22 00007fc78ceb3380 (+ 544) 000001d5d9c3a68b   </boot/system/lib/libnetwork.so@0x000001d5d9c1e000> <unknown> + 0x1c68b
23 00007fc78ceb35a0 (+ 464) 000001d5d9c3281b   </boot/system/lib/libnetwork.so@0x000001d5d9c1e000> <unknown> + 0x1481b
24 00007fc78ceb3770 (+ 160) 000000949fd1cd8c   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x36d8c
25 00007fc78ceb3810 (+  64) 000000949fd1cf5a   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x36f5a
26 00007fc78ceb3850 (+ 128) 000000949fd1d416   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x37416
27 00007fc78ceb38d0 (+  96) 000000949fd1d650   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x37650
28 00007fc78ceb3930 (+  32) 000000949fd1d69d   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x3769d
29 00007fc78ceb3950 (+  64) 000000949fd1add1   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x34dd1
30 00007fc78ceb3990 (+  64) 000000949fd1aeda   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x34eda
31 00007fc78ceb39d0 (+ 224) 000000924636e676   </boot/system/lib/libWebKitLegacy.so.1.8.4@0x00000092438e4000> <unknown> + 0x2a8a676
32 00007fc78ceb3ab0 (+ 272) 0000009246368a85   </boot/system/lib/libWebKitLegacy.so.1.8.4@0x00000092438e4000> <unknown> + 0x2a84a85
33 00007fc78ceb3bc0 (+  32) 000000924637071c   </boot/system/lib/libWebKitLegacy.so.1.8.4@0x00000092438e4000> <unknown> + 0x2a8c71c
34 00007fc78ceb3be0 (+  32) 000001ab66e86599   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0x3d599
35 00007fc78ceb3c00 (+   0) 00007ffe7688b260   <commpage> commpage_thread_exit + 0x00
kdebug> bt
stack trace for thread 3245 "BUrlProtocol.HTTP"
    kernel stack: 0xffffffff86869000 to 0xffffffff8686e000
      user stack: 0x00007fc78ce74000 to 0x00007fc78ceb4000
frame                       caller             <image>:function + offset
 0 ffffffff8686d5b8 (+  32) ffffffff800b0f09   <kernel_x86_64> invoke_command_trampoline(void*) + 0x19
 1 ffffffff8686d5d8 (+  24) ffffffff8014436c   <kernel_x86_64> arch_debug_call_with_fault_handler + 0x16
 2 ffffffff8686d5f0 (+  80) ffffffff800ae278   <kernel_x86_64> debug_call_with_fault_handler + 0x78
 3 ffffffff8686d640 (+  96) ffffffff800b116f   <kernel_x86_64> invoke_debugger_command + 0xdf
 4 ffffffff8686d6a0 (+  80) ffffffff800b1307   <kernel_x86_64> invoke_pipe_segment(debugger_command_pipe*, int, char*) + 0x117
 5 ffffffff8686d6f0 (+  80) ffffffff800b143c   <kernel_x86_64> invoke_debugger_command_pipe + 0xac
 6 ffffffff8686d740 (+  80) ffffffff800b35d9   <kernel_x86_64> ExpressionParser::_ParseCommandPipe(int&) + 0x1d9
 7 ffffffff8686d790 (+  80) ffffffff800b4b02   <kernel_x86_64> ExpressionParser::EvaluateCommand(char const*, int&) + 0x412
 8 ffffffff8686d7e0 (+ 240) ffffffff800b514f   <kernel_x86_64> evaluate_debug_command + 0x12f
 9 ffffffff8686d8d0 (+  96) ffffffff800af93b   <kernel_x86_64> kernel_debugger_loop(char const*, char const*, __va_list_tag*, int) + 0x19b
10 ffffffff8686d930 (+  80) ffffffff800afc2e   <kernel_x86_64> kernel_debugger_internal(char const*, char const*, __va_list_tag*, int) + 0x6e
11 ffffffff8686d980 (+ 240) ffffffff800aff87   <kernel_x86_64> panic + 0xb7
12 ffffffff8686da70 (+  80) ffffffff80095e24   <kernel_x86_64> _mutex_lock + 0x1a4
13 ffffffff8686dac0 (+  64) ffffffff80096485   <kernel_x86_64> mutex_switch_lock + 0x55
14 ffffffff8686db00 (+  48) ffffffff8013dcc5   <kernel_x86_64> vm_cache_acquire_locked_page_cache + 0xa5
15 ffffffff8686db30 (+  48) ffffffff8012f787   <kernel_x86_64> free_cached_page(vm_page*, bool) + 0x17
16 ffffffff8686db60 (+ 160) ffffffff801300c5   <kernel_x86_64> free_cached_pages(unsigned int, bool) + 0x1c5
17 ffffffff8686dc00 (+ 128) ffffffff8013075b   <kernel_x86_64> reserve_pages(unsigned int, int, bool) + 0x2ab
18 ffffffff8686dc80 (+ 112) ffffffff80116234   <kernel_x86_64> MemoryManager::_MapChunk(VMArea*, unsigned long, unsigned long, unsigned long, unsigned int) + 0x94
19 ffffffff8686dcf0 (+ 176) ffffffff80117b23   <kernel_x86_64> MemoryManager::AllocateRaw(unsigned long, unsigned int, void*&) + 0x1c3
20 ffffffff8686dda0 (+  64) ffffffff80113d06   <kernel_x86_64> realloc + 0x146
21 ffffffff8686dde0 (+ 320) ffffffff801222b8   <kernel_x86_64> vm_resize_area(int, unsigned long, bool) + 0x6a8
22 ffffffff8686df20 (+  16) ffffffff80145e5f   <kernel_x86_64> x86_64_syscall_entry + 0xfb
user iframe at 0xffffffff8686df30 (end = 0xffffffff8686dff8)
 rax 0xc7                  rbx 0x108c0               rcx 0x1ab66e8764c
 rdx 0x0                   rsi 0x60110000            rdi 0x2899
 rbp 0x7fc78ceb30a0         r8 0x10df229b83a0         r9 0x0
 r10 0x10df3b7e0610        r11 0x287                 r12 0x600f97b0
 r13 0x1ab671a5310         r14 0x3                   r15 0x60110000
 rip 0x1ab66e8764c         rsp 0x7fc78ceb3048     rflags 0x287
 vector: 0x63, error code: 0x0
23 ffffffff8686df30 (+140497077424496) 000001ab66e8764c   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0x3e64c
24 00007fc78ceb30a0 (+  64) 000001ab66f1114f   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0xc814f
25 00007fc78ceb30e0 (+  80) 000001ab66f11518   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0xc8518
26 00007fc78ceb3130 (+  48) 000001ab66f11be0   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0xc8be0
27 00007fc78ceb3160 (+ 176) 000001d5d9c33bbb   </boot/system/lib/libnetwork.so@0x000001d5d9c1e000> <unknown> + 0x15bbb
28 00007fc78ceb3210 (+ 368) 000001d5d9c343ae   </boot/system/lib/libnetwork.so@0x000001d5d9c1e000> <unknown> + 0x163ae
29 00007fc78ceb3380 (+ 544) 000001d5d9c3a68b   </boot/system/lib/libnetwork.so@0x000001d5d9c1e000> <unknown> + 0x1c68b
30 00007fc78ceb35a0 (+ 464) 000001d5d9c3281b   </boot/system/lib/libnetwork.so@0x000001d5d9c1e000> <unknown> + 0x1481b
31 00007fc78ceb3770 (+ 160) 000000949fd1cd8c   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x36d8c
32 00007fc78ceb3810 (+  64) 000000949fd1cf5a   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x36f5a
33 00007fc78ceb3850 (+ 128) 000000949fd1d416   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x37416
34 00007fc78ceb38d0 (+  96) 000000949fd1d650   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x37650
35 00007fc78ceb3930 (+  32) 000000949fd1d69d   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x3769d
36 00007fc78ceb3950 (+  64) 000000949fd1add1   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x34dd1
37 00007fc78ceb3990 (+  64) 000000949fd1aeda   </boot/system/lib/libbnetapi.so@0x000000949fce6000> <unknown> + 0x34eda
38 00007fc78ceb39d0 (+ 224) 000000924636e676   </boot/system/lib/libWebKitLegacy.so.1.8.4@0x00000092438e4000> <unknown> + 0x2a8a676
39 00007fc78ceb3ab0 (+ 272) 0000009246368a85   </boot/system/lib/libWebKitLegacy.so.1.8.4@0x00000092438e4000> <unknown> + 0x2a84a85
40 00007fc78ceb3bc0 (+  32) 000000924637071c   </boot/system/lib/libWebKitLegacy.so.1.8.4@0x00000092438e4000> <unknown> + 0x2a8c71c
41 00007fc78ceb3be0 (+  32) 000001ab66e86599   </boot/system/lib/libroot.so@0x000001ab66e49000> <unknown> + 0x3d599
42 00007fc78ceb3c00 (+   0) 00007ffe7688b260   <commpage> commpage_thread_exit + 0x00

Change History (3)

comment:1 by scph1001, 3 years ago

Description: modified (diff)

comment:2 by diver, 3 years ago

Component: Applications/WebPositiveSystem/Kernel
Keywords: crash removed
Owner: changed from pulkomandy to nobody

comment:3 by waddlesplash, 3 years ago

No need to run "bt" as you can see, it's done automatically.

Looks like your system is low on memory, the allocator tried to free some while allocating, but then wound up in a double-lock situation somehow. Kind of strange, really.

If this is reproducible, please run the "mutex" command to show information about the mutex in question.

Note: See TracTickets for help on using tickets.