http://defect.opensolaris.org/bz/show_bug.cgi?id=10727
--- Comment #7 from amaguire <alan.maguire at sun.com> 2009-08-19 13:32:49 UTC
---
Done a bit more investigation here. Let's examine
the remaining object lists (via the object list
uu_list_pool) and associated handles:
> ::uu_list_pool
ADDR NAME COMPARE FLAGS
080aef08 SUNW,libscf_datael fec989a8 D
080aee08 SUNW,libscf_iter fec989dc D
080aed08 SUNW,libscf_transaction_entity fec98960 D
080aec08 object_list_pool 08068448 D
080aeb08 event_queue_pool 0805cc20 D
> 80aec08::walk uu_list|::walk uu_list_node|::print "struct nwamd_object"
{
nwamd_object_name = [ "Automatic" ]
nwamd_object_type = 2 (NWAM_OBJECT_TYPE_LOC)
nwamd_object_handle = 0x80d5048
nwamd_object_data = 0
nwamd_object_state = 0t16 (NWAM_STATE_ONLINE)
nwamd_object_aux_state = 8 (NWAM_AUX_STATE_ACTIVE)
nwamd_object_node = {
uln_opaque = [ 0x80ae09c, 0x80b4ea4 ]
}
nwamd_object_mutex = {
__pthread_mutex_flags = {
__pthread_mutex_flag1 = 0x4
__pthread_mutex_flag2 = 0
__pthread_mutex_ceiling = 0
__pthread_mutex_type = 0
__pthread_mutex_magic = 0x4d58
}
__pthread_mutex_lock = {
__pthread_mutex_lock64 = {
__pthread_mutex_pad = [ 0, 0, 0, 0, 0, 0, 0, 0x1 ]
}
__pthread_mutex_lock32 = {
__pthread_ownerpid = 0
__pthread_lockword = 0x1000000
}
__pthread_mutex_owner64 = 0x100000000000000
}
__pthread_mutex_data = 0xfee12a00
}
}
{
nwamd_object_name = [ "NoNet" ]
nwamd_object_type = 2 (NWAM_OBJECT_TYPE_LOC)
nwamd_object_handle = 0x8107e08
nwamd_object_data = 0
nwamd_object_state = 2 (NWAM_STATE_OFFLINE)
nwamd_object_aux_state = 2 (NWAM_AUX_STATE_CONDITIONS_NOT_MET)
nwamd_object_node = {
uln_opaque = [ 0x8177f9c, 0x80ae19c ]
}
nwamd_object_mutex = {
__pthread_mutex_flags = {
__pthread_mutex_flag1 = 0x4
__pthread_mutex_flag2 = 0
__pthread_mutex_ceiling = 0
__pthread_mutex_type = 0 __pthread_mutex_magic = 0x4d58
}
__pthread_mutex_lock = {
__pthread_mutex_lock64 = {
__pthread_mutex_pad = [ 0, 0, 0, 0, 0, 0, 0, 0 ]
}
__pthread_mutex_lock32 = {
__pthread_ownerpid = 0
__pthread_lockword = 0
}
__pthread_mutex_owner64 = 0
}
__pthread_mutex_data = 0
}
}
{
nwamd_object_name = [ "Legacy" ]
nwamd_object_type = 2 (NWAM_OBJECT_TYPE_LOC)
nwamd_object_handle = 0x8107c88
nwamd_object_data = 0
nwamd_object_state = 2 (NWAM_STATE_OFFLINE)
nwamd_object_aux_state = 2 (NWAM_AUX_STATE_CONDITIONS_NOT_MET)
nwamd_object_node = { uln_opaque = [ 0x80b4ea4, 0x80ae09c
]
}
nwamd_object_mutex = {
__pthread_mutex_flags = {
__pthread_mutex_flag1 = 0x4
__pthread_mutex_flag2 = 0
__pthread_mutex_ceiling = 0
__pthread_mutex_type = 0
__pthread_mutex_magic = 0x4d58
}
__pthread_mutex_lock = {
__pthread_mutex_lock64 = {
__pthread_mutex_pad = [ 0, 0, 0, 0, 0, 0, 0, 0 ]
}
__pthread_mutex_lock32 = {
__pthread_ownerpid = 0
__pthread_lockword = 0
}
__pthread_mutex_owner64 = 0
}
__pthread_mutex_data = 0
}
}
> 80d5048::print "struct nwam_handle"
{
object_type = -0t559038737 (???)
name = [ '\357', '\276', '\255', '\336', '\357', '\276', '\255', '\336', '\3
57', '\276', '\255', '\336', '\357', '\276', '\255', '\336', '\357', '\276',
'\2
55', '\336', '\357', '\276', '\255', '\336', '\357', '\276', '\255', '\336',
'\3
57', '\276', '\255', '\336', ... ]
name_orig = [ '\357', '\276', '\255', '\336', '\357', '\276', '\255', '\336'
, '\357', '\276', '\255', '\336', '\357', '\276', '\255', '\336', '\357',
'\276'
, '\255', '\336', '\357', '\276', '\255', '\336', '\357', '\276', '\255',
'\336'
, '\357', '\276', '\255', '\336', ... ]
data = 0xdeadbeef
}
> 0x8107e08::print "struct nwam_handle"
{
object_type = 2 (NWAM_OBJECT_TYPE_LOC)
name = [ "NoNet" ]
name_orig = [ '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\
0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0',
'\0'
, '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', ... ]
data = 0x80a2820
}
> 80a2820::nvlist
activation-mode=0000000000000001
nameservices=0000000000000001
nameservices-config-file='/etc/nsswitch.files'
ipfilter-config-file='/etc/nwam/loc/NoNet/ipf.conf'
ipfilter-v6-config-file='/etc/nwam/loc/NoNet/ipf6.conf'
enabled=0
> 0x8107c88::print "struct nwam_handle"
{
object_type = 2 (NWAM_OBJECT_TYPE_LOC)
name = [ "Legacy" ]
name_orig = [ '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\
0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0',
'\0'
, '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', ... ]
data = 0x80a2940
}
> 0x80a2940::nvlist enabled=0
activation-mode=0000000000000001
nameservices=0000000000000000
nameservices-config-file='/etc/nwam/loc/Legacy/nsswitch.conf'
dns-nameservice-configsrc=0000000000000000
dns-nameservice-domain='east.sun.com'
dns-nameservice-servers='129.148.9.196' + '129.148.9.197' + '129.147.9.5' + '
129.145.155.220'
>
At this stage, only the location object list has entries.
This makes sense since we call nwamd_fini_locs() last
from signal handling context.
So, as you noticed, the Automatic location handle has
already been freed when we get to fini'ing the object.
What is strange is that we can see above that
the NoNet and Legacy locations still have valid handles -
why would this be? Could it have something to do with
the Automatic location being active at shutdown time?
The only places the object handle are freed are during
an init when the object already exists and on fini.
At init, we hold the object lock, so my only thought
is we get 2 fini events such that one arrives after
the object handle has been freed and the object
lock released, but before the object list lock can
be taken to free the object from the object list.
Seems unlikely, but it's the only way I can see
this happening right now. In my set of changes
for the other SEGVs, I set the handle to NULL
just to be sure.
--
Configure bugmail: http://defect.opensolaris.org/bz/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
