Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 12 Jun 2012 19:11:13 -0400 (EDT)
From:      Benjamin Kaduk <kaduk@MIT.EDU>
To:        freebsd-current@freebsd.org
Subject:   panic td->td_lock == NULL in scheduler(), csup'd 2011-02-19
Message-ID:  <alpine.GSO.1.10.1206121910380.18441@multics.mit.edu>
next in thread | raw e-mail | index | archive | help 
Hi all,

I know, I should update the machine, but I figured I would throw this out 
for the archives anyway.

I saw the panic a few minutes after starting X, but I'm pretty sure I was 
not actually swapping.  In ddb (blind), I ran 'call doadump; show 
alllocks; show lockedvnods; call doadump; reboot' ... I'm not sure whether 
the two 'doadump's will cause any issues with the core.

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x18
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff806d7dce
stack pointer           = 0x28:0xffffffff81381c40
frame pointer           = 0x28:0xffffffff81381ca0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                          = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = resume, IOPL = 0
current process         = 0 (swapper)
#7  0xffffffff809e20a5 in trap (frame=0xffffffff81381b90)
      at /usr/src/sys/amd64/amd64/trap.c:319
#8  0xffffffff809cc6ef in calltrap ()
      at /usr/src/sys/amd64/amd64/exception.S:228
#9  0xffffffff806d7dce in _thread_lock_flags (td=0xfffffe003b14d8c0, opts=0,
      file=0xffffffff80b4b720 "/usr/src/sys/vm/vm_glue.c", line=744)
      at /usr/src/sys/kern/kern_mutex.c:560
#10 0xffffffff8094b395 in scheduler (dummy=Variable "dummy" is not available.
) at /usr/src/sys/vm/vm_glue.c:744
#11 0xffffffff8069f8c7 in mi_startup () at /usr/src/sys/kern/init_main.c:256
#12 0xffffffff80292f2c in btext () at /usr/src/sys/amd64/amd64/locore.S:81
#13 0x0000000000000000 in ?? ()
#14 0xffffffff80eff8a0 in cpu_top ()
#15 0xffffffff80eff900 in affinity ()
#16 0xfffffe00025f8000 in ?? ()
#17 0xffffffff81381b60 in ?? ()
#18 0xffffffff81381b08 in ?? ()
#19 0xffffffff80ee6030 in proc0 ()
#20 0xffffffff8070e5d2 in sched_switch (td=0x0, newtd=0x0, flags=Variable 
"flags" is not available.
)
      at /usr/src/sys/kern/sched_ule.c:1847

I verified that td->td_lock was null using kgdb on the coredump.

kern_mutex.c:
      558 retry:
      559                 spinlock_enter();
      560                 m = td->td_lock;
      561                 KASSERT(m->mtx_lock != MTX_DESTROYED,
      562                     ("thread_lock() of destroyed mutex @ %s:%d", file, l

vm_glue.c:
      738                 FOREACH_THREAD_IN_PROC(p, td) {
      739                         /*
      740                          * An otherwise runnable thread of a process
      741                          * swapped out has only the TDI_SWAPPED bit set.
      742                          *
      743                          */
      744                         thread_lock(td);
      745                         if (td->td_inhibitors == TDI_SWAPPED) {

-Ben Kaduk

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.GSO.1.10.1206121910380.18441>