Date: Tue, 09 Dec 2003 19:14:01 +0000 From: Robin Breathe <robin@isometry.net> To: John Baldwin <jhb@FreeBSD.org> Cc: current@freebsd.org Subject: Re: Fatal trap 12: page fault while in kernel mode(subr_turnstile.c) w/ trace Message-ID: <3FD61EF9.8080708@isometry.net> In-Reply-To: <XFMail.20031209134422.jhb@FreeBSD.org> References: <XFMail.20031209134422.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
John Baldwin wrote:
> Oof, you seem to have possibly hit a corrupted thread object.
Sounds unpleasant.
>>(kgdb) l *0xc0537aa6
>>0xc0537aa6 is in turnstile_wait (/usr/src/sys/kern/subr_turnstile.c:439).
>>434 td = curthread;
>>435 tc = TC_LOOKUP(lock);
>>436 mtx_assert(&tc->tc_lock, MA_OWNED);
>>437 MPASS(td->td_turnstile != NULL);
>>438 MPASS(owner != NULL);
>>439 MPASS(owner->td_proc->p_magic == P_MAGIC);
>>440
>>441 /* If the passed in turnstile is NULL, use this thread's
>>turnstile. */
>>442 if (ts == NULL) {
>>443 ts = td->td_turnstile;
>>(kgdb)
>
> owner is not NULL, but it blew up trying to read owner->td_proc.
> Hmm, actually then, I think the owner pointer is bad. There was
> a while after one of the KSE commits when people would get panics
> with a thread whose td_proc was NULL, but I don't know if that bug
> was ever figured out or fixed. For owner to be wrong though,
> mtx_lock in the relevant mutex must have been corrupted somehow.
I see (partially). Is there anything I can do to help track the culprit,
running the command which leads to panic inside gdb? Anything vaguely
sensible? It would obviously be a bonus if we could track this bad-boy
down before 5.2 gets out the door.
- Robin
--
Robin Breathe robin@isometry.net +441865741800
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FD61EF9.8080708>