Fatal trap 12 in kern/kern_switch.c:436

From: Peter Holm <peter_at_holm.cc> Date: Wed, 11 Aug 2004 10:52:29 +0200 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:05 UTC

While stress testing with kern.threads.virtual_cpu=256 I got this
fault after a kill -9 of a hung test program.

GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2004 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.
FreeBSD 5.2-CURRENT #0: Wed Aug 11 04:23:56 CEST 2004
    root_at_peter.osted.lan:/usr/src/sys/i386/compile/PHO
WARNING: WITNESS option enabled, expect reduced performance.
ACPI APIC Table: <A M I  OEMAPIC >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.14-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0xf13  Stepping = 3
  Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM>
real memory  = 267583488 (255 MB)
avail memory = 252190720 (240 MB)
:
ata1-master: DMA limited to UDMA33, non-ATA66 cable or device
acd0: CDROM <SONY CD-ROM CDU5261/C200SNS> at ata1-master UDMA33
Mounting root from ufs:/dev/ad0s1a
kernel trap 12 with interrupts disabled

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address	= 0x54
fault code		= supervisor write, page not present
instruction pointer	= 0x8:0xc066ab08
stack pointer	        = 0x10:0xd25c1c50
frame pointer	        = 0x10:0xd25c1c70
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= resume, IOPL = 0
current process		= 539 (pthread_setconcurre)
[thread 101883]
Stopped at      setrunqueue+0x1e8:      movl    %edi,0x54(%edx)
db> where
setrunqueue(c1bac2c0,c1a957d0,c08b1292,484,c065038e) at setrunqueue+0x1e8
sched_switch(c1bac2c0,0,c08b06b2,123,d3526cf3) at sched_switch+0xa4
mi_switch(2,0,c08b2b56,f5,10000) at mi_switch+0x29f
ast(d25c1d48) at ast+0x3fb
doreti_ast() at doreti_ast+0x17
db> call doadump
Dumping 255 MB
panic: blockable sleep lock (sleep mutex) taskqueue _at_ kern/subr_taskqueue.c:132
cpuid = 0; 
Uptime: 34m36s
panic: cv_wait: not TDS_RUNNING
cpuid = 0; 
KDB: enter: panic
[thread 101883]
Stopped at      kdb_enter+0x30: leave
db>

(kgdb) l *0xc066ab08
0xc066ab08 is in setrunqueue (../../../kern/kern_switch.c:436).
431                              * put the new kse on whatever is next,
432                              * which may or may not be us.
433                              */
434                             td2 = TAILQ_NEXT(tda, td_runq);
435                             kg->kg_last_assigned = td2;
436                             td2->td_kse = ke;
437                             ke->ke_thread = td2;
438                     }
439                     sched_add(ke->ke_thread);
440             } else {
(kgdb) 
-- 
Peter Holm