Re: panic td->td_lock == NULL in scheduler(), csup'd 2011-02-19

From: John Baldwin <jhb_at_freebsd.org> Date: Wed, 13 Jun 2012 13:32:12 -0400 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:28 UTC

On Wednesday, June 13, 2012 11:46:56 am Benjamin Kaduk wrote:
> On Wed, 13 Jun 2012, John Baldwin wrote:
> 
> > On Wednesday, June 13, 2012 7:11:10 am Svatopluk Kraus wrote:
> >> Hi,
> >>
> >>  it looks similar to
> >> http://lists.freebsd.org/pipermail/freebsd-current/2011-March/023829.html
> >
> > Hmm, the code in question has a PRS_NEW check though.
> >
> > Benjamin, can you go to the scheduler() frame and do 'p *p' and 'p *td'?
> 
> Sure.
> 
> (kgdb) frame 10
> #10 0xffffffff8094b395 in scheduler (dummy=Variable "dummy" is not available.
> ) at /usr/src/sys/vm/vm_glue.c:744
> 744                             thread_lock(td);
> (kgdb) p *p
> $1 = {p_list = {le_next = 0xfffffe006d4c1000, le_prev = 0xffffffff80ee8f60},
>    p_threads = {tqh_first = 0xfffffe003b14d8c0, tqh_last = 0xfffffe003b14d8d0},
>    p_slock = {lock_object = {lo_name = 0xffffffff80b09517 "process slock",
>        lo_flags = 720896, lo_data = 0, lo_witness = 0x0}, mtx_lock = 4},
>    p_ucred = 0xfffffe00025e4e00, p_fd = 0x0, p_fdtol = 0x0,
>    p_stats = 0xfffffe00058a1000, p_limit = 0x0, p_limco = {c_links = {sle = {
>          sle_next = 0x0}, tqe = {tqe_next = 0x0, tqe_prev = 0x0}}, c_time = 0,
>      c_arg = 0x0, c_func = 0, c_lock = 0x0, c_flags = 0, c_cpu = 0},
>    p_sigacts = 0x0, p_flag = 0, p_state = PRS_NEW, p_pid = 3054, p_hash = {

Hmmm, p_state == PRS_NEW.  I don't understand why this loop didn't bail out
earlier then.  This is the code in stock HEAD:

	FOREACH_PROC_IN_SYSTEM(p) {
		PROC_LOCK(p);
		if (p->p_state == PRS_NEW ||
		    p->p_flag & (P_SWAPPINGOUT | P_SWAPPINGIN | P_INMEM)) {
			PROC_UNLOCK(p);
			continue;
		}
		swtime = (ticks - p->p_swtick) / hz;
		FOREACH_THREAD_IN_PROC(p, td) {
			/*
			 * An otherwise runnable thread of a process
			 * swapped out has only the TDI_SWAPPED bit set.
			 * 
			 */
			thread_lock(td);

Granted, my line numbers don't match up with yours (the
FOREACH_THREAD_IN_PROC() is at line 755 in HEAD vs 738 in your core).

Oh, does your subject line mean you are still running a kernel from that date?
I read it as meaning that you had just updated and gotten a crash in
top-of-tree and your previously-fine kernel was from the date in the subject.

-- 
John Baldwin