Unkillable KSE threaded proc

Andrew Gallatin gallatin at cs.duke.edu
Thu Sep 9 11:23:56 PDT 2004

Julian Elischer writes:
 > I think it is
 > show thread (address)

FWIW, I think db_trace(thread addr, -1) seems to work better.
When I enter ddb, currproc is init, so show thread
seems to show garbage.

db> ps                                 
  pid   proc     uarea   uid  ppid  pgrp  flag   stat  wmesg    wchan  cmd
  623 c1b5f380 e6850000    0   472   472 0000000 [RUNQ] cron
  614 c1b5f8c0 e6853000    0   451   614 0000100 [RUNQ] sshd
  613 c1a22540 e680a000 1387     1   611 000c482 (threaded)  mx_pingpong
   thread 0xc1b617d0 ksegrp 0xc18779a0 [CPU 1]
   thread 0xc1b614b0 ksegrp 0xc18779a0 [SUSP]
   thread 0xc1b61320 ksegrp 0xc18779a0 [LOCK process lock c1b13200]
   thread 0xc2b6ce10 ksegrp 0xc1a270e0 [LOCK process lock c1b13200]

db> call db_trace_thread(0xc1b617d0, -1)
sched_switch(3249936336,3244003328,3244003328,468695918,1992661338) at sched_switch+216
mi_switch(2,3244003328,3244003668,3244003328,3867700060) at mi_switch+455
maybe_preempt(3244003328,252,0,3867700072,3226402603) at maybe_preempt+153
sched_add(70,3867700092,3226402999,3246881184,3867189248) at sched_add+259
end() at 3246881184

db> call db_trace_thread(0xc1b614b0, -1)
sched_switch(3249935536,3249936336,0,2929115342,3959095726) at sched_switch+216
mi_switch(1,3249936336,0,0,0) at mi_switch+455
thread_single(1,423437840,7706937,1737258498,3243666960) at thread_single+471
exit1(3249935536,9,3867675836,3867675876,3226344614) at exit1+277
expand_name(3249935536,9,256,0,0) at expand_name
postsig(9,3867675976,2,3243701424,0) at postsig+516
ast(3867675976) at ast+1508
doreti_ast() at doreti_ast+23

db> call db_trace_thread(0xc1b61320, -1)
sched_switch(3249935136,0,0,2147060238,4154263705) at sched_switch+216
mi_switch(1,0,3249936336,3228346184,0) at mi_switch+455
turnstile_wait(3249615360,3248629164,3249936336,3248629056,3249935136) at turnstile_wait+825
_mtx_lock_sleep(3248629164,3249935136,0,0,0) at _mtx_lock_sleep+290
kse_release(3249935136,3867663636,4,3249935136,3867663676) at kse_release+322
syscall(47,47,47,134562304,0) at syscall+764
Xint0x80_syscall() at Xint0x80_syscall+31
--- syscall (383, FreeBSD ELF32, kse_release), eip = 671759695, esp = 135876488, ebp = 135876548 ---

db> call db_trace_thread(0xc2b6ce10, -1)
sched_switch(3266760208,0,0,2564282502,2143396982) at sched_switch+216
mi_switch(1,0,3266760208,3244171108,3228328544) at mi_switch+455
turnstile_wait(3249615360,3248629164,3249936336,3248629056,3266760208) at turnstile_wait+825
_mtx_lock_sleep(3248629164,3266760208,0,0,0) at _mtx_lock_sleep+290
kse_release(3266760208,3901611284,4,3266760208,3901611324) at kse_release+322
syscall(47,47,3215917103,1,129) at syscall+764
Xint0x80_syscall() at Xint0x80_syscall+31
--- syscall (383, FreeBSD ELF32, kse_release), eip = 671759695, esp = 3215978288, ebp = 3215978380 ---

 > but if yuo can get a coredump it would be best..
 > in ddb do:
 > call doadump
 > in this case it looks like  thread 0xc1f2aaf0 has called exit() and is 
 > waiting for the others to exit..
 > I wonder if the lock is the answer.. it woul dbe good to follow the link 
 > in the mutex in the proc structure at 0xc1a2d8c0
 > to see which thread OWNS it..

I'm following it from 0xc1a22540 for today's lockup:

(kgdb) p $proc->p_mtx
$3 = {
  mtx_object = {
    lo_class = 0xc069e55c, 
    lo_name = 0xc067788d "process lock", 
    lo_type = 0xc067788d "process lock", 
    lo_flags = 0x430000, 
    lo_list = {
      tqe_next = 0x0, 
      tqe_prev = 0x0
    lo_witness = 0x0
  mtx_lock = 0xc1b617d2, 
  mtx_recurse = 0x0

0xc1b617d2 is almost the same as the thread id of the
first thread (0xc1b617d0)..

I've still got the dump, so if you need more info please let me know.


More information about the freebsd-threads mailing list