NetBSD Problem Report #46286

From wiz@yt.nih.at  Sun Apr  1 11:14:27 2012
Return-Path: <wiz@yt.nih.at>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	by www.NetBSD.org (Postfix) with ESMTP id 473F763BEE1
	for <gnats-bugs@gnats.netbsd.org>; Sun,  1 Apr 2012 11:14:27 +0000 (UTC)
Message-Id: <20120401105844.2DB1D3A0305@yt.nih.at>
Date: Sun,  1 Apr 2012 12:58:44 +0200 (CEST)
From: Thomas Klausner <wiz@NetBSD.org>
Reply-To: Thomas Klausner <wiz@NetBSD.org>
To: gnats-bugs@gnats.NetBSD.org
Subject: posix_spawn induced panic
X-Send-Pr-Version: 3.95

>Number:         46286
>Category:       kern
>Synopsis:       posix_spawn induced panic
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    martin
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Apr 01 11:15:01 +0000 2012
>Closed-Date:    Fri Apr 13 00:52:02 +0000 2012
>Last-Modified:  Fri Apr 13 00:52:02 +0000 2012
>Originator:     Thomas Klausner
>Release:        NetBSD 6.99.4
>Organization:
Curiosity is the very basis of education and if you tell me that 
curiosity killed the cat, I say only that the cat died nobly.
- Arnold Edinborough
>Environment:


System: NetBSD yt.nih.at 6.99.4 NetBSD 6.99.4 (YT) #8: Fri Mar 30 08:08:11 CEST 2012 wiz@yt.nih.at:/archive/cvs/src/sys/arch/amd64/compile/obj/YT amd64
Architecture: x86_64
Machine: amd64
>Description:
When building NetBSD with clang on a clang based userland+kernel, I get repeatable panics.
Copied from screenshot:
fatal page faultfatal page fault in supervisor mode
trap type 6 code 0 rip ffffffff8040e27e cs 8 rflags 10246 cr2 0 cpl  rsp ff...e81165d4860
kernel: page fault t
                             =0
pStopped in pid 18769.1 (x86_64--netbsd-c) at    netbsd:pmap_deactivate+0x93:
 m
ovq     0(%rax),%rbx
pmap_deactivate() at netbsd:pmap_deactivate+0x93
mi_switch() at netbsd:mi_switch+0x2c5
sleepq_block() at netbsd:sleepq_block+0xa4
turnstile_block() at netbsd:turnstile_block+0x3d4
mutex_vector_enter() at netbsd:mutex_vector_enter+0x223
pmap_create() at netbsd:pmap_create+0x140
uvmspace_init() at netbsd:uvmspace_init+0x4b
uvmspace_alloc() at netbsd:uvmspace_alloc+0x39
uvmspace_exec() at netbsd:uvmspace_exec+0xf8
execve_runproc() at netbsd:execve_runproc+0xd0
spawn_return() at netbsd:spawn_return+0x39e

Chuck Silvers analyzes:
looks like a bug in the posix_spawn() stuff, yea.  we're trying to sleep
before the current process has a pmap or even a vmspace, which isn't going to work.
even though the new thread is now created as non-preemptable, it needs to sleep
because it's taking pmaps_lock which must be held by another thread that is
sleeping, which I'll guess is because the other thread was preempted.
it would be better to have these posix_spawn() processes use proc0's vmspace
until they can allocate their own.

>How-To-Repeat:
For me, just building a NetBSD using clang on a NetBSD built using clang.
>Fix:
Not provided.

>Release-Note:

>Audit-Trail:

Responsible-Changed-From-To: kern-bug-people->martin
Responsible-Changed-By: martin@NetBSD.org
Responsible-Changed-When: Sun, 01 Apr 2012 11:16:09 +0000
Responsible-Changed-Why:
mine


From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/46286 CVS commit: src
Date: Sun, 8 Apr 2012 11:27:46 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Sun Apr  8 11:27:46 UTC 2012

 Modified Files:
 	src/lib/libc/gen: posix_spawn_fileactions.c
 	src/sys/compat/netbsd32: netbsd32.h netbsd32_execve.c syscalls.master
 	src/sys/kern: exec_elf.c kern_exec.c kern_exit.c
 	src/sys/sys: exec.h spawn.h
 	src/sys/uvm: uvm_extern.h uvm_glue.c uvm_map.c
 	src/tests/lib/libc/gen/posix_spawn: t_fileactions.c

 Log Message:
 Rework posix_spawn locking and memory management:
  - always provide a vmspace for the new proc, initially borrowing from proc0
    (this part fixes PR 46286)
  - increase parallelism between parent and child if arguments allow this,
    avoiding a potential deadlock on exec_lock
  - add a new flag for userland to request old (lockstepped) behaviour for
    better error reporting
  - adapt test cases to the previous two and add a new variant to test the
    diagnostics flag
  - fix a few memory (and lock) leaks
  - provide netbsd32 compat


 To generate a diff of this commit:
 cvs rdiff -u -r1.1 -r1.2 src/lib/libc/gen/posix_spawn_fileactions.c
 cvs rdiff -u -r1.94 -r1.95 src/sys/compat/netbsd32/netbsd32.h \
     src/sys/compat/netbsd32/syscalls.master
 cvs rdiff -u -r1.33 -r1.34 src/sys/compat/netbsd32/netbsd32_execve.c
 cvs rdiff -u -r1.37 -r1.38 src/sys/kern/exec_elf.c
 cvs rdiff -u -r1.347 -r1.348 src/sys/kern/kern_exec.c
 cvs rdiff -u -r1.237 -r1.238 src/sys/kern/kern_exit.c
 cvs rdiff -u -r1.134 -r1.135 src/sys/sys/exec.h
 cvs rdiff -u -r1.1 -r1.2 src/sys/sys/spawn.h
 cvs rdiff -u -r1.182 -r1.183 src/sys/uvm/uvm_extern.h
 cvs rdiff -u -r1.158 -r1.159 src/sys/uvm/uvm_glue.c
 cvs rdiff -u -r1.316 -r1.317 src/sys/uvm/uvm_map.c
 cvs rdiff -u -r1.3 -r1.4 src/tests/lib/libc/gen/posix_spawn/t_fileactions.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->pending-pullups
State-Changed-By: martin@NetBSD.org
State-Changed-When: Mon, 09 Apr 2012 08:52:30 +0000
State-Changed-Why:
Waiting on [pullup-6 #175]


From: "Jeff Rizzo" <riz@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/46286 CVS commit: [netbsd-6] src
Date: Thu, 12 Apr 2012 17:05:38 +0000

 Module Name:	src
 Committed By:	riz
 Date:		Thu Apr 12 17:05:38 UTC 2012

 Modified Files:
 	src/lib/libc/gen [netbsd-6]: posix_spawn_fileactions.c
 	src/sys/compat/netbsd32 [netbsd-6]: netbsd32.h netbsd32_execve.c
 	    syscalls.master
 	src/sys/kern [netbsd-6]: exec_elf.c kern_exec.c kern_exit.c
 	src/sys/sys [netbsd-6]: exec.h spawn.h
 	src/sys/uvm [netbsd-6]: uvm_extern.h uvm_glue.c uvm_map.c
 	src/tests/lib/libc/gen/posix_spawn [netbsd-6]: t_fileactions.c

 Log Message:
 Pull up following revision(s) (requested by martin in ticket #175):
 	sys/kern/kern_exit.c: revision 1.238
 	tests/lib/libc/gen/posix_spawn/t_fileactions.c: revision 1.4
 	tests/lib/libc/gen/posix_spawn/t_fileactions.c: revision 1.5
 	sys/uvm/uvm_extern.h: revision 1.183
 	lib/libc/gen/posix_spawn_fileactions.c: revision 1.2
 	sys/kern/kern_exec.c: revision 1.348
 	sys/kern/kern_exec.c: revision 1.349
 	sys/compat/netbsd32/syscalls.master: revision 1.95
 	sys/uvm/uvm_glue.c: revision 1.159
 	sys/uvm/uvm_map.c: revision 1.317
 	sys/compat/netbsd32/netbsd32.h: revision 1.95
 	sys/kern/exec_elf.c: revision 1.38
 	sys/sys/spawn.h: revision 1.2
 	sys/sys/exec.h: revision 1.135
 	sys/compat/netbsd32/netbsd32_execve.c: revision 1.34
 Rework posix_spawn locking and memory management:
  - always provide a vmspace for the new proc, initially borrowing from proc0
    (this part fixes PR 46286)
  - increase parallelism between parent and child if arguments allow this,
    avoiding a potential deadlock on exec_lock
  - add a new flag for userland to request old (lockstepped) behaviour for
    better error reporting
  - adapt test cases to the previous two and add a new variant to test the
    diagnostics flag
  - fix a few memory (and lock) leaks
  - provide netbsd32 compat
 Fix asynchronous posix_spawn child exit status (and test for it).


 To generate a diff of this commit:
 cvs rdiff -u -r1.1 -r1.1.2.1 src/lib/libc/gen/posix_spawn_fileactions.c
 cvs rdiff -u -r1.92 -r1.92.2.1 src/sys/compat/netbsd32/netbsd32.h
 cvs rdiff -u -r1.33 -r1.33.2.1 src/sys/compat/netbsd32/netbsd32_execve.c
 cvs rdiff -u -r1.91 -r1.91.2.1 src/sys/compat/netbsd32/syscalls.master
 cvs rdiff -u -r1.37 -r1.37.2.1 src/sys/kern/exec_elf.c
 cvs rdiff -u -r1.339.2.3 -r1.339.2.4 src/sys/kern/kern_exec.c
 cvs rdiff -u -r1.236 -r1.236.2.1 src/sys/kern/kern_exit.c
 cvs rdiff -u -r1.134 -r1.134.2.1 src/sys/sys/exec.h
 cvs rdiff -u -r1.1 -r1.1.2.1 src/sys/sys/spawn.h
 cvs rdiff -u -r1.181 -r1.181.2.1 src/sys/uvm/uvm_extern.h
 cvs rdiff -u -r1.156.2.2 -r1.156.2.3 src/sys/uvm/uvm_glue.c
 cvs rdiff -u -r1.313.2.1 -r1.313.2.2 src/sys/uvm/uvm_map.c
 cvs rdiff -u -r1.2.2.1 -r1.2.2.2 \
     src/tests/lib/libc/gen/posix_spawn/t_fileactions.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: pending-pullups->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Fri, 13 Apr 2012 00:52:02 +0000
State-Changed-Why:
Pullup completed.


>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.