From owner-freebsd-current@FreeBSD.ORG  Thu Mar 31 16:21:46 2011
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 17469106564A;
	Thu, 31 Mar 2011 16:21:46 +0000 (UTC)
	(envelope-from onwahe@gmail.com)
Received: from mail-pw0-f54.google.com (mail-pw0-f54.google.com
	[209.85.160.54])
	by mx1.freebsd.org (Postfix) with ESMTP id DA1008FC16;
	Thu, 31 Mar 2011 16:21:45 +0000 (UTC)
Received: by pwj8 with SMTP id 8so548613pwj.13
	for <multiple recipients>; Thu, 31 Mar 2011 09:21:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type
	:content-transfer-encoding;
	bh=HxLKLTtX3lW/JM/VlW1YL6meut6voiZm7J+PXxUACmI=;
	b=BLN/7KMPZ8RtGVS/CAW9matSiVf/nL0SuvqhPhE+4w/iR5WgpOBDCnU73XRVgwY/I7
	Ue4ARy/FM2uCO6pTFVpbaZZd3do1TTPy2G5R4VOsYZi/wPa4ChMfvWDIXVIL8S1dsHBm
	N1LztjvGWDSY+ji6qKb/UnCEcSC7uNyYtRogI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	b=CHBVpB3l+nlFnnbneBpHj63bOOsE2v24WhSWkFjR38HArAFMVYKa/Ze4zq59PKK5l9
	7bRQOxnopgTZrrrOiR/BJ4nMp/eFFIfeT19JOW3ikSJdbbG1a56D6IJp/s1ncIcT/t6H
	rhkp7uM7MFrahagfiPjemSHL3W4og56Vqecho=
MIME-Version: 1.0
Received: by 10.142.201.13 with SMTP id y13mr2071039wff.198.1301588505435;
	Thu, 31 Mar 2011 09:21:45 -0700 (PDT)
Received: by 10.142.153.15 with HTTP; Thu, 31 Mar 2011 09:21:45 -0700 (PDT)
In-Reply-To: <201103310958.51416.jhb@freebsd.org>
References: <AANLkTimEiOW+kSZD6n1MHiRou3UWibU6Oy3fr9RO4_O4@mail.gmail.com>
	<201103310958.51416.jhb@freebsd.org>
Date: Thu, 31 Mar 2011 18:21:45 +0200
Message-ID: <AANLkTi=Qiugq9-mU2C3bgR0p_F70OeahbtvQUu7n_K6C@mail.gmail.com>
From: Svatopluk Kraus <onwahe@gmail.com>
To: John Baldwin <jhb@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-current@freebsd.org
Subject: Re: schedcpu() in /sys/kern/sched_4bsd.c calls thread_lock() on
 thread with un-initialized td_lock
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2011 16:21:46 -0000

On Thu, Mar 31, 2011 at 3:58 PM, John Baldwin <jhb@freebsd.org> wrote:
> On Thursday, March 31, 2011 7:32:26 am Svatopluk Kraus wrote:
>> Hi,
>>
>> =A0 I've got a page fault (because of NULL td_lock) in
>> thread_lock_flags() called from schedcpu() in /sys/kern/sched_4bsd.c
>> file. During process fork, new thread is linked to new process which
>> is linked to allproc list and both allproc_lock and new process lock
>> are unlocked before sched_fork() is called, where new thread td_lock
>> is initialized. Only PRS_NEW process status is on sentry but not
>> checked in schedcpu().
>
> I think this should fix it:
>
> Index: sched_4bsd.c
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- sched_4bsd.c =A0 =A0 =A0 =A0(revision 220190)
> +++ sched_4bsd.c =A0 =A0 =A0 =A0(working copy)
> @@ -463,6 +463,10 @@ schedcpu(void)
> =A0 =A0 =A0 =A0sx_slock(&allproc_lock);
> =A0 =A0 =A0 =A0FOREACH_PROC_IN_SYSTEM(p) {
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0PROC_LOCK(p);
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 if (p->p_state =3D=3D PRS_NEW) {
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 PROC_UNLOCK(p);
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 continue;
> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 }
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0FOREACH_THREAD_IN_PROC(p, td) {
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0awake =3D 0;
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0thread_lock(td);
>

Thanks for patch. Maybe, test p_state not to be PRS_NORMAL could be better?

I've got next (same reason) page fault in thread_lock_flags() called
from scheduler() in sys/vm/vm_glue.c. I try to search for
FOREACH_THREAD_IN_PROC() together with FOREACH_PROC_IN_SYSTEM() in
/sys subtree and next problem could be in deadlkres() in
sys/kern/kern_clock.c at least.