From owner-freebsd-stable@FreeBSD.ORG  Tue May 22 19:56:12 2012
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C17B2106567C
	for <freebsd-stable@freebsd.org>; Tue, 22 May 2012 19:56:12 +0000 (UTC)
	(envelope-from andrey@zonov.org)
Received: from mail-lpp01m010-f54.google.com (mail-lpp01m010-f54.google.com
	[209.85.215.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 3A0E48FC1B
	for <freebsd-stable@freebsd.org>; Tue, 22 May 2012 19:56:12 +0000 (UTC)
Received: by laai10 with SMTP id i10so6654259laa.13
	for <freebsd-stable@freebsd.org>; Tue, 22 May 2012 12:56:11 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=message-id:date:from:user-agent:mime-version:to:cc:subject
	:references:in-reply-to:content-type:content-transfer-encoding
	:x-gm-message-state;
	bh=K706xEoD4VGKEpsa78WlnzmlChk1avmS1MtFGVgc1Ms=;
	b=GcH815HPpIuzI6+9WH12bTHPzwV5SeluWJh8tzpPo2fPU40E75PczpCmg6R/f58a5Q
	5axg+rUOyT0e8FzWA25cgXaG8X2w5adrva4471QU4wqvd3AGw9+O91sRZtpf0BoSzN2T
	ZbOIrJevyg4sjIHrRLgQiGzBVPxQcKwJ+c3eCBXVHqI5BS9sHFuRNyaZrKxF1Q72ojvh
	2CA3VCZYqVwEl3e5UXo5T65lj2mR/ib+5HKkHvT9J9BFcUUI8Ac81qzMqkluGmw+pTWB
	haoGbgD54AP8UH+eBzlALhdUzA7/oMnbKFWWAm78bBR0WGd/NAdJ2QHLH+8HnaIe8dPA
	UL9g==
Received: by 10.112.36.163 with SMTP id r3mr10571184lbj.87.1337716571119;
	Tue, 22 May 2012 12:56:11 -0700 (PDT)
Received: from zont-osx.local (ppp95-165-130-190.pppoe.spdop.ru.
	[95.165.130.190])
	by mx.google.com with ESMTPS id ta2sm32498232lab.15.2012.05.22.12.56.09
	(version=SSLv3 cipher=OTHER); Tue, 22 May 2012 12:56:10 -0700 (PDT)
Message-ID: <4FBBEF58.6060604@zonov.org>
Date: Tue, 22 May 2012 23:56:08 +0400
From: Andrey Zonov <andrey@zonov.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7;
	rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: =?ISO-8859-2?Q?Edward_Tomasz_Napiera=B3a?= <trasz@freebsd.org>
References: <4FAFEEEF.3040706@zonov.org> <20120513202920.GA18238@dft-labs.eu>
	<4FB177EE.7030808@zonov.org> <4FB8F055.9080700@zonov.org>
	<09BCC731-0060-400D-8A25-4FB5268FA00D@freebsd.org>
In-Reply-To: <09BCC731-0060-400D-8A25-4FB5268FA00D@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-2; format=flowed
Content-Transfer-Encoding: 8bit
X-Gm-Message-State: ALoCoQnvkKQJjIC6S802CE9MA03TN0TxDwCxGwY4JHEjfdgsn0avWuchABXg1Nd8YMuf1GXTFyYH
Cc: Mateusz Guzik <mjguzik@gmail.com>,
	freebsd-stable <freebsd-stable@freebsd.org>
Subject: Re: panic with overcommit and RACCT
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 22 May 2012 19:56:12 -0000

On 5/22/12 8:04 PM, Edward Tomasz Napierała wrote:
> Wiadomość napisana przez Andrey Zonov w dniu 20 maj 2012, o godz. 15:23:
>> On 5/15/12 1:23 AM, Andrey Zonov wrote:
>>> On 5/14/12 12:29 AM, Mateusz Guzik wrote:
>>>> On Sun, May 13, 2012 at 09:27:11PM +0400, Andrey Zonov wrote:
>>>>> Hi,
>>>>>
>>>>> I've got a repeatable panic on latest 9.0-STABLE and HEAD with
>>>>> turned on overcommit (vm.overcommit=1) and RACCT.
>>>>>
>>>>> kgdb trace on today's HEAD:
>>>>>
>>>>> #10 0xffffffff80bc3513 in calltrap ()
>>>>> at /usr/src/sys/amd64/amd64/exception.S:228
>>>>> #11 0xffffffff808aab71 in racct_set_locked (p=0xfffffe0005d684a0,
>>>>> resource=0,
>>>>> amount=2680) at /usr/src/sys/kern/kern_racct.c:372
>>>>> #12 0xffffffff808ab645 in racct_proc_exit (p=0xfffffe0005d684a0)
>>>>> at /usr/src/sys/kern/kern_racct.c:615
>>>>> #13 0xffffffff80880d69 in fork1 (td=0xfffffe0005b2c460, flags=20,
>>>>> pages=4,
>>>>> procp=0xffffff811a36bb00, procdescp=Variable "procdescp" is not
>>>>> available.
>>>>> ) at /usr/src/sys/kern/kern_fork.c:943
>>>>> #14 0xffffffff80882362 in sys_fork (td=0xfffffe0005b2c460,
>>>>> uap=Variable "uap" is not available.
>>>>> )
>>>>> at /usr/src/sys/kern/kern_fork.c:110
>>>>> #15 0xffffffff80bd7a89 in amd64_syscall (td=0xfffffe0005b2c460,
>>>>> traced=0)
>>>>> at subr_syscall.c:135
>>>>> #16 0xffffffff80bc37f7 in Xfast_syscall ()
>>>>> at /usr/src/sys/amd64/amd64/exception.S:387
>>>>> #17 0x00000008024729fc in ?? ()
>>>>> Previous frame inner to this frame (corrupt stack?)
>>>>> (kgdb)
>>>>>
>>>>> Unread portion of the kernel message buffer:
>>>>> Kernel page fault with the following non-sleepable locks held:
>>>>> exclusive sleep mutex racct lock (racct lock) r = 0
>>>>> (0xffffffff8128a7c0) locked @ /usr/src/sys/kern/kern_racct.c:614
>>>>> exclusive sleep mutex process lock (process lock) r = 0
>>>>> (0xfffffe0005d68598) locked @ /usr/src/sys/kern/kern_racct.c:603
>>>>>
>>>>
>>>> It looks like racct_proc_exit can be called for processes without
>>>> properly initialized racct structure, which in turn results in this
>>>> panic.
>>>>
>>>> Can you please test this patch:
>>>> http://student.agh.edu.pl/~mjguzik/patches/racct-fork.patch
>>>>
>>>> ?
>>>>
>>>> I was unable to reproduce panic you describe, so it was tested only by
>>>> manually injecting error. Nevertheless I think you should try it. :)
>>>>
>>>
>>> Thanks, your patch fixes the panic.
>>
>> Can anyone commit this fix?
>
> I've committed a slightly different fix (previous one would leak RCTL
> structures) in 235787; it's also attached below.  Could you please test it?

Thanks, it works!

> I plan to MFC it in two weeks from now.

Much appreciate.

>
> Index: kern_racct.c
> ===================================================================
> --- kern_racct.c        (revision 235699)
> +++ kern_racct.c        (working copy)
> @@ -594,6 +594,9 @@ out:
>          PROC_UNLOCK(child);
>          PROC_UNLOCK(parent);
>
> +       if (error != 0)
> +               racct_proc_exit(child);
> +
>          return (error);
>   }
>
> Index: kern_fork.c
> ===================================================================
> --- kern_fork.c (revision 235699)
> +++ kern_fork.c (working copy)
> @@ -939,8 +939,8 @@ fail:
>   #ifdef MAC
>          mac_proc_destroy(newproc);
>   #endif
> +       racct_proc_exit(newproc);
>   fail1:
> -       racct_proc_exit(newproc);
>          if (vm2 != NULL)
>                  vmspace_free(vm2);
>          uma_zfree(proc_zone, newproc);
>


-- 
Andrey Zonov