panic with overcommit and RACCT
Edward Tomasz Napierała
trasz at freebsd.org
Tue May 22 16:04:20 UTC 2012
Wiadomość napisana przez Andrey Zonov w dniu 20 maj 2012, o godz. 15:23:
> On 5/15/12 1:23 AM, Andrey Zonov wrote:
>> On 5/14/12 12:29 AM, Mateusz Guzik wrote:
>>> On Sun, May 13, 2012 at 09:27:11PM +0400, Andrey Zonov wrote:
>>>> Hi,
>>>>
>>>> I've got a repeatable panic on latest 9.0-STABLE and HEAD with
>>>> turned on overcommit (vm.overcommit=1) and RACCT.
>>>>
>>>> kgdb trace on today's HEAD:
>>>>
>>>> #10 0xffffffff80bc3513 in calltrap ()
>>>> at /usr/src/sys/amd64/amd64/exception.S:228
>>>> #11 0xffffffff808aab71 in racct_set_locked (p=0xfffffe0005d684a0,
>>>> resource=0,
>>>> amount=2680) at /usr/src/sys/kern/kern_racct.c:372
>>>> #12 0xffffffff808ab645 in racct_proc_exit (p=0xfffffe0005d684a0)
>>>> at /usr/src/sys/kern/kern_racct.c:615
>>>> #13 0xffffffff80880d69 in fork1 (td=0xfffffe0005b2c460, flags=20,
>>>> pages=4,
>>>> procp=0xffffff811a36bb00, procdescp=Variable "procdescp" is not
>>>> available.
>>>> ) at /usr/src/sys/kern/kern_fork.c:943
>>>> #14 0xffffffff80882362 in sys_fork (td=0xfffffe0005b2c460,
>>>> uap=Variable "uap" is not available.
>>>> )
>>>> at /usr/src/sys/kern/kern_fork.c:110
>>>> #15 0xffffffff80bd7a89 in amd64_syscall (td=0xfffffe0005b2c460,
>>>> traced=0)
>>>> at subr_syscall.c:135
>>>> #16 0xffffffff80bc37f7 in Xfast_syscall ()
>>>> at /usr/src/sys/amd64/amd64/exception.S:387
>>>> #17 0x00000008024729fc in ?? ()
>>>> Previous frame inner to this frame (corrupt stack?)
>>>> (kgdb)
>>>>
>>>> Unread portion of the kernel message buffer:
>>>> Kernel page fault with the following non-sleepable locks held:
>>>> exclusive sleep mutex racct lock (racct lock) r = 0
>>>> (0xffffffff8128a7c0) locked @ /usr/src/sys/kern/kern_racct.c:614
>>>> exclusive sleep mutex process lock (process lock) r = 0
>>>> (0xfffffe0005d68598) locked @ /usr/src/sys/kern/kern_racct.c:603
>>>>
>>>
>>> It looks like racct_proc_exit can be called for processes without
>>> properly initialized racct structure, which in turn results in this
>>> panic.
>>>
>>> Can you please test this patch:
>>> http://student.agh.edu.pl/~mjguzik/patches/racct-fork.patch
>>>
>>> ?
>>>
>>> I was unable to reproduce panic you describe, so it was tested only by
>>> manually injecting error. Nevertheless I think you should try it. :)
>>>
>>
>> Thanks, your patch fixes the panic.
>
> Can anyone commit this fix?
I've committed a slightly different fix (previous one would leak RCTL
structures) in 235787; it's also attached below. Could you please test it?
I plan to MFC it in two weeks from now.
Index: kern_racct.c
===================================================================
--- kern_racct.c (revision 235699)
+++ kern_racct.c (working copy)
@@ -594,6 +594,9 @@ out:
PROC_UNLOCK(child);
PROC_UNLOCK(parent);
+ if (error != 0)
+ racct_proc_exit(child);
+
return (error);
}
Index: kern_fork.c
===================================================================
--- kern_fork.c (revision 235699)
+++ kern_fork.c (working copy)
@@ -939,8 +939,8 @@ fail:
#ifdef MAC
mac_proc_destroy(newproc);
#endif
+ racct_proc_exit(newproc);
fail1:
- racct_proc_exit(newproc);
if (vm2 != NULL)
vmspace_free(vm2);
uma_zfree(proc_zone, newproc);
--
If you cut off my head, what would I say? Me and my head, or me and my body?
More information about the freebsd-stable
mailing list