Date: Thu, 9 Mar 2017 14:07:50 -0800 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Konstantin Belousov <kostikbel@gmail.com> Cc: current@FreeBSD.org Subject: Re: r314708: panic: tdsendsignal: ksi on queue Message-ID: <965f0de2-032a-fd35-6646-57f6840ebcc8@FreeBSD.org> In-Reply-To: <20170309144646.GB16105@kib.kiev.ua> References: <d510a9da-8293-ba22-a1e6-75b3ea7ffa1d@FreeBSD.org> <20170309144646.GB16105@kib.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--TMg6t0XwnlV1sb9uOWEpsTmj1Fulpb7u5
Content-Type: multipart/mixed; boundary="1eLMk0lKB4RhglmtUTBV8SWcdr4lnAdjo";
protected-headers="v1"
From: Bryan Drewery <bdrewery@FreeBSD.org>
To: Konstantin Belousov <kostikbel@gmail.com>
Cc: current@FreeBSD.org
Message-ID: <965f0de2-032a-fd35-6646-57f6840ebcc8@FreeBSD.org>
Subject: Re: r314708: panic: tdsendsignal: ksi on queue
References: <d510a9da-8293-ba22-a1e6-75b3ea7ffa1d@FreeBSD.org>
<20170309144646.GB16105@kib.kiev.ua>
In-Reply-To: <20170309144646.GB16105@kib.kiev.ua>
--1eLMk0lKB4RhglmtUTBV8SWcdr4lnAdjo
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
On 3/9/2017 6:46 AM, Konstantin Belousov wrote:
> On Wed, Mar 08, 2017 at 09:00:17PM -0800, Bryan Drewery wrote:
>> I'm on r314708. I hit ^C while running 'kyua test' in /usr/tests/bin/=
pwait.
>>
>>> panic: tdsendsignal: ksi on queue
>>> cpuid =3D 10
>>
>>> #10 kdb_enter (why=3D0xffffffff814488f5 "panic", msg=3D<optimized out=
>) at /usr/src/sys/kern/subr_kdb.c:444
>>> #11 0xffffffff80a577f3 in vpanic (fmt=3D<optimized out>, ap=3D0xfffff=
e35601a3620) at /usr/src/sys/kern/kern_shutdown.c:772
>>> #12 0xffffffff80a5764f in _kassert_panic (fatal=3D1, fmt=3D0xffffffff=
81448fd7 "%s: ksi on queue") at /usr/src/sys/kern/kern_shutdown.c:669
>>> #13 0xffffffff80a5c843 in tdsendsignal (p=3D0xfffff80c39389a80, td=3D=
0x0, sig=3D20, ksi=3D0xfffff803888a2bd0) at /usr/src/sys/kern/kern_sig.c:=
2095
>>> #14 0xffffffff80a13828 in exit1 (td=3D<optimized out>, rval=3D<optimi=
zed out>, signo=3D<optimized out>) at /usr/src/sys/kern/kern_exit.c:459
>>> #15 0xffffffff80a5b28c in sigexit (td=3D0xfffff802f0bee000, sig=3D9) =
at /usr/src/sys/kern/kern_sig.c:3081
>>> #16 0xffffffff80a5b88e in postsig (sig=3D9) at /usr/src/sys/kern/kern=
_sig.c:2992
>>> #17 0xffffffff80a5b56b in kern_sigsuspend (td=3D0xfffff802f0bee000, m=
ask=3D...) at /usr/src/sys/kern/kern_sig.c:1515
>>> #18 0xffffffff80a5b441 in sys_sigsuspend (td=3D0xfffff802f0bee000, ua=
p=3D<optimized out>) at /usr/src/sys/kern/kern_sig.c:1479
>>> #19 0xffffffff80ee04da in syscallenter (td=3D0xfffff802f0bee000, sa=3D=
<optimized out>) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:13=
5
>>> #20 amd64_syscall (td=3D0xfffff802f0bee000, traced=3D0) at /usr/src/s=
ys/amd64/amd64/trap.c:902
>>
>>
>>> (kgdb) frame 18
>>> #18 0xffffffff80a5b441 in sys_sigsuspend (td=3D0xfffff802f0bee000, ua=
p=3D<optimized out>) at /usr/src/sys/kern/kern_sig.c:1479
>>> 1479 return (kern_sigsuspend(td, mask));
>>
>>> (kgdb) p td->td_proc->p_comm
>>> $3 =3D "timeout", '\000' <repeats 12 times>
>>
>>> (kgdb) frame 13
>>> #13 0xffffffff80a5c843 in tdsendsignal (p=3D0xfffff80c39389a80, td=3D=
0x0, sig=3D20, ksi=3D0xfffff803888a2bd0) at /usr/src/sys/kern/kern_sig.c:=
2095
>>> 2095 KASSERT(ksi =3D=3D NULL || !KSI_ONQ(ksi), ("%s: ksi o=
n queue", __func__));
>>> (kgdb) p *ksi
>>> $4 =3D {ksi_link =3D {tqe_next =3D 0x0, tqe_prev =3D 0xfffff80c39389c=
58}, ksi_info =3D {si_signo =3D 20, si_errno =3D 0, si_code =3D 2, si_pid=
=3D 90903, si_uid =3D 0, si_status =3D 9, si_addr =3D 0x0, si_value =3D =
{
>>> sival_int =3D 0, sival_ptr =3D 0x0, sigval_int =3D 0, sigval_pt=
r =3D 0x0}, _reason =3D {_fault =3D {_trapno =3D 0}, _timer =3D {_timerid=
=3D 0, _overrun =3D 0}, _mesgq =3D {_mqd =3D 0}, _poll =3D {_band =3D 0}=
, __spare__ =3D {
>>> __spare1__ =3D 0, __spare2__ =3D {0, 0, 0, 0, 0, 0, 0}}}}, ks=
i_flags =3D 6, ksi_sigq =3D 0xfffff80c39389c28}
>>
>>> (kgdb) p *ksi->ksi_sigq
>>> $6 =3D {sq_signals =3D {__bits =3D {524288, 0, 0, 0}}, sq_kill =3D {_=
_bits =3D {0, 0, 0, 0}}, sq_ptrace =3D {__bits =3D {0, 0, 0, 0}}, sq_list=
=3D {tqh_first =3D 0xfffff803888a2bd0, tqh_last =3D 0xfffff803888a2bd0},=
>=20
> Yes, there is a race, apparently, with the child zombie still not finis=
hing
> sending the SIGCHLD to the parent and parent exiting. The following sh=
ould
> fix the issue, but I do not think that reproducing the problem is easy.=
>=20
Thanks, I've applied it locally.
> diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c
> index c524fe5df37..ba5ff84e9de 100644
> --- a/sys/kern/kern_exit.c
> +++ b/sys/kern/kern_exit.c
> @@ -189,6 +189,7 @@ exit1(struct thread *td, int rval, int signo)
> {
> struct proc *p, *nq, *q, *t;
> struct thread *tdt;
> + ksiginfo_t ksi;
> =20
> mtx_assert(&Giant, MA_NOTOWNED);
> KASSERT(rval =3D=3D 0 || signo =3D=3D 0, ("exit1 rv %d sig %d", rval,=
signo));
> @@ -456,7 +457,12 @@ exit1(struct thread *td, int rval, int signo)
> proc_reparent(q, q->p_reaper);
> if (q->p_state =3D=3D PRS_ZOMBIE) {
> PROC_LOCK(q->p_reaper);
> - pksignal(q->p_reaper, SIGCHLD, q->p_ksi);
> + if (q->p_ksi !=3D NULL) {
> + ksiginfo_init(&ksi);
> + ksiginfo_copy(q->p_ksi, &ksi);
> + }
> + pksignal(q->p_reaper, SIGCHLD, q->p_ksi !=3D
> + NULL ? &ksi : NULL);
> PROC_UNLOCK(q->p_reaper);
> }
> } else {
>=20
--=20
Regards,
Bryan Drewery
--1eLMk0lKB4RhglmtUTBV8SWcdr4lnAdjo--
--TMg6t0XwnlV1sb9uOWEpsTmj1Fulpb7u5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJYwdI2AAoJEDXXcbtuRpfPLlUH/RcvCp6gYUjKgXS/UbExceWs
nZDAHi8kAxIzdTnRLhl41KO8R0x0/pERuHuquJ8fmUta9MeEkyl7Wu4Ef4i0ZWt8
w+2np2dpp3ivVLxW+UV7OOY+PyIGbT8DSBnN7aKRm5KQOItT457d/P0VREuEzu50
1QMjZjMULZaxPNgBL1ucNTZnVXwcbUPA+GRorQ6qQbwGrBpxAyqxWQy/nTT4CDfD
Nc9V2YGY00RFkc2MFG8QKVQO4hxkIvaboFWn+W4IlotkE5yp9aCa7/5Yu/R4kv/O
sO/QsTsCkkfVBYTJaK2w2UgqdEvp+5CSWG+wojaltlNbqwis5lLrB6cvZUHLQMA=
=gGTw
-----END PGP SIGNATURE-----
--TMg6t0XwnlV1sb9uOWEpsTmj1Fulpb7u5--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?965f0de2-032a-fd35-6646-57f6840ebcc8>