1 /* $NetBSD: kern_lwp.c,v 1.231 2020/03/26 21:31:55 ad Exp $ */ 2 3 /*- 4 * Copyright (c) 2001, 2006, 2007, 2008, 2009, 2019, 2020 5 * The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Nathan J. Williams, and Andrew Doran. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * Overview 35 * 36 * Lightweight processes (LWPs) are the basic unit or thread of 37 * execution within the kernel. The core state of an LWP is described 38 * by "struct lwp", also known as lwp_t. 39 * 40 * Each LWP is contained within a process (described by "struct proc"), 41 * Every process contains at least one LWP, but may contain more. The 42 * process describes attributes shared among all of its LWPs such as a 43 * private address space, global execution state (stopped, active, 44 * zombie, ...), signal disposition and so on. On a multiprocessor 45 * machine, multiple LWPs be executing concurrently in the kernel. 46 * 47 * Execution states 48 * 49 * At any given time, an LWP has overall state that is described by 50 * lwp::l_stat. The states are broken into two sets below. The first 51 * set is guaranteed to represent the absolute, current state of the 52 * LWP: 53 * 54 * LSONPROC 55 * 56 * On processor: the LWP is executing on a CPU, either in the 57 * kernel or in user space. 58 * 59 * LSRUN 60 * 61 * Runnable: the LWP is parked on a run queue, and may soon be 62 * chosen to run by an idle processor, or by a processor that 63 * has been asked to preempt a currently runnning but lower 64 * priority LWP. 65 * 66 * LSIDL 67 * 68 * Idle: the LWP has been created but has not yet executed, 69 * or it has ceased executing a unit of work and is waiting 70 * to be started again. 71 * 72 * LSSUSPENDED: 73 * 74 * Suspended: the LWP has had its execution suspended by 75 * another LWP in the same process using the _lwp_suspend() 76 * system call. User-level LWPs also enter the suspended 77 * state when the system is shutting down. 78 * 79 * The second set represent a "statement of intent" on behalf of the 80 * LWP. The LWP may in fact be executing on a processor, may be 81 * sleeping or idle. It is expected to take the necessary action to 82 * stop executing or become "running" again within a short timeframe. 83 * The LP_RUNNING flag in lwp::l_pflag indicates that an LWP is running. 84 * Importantly, it indicates that its state is tied to a CPU. 85 * 86 * LSZOMB: 87 * 88 * Dead or dying: the LWP has released most of its resources 89 * and is about to switch away into oblivion, or has already 90 * switched away. When it switches away, its few remaining 91 * resources can be collected. 92 * 93 * LSSLEEP: 94 * 95 * Sleeping: the LWP has entered itself onto a sleep queue, and 96 * has switched away or will switch away shortly to allow other 97 * LWPs to run on the CPU. 98 * 99 * LSSTOP: 100 * 101 * Stopped: the LWP has been stopped as a result of a job 102 * control signal, or as a result of the ptrace() interface. 103 * 104 * Stopped LWPs may run briefly within the kernel to handle 105 * signals that they receive, but will not return to user space 106 * until their process' state is changed away from stopped. 107 * 108 * Single LWPs within a process can not be set stopped 109 * selectively: all actions that can stop or continue LWPs 110 * occur at the process level. 111 * 112 * State transitions 113 * 114 * Note that the LSSTOP state may only be set when returning to 115 * user space in userret(), or when sleeping interruptably. The 116 * LSSUSPENDED state may only be set in userret(). Before setting 117 * those states, we try to ensure that the LWPs will release all 118 * locks that they hold, and at a minimum try to ensure that the 119 * LWP can be set runnable again by a signal. 120 * 121 * LWPs may transition states in the following ways: 122 * 123 * RUN -------> ONPROC ONPROC -----> RUN 124 * > SLEEP 125 * > STOPPED 126 * > SUSPENDED 127 * > ZOMB 128 * > IDL (special cases) 129 * 130 * STOPPED ---> RUN SUSPENDED --> RUN 131 * > SLEEP 132 * 133 * SLEEP -----> ONPROC IDL --------> RUN 134 * > RUN > SUSPENDED 135 * > STOPPED > STOPPED 136 * > ONPROC (special cases) 137 * 138 * Some state transitions are only possible with kernel threads (eg 139 * ONPROC -> IDL) and happen under tightly controlled circumstances 140 * free of unwanted side effects. 141 * 142 * Migration 143 * 144 * Migration of threads from one CPU to another could be performed 145 * internally by the scheduler via sched_takecpu() or sched_catchlwp() 146 * functions. The universal lwp_migrate() function should be used for 147 * any other cases. Subsystems in the kernel must be aware that CPU 148 * of LWP may change, while it is not locked. 149 * 150 * Locking 151 * 152 * The majority of fields in 'struct lwp' are covered by a single, 153 * general spin lock pointed to by lwp::l_mutex. The locks covering 154 * each field are documented in sys/lwp.h. 155 * 156 * State transitions must be made with the LWP's general lock held, 157 * and may cause the LWP's lock pointer to change. Manipulation of 158 * the general lock is not performed directly, but through calls to 159 * lwp_lock(), lwp_unlock() and others. It should be noted that the 160 * adaptive locks are not allowed to be released while the LWP's lock 161 * is being held (unlike for other spin-locks). 162 * 163 * States and their associated locks: 164 * 165 * LSIDL, LSONPROC, LSZOMB, LSSUPENDED: 166 * 167 * Always covered by spc_lwplock, which protects LWPs not 168 * associated with any other sync object. This is a per-CPU 169 * lock and matches lwp::l_cpu. 170 * 171 * LSRUN: 172 * 173 * Always covered by spc_mutex, which protects the run queues. 174 * This is a per-CPU lock and matches lwp::l_cpu. 175 * 176 * LSSLEEP: 177 * 178 * Covered by a lock associated with the sleep queue (sometimes 179 * a turnstile sleep queue) that the LWP resides on. This can 180 * be spc_lwplock for SOBJ_SLEEPQ_NULL (an "untracked" sleep). 181 * 182 * LSSTOP: 183 * 184 * If the LWP was previously sleeping (l_wchan != NULL), then 185 * l_mutex references the sleep queue lock. If the LWP was 186 * runnable or on the CPU when halted, or has been removed from 187 * the sleep queue since halted, then the lock is spc_lwplock. 188 * 189 * The lock order is as follows: 190 * 191 * sleepq -> turnstile -> spc_lwplock -> spc_mutex 192 * 193 * Each process has an scheduler state lock (proc::p_lock), and a 194 * number of counters on LWPs and their states: p_nzlwps, p_nrlwps, and 195 * so on. When an LWP is to be entered into or removed from one of the 196 * following states, p_lock must be held and the process wide counters 197 * adjusted: 198 * 199 * LSIDL, LSZOMB, LSSTOP, LSSUSPENDED 200 * 201 * (But not always for kernel threads. There are some special cases 202 * as mentioned above: soft interrupts, and the idle loops.) 203 * 204 * Note that an LWP is considered running or likely to run soon if in 205 * one of the following states. This affects the value of p_nrlwps: 206 * 207 * LSRUN, LSONPROC, LSSLEEP 208 * 209 * p_lock does not need to be held when transitioning among these 210 * three states, hence p_lock is rarely taken for state transitions. 211 */ 212 213 #include <sys/cdefs.h> 214 __KERNEL_RCSID(0, "$NetBSD: kern_lwp.c,v 1.231 2020/03/26 21:31:55 ad Exp $"); 215 216 #include "opt_ddb.h" 217 #include "opt_lockdebug.h" 218 #include "opt_dtrace.h" 219 220 #define _LWP_API_PRIVATE 221 222 #include <sys/param.h> 223 #include <sys/systm.h> 224 #include <sys/cpu.h> 225 #include <sys/pool.h> 226 #include <sys/proc.h> 227 #include <sys/syscallargs.h> 228 #include <sys/syscall_stats.h> 229 #include <sys/kauth.h> 230 #include <sys/sleepq.h> 231 #include <sys/lockdebug.h> 232 #include <sys/kmem.h> 233 #include <sys/pset.h> 234 #include <sys/intr.h> 235 #include <sys/lwpctl.h> 236 #include <sys/atomic.h> 237 #include <sys/filedesc.h> 238 #include <sys/fstrans.h> 239 #include <sys/dtrace_bsd.h> 240 #include <sys/sdt.h> 241 #include <sys/ptrace.h> 242 #include <sys/xcall.h> 243 #include <sys/uidinfo.h> 244 #include <sys/sysctl.h> 245 #include <sys/psref.h> 246 #include <sys/msan.h> 247 248 #include <uvm/uvm_extern.h> 249 #include <uvm/uvm_object.h> 250 251 static pool_cache_t lwp_cache __read_mostly; 252 struct lwplist alllwp __cacheline_aligned; 253 254 static void lwp_dtor(void *, void *); 255 256 /* DTrace proc provider probes */ 257 SDT_PROVIDER_DEFINE(proc); 258 259 SDT_PROBE_DEFINE1(proc, kernel, , lwp__create, "struct lwp *"); 260 SDT_PROBE_DEFINE1(proc, kernel, , lwp__start, "struct lwp *"); 261 SDT_PROBE_DEFINE1(proc, kernel, , lwp__exit, "struct lwp *"); 262 263 struct turnstile turnstile0 __cacheline_aligned; 264 struct lwp lwp0 __aligned(MIN_LWP_ALIGNMENT) = { 265 #ifdef LWP0_CPU_INFO 266 .l_cpu = LWP0_CPU_INFO, 267 #endif 268 #ifdef LWP0_MD_INITIALIZER 269 .l_md = LWP0_MD_INITIALIZER, 270 #endif 271 .l_proc = &proc0, 272 .l_lid = 1, 273 .l_flag = LW_SYSTEM, 274 .l_stat = LSONPROC, 275 .l_ts = &turnstile0, 276 .l_syncobj = &sched_syncobj, 277 .l_refcnt = 0, 278 .l_priority = PRI_USER + NPRI_USER - 1, 279 .l_inheritedprio = -1, 280 .l_class = SCHED_OTHER, 281 .l_psid = PS_NONE, 282 .l_pi_lenders = SLIST_HEAD_INITIALIZER(&lwp0.l_pi_lenders), 283 .l_name = __UNCONST("swapper"), 284 .l_fd = &filedesc0, 285 }; 286 287 static int sysctl_kern_maxlwp(SYSCTLFN_PROTO); 288 289 /* 290 * sysctl helper routine for kern.maxlwp. Ensures that the new 291 * values are not too low or too high. 292 */ 293 static int 294 sysctl_kern_maxlwp(SYSCTLFN_ARGS) 295 { 296 int error, nmaxlwp; 297 struct sysctlnode node; 298 299 nmaxlwp = maxlwp; 300 node = *rnode; 301 node.sysctl_data = &nmaxlwp; 302 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 303 if (error || newp == NULL) 304 return error; 305 306 if (nmaxlwp < 0 || nmaxlwp >= 65536) 307 return EINVAL; 308 if (nmaxlwp > cpu_maxlwp()) 309 return EINVAL; 310 maxlwp = nmaxlwp; 311 312 return 0; 313 } 314 315 static void 316 sysctl_kern_lwp_setup(void) 317 { 318 struct sysctllog *clog = NULL; 319 320 sysctl_createv(&clog, 0, NULL, NULL, 321 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 322 CTLTYPE_INT, "maxlwp", 323 SYSCTL_DESCR("Maximum number of simultaneous threads"), 324 sysctl_kern_maxlwp, 0, NULL, 0, 325 CTL_KERN, CTL_CREATE, CTL_EOL); 326 } 327 328 void 329 lwpinit(void) 330 { 331 332 LIST_INIT(&alllwp); 333 lwpinit_specificdata(); 334 lwp_cache = pool_cache_init(sizeof(lwp_t), MIN_LWP_ALIGNMENT, 0, 0, 335 "lwppl", NULL, IPL_NONE, NULL, lwp_dtor, NULL); 336 337 maxlwp = cpu_maxlwp(); 338 sysctl_kern_lwp_setup(); 339 } 340 341 void 342 lwp0_init(void) 343 { 344 struct lwp *l = &lwp0; 345 346 KASSERT((void *)uvm_lwp_getuarea(l) != NULL); 347 KASSERT(l->l_lid == proc0.p_nlwpid); 348 349 LIST_INSERT_HEAD(&alllwp, l, l_list); 350 351 callout_init(&l->l_timeout_ch, CALLOUT_MPSAFE); 352 callout_setfunc(&l->l_timeout_ch, sleepq_timeout, l); 353 cv_init(&l->l_sigcv, "sigwait"); 354 cv_init(&l->l_waitcv, "vfork"); 355 356 kauth_cred_hold(proc0.p_cred); 357 l->l_cred = proc0.p_cred; 358 359 kdtrace_thread_ctor(NULL, l); 360 lwp_initspecific(l); 361 362 SYSCALL_TIME_LWP_INIT(l); 363 } 364 365 static void 366 lwp_dtor(void *arg, void *obj) 367 { 368 lwp_t *l = obj; 369 (void)l; 370 371 /* 372 * Provide a barrier to ensure that all mutex_oncpu() and rw_oncpu() 373 * calls will exit before memory of LWP is returned to the pool, where 374 * KVA of LWP structure might be freed and re-used for other purposes. 375 * Kernel preemption is disabled around mutex_oncpu() and rw_oncpu() 376 * callers, therefore cross-call to all CPUs will do the job. Also, 377 * the value of l->l_cpu must be still valid at this point. 378 */ 379 KASSERT(l->l_cpu != NULL); 380 xc_barrier(0); 381 } 382 383 /* 384 * Set an suspended. 385 * 386 * Must be called with p_lock held, and the LWP locked. Will unlock the 387 * LWP before return. 388 */ 389 int 390 lwp_suspend(struct lwp *curl, struct lwp *t) 391 { 392 int error; 393 394 KASSERT(mutex_owned(t->l_proc->p_lock)); 395 KASSERT(lwp_locked(t, NULL)); 396 397 KASSERT(curl != t || curl->l_stat == LSONPROC); 398 399 /* 400 * If the current LWP has been told to exit, we must not suspend anyone 401 * else or deadlock could occur. We won't return to userspace. 402 */ 403 if ((curl->l_flag & (LW_WEXIT | LW_WCORE)) != 0) { 404 lwp_unlock(t); 405 return (EDEADLK); 406 } 407 408 if ((t->l_flag & LW_DBGSUSPEND) != 0) { 409 lwp_unlock(t); 410 return 0; 411 } 412 413 error = 0; 414 415 switch (t->l_stat) { 416 case LSRUN: 417 case LSONPROC: 418 t->l_flag |= LW_WSUSPEND; 419 lwp_need_userret(t); 420 lwp_unlock(t); 421 break; 422 423 case LSSLEEP: 424 t->l_flag |= LW_WSUSPEND; 425 426 /* 427 * Kick the LWP and try to get it to the kernel boundary 428 * so that it will release any locks that it holds. 429 * setrunnable() will release the lock. 430 */ 431 if ((t->l_flag & LW_SINTR) != 0) 432 setrunnable(t); 433 else 434 lwp_unlock(t); 435 break; 436 437 case LSSUSPENDED: 438 lwp_unlock(t); 439 break; 440 441 case LSSTOP: 442 t->l_flag |= LW_WSUSPEND; 443 setrunnable(t); 444 break; 445 446 case LSIDL: 447 case LSZOMB: 448 error = EINTR; /* It's what Solaris does..... */ 449 lwp_unlock(t); 450 break; 451 } 452 453 return (error); 454 } 455 456 /* 457 * Restart a suspended LWP. 458 * 459 * Must be called with p_lock held, and the LWP locked. Will unlock the 460 * LWP before return. 461 */ 462 void 463 lwp_continue(struct lwp *l) 464 { 465 466 KASSERT(mutex_owned(l->l_proc->p_lock)); 467 KASSERT(lwp_locked(l, NULL)); 468 469 /* If rebooting or not suspended, then just bail out. */ 470 if ((l->l_flag & LW_WREBOOT) != 0) { 471 lwp_unlock(l); 472 return; 473 } 474 475 l->l_flag &= ~LW_WSUSPEND; 476 477 if (l->l_stat != LSSUSPENDED || (l->l_flag & LW_DBGSUSPEND) != 0) { 478 lwp_unlock(l); 479 return; 480 } 481 482 /* setrunnable() will release the lock. */ 483 setrunnable(l); 484 } 485 486 /* 487 * Restart a stopped LWP. 488 * 489 * Must be called with p_lock held, and the LWP NOT locked. Will unlock the 490 * LWP before return. 491 */ 492 void 493 lwp_unstop(struct lwp *l) 494 { 495 struct proc *p = l->l_proc; 496 497 KASSERT(mutex_owned(proc_lock)); 498 KASSERT(mutex_owned(p->p_lock)); 499 500 lwp_lock(l); 501 502 KASSERT((l->l_flag & LW_DBGSUSPEND) == 0); 503 504 /* If not stopped, then just bail out. */ 505 if (l->l_stat != LSSTOP) { 506 lwp_unlock(l); 507 return; 508 } 509 510 p->p_stat = SACTIVE; 511 p->p_sflag &= ~PS_STOPPING; 512 513 if (!p->p_waited) 514 p->p_pptr->p_nstopchild--; 515 516 if (l->l_wchan == NULL) { 517 /* setrunnable() will release the lock. */ 518 setrunnable(l); 519 } else if (p->p_xsig && (l->l_flag & LW_SINTR) != 0) { 520 /* setrunnable() so we can receive the signal */ 521 setrunnable(l); 522 } else { 523 l->l_stat = LSSLEEP; 524 p->p_nrlwps++; 525 lwp_unlock(l); 526 } 527 } 528 529 /* 530 * Wait for an LWP within the current process to exit. If 'lid' is 531 * non-zero, we are waiting for a specific LWP. 532 * 533 * Must be called with p->p_lock held. 534 */ 535 int 536 lwp_wait(struct lwp *l, lwpid_t lid, lwpid_t *departed, bool exiting) 537 { 538 const lwpid_t curlid = l->l_lid; 539 proc_t *p = l->l_proc; 540 lwp_t *l2, *next; 541 int error; 542 543 KASSERT(mutex_owned(p->p_lock)); 544 545 p->p_nlwpwait++; 546 l->l_waitingfor = lid; 547 548 for (;;) { 549 int nfound; 550 551 /* 552 * Avoid a race between exit1() and sigexit(): if the 553 * process is dumping core, then we need to bail out: call 554 * into lwp_userret() where we will be suspended until the 555 * deed is done. 556 */ 557 if ((p->p_sflag & PS_WCORE) != 0) { 558 mutex_exit(p->p_lock); 559 lwp_userret(l); 560 KASSERT(false); 561 } 562 563 /* 564 * First off, drain any detached LWP that is waiting to be 565 * reaped. 566 */ 567 while ((l2 = p->p_zomblwp) != NULL) { 568 p->p_zomblwp = NULL; 569 lwp_free(l2, false, false);/* releases proc mutex */ 570 mutex_enter(p->p_lock); 571 } 572 573 /* 574 * Now look for an LWP to collect. If the whole process is 575 * exiting, count detached LWPs as eligible to be collected, 576 * but don't drain them here. 577 */ 578 nfound = 0; 579 error = 0; 580 581 /* 582 * If given a specific LID, go via the tree and make sure 583 * it's not detached. 584 */ 585 if (lid != 0) { 586 l2 = radix_tree_lookup_node(&p->p_lwptree, 587 (uint64_t)(lid - 1)); 588 if (l2 == NULL) { 589 error = ESRCH; 590 break; 591 } 592 KASSERT(l2->l_lid == lid); 593 if ((l2->l_prflag & LPR_DETACHED) != 0) { 594 error = EINVAL; 595 break; 596 } 597 } else { 598 l2 = LIST_FIRST(&p->p_lwps); 599 } 600 for (; l2 != NULL; l2 = next) { 601 next = (lid != 0 ? NULL : LIST_NEXT(l2, l_sibling)); 602 603 /* 604 * If a specific wait and the target is waiting on 605 * us, then avoid deadlock. This also traps LWPs 606 * that try to wait on themselves. 607 * 608 * Note that this does not handle more complicated 609 * cycles, like: t1 -> t2 -> t3 -> t1. The process 610 * can still be killed so it is not a major problem. 611 */ 612 if (l2->l_lid == lid && l2->l_waitingfor == curlid) { 613 error = EDEADLK; 614 break; 615 } 616 if (l2 == l) 617 continue; 618 if ((l2->l_prflag & LPR_DETACHED) != 0) { 619 nfound += exiting; 620 continue; 621 } 622 if (lid != 0) { 623 /* 624 * Mark this LWP as the first waiter, if there 625 * is no other. 626 */ 627 if (l2->l_waiter == 0) 628 l2->l_waiter = curlid; 629 } else if (l2->l_waiter != 0) { 630 /* 631 * It already has a waiter - so don't 632 * collect it. If the waiter doesn't 633 * grab it we'll get another chance 634 * later. 635 */ 636 nfound++; 637 continue; 638 } 639 nfound++; 640 641 /* No need to lock the LWP in order to see LSZOMB. */ 642 if (l2->l_stat != LSZOMB) 643 continue; 644 645 /* 646 * We're no longer waiting. Reset the "first waiter" 647 * pointer on the target, in case it was us. 648 */ 649 l->l_waitingfor = 0; 650 l2->l_waiter = 0; 651 p->p_nlwpwait--; 652 if (departed) 653 *departed = l2->l_lid; 654 sched_lwp_collect(l2); 655 656 /* lwp_free() releases the proc lock. */ 657 lwp_free(l2, false, false); 658 mutex_enter(p->p_lock); 659 return 0; 660 } 661 662 if (error != 0) 663 break; 664 if (nfound == 0) { 665 error = ESRCH; 666 break; 667 } 668 669 /* 670 * Note: since the lock will be dropped, need to restart on 671 * wakeup to run all LWPs again, e.g. there may be new LWPs. 672 */ 673 if (exiting) { 674 KASSERT(p->p_nlwps > 1); 675 error = cv_timedwait(&p->p_lwpcv, p->p_lock, 1); 676 break; 677 } 678 679 /* 680 * Break out if the process is exiting, or if all LWPs are 681 * in _lwp_wait(). There are other ways to hang the process 682 * with _lwp_wait(), but the sleep is interruptable so 683 * little point checking for them. 684 */ 685 if ((p->p_sflag & PS_WEXIT) != 0 || 686 p->p_nlwpwait == p->p_nlwps) { 687 error = EDEADLK; 688 break; 689 } 690 691 /* 692 * Sit around and wait for something to happen. We'll be 693 * awoken if any of the conditions examined change: if an 694 * LWP exits, is collected, or is detached. 695 */ 696 if ((error = cv_wait_sig(&p->p_lwpcv, p->p_lock)) != 0) 697 break; 698 } 699 700 /* 701 * We didn't find any LWPs to collect, we may have received a 702 * signal, or some other condition has caused us to bail out. 703 * 704 * If waiting on a specific LWP, clear the waiters marker: some 705 * other LWP may want it. Then, kick all the remaining waiters 706 * so that they can re-check for zombies and for deadlock. 707 */ 708 if (lid != 0) { 709 l2 = radix_tree_lookup_node(&p->p_lwptree, 710 (uint64_t)(lid - 1)); 711 KASSERT(l2 == NULL || l2->l_lid == lid); 712 713 if (l2 != NULL && l2->l_waiter == curlid) 714 l2->l_waiter = 0; 715 } 716 p->p_nlwpwait--; 717 l->l_waitingfor = 0; 718 cv_broadcast(&p->p_lwpcv); 719 720 return error; 721 } 722 723 /* 724 * Find an unused LID for a new LWP. 725 */ 726 static lwpid_t 727 lwp_find_free_lid(struct proc *p) 728 { 729 struct lwp *gang[32]; 730 lwpid_t lid; 731 unsigned n; 732 733 KASSERT(mutex_owned(p->p_lock)); 734 KASSERT(p->p_nlwpid > 0); 735 736 /* 737 * Scoot forward through the tree in blocks of LIDs doing gang 738 * lookup with dense=true, meaning the lookup will terminate the 739 * instant a hole is encountered. Most of the time the first entry 740 * (p->p_nlwpid) is free and the lookup fails fast. 741 */ 742 for (lid = p->p_nlwpid;;) { 743 n = radix_tree_gang_lookup_node(&p->p_lwptree, lid - 1, 744 (void **)gang, __arraycount(gang), true); 745 if (n == 0) { 746 /* Start point was empty. */ 747 break; 748 } 749 KASSERT(gang[0]->l_lid == lid); 750 lid = gang[n - 1]->l_lid + 1; 751 if (n < __arraycount(gang)) { 752 /* Scan encountered a hole. */ 753 break; 754 } 755 } 756 757 return (lwpid_t)lid; 758 } 759 760 /* 761 * Create a new LWP within process 'p2', using LWP 'l1' as a template. 762 * The new LWP is created in state LSIDL and must be set running, 763 * suspended, or stopped by the caller. 764 */ 765 int 766 lwp_create(lwp_t *l1, proc_t *p2, vaddr_t uaddr, int flags, 767 void *stack, size_t stacksize, void (*func)(void *), void *arg, 768 lwp_t **rnewlwpp, int sclass, const sigset_t *sigmask, 769 const stack_t *sigstk) 770 { 771 struct lwp *l2; 772 turnstile_t *ts; 773 lwpid_t lid; 774 775 KASSERT(l1 == curlwp || l1->l_proc == &proc0); 776 777 /* 778 * Enforce limits, excluding the first lwp and kthreads. We must 779 * use the process credentials here when adjusting the limit, as 780 * they are what's tied to the accounting entity. However for 781 * authorizing the action, we'll use the LWP's credentials. 782 */ 783 mutex_enter(p2->p_lock); 784 if (p2->p_nlwps != 0 && p2 != &proc0) { 785 uid_t uid = kauth_cred_getuid(p2->p_cred); 786 int count = chglwpcnt(uid, 1); 787 if (__predict_false(count > 788 p2->p_rlimit[RLIMIT_NTHR].rlim_cur)) { 789 if (kauth_authorize_process(l1->l_cred, 790 KAUTH_PROCESS_RLIMIT, p2, 791 KAUTH_ARG(KAUTH_REQ_PROCESS_RLIMIT_BYPASS), 792 &p2->p_rlimit[RLIMIT_NTHR], KAUTH_ARG(RLIMIT_NTHR)) 793 != 0) { 794 (void)chglwpcnt(uid, -1); 795 mutex_exit(p2->p_lock); 796 return EAGAIN; 797 } 798 } 799 } 800 801 /* 802 * First off, reap any detached LWP waiting to be collected. 803 * We can re-use its LWP structure and turnstile. 804 */ 805 if ((l2 = p2->p_zomblwp) != NULL) { 806 p2->p_zomblwp = NULL; 807 lwp_free(l2, true, false); 808 /* p2 now unlocked by lwp_free() */ 809 ts = l2->l_ts; 810 KASSERT(l2->l_inheritedprio == -1); 811 KASSERT(SLIST_EMPTY(&l2->l_pi_lenders)); 812 memset(l2, 0, sizeof(*l2)); 813 l2->l_ts = ts; 814 } else { 815 mutex_exit(p2->p_lock); 816 l2 = pool_cache_get(lwp_cache, PR_WAITOK); 817 memset(l2, 0, sizeof(*l2)); 818 l2->l_ts = pool_cache_get(turnstile_cache, PR_WAITOK); 819 SLIST_INIT(&l2->l_pi_lenders); 820 } 821 822 l2->l_stat = LSIDL; 823 l2->l_proc = p2; 824 l2->l_refcnt = 0; 825 l2->l_class = sclass; 826 827 /* 828 * If vfork(), we want the LWP to run fast and on the same CPU 829 * as its parent, so that it can reuse the VM context and cache 830 * footprint on the local CPU. 831 */ 832 l2->l_kpriority = ((flags & LWP_VFORK) ? true : false); 833 l2->l_kpribase = PRI_KERNEL; 834 l2->l_priority = l1->l_priority; 835 l2->l_inheritedprio = -1; 836 l2->l_protectprio = -1; 837 l2->l_auxprio = -1; 838 l2->l_flag = 0; 839 l2->l_pflag = LP_MPSAFE; 840 TAILQ_INIT(&l2->l_ld_locks); 841 l2->l_psrefs = 0; 842 kmsan_lwp_alloc(l2); 843 844 /* 845 * For vfork, borrow parent's lwpctl context if it exists. 846 * This also causes us to return via lwp_userret. 847 */ 848 if (flags & LWP_VFORK && l1->l_lwpctl) { 849 l2->l_lwpctl = l1->l_lwpctl; 850 l2->l_flag |= LW_LWPCTL; 851 } 852 853 /* 854 * If not the first LWP in the process, grab a reference to the 855 * descriptor table. 856 */ 857 l2->l_fd = p2->p_fd; 858 if (p2->p_nlwps != 0) { 859 KASSERT(l1->l_proc == p2); 860 fd_hold(l2); 861 } else { 862 KASSERT(l1->l_proc != p2); 863 } 864 865 if (p2->p_flag & PK_SYSTEM) { 866 /* Mark it as a system LWP. */ 867 l2->l_flag |= LW_SYSTEM; 868 } 869 870 kpreempt_disable(); 871 l2->l_mutex = l1->l_cpu->ci_schedstate.spc_lwplock; 872 l2->l_cpu = l1->l_cpu; 873 kpreempt_enable(); 874 875 kdtrace_thread_ctor(NULL, l2); 876 lwp_initspecific(l2); 877 sched_lwp_fork(l1, l2); 878 lwp_update_creds(l2); 879 callout_init(&l2->l_timeout_ch, CALLOUT_MPSAFE); 880 callout_setfunc(&l2->l_timeout_ch, sleepq_timeout, l2); 881 cv_init(&l2->l_sigcv, "sigwait"); 882 cv_init(&l2->l_waitcv, "vfork"); 883 l2->l_syncobj = &sched_syncobj; 884 PSREF_DEBUG_INIT_LWP(l2); 885 886 if (rnewlwpp != NULL) 887 *rnewlwpp = l2; 888 889 /* 890 * PCU state needs to be saved before calling uvm_lwp_fork() so that 891 * the MD cpu_lwp_fork() can copy the saved state to the new LWP. 892 */ 893 pcu_save_all(l1); 894 #if PCU_UNIT_COUNT > 0 895 l2->l_pcu_valid = l1->l_pcu_valid; 896 #endif 897 898 uvm_lwp_setuarea(l2, uaddr); 899 uvm_lwp_fork(l1, l2, stack, stacksize, func, (arg != NULL) ? arg : l2); 900 901 if ((flags & LWP_PIDLID) != 0) { 902 /* Linux threads: use a PID. */ 903 lid = proc_alloc_pid(p2); 904 l2->l_pflag |= LP_PIDLID; 905 } else if (p2->p_nlwps == 0) { 906 /* 907 * First LWP in process. Copy the parent's LID to avoid 908 * causing problems for fork() + threads. Don't give 909 * subsequent threads the distinction of using LID 1. 910 */ 911 lid = l1->l_lid; 912 p2->p_nlwpid = 2; 913 } else { 914 /* Scan the radix tree for a free LID. */ 915 lid = 0; 916 } 917 918 /* 919 * Allocate LID if needed, and insert into the radix tree. The 920 * first LWP in most processes has a LID of 1. It turns out that if 921 * you insert an item with a key of zero to a radixtree, it's stored 922 * directly in the root (p_lwptree) and no extra memory is 923 * allocated. We therefore always subtract 1 from the LID, which 924 * means no memory is allocated for the tree unless the program is 925 * using threads. NB: the allocation and insert must take place 926 * under the same hold of p_lock. 927 */ 928 mutex_enter(p2->p_lock); 929 for (;;) { 930 int error; 931 932 l2->l_lid = (lid == 0 ? lwp_find_free_lid(p2) : lid); 933 934 rw_enter(&p2->p_treelock, RW_WRITER); 935 error = radix_tree_insert_node(&p2->p_lwptree, 936 (uint64_t)(l2->l_lid - 1), l2); 937 rw_exit(&p2->p_treelock); 938 939 if (__predict_true(error == 0)) { 940 if (lid == 0) 941 p2->p_nlwpid = l2->l_lid + 1; 942 break; 943 } 944 945 KASSERT(error == ENOMEM); 946 mutex_exit(p2->p_lock); 947 radix_tree_await_memory(); 948 mutex_enter(p2->p_lock); 949 } 950 951 if ((flags & LWP_DETACHED) != 0) { 952 l2->l_prflag = LPR_DETACHED; 953 p2->p_ndlwps++; 954 } else 955 l2->l_prflag = 0; 956 957 if (l1->l_proc == p2) { 958 /* 959 * These flags are set while p_lock is held. Copy with 960 * p_lock held too, so the LWP doesn't sneak into the 961 * process without them being set. 962 */ 963 l2->l_flag |= (l1->l_flag & (LW_WEXIT | LW_WREBOOT | LW_WCORE)); 964 } else { 965 /* fork(): pending core/exit doesn't apply to child. */ 966 l2->l_flag |= (l1->l_flag & LW_WREBOOT); 967 } 968 969 l2->l_sigstk = *sigstk; 970 l2->l_sigmask = *sigmask; 971 TAILQ_INIT(&l2->l_sigpend.sp_info); 972 sigemptyset(&l2->l_sigpend.sp_set); 973 LIST_INSERT_HEAD(&p2->p_lwps, l2, l_sibling); 974 p2->p_nlwps++; 975 p2->p_nrlwps++; 976 977 KASSERT(l2->l_affinity == NULL); 978 979 /* Inherit the affinity mask. */ 980 if (l1->l_affinity) { 981 /* 982 * Note that we hold the state lock while inheriting 983 * the affinity to avoid race with sched_setaffinity(). 984 */ 985 lwp_lock(l1); 986 if (l1->l_affinity) { 987 kcpuset_use(l1->l_affinity); 988 l2->l_affinity = l1->l_affinity; 989 } 990 lwp_unlock(l1); 991 } 992 993 /* This marks the end of the "must be atomic" section. */ 994 mutex_exit(p2->p_lock); 995 996 SDT_PROBE(proc, kernel, , lwp__create, l2, 0, 0, 0, 0); 997 998 mutex_enter(proc_lock); 999 LIST_INSERT_HEAD(&alllwp, l2, l_list); 1000 /* Inherit a processor-set */ 1001 l2->l_psid = l1->l_psid; 1002 mutex_exit(proc_lock); 1003 1004 SYSCALL_TIME_LWP_INIT(l2); 1005 1006 if (p2->p_emul->e_lwp_fork) 1007 (*p2->p_emul->e_lwp_fork)(l1, l2); 1008 1009 return (0); 1010 } 1011 1012 /* 1013 * Set a new LWP running. If the process is stopping, then the LWP is 1014 * created stopped. 1015 */ 1016 void 1017 lwp_start(lwp_t *l, int flags) 1018 { 1019 proc_t *p = l->l_proc; 1020 1021 mutex_enter(p->p_lock); 1022 lwp_lock(l); 1023 KASSERT(l->l_stat == LSIDL); 1024 if ((flags & LWP_SUSPENDED) != 0) { 1025 /* It'll suspend itself in lwp_userret(). */ 1026 l->l_flag |= LW_WSUSPEND; 1027 } 1028 if (p->p_stat == SSTOP || (p->p_sflag & PS_STOPPING) != 0) { 1029 KASSERT(l->l_wchan == NULL); 1030 l->l_stat = LSSTOP; 1031 p->p_nrlwps--; 1032 lwp_unlock(l); 1033 } else { 1034 setrunnable(l); 1035 /* LWP now unlocked */ 1036 } 1037 mutex_exit(p->p_lock); 1038 } 1039 1040 /* 1041 * Called by MD code when a new LWP begins execution. Must be called 1042 * with the previous LWP locked (so at splsched), or if there is no 1043 * previous LWP, at splsched. 1044 */ 1045 void 1046 lwp_startup(struct lwp *prev, struct lwp *new_lwp) 1047 { 1048 kmutex_t *lock; 1049 1050 KASSERTMSG(new_lwp == curlwp, "l %p curlwp %p prevlwp %p", new_lwp, curlwp, prev); 1051 KASSERT(kpreempt_disabled()); 1052 KASSERT(prev != NULL); 1053 KASSERT((prev->l_pflag & LP_RUNNING) != 0); 1054 KASSERT(curcpu()->ci_mtx_count == -2); 1055 1056 /* 1057 * Immediately mark the previous LWP as no longer running and unlock 1058 * (to keep lock wait times short as possible). If a zombie, don't 1059 * touch after clearing LP_RUNNING as it could be reaped by another 1060 * CPU. Issue a memory barrier to ensure this. 1061 */ 1062 lock = prev->l_mutex; 1063 if (__predict_false(prev->l_stat == LSZOMB)) { 1064 membar_sync(); 1065 } 1066 prev->l_pflag &= ~LP_RUNNING; 1067 mutex_spin_exit(lock); 1068 1069 /* Correct spin mutex count after mi_switch(). */ 1070 curcpu()->ci_mtx_count = 0; 1071 1072 /* Install new VM context. */ 1073 if (__predict_true(new_lwp->l_proc->p_vmspace)) { 1074 pmap_activate(new_lwp); 1075 } 1076 1077 /* We remain at IPL_SCHED from mi_switch() - reset it. */ 1078 spl0(); 1079 1080 LOCKDEBUG_BARRIER(NULL, 0); 1081 SDT_PROBE(proc, kernel, , lwp__start, new_lwp, 0, 0, 0, 0); 1082 1083 /* For kthreads, acquire kernel lock if not MPSAFE. */ 1084 if (__predict_false((new_lwp->l_pflag & LP_MPSAFE) == 0)) { 1085 KERNEL_LOCK(1, new_lwp); 1086 } 1087 } 1088 1089 /* 1090 * Exit an LWP. 1091 */ 1092 void 1093 lwp_exit(struct lwp *l) 1094 { 1095 struct proc *p = l->l_proc; 1096 struct lwp *l2; 1097 bool current; 1098 1099 current = (l == curlwp); 1100 1101 KASSERT(current || (l->l_stat == LSIDL && l->l_target_cpu == NULL)); 1102 KASSERT(p == curproc); 1103 1104 SDT_PROBE(proc, kernel, , lwp__exit, l, 0, 0, 0, 0); 1105 1106 /* Verify that we hold no locks; for DIAGNOSTIC check kernel_lock. */ 1107 LOCKDEBUG_BARRIER(NULL, 0); 1108 KASSERTMSG(curcpu()->ci_biglock_count == 0, "kernel_lock leaked"); 1109 1110 /* 1111 * If we are the last live LWP in a process, we need to exit the 1112 * entire process. We do so with an exit status of zero, because 1113 * it's a "controlled" exit, and because that's what Solaris does. 1114 * 1115 * We are not quite a zombie yet, but for accounting purposes we 1116 * must increment the count of zombies here. 1117 * 1118 * Note: the last LWP's specificdata will be deleted here. 1119 */ 1120 mutex_enter(p->p_lock); 1121 if (p->p_nlwps - p->p_nzlwps == 1) { 1122 KASSERT(current == true); 1123 KASSERT(p != &proc0); 1124 exit1(l, 0, 0); 1125 /* NOTREACHED */ 1126 } 1127 p->p_nzlwps++; 1128 mutex_exit(p->p_lock); 1129 1130 if (p->p_emul->e_lwp_exit) 1131 (*p->p_emul->e_lwp_exit)(l); 1132 1133 /* Drop filedesc reference. */ 1134 fd_free(); 1135 1136 /* Release fstrans private data. */ 1137 fstrans_lwp_dtor(l); 1138 1139 /* Delete the specificdata while it's still safe to sleep. */ 1140 lwp_finispecific(l); 1141 1142 /* 1143 * Release our cached credentials. 1144 */ 1145 kauth_cred_free(l->l_cred); 1146 callout_destroy(&l->l_timeout_ch); 1147 1148 /* 1149 * If traced, report LWP exit event to the debugger. 1150 * 1151 * Remove the LWP from the global list. 1152 * Free its LID from the PID namespace if needed. 1153 */ 1154 mutex_enter(proc_lock); 1155 1156 if ((p->p_slflag & (PSL_TRACED|PSL_TRACELWP_EXIT)) == 1157 (PSL_TRACED|PSL_TRACELWP_EXIT)) { 1158 mutex_enter(p->p_lock); 1159 if (ISSET(p->p_sflag, PS_WEXIT)) { 1160 mutex_exit(p->p_lock); 1161 /* 1162 * We are exiting, bail out without informing parent 1163 * about a terminating LWP as it would deadlock. 1164 */ 1165 } else { 1166 eventswitch(TRAP_LWP, PTRACE_LWP_EXIT, l->l_lid); 1167 mutex_enter(proc_lock); 1168 } 1169 } 1170 1171 LIST_REMOVE(l, l_list); 1172 if ((l->l_pflag & LP_PIDLID) != 0 && l->l_lid != p->p_pid) { 1173 proc_free_pid(l->l_lid); 1174 } 1175 mutex_exit(proc_lock); 1176 1177 /* 1178 * Get rid of all references to the LWP that others (e.g. procfs) 1179 * may have, and mark the LWP as a zombie. If the LWP is detached, 1180 * mark it waiting for collection in the proc structure. Note that 1181 * before we can do that, we need to free any other dead, deatched 1182 * LWP waiting to meet its maker. 1183 * 1184 * All conditions need to be observed upon under the same hold of 1185 * p_lock, because if the lock is dropped any of them can change. 1186 */ 1187 mutex_enter(p->p_lock); 1188 for (;;) { 1189 if (l->l_refcnt > 0) { 1190 lwp_drainrefs(l); 1191 continue; 1192 } 1193 if ((l->l_prflag & LPR_DETACHED) != 0) { 1194 if ((l2 = p->p_zomblwp) != NULL) { 1195 p->p_zomblwp = NULL; 1196 lwp_free(l2, false, false); 1197 /* proc now unlocked */ 1198 mutex_enter(p->p_lock); 1199 continue; 1200 } 1201 p->p_zomblwp = l; 1202 } 1203 break; 1204 } 1205 1206 /* 1207 * If we find a pending signal for the process and we have been 1208 * asked to check for signals, then we lose: arrange to have 1209 * all other LWPs in the process check for signals. 1210 */ 1211 if ((l->l_flag & LW_PENDSIG) != 0 && 1212 firstsig(&p->p_sigpend.sp_set) != 0) { 1213 LIST_FOREACH(l2, &p->p_lwps, l_sibling) { 1214 lwp_lock(l2); 1215 signotify(l2); 1216 lwp_unlock(l2); 1217 } 1218 } 1219 1220 /* 1221 * Release any PCU resources before becoming a zombie. 1222 */ 1223 pcu_discard_all(l); 1224 1225 lwp_lock(l); 1226 l->l_stat = LSZOMB; 1227 if (l->l_name != NULL) { 1228 strcpy(l->l_name, "(zombie)"); 1229 } 1230 lwp_unlock(l); 1231 p->p_nrlwps--; 1232 cv_broadcast(&p->p_lwpcv); 1233 if (l->l_lwpctl != NULL) 1234 l->l_lwpctl->lc_curcpu = LWPCTL_CPU_EXITED; 1235 mutex_exit(p->p_lock); 1236 1237 /* 1238 * We can no longer block. At this point, lwp_free() may already 1239 * be gunning for us. On a multi-CPU system, we may be off p_lwps. 1240 * 1241 * Free MD LWP resources. 1242 */ 1243 cpu_lwp_free(l, 0); 1244 1245 if (current) { 1246 /* Switch away into oblivion. */ 1247 lwp_lock(l); 1248 spc_lock(l->l_cpu); 1249 mi_switch(l); 1250 panic("lwp_exit"); 1251 } 1252 } 1253 1254 /* 1255 * Free a dead LWP's remaining resources. 1256 * 1257 * XXXLWP limits. 1258 */ 1259 void 1260 lwp_free(struct lwp *l, bool recycle, bool last) 1261 { 1262 struct proc *p = l->l_proc; 1263 struct rusage *ru; 1264 struct lwp *l2 __diagused; 1265 ksiginfoq_t kq; 1266 1267 KASSERT(l != curlwp); 1268 KASSERT(last || mutex_owned(p->p_lock)); 1269 1270 /* 1271 * We use the process credentials instead of the lwp credentials here 1272 * because the lwp credentials maybe cached (just after a setuid call) 1273 * and we don't want pay for syncing, since the lwp is going away 1274 * anyway 1275 */ 1276 if (p != &proc0 && p->p_nlwps != 1) 1277 (void)chglwpcnt(kauth_cred_getuid(p->p_cred), -1); 1278 1279 /* 1280 * If this was not the last LWP in the process, then adjust counters 1281 * and unlock. This is done differently for the last LWP in exit1(). 1282 */ 1283 if (!last) { 1284 /* 1285 * Add the LWP's run time to the process' base value. 1286 * This needs to co-incide with coming off p_lwps. 1287 */ 1288 bintime_add(&p->p_rtime, &l->l_rtime); 1289 p->p_pctcpu += l->l_pctcpu; 1290 ru = &p->p_stats->p_ru; 1291 ruadd(ru, &l->l_ru); 1292 ru->ru_nvcsw += (l->l_ncsw - l->l_nivcsw); 1293 ru->ru_nivcsw += l->l_nivcsw; 1294 LIST_REMOVE(l, l_sibling); 1295 p->p_nlwps--; 1296 p->p_nzlwps--; 1297 if ((l->l_prflag & LPR_DETACHED) != 0) 1298 p->p_ndlwps--; 1299 1300 /* Make note of the LID being free, and remove from tree. */ 1301 if (l->l_lid < p->p_nlwpid) 1302 p->p_nlwpid = l->l_lid; 1303 rw_enter(&p->p_treelock, RW_WRITER); 1304 l2 = radix_tree_remove_node(&p->p_lwptree, 1305 (uint64_t)(l->l_lid - 1)); 1306 KASSERT(l2 == l); 1307 rw_exit(&p->p_treelock); 1308 1309 /* 1310 * Have any LWPs sleeping in lwp_wait() recheck for 1311 * deadlock. 1312 */ 1313 cv_broadcast(&p->p_lwpcv); 1314 mutex_exit(p->p_lock); 1315 } 1316 1317 /* 1318 * In the unlikely event that the LWP is still on the CPU, 1319 * then spin until it has switched away. 1320 */ 1321 membar_consumer(); 1322 while (__predict_false((l->l_pflag & LP_RUNNING) != 0)) { 1323 SPINLOCK_BACKOFF_HOOK; 1324 } 1325 1326 /* 1327 * Destroy the LWP's remaining signal information. 1328 */ 1329 ksiginfo_queue_init(&kq); 1330 sigclear(&l->l_sigpend, NULL, &kq); 1331 ksiginfo_queue_drain(&kq); 1332 cv_destroy(&l->l_sigcv); 1333 cv_destroy(&l->l_waitcv); 1334 1335 /* 1336 * Free lwpctl structure and affinity. 1337 */ 1338 if (l->l_lwpctl) { 1339 lwp_ctl_free(l); 1340 } 1341 if (l->l_affinity) { 1342 kcpuset_unuse(l->l_affinity, NULL); 1343 l->l_affinity = NULL; 1344 } 1345 1346 /* 1347 * Free the LWP's turnstile and the LWP structure itself unless the 1348 * caller wants to recycle them. Also, free the scheduler specific 1349 * data. 1350 * 1351 * We can't return turnstile0 to the pool (it didn't come from it), 1352 * so if it comes up just drop it quietly and move on. 1353 * 1354 * We don't recycle the VM resources at this time. 1355 */ 1356 1357 if (!recycle && l->l_ts != &turnstile0) 1358 pool_cache_put(turnstile_cache, l->l_ts); 1359 if (l->l_name != NULL) 1360 kmem_free(l->l_name, MAXCOMLEN); 1361 1362 kmsan_lwp_free(l); 1363 cpu_lwp_free2(l); 1364 uvm_lwp_exit(l); 1365 1366 KASSERT(SLIST_EMPTY(&l->l_pi_lenders)); 1367 KASSERT(l->l_inheritedprio == -1); 1368 KASSERT(l->l_blcnt == 0); 1369 kdtrace_thread_dtor(NULL, l); 1370 if (!recycle) 1371 pool_cache_put(lwp_cache, l); 1372 } 1373 1374 /* 1375 * Migrate the LWP to the another CPU. Unlocks the LWP. 1376 */ 1377 void 1378 lwp_migrate(lwp_t *l, struct cpu_info *tci) 1379 { 1380 struct schedstate_percpu *tspc; 1381 int lstat = l->l_stat; 1382 1383 KASSERT(lwp_locked(l, NULL)); 1384 KASSERT(tci != NULL); 1385 1386 /* If LWP is still on the CPU, it must be handled like LSONPROC */ 1387 if ((l->l_pflag & LP_RUNNING) != 0) { 1388 lstat = LSONPROC; 1389 } 1390 1391 /* 1392 * The destination CPU could be changed while previous migration 1393 * was not finished. 1394 */ 1395 if (l->l_target_cpu != NULL) { 1396 l->l_target_cpu = tci; 1397 lwp_unlock(l); 1398 return; 1399 } 1400 1401 /* Nothing to do if trying to migrate to the same CPU */ 1402 if (l->l_cpu == tci) { 1403 lwp_unlock(l); 1404 return; 1405 } 1406 1407 KASSERT(l->l_target_cpu == NULL); 1408 tspc = &tci->ci_schedstate; 1409 switch (lstat) { 1410 case LSRUN: 1411 l->l_target_cpu = tci; 1412 break; 1413 case LSSLEEP: 1414 l->l_cpu = tci; 1415 break; 1416 case LSIDL: 1417 case LSSTOP: 1418 case LSSUSPENDED: 1419 l->l_cpu = tci; 1420 if (l->l_wchan == NULL) { 1421 lwp_unlock_to(l, tspc->spc_lwplock); 1422 return; 1423 } 1424 break; 1425 case LSONPROC: 1426 l->l_target_cpu = tci; 1427 spc_lock(l->l_cpu); 1428 sched_resched_cpu(l->l_cpu, PRI_USER_RT, true); 1429 /* spc now unlocked */ 1430 break; 1431 } 1432 lwp_unlock(l); 1433 } 1434 1435 /* 1436 * Find the LWP in the process. Arguments may be zero, in such case, 1437 * the calling process and first LWP in the list will be used. 1438 * On success - returns proc locked. 1439 */ 1440 struct lwp * 1441 lwp_find2(pid_t pid, lwpid_t lid) 1442 { 1443 proc_t *p; 1444 lwp_t *l; 1445 1446 /* Find the process. */ 1447 if (pid != 0) { 1448 mutex_enter(proc_lock); 1449 p = proc_find(pid); 1450 if (p == NULL) { 1451 mutex_exit(proc_lock); 1452 return NULL; 1453 } 1454 mutex_enter(p->p_lock); 1455 mutex_exit(proc_lock); 1456 } else { 1457 p = curlwp->l_proc; 1458 mutex_enter(p->p_lock); 1459 } 1460 /* Find the thread. */ 1461 if (lid != 0) { 1462 l = lwp_find(p, lid); 1463 } else { 1464 l = LIST_FIRST(&p->p_lwps); 1465 } 1466 if (l == NULL) { 1467 mutex_exit(p->p_lock); 1468 } 1469 return l; 1470 } 1471 1472 /* 1473 * Look up a live LWP within the specified process. 1474 * 1475 * Must be called with p->p_lock held (as it looks at the radix tree, 1476 * and also wants to exclude idle and zombie LWPs). 1477 */ 1478 struct lwp * 1479 lwp_find(struct proc *p, lwpid_t id) 1480 { 1481 struct lwp *l; 1482 1483 KASSERT(mutex_owned(p->p_lock)); 1484 1485 l = radix_tree_lookup_node(&p->p_lwptree, (uint64_t)(id - 1)); 1486 KASSERT(l == NULL || l->l_lid == id); 1487 1488 /* 1489 * No need to lock - all of these conditions will 1490 * be visible with the process level mutex held. 1491 */ 1492 if (l != NULL && (l->l_stat == LSIDL || l->l_stat == LSZOMB)) 1493 l = NULL; 1494 1495 return l; 1496 } 1497 1498 /* 1499 * Update an LWP's cached credentials to mirror the process' master copy. 1500 * 1501 * This happens early in the syscall path, on user trap, and on LWP 1502 * creation. A long-running LWP can also voluntarily choose to update 1503 * its credentials by calling this routine. This may be called from 1504 * LWP_CACHE_CREDS(), which checks l->l_cred != p->p_cred beforehand. 1505 */ 1506 void 1507 lwp_update_creds(struct lwp *l) 1508 { 1509 kauth_cred_t oc; 1510 struct proc *p; 1511 1512 p = l->l_proc; 1513 oc = l->l_cred; 1514 1515 mutex_enter(p->p_lock); 1516 kauth_cred_hold(p->p_cred); 1517 l->l_cred = p->p_cred; 1518 l->l_prflag &= ~LPR_CRMOD; 1519 mutex_exit(p->p_lock); 1520 if (oc != NULL) 1521 kauth_cred_free(oc); 1522 } 1523 1524 /* 1525 * Verify that an LWP is locked, and optionally verify that the lock matches 1526 * one we specify. 1527 */ 1528 int 1529 lwp_locked(struct lwp *l, kmutex_t *mtx) 1530 { 1531 kmutex_t *cur = l->l_mutex; 1532 1533 return mutex_owned(cur) && (mtx == cur || mtx == NULL); 1534 } 1535 1536 /* 1537 * Lend a new mutex to an LWP. The old mutex must be held. 1538 */ 1539 kmutex_t * 1540 lwp_setlock(struct lwp *l, kmutex_t *mtx) 1541 { 1542 kmutex_t *oldmtx = l->l_mutex; 1543 1544 KASSERT(mutex_owned(oldmtx)); 1545 1546 membar_exit(); 1547 l->l_mutex = mtx; 1548 return oldmtx; 1549 } 1550 1551 /* 1552 * Lend a new mutex to an LWP, and release the old mutex. The old mutex 1553 * must be held. 1554 */ 1555 void 1556 lwp_unlock_to(struct lwp *l, kmutex_t *mtx) 1557 { 1558 kmutex_t *old; 1559 1560 KASSERT(lwp_locked(l, NULL)); 1561 1562 old = l->l_mutex; 1563 membar_exit(); 1564 l->l_mutex = mtx; 1565 mutex_spin_exit(old); 1566 } 1567 1568 int 1569 lwp_trylock(struct lwp *l) 1570 { 1571 kmutex_t *old; 1572 1573 for (;;) { 1574 if (!mutex_tryenter(old = l->l_mutex)) 1575 return 0; 1576 if (__predict_true(l->l_mutex == old)) 1577 return 1; 1578 mutex_spin_exit(old); 1579 } 1580 } 1581 1582 void 1583 lwp_unsleep(lwp_t *l, bool unlock) 1584 { 1585 1586 KASSERT(mutex_owned(l->l_mutex)); 1587 (*l->l_syncobj->sobj_unsleep)(l, unlock); 1588 } 1589 1590 /* 1591 * Handle exceptions for mi_userret(). Called if a member of LW_USERRET is 1592 * set. 1593 */ 1594 void 1595 lwp_userret(struct lwp *l) 1596 { 1597 struct proc *p; 1598 int sig; 1599 1600 KASSERT(l == curlwp); 1601 KASSERT(l->l_stat == LSONPROC); 1602 p = l->l_proc; 1603 1604 /* 1605 * It is safe to do this read unlocked on a MP system.. 1606 */ 1607 while ((l->l_flag & LW_USERRET) != 0) { 1608 /* 1609 * Process pending signals first, unless the process 1610 * is dumping core or exiting, where we will instead 1611 * enter the LW_WSUSPEND case below. 1612 */ 1613 if ((l->l_flag & (LW_PENDSIG | LW_WCORE | LW_WEXIT)) == 1614 LW_PENDSIG) { 1615 mutex_enter(p->p_lock); 1616 while ((sig = issignal(l)) != 0) 1617 postsig(sig); 1618 mutex_exit(p->p_lock); 1619 } 1620 1621 /* 1622 * Core-dump or suspend pending. 1623 * 1624 * In case of core dump, suspend ourselves, so that the kernel 1625 * stack and therefore the userland registers saved in the 1626 * trapframe are around for coredump() to write them out. 1627 * We also need to save any PCU resources that we have so that 1628 * they accessible for coredump(). We issue a wakeup on 1629 * p->p_lwpcv so that sigexit() will write the core file out 1630 * once all other LWPs are suspended. 1631 */ 1632 if ((l->l_flag & LW_WSUSPEND) != 0) { 1633 pcu_save_all(l); 1634 mutex_enter(p->p_lock); 1635 p->p_nrlwps--; 1636 cv_broadcast(&p->p_lwpcv); 1637 lwp_lock(l); 1638 l->l_stat = LSSUSPENDED; 1639 lwp_unlock(l); 1640 mutex_exit(p->p_lock); 1641 lwp_lock(l); 1642 spc_lock(l->l_cpu); 1643 mi_switch(l); 1644 } 1645 1646 /* Process is exiting. */ 1647 if ((l->l_flag & LW_WEXIT) != 0) { 1648 lwp_exit(l); 1649 KASSERT(0); 1650 /* NOTREACHED */ 1651 } 1652 1653 /* update lwpctl processor (for vfork child_return) */ 1654 if (l->l_flag & LW_LWPCTL) { 1655 lwp_lock(l); 1656 KASSERT(kpreempt_disabled()); 1657 l->l_lwpctl->lc_curcpu = (int)cpu_index(l->l_cpu); 1658 l->l_lwpctl->lc_pctr++; 1659 l->l_flag &= ~LW_LWPCTL; 1660 lwp_unlock(l); 1661 } 1662 } 1663 } 1664 1665 /* 1666 * Force an LWP to enter the kernel, to take a trip through lwp_userret(). 1667 */ 1668 void 1669 lwp_need_userret(struct lwp *l) 1670 { 1671 1672 KASSERT(!cpu_intr_p()); 1673 KASSERT(lwp_locked(l, NULL)); 1674 1675 /* 1676 * If the LWP is in any state other than LSONPROC, we know that it 1677 * is executing in-kernel and will hit userret() on the way out. 1678 * 1679 * If the LWP is curlwp, then we know we'll be back out to userspace 1680 * soon (can't be called from a hardware interrupt here). 1681 * 1682 * Otherwise, we can't be sure what the LWP is doing, so first make 1683 * sure the update to l_flag will be globally visible, and then 1684 * force the LWP to take a trip through trap() where it will do 1685 * userret(). 1686 */ 1687 if (l->l_stat == LSONPROC && l != curlwp) { 1688 membar_producer(); 1689 cpu_signotify(l); 1690 } 1691 } 1692 1693 /* 1694 * Add one reference to an LWP. This will prevent the LWP from 1695 * exiting, thus keep the lwp structure and PCB around to inspect. 1696 */ 1697 void 1698 lwp_addref(struct lwp *l) 1699 { 1700 1701 KASSERT(mutex_owned(l->l_proc->p_lock)); 1702 KASSERT(l->l_stat != LSZOMB); 1703 1704 l->l_refcnt++; 1705 } 1706 1707 /* 1708 * Remove one reference to an LWP. If this is the last reference, 1709 * then we must finalize the LWP's death. 1710 */ 1711 void 1712 lwp_delref(struct lwp *l) 1713 { 1714 struct proc *p = l->l_proc; 1715 1716 mutex_enter(p->p_lock); 1717 lwp_delref2(l); 1718 mutex_exit(p->p_lock); 1719 } 1720 1721 /* 1722 * Remove one reference to an LWP. If this is the last reference, 1723 * then we must finalize the LWP's death. The proc mutex is held 1724 * on entry. 1725 */ 1726 void 1727 lwp_delref2(struct lwp *l) 1728 { 1729 struct proc *p = l->l_proc; 1730 1731 KASSERT(mutex_owned(p->p_lock)); 1732 KASSERT(l->l_stat != LSZOMB); 1733 KASSERT(l->l_refcnt > 0); 1734 1735 if (--l->l_refcnt == 0) 1736 cv_broadcast(&p->p_lwpcv); 1737 } 1738 1739 /* 1740 * Drain all references to the current LWP. 1741 */ 1742 void 1743 lwp_drainrefs(struct lwp *l) 1744 { 1745 struct proc *p = l->l_proc; 1746 1747 KASSERT(mutex_owned(p->p_lock)); 1748 1749 while (l->l_refcnt > 0) 1750 cv_wait(&p->p_lwpcv, p->p_lock); 1751 } 1752 1753 /* 1754 * Return true if the specified LWP is 'alive'. Only p->p_lock need 1755 * be held. 1756 */ 1757 bool 1758 lwp_alive(lwp_t *l) 1759 { 1760 1761 KASSERT(mutex_owned(l->l_proc->p_lock)); 1762 1763 switch (l->l_stat) { 1764 case LSSLEEP: 1765 case LSRUN: 1766 case LSONPROC: 1767 case LSSTOP: 1768 case LSSUSPENDED: 1769 return true; 1770 default: 1771 return false; 1772 } 1773 } 1774 1775 /* 1776 * Return first live LWP in the process. 1777 */ 1778 lwp_t * 1779 lwp_find_first(proc_t *p) 1780 { 1781 lwp_t *l; 1782 1783 KASSERT(mutex_owned(p->p_lock)); 1784 1785 LIST_FOREACH(l, &p->p_lwps, l_sibling) { 1786 if (lwp_alive(l)) { 1787 return l; 1788 } 1789 } 1790 1791 return NULL; 1792 } 1793 1794 /* 1795 * Allocate a new lwpctl structure for a user LWP. 1796 */ 1797 int 1798 lwp_ctl_alloc(vaddr_t *uaddr) 1799 { 1800 lcproc_t *lp; 1801 u_int bit, i, offset; 1802 struct uvm_object *uao; 1803 int error; 1804 lcpage_t *lcp; 1805 proc_t *p; 1806 lwp_t *l; 1807 1808 l = curlwp; 1809 p = l->l_proc; 1810 1811 /* don't allow a vforked process to create lwp ctls */ 1812 if (p->p_lflag & PL_PPWAIT) 1813 return EBUSY; 1814 1815 if (l->l_lcpage != NULL) { 1816 lcp = l->l_lcpage; 1817 *uaddr = lcp->lcp_uaddr + (vaddr_t)l->l_lwpctl - lcp->lcp_kaddr; 1818 return 0; 1819 } 1820 1821 /* First time around, allocate header structure for the process. */ 1822 if ((lp = p->p_lwpctl) == NULL) { 1823 lp = kmem_alloc(sizeof(*lp), KM_SLEEP); 1824 mutex_init(&lp->lp_lock, MUTEX_DEFAULT, IPL_NONE); 1825 lp->lp_uao = NULL; 1826 TAILQ_INIT(&lp->lp_pages); 1827 mutex_enter(p->p_lock); 1828 if (p->p_lwpctl == NULL) { 1829 p->p_lwpctl = lp; 1830 mutex_exit(p->p_lock); 1831 } else { 1832 mutex_exit(p->p_lock); 1833 mutex_destroy(&lp->lp_lock); 1834 kmem_free(lp, sizeof(*lp)); 1835 lp = p->p_lwpctl; 1836 } 1837 } 1838 1839 /* 1840 * Set up an anonymous memory region to hold the shared pages. 1841 * Map them into the process' address space. The user vmspace 1842 * gets the first reference on the UAO. 1843 */ 1844 mutex_enter(&lp->lp_lock); 1845 if (lp->lp_uao == NULL) { 1846 lp->lp_uao = uao_create(LWPCTL_UAREA_SZ, 0); 1847 lp->lp_cur = 0; 1848 lp->lp_max = LWPCTL_UAREA_SZ; 1849 lp->lp_uva = p->p_emul->e_vm_default_addr(p, 1850 (vaddr_t)p->p_vmspace->vm_daddr, LWPCTL_UAREA_SZ, 1851 p->p_vmspace->vm_map.flags & VM_MAP_TOPDOWN); 1852 error = uvm_map(&p->p_vmspace->vm_map, &lp->lp_uva, 1853 LWPCTL_UAREA_SZ, lp->lp_uao, 0, 0, UVM_MAPFLAG(UVM_PROT_RW, 1854 UVM_PROT_RW, UVM_INH_NONE, UVM_ADV_NORMAL, 0)); 1855 if (error != 0) { 1856 uao_detach(lp->lp_uao); 1857 lp->lp_uao = NULL; 1858 mutex_exit(&lp->lp_lock); 1859 return error; 1860 } 1861 } 1862 1863 /* Get a free block and allocate for this LWP. */ 1864 TAILQ_FOREACH(lcp, &lp->lp_pages, lcp_chain) { 1865 if (lcp->lcp_nfree != 0) 1866 break; 1867 } 1868 if (lcp == NULL) { 1869 /* Nothing available - try to set up a free page. */ 1870 if (lp->lp_cur == lp->lp_max) { 1871 mutex_exit(&lp->lp_lock); 1872 return ENOMEM; 1873 } 1874 lcp = kmem_alloc(LWPCTL_LCPAGE_SZ, KM_SLEEP); 1875 1876 /* 1877 * Wire the next page down in kernel space. Since this 1878 * is a new mapping, we must add a reference. 1879 */ 1880 uao = lp->lp_uao; 1881 (*uao->pgops->pgo_reference)(uao); 1882 lcp->lcp_kaddr = vm_map_min(kernel_map); 1883 error = uvm_map(kernel_map, &lcp->lcp_kaddr, PAGE_SIZE, 1884 uao, lp->lp_cur, PAGE_SIZE, 1885 UVM_MAPFLAG(UVM_PROT_RW, UVM_PROT_RW, 1886 UVM_INH_NONE, UVM_ADV_RANDOM, 0)); 1887 if (error != 0) { 1888 mutex_exit(&lp->lp_lock); 1889 kmem_free(lcp, LWPCTL_LCPAGE_SZ); 1890 (*uao->pgops->pgo_detach)(uao); 1891 return error; 1892 } 1893 error = uvm_map_pageable(kernel_map, lcp->lcp_kaddr, 1894 lcp->lcp_kaddr + PAGE_SIZE, FALSE, 0); 1895 if (error != 0) { 1896 mutex_exit(&lp->lp_lock); 1897 uvm_unmap(kernel_map, lcp->lcp_kaddr, 1898 lcp->lcp_kaddr + PAGE_SIZE); 1899 kmem_free(lcp, LWPCTL_LCPAGE_SZ); 1900 return error; 1901 } 1902 /* Prepare the page descriptor and link into the list. */ 1903 lcp->lcp_uaddr = lp->lp_uva + lp->lp_cur; 1904 lp->lp_cur += PAGE_SIZE; 1905 lcp->lcp_nfree = LWPCTL_PER_PAGE; 1906 lcp->lcp_rotor = 0; 1907 memset(lcp->lcp_bitmap, 0xff, LWPCTL_BITMAP_SZ); 1908 TAILQ_INSERT_HEAD(&lp->lp_pages, lcp, lcp_chain); 1909 } 1910 for (i = lcp->lcp_rotor; lcp->lcp_bitmap[i] == 0;) { 1911 if (++i >= LWPCTL_BITMAP_ENTRIES) 1912 i = 0; 1913 } 1914 bit = ffs(lcp->lcp_bitmap[i]) - 1; 1915 lcp->lcp_bitmap[i] ^= (1U << bit); 1916 lcp->lcp_rotor = i; 1917 lcp->lcp_nfree--; 1918 l->l_lcpage = lcp; 1919 offset = (i << 5) + bit; 1920 l->l_lwpctl = (lwpctl_t *)lcp->lcp_kaddr + offset; 1921 *uaddr = lcp->lcp_uaddr + offset * sizeof(lwpctl_t); 1922 mutex_exit(&lp->lp_lock); 1923 1924 KPREEMPT_DISABLE(l); 1925 l->l_lwpctl->lc_curcpu = (int)cpu_index(curcpu()); 1926 KPREEMPT_ENABLE(l); 1927 1928 return 0; 1929 } 1930 1931 /* 1932 * Free an lwpctl structure back to the per-process list. 1933 */ 1934 void 1935 lwp_ctl_free(lwp_t *l) 1936 { 1937 struct proc *p = l->l_proc; 1938 lcproc_t *lp; 1939 lcpage_t *lcp; 1940 u_int map, offset; 1941 1942 /* don't free a lwp context we borrowed for vfork */ 1943 if (p->p_lflag & PL_PPWAIT) { 1944 l->l_lwpctl = NULL; 1945 return; 1946 } 1947 1948 lp = p->p_lwpctl; 1949 KASSERT(lp != NULL); 1950 1951 lcp = l->l_lcpage; 1952 offset = (u_int)((lwpctl_t *)l->l_lwpctl - (lwpctl_t *)lcp->lcp_kaddr); 1953 KASSERT(offset < LWPCTL_PER_PAGE); 1954 1955 mutex_enter(&lp->lp_lock); 1956 lcp->lcp_nfree++; 1957 map = offset >> 5; 1958 lcp->lcp_bitmap[map] |= (1U << (offset & 31)); 1959 if (lcp->lcp_bitmap[lcp->lcp_rotor] == 0) 1960 lcp->lcp_rotor = map; 1961 if (TAILQ_FIRST(&lp->lp_pages)->lcp_nfree == 0) { 1962 TAILQ_REMOVE(&lp->lp_pages, lcp, lcp_chain); 1963 TAILQ_INSERT_HEAD(&lp->lp_pages, lcp, lcp_chain); 1964 } 1965 mutex_exit(&lp->lp_lock); 1966 } 1967 1968 /* 1969 * Process is exiting; tear down lwpctl state. This can only be safely 1970 * called by the last LWP in the process. 1971 */ 1972 void 1973 lwp_ctl_exit(void) 1974 { 1975 lcpage_t *lcp, *next; 1976 lcproc_t *lp; 1977 proc_t *p; 1978 lwp_t *l; 1979 1980 l = curlwp; 1981 l->l_lwpctl = NULL; 1982 l->l_lcpage = NULL; 1983 p = l->l_proc; 1984 lp = p->p_lwpctl; 1985 1986 KASSERT(lp != NULL); 1987 KASSERT(p->p_nlwps == 1); 1988 1989 for (lcp = TAILQ_FIRST(&lp->lp_pages); lcp != NULL; lcp = next) { 1990 next = TAILQ_NEXT(lcp, lcp_chain); 1991 uvm_unmap(kernel_map, lcp->lcp_kaddr, 1992 lcp->lcp_kaddr + PAGE_SIZE); 1993 kmem_free(lcp, LWPCTL_LCPAGE_SZ); 1994 } 1995 1996 if (lp->lp_uao != NULL) { 1997 uvm_unmap(&p->p_vmspace->vm_map, lp->lp_uva, 1998 lp->lp_uva + LWPCTL_UAREA_SZ); 1999 } 2000 2001 mutex_destroy(&lp->lp_lock); 2002 kmem_free(lp, sizeof(*lp)); 2003 p->p_lwpctl = NULL; 2004 } 2005 2006 /* 2007 * Return the current LWP's "preemption counter". Used to detect 2008 * preemption across operations that can tolerate preemption without 2009 * crashing, but which may generate incorrect results if preempted. 2010 */ 2011 uint64_t 2012 lwp_pctr(void) 2013 { 2014 2015 return curlwp->l_ncsw; 2016 } 2017 2018 /* 2019 * Set an LWP's private data pointer. 2020 */ 2021 int 2022 lwp_setprivate(struct lwp *l, void *ptr) 2023 { 2024 int error = 0; 2025 2026 l->l_private = ptr; 2027 #ifdef __HAVE_CPU_LWP_SETPRIVATE 2028 error = cpu_lwp_setprivate(l, ptr); 2029 #endif 2030 return error; 2031 } 2032 2033 /* 2034 * Renumber the first and only LWP in a process on exec() or fork(). 2035 * Don't bother with p_treelock here as this is the only live LWP in 2036 * the proc right now. 2037 */ 2038 void 2039 lwp_renumber(lwp_t *l, lwpid_t lid) 2040 { 2041 lwp_t *l2 __diagused; 2042 proc_t *p = l->l_proc; 2043 int error; 2044 2045 KASSERT(p->p_nlwps == 1); 2046 2047 while (l->l_lid != lid) { 2048 mutex_enter(p->p_lock); 2049 error = radix_tree_insert_node(&p->p_lwptree, lid - 1, l); 2050 if (error == 0) { 2051 l2 = radix_tree_remove_node(&p->p_lwptree, 2052 (uint64_t)(l->l_lid - 1)); 2053 KASSERT(l2 == l); 2054 p->p_nlwpid = lid + 1; 2055 l->l_lid = lid; 2056 } 2057 mutex_exit(p->p_lock); 2058 2059 if (error == 0) 2060 break; 2061 2062 KASSERT(error == ENOMEM); 2063 radix_tree_await_memory(); 2064 } 2065 } 2066 2067 #if defined(DDB) 2068 #include <machine/pcb.h> 2069 2070 void 2071 lwp_whatis(uintptr_t addr, void (*pr)(const char *, ...)) 2072 { 2073 lwp_t *l; 2074 2075 LIST_FOREACH(l, &alllwp, l_list) { 2076 uintptr_t stack = (uintptr_t)KSTACK_LOWEST_ADDR(l); 2077 2078 if (addr < stack || stack + KSTACK_SIZE <= addr) { 2079 continue; 2080 } 2081 (*pr)("%p is %p+%zu, LWP %p's stack\n", 2082 (void *)addr, (void *)stack, 2083 (size_t)(addr - stack), l); 2084 } 2085 } 2086 #endif /* defined(DDB) */ 2087