kern/46153: posix_spawn() can switch with no vmspace

[Manuel.Bouyer%lip6.fr@localhost]

>Number:         46153
>Category:       kern
>Synopsis:       posix_spawn() can switch with no vmspace
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Mar 08 15:30:00 +0000 2012
>Originator:     Manuel Bouyer
>Release:        NetBSD 6.99.3
>Organization:
>Environment:
System: NetBSD 6.99.3 (GENERIC_DEBUG) #3: Thu Mar  8 13:33:49 CET 2012
      
bouyer@hop:/dsk/l1/misc/bouyer/tmp/amd64/obj/dsk/l1/misc/bouyer/quota2/src/sys/arch/amd64/compile/GENERIC_DEBUG

Architecture: amd64
Machine: amd64
>Description:
        
        While running tests, the kernel paniced in pmap_deactivate(), because
        l->l_proc->p_vmspace is NULL. Stack trace is:
trap type 6 code 0 rip ffffffff80610bce cs 8 rflags 10246 cr2  0 cpl 8 rsp 
fffffe810c867ae0
kernel: page fault trap, code=0
Stopped in pid 23593.1 (t_fileactions) at       netbsd:pmap_deactivate+0x93: 
movq     0(%rax),%rbx     
db{0}> tr
pmap_deactivate() at netbsd:pmap_deactivate+0x93
mi_switch() at netbsd:mi_switch+0x2c5
kpreempt() at netbsd:kpreempt+0xe2   
Xpreemptrecurse() at netbsd:Xpreemptrecurse+0x15
spawn_return() at netbsd:spawn_return+0x1f8

        investigations shows that this is a new process that
        is being created by posix_spawn(), its vmspace has not
        been setup yet. See also
http://mail-index.netbsd.org/tech-kern/2012/03/08/msg012876.html

>How-To-Repeat:
        cd /usr/tests; atf-run | atf-report
>Fix: