250538 Commits

Author SHA1 Message Date
mjg
a7bb12777a lockstat: track lockstat just like sdt probes
In particular flip the frequently tested var to bool.
2018-04-24 01:04:10 +00:00
dim
de8877900a Pull in r329771 from upstream llvm trunk (by Craig Topper):
[X86] In X86FlagsCopyLowering, when rewriting a memory setcc we need
  to emit an explicit MOV8mr instruction.

  Previously the code only knew how to handle setcc to a register.

  This should fix a crash in the chromium build.

This fixes various assertion failures while building ports targeting
i386:
* www/firefox: isReg() && "This is not a register operand!"
* www/iridium, www/qt5-webengine: (I.atEnd() || std::next(I) ==
  def_instr_end()) && "getVRegDef assumes a single definition or no
  definition"
* devel/powerpc64-gcc: FromReg != ToReg && "Cannot replace a reg with
  itself"

Reported by:	jbeich
PR:		225330, 227686, 227698, 227699
MFC after:	1 week
X-MFC-With:	r332833
2018-04-23 23:07:57 +00:00
imp
c0908e1f7b Migrate to make_dev_s interface to populate /dev/nvmeX entries
Submitted by: Michael Hordijk
Differential Revision: https://reviews.freebsd.org/D15162
2018-04-23 22:30:17 +00:00
mjg
ef181e1503 malloc: stop reading the subzone if MALLOC_DEBUG_MAXZONES == 1 (the default)
malloc was showing at the top of profile during while running microbenchmarks.

#define DTMALLOC_PROBE_MAX              2
struct malloc_type_internal {
        uint32_t        mti_probes[DTMALLOC_PROBE_MAX];
        u_char          mti_zone;
        struct malloc_type_stats        mti_stats[MAXCPU];
};

Reading mti_zone it wastes a cacheline to hold mti_probes + mti_zone
(which we know is 0) + part of malloc stats of the first cpu which on top
induces false-sharing.

In particular will-it-scale lock1_processes -t 128 -s 10:
before: average:45879692
after:  average:51655596

Note the counters can be padded but the right fix is to move them to
counter(9), leaving the struct read-only after creation (modulo dtrace
probes).
2018-04-23 22:28:49 +00:00
brooks
9a0f94467e Finish removing FDDI and tokenring media support.
This fixes media display for 802.11 wireless devices.

Software outside the base system that uses these media types and
defines should use #ifdef IFM_FDDI or IFM_TOKEN to include or remove
support.

Reported by:	zeising
Reviewed by:	emaste, kib, zeising
Tested by:	zeising
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D15170
2018-04-23 21:10:33 +00:00
sbruno
bbf7d4dd03 Load balance sockets with new SO_REUSEPORT_LB option
This patch adds a new socket option, SO_REUSEPORT_LB, which allow multiple
programs or threads to bind to the same port and incoming connections will be
load balanced using a hash function.

Most of the code was copied from a similar patch for DragonflyBSD.

However, in DragonflyBSD, load balancing is a global on/off setting and can not
be set per socket. This patch allows for simultaneous use of both the current
SO_REUSEPORT and the new SO_REUSEPORT_LB options on the same system.

Required changes to structures
Globally change so_options from 16 to 32 bit value to allow for more options.
Add hashtable in pcbinfo to hold all SO_REUSEPORT_LB sockets.

Limitations
As DragonflyBSD, a load balance group is limited to 256 pcbs
(256 programs or threads sharing the same socket).

Submitted by:	Johannes Lundberg <johanlun0@gmail.com>
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D11003
2018-04-23 19:51:00 +00:00
emaste
2b071b580c Map FreeBSD EDOOFUS to Linux EINVAL
Previously EDOOFUS mapped to EBUSY.  EINVAL seems more appropriate.

Discussed with:	cem
MFC after:	1 week
Sponsored by:	Turing Robotic Industries Inc.
2018-04-23 18:33:26 +00:00
jhb
5c30edda81 Implement 32-bit atomic_fcmpset() in userland for armv4/v5.
- Add an implementation of atomic_fcmpset_32() using RAS for armv4/v5.
  This fixes recent world breakage due to use of atomic_fcmpset() in
  userland.
- While here, be more careful to not expose wrapper macros for 64-bit
  atomic_*cmpset to userland for armv4/v5 as only 32-bit cmpset is
  implemented.

This has been reviewed, but not runtime-tested, but should fix the arm.arm
and arm.armeb worlds that have been broken for a while.

Reviewed by:	imp
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D15147
2018-04-23 17:00:15 +00:00
jhb
07f4bcbf2f Fix some harmless type mismatches in the ARM atomic_cmpset implementations.
The return value of atomic_cmpset() and atomic_fcmpset() is an int (which
is really a bool) that has the values 0 or 1.  Some of the inlines were
using the type being operated on (e.g. uint32_t) as either the return type
of the function, or the type of a local 'ret' variable used to hold the
return value.  Fix all of these to just use plain 'int'.  Due to C promotion
rules and the fact that the value can only be 0 or 1, these should all be
harmless.

Reviewed by:	imp (only the v4 ones)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D15147
2018-04-23 16:50:37 +00:00
sbruno
045d2cdc64 hda(4)
- add quirk for Dell XPS9560 audio gleaned and massages from linux

https://github.com/freebsd/freebsd/pull/137

Submitted by:	K Staring
MFC after:	3 days
Relnotes:	yes
2018-04-23 16:38:27 +00:00
br
f70bf12b30 Enable ARM PL330 DMA engine and Cadence Quad SPI flash controller on
Intel Arria 10 SoC boards.

Tested on Intel Arria 10 SoC Development Kit.

Sponsored by:	DARPA, AFRL
2018-04-23 12:23:05 +00:00
ae
ed1f56d3ff icmp6_reflect() sends ICMPv6 message with new IPv6 header. So, it is
considered as originated by our host packet. And thus rcvif should be
NULL, since it is used by ipfw(4) to determine that packet was originated
from this host. Some of icmp6_reflect() consumers reuse mbuf and m_pkthdr
without resetting rcvif pointer. To avoid this always reset m_pkthdr.rcvif
pointer to NULL in icmp6_reflect(). Also remove such line and comment
describing this from icmp6_error(), since it does not longer matters.

PR:		227674
Reported by:	eugen
MFC after:	1 week
2018-04-23 12:20:07 +00:00
br
90d3977775 Add driver for Cadence Quad SPI Flash Controller found on
Intel® Arria® 10 SoC.

Cadence Quad SPI Flash is not generic SPI controller, but SPI flash
controller, so don't use spibus here, instead provide quad spi flash
interface.

Since it is not on spibus, then mx25l flash device driver is not usable
here, so provide new n25q flash device driver with quad spi flash
interface.

Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D10245
2018-04-23 10:35:00 +00:00
mjg
a525500c85 lockf: add per-chain locks to the owner hash
This combined with previous changes significantly depessimizes the behaviour
under contentnion.

In particular the lock1_processes test (locking/unlocking separate files)
from the will-it-scale suite was executed with 128 concurrency on a
4-socket Broadwell with 128 hardware threads.

Operations/second (lock+unlock) go from ~750000 to ~45000000 (6000%)
For reference single-process is ~1680000 (i.e. on stock kernel the resulting
perf is less than *half* of the single-threaded run),

Note this still does not really scale all that well as the locks were just
bolted on top of the current implementation. Significant room for improvement
is still here. In particular the top performance fluctuates depending on the
extent of false sharing in given run (which extends beyond the file).
Added chain+lock pairs were not padded w.r.t. cacheline size.

One big ticket item is the hash used for spreading threads: it used to be the
process pid (which basically serialized all threaded ops). Temporarily the
vnode addr was slapped in instead.

Tested by:      pho
2018-04-23 08:23:10 +00:00
mjg
36aee106b7 lockf: skip locking the graph if not necessary (common case)
Tested by:      pho
2018-04-23 07:54:02 +00:00
mjg
671996ff90 lockf: perform wakeup onlly when there is anybody waiting
Tested by:      pho
2018-04-23 07:52:56 +00:00
mjg
0bb3de5fe9 lockf: skip the hard work in lf_purgelocks if possible
Tested by:      pho
2018-04-23 07:52:10 +00:00
mjg
2bb2295c93 lockf: free state only when recycling the vnode
This avoids malloc/free cycles when locking/unlocking the vnode when
nobody is contending.

Tested by:	pho
2018-04-23 07:51:19 +00:00
delphij
9fc237c32b Correct size for allocation and bzero of fdsr.
MFC after:	2 weeks
2018-04-23 07:15:49 +00:00
kevans
5cbcde6d07 bsdgrep: Fix build failure WITHOUT_LZMA (incorrect bracket placement)
Submitted by:	sbruno
Reported by:	sbruno
2018-04-22 23:51:24 +00:00
emaste
015c42a14b pwd_mkdb: add deprecation notice in manpage too
Followon to r332789; as reported on the -current and -stable lists and
in review D15144 the -l option will be removed before FreeBSD 12.0.
2018-04-22 23:10:37 +00:00
bcran
893071d1b0 Update committers-src.dot to show the mentorship arrangement for myself: eadler has agreed to mentor me. 2018-04-22 21:27:59 +00:00
bcran
d8988e8715 Update account and given names in committers-src.dot and calendar.freebsd
I have changed my given name from Bruce to Rebecca, and my FreeBSD account
from brucec to bcran.
Update committers-src.dot and calendar.freebsd to show these changes.

Reviewed by:	rrs
Differential Revision: https://reviews.freebsd.org/D15125
2018-04-22 20:47:16 +00:00
tijl
83ceca9af0 Make bufdaemon and bufspacedaemon use kthread_suspend_check instead of
kproc_suspend_check.  In r329612 bufspacedaemon was turned into a thread
of the bufdaemon process causing both to call kproc_suspend_check with the
same proc argument and that function contains the following while loop:

while (SIGISMEMBER(p->p_siglist, SIGSTOP)) {
	wakeup(&p->p_siglist);
	msleep(&p->p_siglist, &p->p_mtx, PPAUSE, "kpsusp", 0);
}

So one thread wakes up the other and the other wakes up the first again,
locking up UP machines on shutdown.

Also register the shutdown handlers with SHUTDOWN_PRI_LAST + 100 so they
run after the syncer has shutdown, because the syncer can cause a
situation where bufdaemon help is needed to proceed.

PR:		227404
Reviewed by:	kib
Tested by:	cy, rmacklem
2018-04-22 16:05:29 +00:00
mjg
49cba071c4 lockf: slightly depessimize
1. check if P_ADVLOCK is already set and if so, don't lock to set it
(stolen from DragonFly)
2. when trying for fast path unlock, check that we are doing unlock
first instead of taking the interlock for no reason (e.g. if we want
to *lock*). whilere make it more likely that falling fast path will
not take the interlock either by checking for state

Note the code is severely pessimized both single- and multithreaded.
2018-04-22 09:30:07 +00:00
hselasky
1c16f8c6e5 Remove the "load drivers" logic from libibverbs.
The "load drivers" logic in the libibverbs configuration file is relevant
for Linux only.

MFC after:	3 days
Sponsored by:	Mellanox Technologies
2018-04-22 06:11:46 +00:00
jhibbits
5d53704ae8 Fix the build post r332859
sysentvec::sv_hwcap/sv_hwcap2 are pointers to  u_long, so cpu_features* need
to be u_long to use the pointers.  This also requires a temporary cast in
printing the bitfields, which is fine because the feature flag fields are
only 32 bits anyway.
2018-04-22 03:58:04 +00:00
dteske
cda3189166 dwatch(1): Remove the line used to demonstrate `-dev' option
In recently added sendrecv profile, there was a line purposefully
added to introduce a compilation error in which `-dev' is used to
debug the entry. Removing the entry.

Sponsored by:	Smule, Inc.
2018-04-22 02:40:21 +00:00
dteske
e04cc206ed dwatch(1): Add profile for send(2)/recv(2) syscalls
Sponsored by:	Smule, Inc.
2018-04-22 02:36:06 +00:00
dteske
d1b25fc2f7 dwatch(1): Add `-dev' option to aid debugging of profiles
The options `-d' (debug), `-e' (exit after compile), and `-v' (verbose)
when combined in any order (though best remembered as `-dev') will run
the conflated script through dtrace(1), test for error conditions, and
show the line that dtrace(1) failed at (with context).

If no errors are found, the output is the same as `-e[v]'.

When writing a new profile for dwatch(1), you can quickly test to
make sure it compiles by running `dwatch -devX profile_name' where
profiles live in /usr/libexec/dwatch or /usr/local/libexec/dwatch
(the latter being where profiles installed via ports should go).

Sponsored by:	Smule, Inc.
2018-04-22 02:20:17 +00:00
riggs
bdae9e1404 Remove unused definition bl_dfp; fix build with bktr compiled into kernel
PR:		216566
Submitted by:	mail@fbsd.e4m.org
Reviewed by:	riggs, cognet
Approved by:	cognet
MFC after:	3 days
2018-04-21 18:43:09 +00:00
jtl
fe99b6e732 When running with INVARIANTS, the kernel contains extra checks. However,
these assumptions may not hold true once we've panic'd. Therefore, the
checks hold less value after a panic.  Additionally, if one of the checks
fails while we are already panic'd, this creates a double-panic which can
interfere with debugging the original panic.

Therefore, this commit allows an administrator to suppress a response to
KASSERT checks after a panic by setting a tunable/sysctl.  The
tunable/sysctl (debug.kassert.suppress_in_panic) defaults to being
enabled.

Reviewed by:	kib
Sponsored by:	Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D12920
2018-04-21 17:05:00 +00:00
jhibbits
fb63c578b3 Export powerpc CPU features for auxvec
FreeBSD exports the AT_HWCAP* auxvec items if provided by the ELF sysentvec
structure.  Add the CPU features to be exported, so user space can more
easily check for them without using the hw.cpu_features and hw.cpu_features2
sysctls.
2018-04-21 15:15:47 +00:00
kevans
334fa0aab4 bsdgrep: Use grep_strdup instead of grep_malloc+strcpy 2018-04-21 14:58:45 +00:00
trasz
dc59ea3c99 Add cfumass rc script, to create a LUN for cfumass(4).
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14844
2018-04-21 14:56:41 +00:00
kevans
985dd72ad9 bsdgrep: Fix --include/--exclude ordering issues
Prior to r332851:
* --exclude always win out over --include
* --exclude-dir always wins out over --include-dir

r332851 broke that behavior, resulting in:
* First of --exclude, --include wins
* First of --exclude-dir, --include-dir wins

As it turns out, both behaviors are wrong by modern grep standards- the
latest rule wins. e.g.:

`grep --exclude foo --include foo 'thing' foo`
foo is included

`grep --include foo --exclude foo 'thing' foo`
foo is excluded

As tested with GNU grep 3.1.

This commit makes bsdgrep follow this behavior.

Reported by:	se
2018-04-21 13:46:07 +00:00
jhibbits
f139bcd72b Sync powerpc feature flags with Linux
Not all feature flags are synced.  Those for processors we don't currently
support are ignored currently.  Those that are supported are synced best I
can tell.  One flag was renamed to match the Linux flag name
(PPC_FEATURE2_VCRYPTO -> PPC_FEATURE2_VEC_CRYPTO).
2018-04-21 04:18:17 +00:00
cem
9c0d215d38 blake2: Disable warnings (not just error) for code we will not modify
Leave libb2 pristine and silence the warnings for mjg.
2018-04-21 02:08:56 +00:00
kevans
564bfbdaa2 bsdgrep: if chain => switch
This makes some of this a little easier to follow (in my opinion).
2018-04-21 01:42:02 +00:00
kevans
ad41916557 bsdgrep: More trivial cleanup/style cleanup
We can avoid branching for these easily reduced patterns
2018-04-21 01:33:13 +00:00
kevans
00c090fd14 bsdgrep: Some light cleanup
There's no point checking for a bunch of file modes if we're not a
practicing believer of DIR_SKIP or DEV_SKIP.

This also reduces some style violations that were particularly ugly looking
when browsing through.
2018-04-21 01:02:35 +00:00
emaste
0a9663efa7 lldb: propagate error to user if memory read fails
Previously, an attempt to read an unreadable access reported zeros:

(lldb) memory read -format hex -size 8 0
0x00000000: 0x0000000000000000 0x0000000000000000
0x00000010: 0x0000000000000000 0x0000000000000000
...

Now, if DoReadMemory encounters error then return 0 (bytes read) so we
report the error to the user:

(lldb) memory read -format hex -size 8 0
error: Bad address

LLVM PR:	37190

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2018-04-21 00:34:46 +00:00
emaste
67d06266a6 makefs: tidy up reach-over source
- cd9660 relies on an #include "iso.h" but does not build any .c files
  out of source, so remove reach-over .PATH
- ffs does not rely on any sys/ headers, so remove -I from CFLAGS.
- ffs_tables from sys/ is used by ffs; move the SRCS entry from the top-
  level Makefile to ffs' Makefile.inc.

Sponsored by:	The FreeBSD Foundation
2018-04-20 22:23:38 +00:00
manu
13193780b0 regulator: Check status before disabling
When disabling regulator when they are unused, check before is they are
enabled.
While here don't check the enable_cnt on the regulator entry as it is
checked by regnode_stop.
This solve the panic on any board using a fixed regulator that is driven
by a gpio when the regulator is unused.

Tested On: OrangePi One
Pointy Hat to:	    myself
Reported by:	kevans, Milan Obuch (freebsd-arm@dino.sk)
2018-04-20 20:30:33 +00:00
manu
8897e4c4c3 gnu/dts: Update our copy of arm dts from Linux 4.16 2018-04-20 19:37:08 +00:00
manu
930961d51f dts: Update our copy from files from Linux 4.16 2018-04-20 18:44:52 +00:00
dim
f13397cb22 Recommit r332501, with an additional upstream fix for "Cannot lower
EFLAGS copy that lives out of a basic block!" errors on i386.

Pull in r325446 from upstream clang trunk (by me):

  [X86] Add 'sahf' CPU feature to frontend

  Summary:
  Make clang accept `-msahf` (and `-mno-sahf`) flags to activate the
  `+sahf` feature for the backend, for bug 36028 (Incorrect use of
  pushf/popf enables/disables interrupts on amd64 kernels).  This was
  originally submitted in bug 36037 by Jonathan Looney
  <jonlooney@gmail.com>.

  As described there, GCC also uses `-msahf` for this feature, and the
  backend already recognizes the `+sahf` feature. All that is needed is
  to teach clang to pass this on to the backend.

  The mapping of feature support onto CPUs may not be complete; rather,
  it was chosen to match LLVM's idea of which CPUs support this feature
  (see lib/Target/X86/X86.td).

  I also updated the affected test case (CodeGen/attr-target-x86.c) to
  match the emitted output.

  Reviewers: craig.topper, coby, efriedma, rsmith

  Reviewed By: craig.topper

  Subscribers: emaste, cfe-commits

  Differential Revision: https://reviews.llvm.org/D43394

Pull in r328944 from upstream llvm trunk (by Chandler Carruth):

  [x86] Expose more of the condition conversion routines in the public
  API for X86's instruction information. I've now got a second patch
  under review that needs these same APIs. This bit is nicely
  orthogonal and obvious, so landing it. NFC.

Pull in r329414 from upstream llvm trunk (by Craig Topper):

  [X86] Merge itineraries for CLC, CMC, and STC.

  These are very simple flag setting instructions that appear to only
  be a single uop. They're unlikely to need this separation.

Pull in r329657 from upstream llvm trunk (by Chandler Carruth):

  [x86] Introduce a pass to begin more systematically fixing PR36028
  and similar issues.

  The key idea is to lower COPY nodes populating EFLAGS by scanning the
  uses of EFLAGS and introducing dedicated code to preserve the
  necessary state in a GPR. In the vast majority of cases, these uses
  are cmovCC and jCC instructions. For such cases, we can very easily
  save and restore the necessary information by simply inserting a
  setCC into a GPR where the original flags are live, and then testing
  that GPR directly to feed the cmov or conditional branch.

  However, things are a bit more tricky if arithmetic is using the
  flags.  This patch handles the vast majority of cases that seem to
  come up in practice: adc, adcx, adox, rcl, and rcr; all without
  taking advantage of partially preserved EFLAGS as LLVM doesn't
  currently model that at all.

  There are a large number of operations that techinaclly observe
  EFLAGS currently but shouldn't in this case -- they typically are
  using DF.  Currently, they will not be handled by this approach.
  However, I have never seen this issue come up in practice. It is
  already pretty rare to have these patterns come up in practical code
  with LLVM. I had to resort to writing MIR tests to cover most of the
  logic in this pass already.  I suspect even with its current amount
  of coverage of arithmetic users of EFLAGS it will be a significant
  improvement over the current use of pushf/popf. It will also produce
  substantially faster code in most of the common patterns.

  This patch also removes all of the old lowering for EFLAGS copies,
  and the hack that forced us to use a frame pointer when EFLAGS copies
  were found anywhere in a function so that the dynamic stack
  adjustment wasn't a problem. None of this is needed as we now lower
  all of these copies directly in MI and without require stack
  adjustments.

  Lots of thanks to Reid who came up with several aspects of this
  approach, and Craig who helped me work out a couple of things
  tripping me up while working on this.

  Differential Revision: https://reviews.llvm.org/D45146

Pull in r329673 from upstream llvm trunk (by Chandler Carruth):

  [x86] Model the direction flag (DF) separately from the rest of
  EFLAGS.

  This cleans up a number of operations that only claimed te use EFLAGS
  due to using DF. But no instructions which we think of us setting
  EFLAGS actually modify DF (other than things like popf) and so this
  needlessly creates uses of EFLAGS that aren't really there.

  In fact, DF is so restrictive it is pretty easy to model. Only STD,
  CLD, and the whole-flags writes (WRFLAGS and POPF) need to model
  this.

  I've also somewhat cleaned up some of the flag management instruction
  definitions to be in the correct .td file.

  Adding this extra register also uncovered a failure to use the
  correct datatype to hold X86 registers, and I've corrected that as
  necessary here.

  Differential Revision: https://reviews.llvm.org/D45154

Pull in r330264 from upstream llvm trunk (by Chandler Carruth):

  [x86] Fix PR37100 by teaching the EFLAGS copy lowering to rewrite
  uses across basic blocks in the limited cases where it is very
  straight forward to do so.

  This will also be useful for other places where we do some limited
  EFLAGS propagation across CFG edges and need to handle copy rewrites
  afterward. I think this is rapidly approaching the maximum we can and
  should be doing here. Everything else begins to require either heroic
  analysis to prove how to do PHI insertion manually, or somehow
  managing arbitrary PHI-ing of EFLAGS with general PHI insertion.
  Neither of these seem at all promising so if those cases come up,
  we'll almost certainly need to rewrite the parts of LLVM that produce
  those patterns.

  We do now require dominator trees in order to reliably diagnose
  patterns that would require PHI nodes. This is a bit unfortunate but
  it seems better than the completely mysterious crash we would get
  otherwise.

  Differential Revision: https://reviews.llvm.org/D45673

Together, these should ensure clang does not use pushf/popf sequences to
save and restore flags, avoiding problems with unrelated flags (such as
the interrupt flag) being restored unexpectedly.

Requested by:	jtl
PR:		225330
MFC after:	1 week
2018-04-20 18:20:55 +00:00
kevans
0dde510be5 bsdgrep: Break procmatches down a little bit more
Split the matching and non-matching cases out into their own functions to
reduce future complexity. As the name implies, procmatches will eventually
process more than one match itself in the future.
2018-04-20 18:06:03 +00:00
kib
f051bf839c Rename PROC_PDEATHSIG_SET -> PROC_PDEATHSIG_CTL and PROC_PDEATHSIG_GET
-> PROC_PDEATHSIG_STATUS for consistency with other procctl(2)
operations names.

Requested by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	13 days
2018-04-20 15:19:27 +00:00
avg
3cd5284f93 call racct_proc_ucred_changed() under the proc lock
The lock is required to ensure that the switch to the new credentials
and the transfer of the process's accounting data from the old
credentials to the new ones is done atomically.  Otherwise, some updates
may be applied to the new credentials and then additionally transferred
from the old credentials if the updates happen after proc_set_cred() and
before racct_proc_ucred_changed().

The problem is especially pronounced for RACCT_RSS because
- there is a strict accounting for this resource (it's reclaimable)
- it's updated asynchronously by the vm daemon
- it's updated by setting an absolute value instead of applying a delta

I had to remove a call to rctl_proc_ucred_changed() from
racct_proc_ucred_changed() and make all callers of latter call the
former as well.  The reason is that rctl_proc_ucred_changed, as it is
implemented now, cannot be called while holding the proc lock, so the
lock is dropped after calling racct_proc_ucred_changed.  Additionally,
I've added calls to crhold / crfree around the rctl call, because
without the proc lock there is no gurantee that the new credentials,
owned by the process, will stay stable.  That does not eliminate a
possibility that the credentials passed to the rctl will get stale.
Ideally, rctl_proc_ucred_changed should be able to work under the proc
lock.

Many thanks to kib for pointing out the above problems.

PR:		222027
Discussed with:	kib
No comment:	trasz
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D15048
2018-04-20 13:08:04 +00:00