Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 4 Oct 2006 20:22:03 -0400
From:      Kris Kennaway <kris@obsecurity.org>
To:        David Xu <davidxu@freebsd.org>
Cc:        current@freebsd.org, Kris Kennaway <kris@obsecurity.org>
Subject:   Re: Thread stuck in aioprn
Message-ID:  <20061005002203.GB42061@xor.obsecurity.org>
In-Reply-To: <200610050819.53832.davidxu@freebsd.org>
References:  <20061004203715.GA38692@xor.obsecurity.org> <200610050819.53832.davidxu@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--oC1+HKm2/end4ao3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Oct 05, 2006 at 08:19:53AM +0800, David Xu wrote:
> On Thursday 05 October 2006 04:37, Kris Kennaway wrote:
> > When running stress2 I got an unkillable process stuck in the aioprn
> > state:
> >
> > #0  sched_switch (td=3D0xc5652bd0, newtd=3D0xc4916a20, flags=3D1) at at=
omic.h:265
> > #1  0xc0549b96 in mi_switch (flags=3D1, newtd=3D0x0) at
> > ../../../kern/kern_synch.c:425 #2  0xc056baa6 in sleepq_switch (wchan=
=3D0x0)
> > at ../../../kern/subr_sleepqueue.c:450 #3  0xc056bc9b in sleepq_timedwa=
it
> > (wchan=3D0xc5668c80) at ../../../kern/subr_sleepqueue.c:567 #4  0xc0549=
59e in
> > msleep (ident=3D0xc5668c80, mtx=3D0xc5c6ee0c, priority=3D76, wmesg=3D0x=
c0763914
> > "aioprn", timo=3D100) at ../../../kern/kern_synch.c:207
> > #5  0xc05a0597 in aio_proc_rundown (arg=3D0x0, p=3D0xc5668b04) at
> > ../../../kern/vfs_aio.c:699 #6  0xc0524769 in exit1 (td=3D0xc5652bd0, r=
v=3D9)
> > at ../../../kern/kern_exit.c:237 #7  0xc0545eab in sigexit (td=3D0xc565=
2bd0,
> > sig=3D9) at ../../../kern/kern_sig.c:2883 #8  0xc0546c3b in postsig (si=
g=3D9)
> > at ../../../kern/kern_sig.c:2765 #9  0xc056e503 in ast (framep=3D0xed16=
dd38)
> > at ../../../kern/subr_trap.c:270 #10 0xc06ff61d in doreti_ast () at
> > ../../../i386/i386/exception.s:284
> >
> > This was from the 'random syscall' test, so chances are there is some
> > insufficient error handling of invalid data here.
> >
> > Kris
>=20
> Are you using aio with non-disk file ? I know it is not safe to use
> aio with socket, pipe, fifo, etcs, only disk file may be safe.

I guess I was unclear: the stress2 test calls random syscalls with
random arguments, so the error condition is probably from insufficient
sanity checking of the input in aio_read().

Kris

--oC1+HKm2/end4ao3
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFFJFArWry0BWjoQKURAh9EAKDCnOxZrxVV7vWLmyU6lbkA9RwPewCeNF/J
T6I1BOxvliXnk0ZfWEFjTpU=
=WuJM
-----END PGP SIGNATURE-----

--oC1+HKm2/end4ao3--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061005002203.GB42061>