Date: Wed, 27 Oct 1999 13:39:27 +0000 From: Alexander Bezroutchko <abb@zenon.net> To: freebsd-security@FreeBSD.ORG Subject: lookup() deadlock in 3.3-stable ? Message-ID: <3817008F.4779686C@zenon.net>
next in thread | raw e-mail | index | archive | help
Hi
I have box running 3.3-STABLE which locks up several times per day.
After system hangs, ps command in DDB displays a lot of processes
in "inode" state. I suspect deadlock occurs:
process 45676 unlink("msg/..")
holds lock to "msg"
tries to acquire lock to "msg/..", i.e. "."
process 45678 stat("msg")
holds lock to "."
tries to acquire lock to "msg"
How-To-Repeat:
1. create test directory:
mkdir t
2. run first process
perl -e 'for(;;) { stat("t") || die }'
3. run second process
perl -e 'for(;;) { unlink("t/..") || die }'
4. run disk-bound process (one or move)
find / > /dev/null
I have kernel core and ready to provide additional information.
--------------------------------------------------------------------------------
(kgdb) proc 45676
(kgdb) where
#0 mi_switch () at ../../kern/kern_synch.c:825
#1 0xc0141c91 in tsleep (ident=0xc2e02400, priority=8,
wmesg=0xc01f229b "inode", timo=0) at ../../kern/kern_synch.c:443
#2 0xc013b613 in acquire (lkp=0xc2e02400, extflags=16777216,
wanted=1536)
at ../../kern/kern_lock.c:145
#3 0xc013b8a0 in debuglockmgr (lkp=0xc2e02400, flags=16842754,
interlkp=0xd56529f0, p=0xd54dff40, name=0xc01ea7e3 "vop_stdlock",
file=0xc01eaad7 "../../kern/vfs_subr.c", line=1275)
at ../../kern/kern_lock.c:343
#4 0xc016234d in vop_stdlock (ap=0xd550cca8) at
../../kern/vfs_default.c:211
#5 0xc01a8ac9 in ufs_vnoperate (ap=0xd550cca8)
at ../../ufs/ufs/ufs_vnops.c:2299
#6 0xc016b375 in debug_vn_lock (vp=0xd5652980, flags=65538,
p=0xd54dff40,
filename=0xc01eaad7 "../../kern/vfs_subr.c", line=1275) at
vnode_if.h:811
#7 0xc0164d45 in vget (vp=0xd5652980, flags=65538, p=0xd54dff40)
at ../../kern/vfs_subr.c:1275
#8 0xc01a3307 in ufs_ihashget (dev=1048, inum=899385)
at ../../ufs/ufs/ufs_ihash.c:113
#9 0xc01a0c23 in ffs_vget (mp=0xc2d05e00, ino=899385, vpp=0xd550cdd0)
at ../../ufs/ffs/ffs_vfsops.c:1053
#10 0xc01a3cb2 in ufs_lookup (ap=0xd550ce28) at
../../ufs/ufs/ufs_lookup.c:455
#11 0xc01a8ac9 in ufs_vnoperate (ap=0xd550ce28)
at ../../ufs/ufs/ufs_vnops.c:2299
#12 0xc0160f2a in vfs_cache_lookup (ap=0xd550ce84) at vnode_if.h:55
#13 0xc01a8ac9 in ufs_vnoperate (ap=0xd550ce84)
at ../../ufs/ufs/ufs_vnops.c:2299
#14 0xc0163429 in lookup (ndp=0xd550cf1c) at vnode_if.h:31
#15 0xc0162ee4 in namei (ndp=0xd550cf1c) at ../../kern/vfs_lookup.c:152
#16 0xc0168135 in unlink (p=0xd54dff40, uap=0xd550cf94)
at ../../kern/vfs_syscalls.c:1311
#17 0xc01d1d0b in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi =
134537740,
tf_esi = 134781872, tf_ebp = -1077946144, tf_isp = -716124188,
tf_ebx = 672080476, tf_edx = 134718596, tf_ecx = 1, tf_eax = 10,
tf_trapno = 7, tf_err = 2, tf_eip = 672495280, tf_cs = 31,
tf_eflags = 514, tf_esp = -1077946192, tf_ss = 39})
at ../../i386/i386/trap.c:1100
#18 0xc01c711c in Xint0x80_syscall ()
#19 0x280882c4 in ?? ()
#20 0x28079c3d in ?? ()
#21 0x280df0be in ?? ()
#22 0x8048da8 in ?? ()
#23 0x8048cd5 in ?? ()
(kgdb) p *(struct lock*)0xc2e02400
$17 = {lk_interlock = {lock_data = 0}, lk_flags = 2098176, lk_sharecount
= 0,
lk_waitcount = 2, lk_exclusivecount = 1, lk_prio = 8,
lk_wmesg = 0xc01f229b "inode", lk_timo = 0, lk_lockholder = 45678,
^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^
lk_filename = 0xc01eaa0c "../../kern/vfs_lookup.c",
lk_lockername = 0xc01ea7e3 "vop_stdlock", lk_lineno = 293}
(kgdb) p *(char**)0xd550cf94
$18 = 0x8089bb0 "msg/.."
(kgdb)
--------------------------------------------------------------------------------
(kgdb) proc 45678
(kgdb) where
#0 mi_switch () at ../../kern/kern_synch.c:825
#1 0xc0141c91 in tsleep (ident=0xc2e03e00, priority=8,
wmesg=0xc01f229b "inode", timo=0) at ../../kern/kern_synch.c:443
#2 0xc013b613 in acquire (lkp=0xc2e03e00, extflags=16777216,
wanted=1536)
at ../../kern/kern_lock.c:145
#3 0xc013b8a0 in debuglockmgr (lkp=0xc2e03e00, flags=16842754,
interlkp=0xd565d4f0, p=0xd5402b80, name=0xc01ea7e3 "vop_stdlock",
file=0xc01eaad7 "../../kern/vfs_subr.c", line=1275)
at ../../kern/kern_lock.c:343
#4 0xc016234d in vop_stdlock (ap=0xd5493d74) at
../../kern/vfs_default.c:211
#5 0xc01a8ac9 in ufs_vnoperate (ap=0xd5493d74)
at ../../ufs/ufs/ufs_vnops.c:2299
#6 0xc016b375 in debug_vn_lock (vp=0xd565d480, flags=65538,
p=0xd5402b80,
filename=0xc01eaad7 "../../kern/vfs_subr.c", line=1275) at
vnode_if.h:811
#7 0xc0164d45 in vget (vp=0xd565d480, flags=2, p=0xd5402b80)
at ../../kern/vfs_subr.c:1275
#8 0xc0160e43 in vfs_cache_lookup (ap=0xd5493e3c)
at ../../kern/vfs_cache.c:449
#9 0xc01a8ac9 in ufs_vnoperate (ap=0xd5493e3c)
at ../../ufs/ufs/ufs_vnops.c:2299
#10 0xc0163429 in lookup (ndp=0xd5493ebc) at vnode_if.h:31
#11 0xc0162ee4 in namei (ndp=0xd5493ebc) at ../../kern/vfs_lookup.c:152
#12 0xc0168690 in stat (p=0xd5402b80, uap=0xd5493f94)
at ../../kern/vfs_syscalls.c:1614
#13 0xc01d1d0b in syscall (frame={tf_es = 39, tf_ds = 39, tf_edi =
134537728,
tf_esi = 134649276, tf_ebp = -1077946352, tf_isp = -716619804,
tf_ebx = 672745064, tf_edx = 134649228, tf_ecx = 134852364,
tf_eax = 188, tf_trapno = 12, tf_err = 2, tf_eip = 672492080,
tf_cs = 31, tf_eflags = 514, tf_esp = -1077946768, tf_ss = 39})
at ../../i386/i386/trap.c:1100
#14 0xc01c711c in Xint0x80_syscall ()
#15 0x28177e0a in ?? ()
#16 0x28088a7a in ?? ()
#17 0x28079c3d in ?? ()
#18 0x280df0be in ?? ()
#19 0x8048da8 in ?? ()
#20 0x8048cd5 in ?? ()
(kgdb) p *(struct lock*)0xc2e03e00
$6 = {lk_interlock = {lock_data = 0}, lk_flags = 2098176, lk_sharecount
= 0,
lk_waitcount = 1, lk_exclusivecount = 1, lk_prio = 8,
lk_wmesg = 0xc01f229b "inode", lk_timo = 0, lk_lockholder = 45676,
^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^
lk_filename = 0xc01eaad7 "../../kern/vfs_subr.c",
lk_lockername = 0xc01ea7e3 "vop_stdlock", lk_lineno = 1275}
(kgdb) p *(char**)0xd5493f94
$7 = 0x809c250 "msg"
(kgdb)
--------------------------------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3817008F.4779686C>