From: Burton Windle <bwindle@fint.org>
To: matthew@wil.cx
Cc: linux-fsdevel@vger.kernel.org
Subject: 2.5.48: reliable oops in lock_get_status, with test program
Date: Wed, 20 Nov 2002 14:42:44 -0500 (EST) [thread overview]
Message-ID: <Pine.LNX.4.43.0211201437510.481-100000@morpheus> (raw)
I can reproduce this is at will with a simple test case. This is also
logged at http://bugzilla.kernel.org/show_bug.cgi?id=16
Using this file, taken from LKML post by Dave Olien <dmo@osdl.org>:
-------------threaded test program. Run this first---------------------------
------------ compile with -lpthread -lm flags --------------------------
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <math.h>
#include <pthread.h>
#include <getopt.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/fcntl.h>
#include <sys/time.h>
#include <sys/utsname.h>
void *worker_thread(void *arg)
{
sleep(60);
}
static pthread_attr_t thread_attr;
#define NTHREADS 8
main()
{
int i;
int fd;
struct flock lock;
fd = open("/tmp/dmo", O_RDWR);
if (fd == -1) {
perror("open failed");
exit(0);
}
lock.l_whence = SEEK_SET;
lock.l_type = F_WRLCK;
lock.l_start = 0;
lock.l_len = 1;
if (fcntl(fd, F_SETLK, &lock) == -1) {
perror("F_SETLK failed\n");
exit(0);
}
pthread_attr_init(&thread_attr);
pthread_attr_setdetachstate(&thread_attr, PTHREAD_CREATE_DETACHED);
for (i = 0; i < NTHREADS; i++) {
pthread_t worker_tid;
if (pthread_create(&worker_tid, &thread_attr, worker_thread,
(void *)NULL) != 0) {
perror("thread create failed");
exit(1);
}
}
sleep(30);
}
---end ----
so it is named "1", and run this script will cause an oops on my machine
100% of the time.
#!/bin/sh
echo "asdf" > /tmp/dmo
./1 &
sleep 2
killall 1
#erase /tmo/dmo because lock still exists for dead program (bug?)
rm /tmp/dmo
echo "asdf" > /tmp/dmo
./1 &
sleep 2
cat /proc/locks
killall 1
#next cat will oops
cat /proc/locks
Here is the decoded oops:
Unable to handle kernel NULL pointer dereference at virtual address
00000008
printing eip:
c014c54f
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0060:[<c014c54f>] Not tainted
EFLAGS: 00010286
EIP is at lock_get_status+0x17/0x20c
eax: 00000000 ebx: c8d3b02d ecx: c8d3b000 edx: c8d3b02d
esi: c13cf814 edi: 00000000 ebp: 00000400 esp: c8d33ee0
ds: 0068 es: 0068 ss: 0068
Process cat (pid: 267, threadinfo=c8d32000 task=c8d15940)
Stack: c13cf618 c13cf818 c13cf814 c014c85c c8d3b02d c13cf814 00000002 c0287173
c8d32000 00000400 00000400 c8d3b000 c8d33f1c c8d33f20 00000002 c8d3b02d
0000002d c015feaa c8d3b000 c8d33f7c 00000000 00000400 00000000 00000400
Call Trace:
[<c014c85c>] get_locks_status+0x80/0x148
[<c015feaa>] locks_read_proc+0x36/0x80
[<c015dc98>] proc_file_read+0xec/0x190
[<c013a022>] vfs_read+0xc2/0x158
[<c013a2f2>] sys_read+0x2a/0x3c
[<c010891b>] syscall_call+0x7/0xb
Code: 8b 78 08 8b 44 24 1c 50 8b 44 24 1c 50 68 8c 70 28 c0 53 e8
--
Burton Windle burton@fint.org
Linux: the "grim reaper of innocent orphaned children."
from /usr/src/linux-2.4.18/init/main.c:461
reply other threads:[~2002-11-20 19:42 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.43.0211201437510.481-100000@morpheus \
--to=bwindle@fint.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=matthew@wil.cx \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).