Re: Unkillable process in last git -- 100% reproducible

Re: Unkillable process in last git -- 100% reproducible

[Paolo Ornati]

On Wed, 28 Jun 2006 14:29:18 +0200
Paolo Ornati <ornati@fastwebnet.it> wrote:

> [  430.083347] localedef     R  running task       0  8577   8558  8578               (NOTLB)
> [  430.083352] gzip          X ffff81001e612ee0     0  8578   8577                     (L-TLB)
> [  430.083358] ffff81001395bef8 ffff81001fd1a310 0000000000000246 ffff81001e612ee0 
> [  430.083362]        ffff81001e4c0080 ffff81001e612ee0 ffff81001e4c0258 0000000000000001 
> [  430.083366]        0000000000000046 0000000000000046 ffff81001395bf18 0000000000000010 
> [  430.083370] Call Trace: <ffffffff80227f6f>{do_exit+2378} <ffffffff802628e9>{vfs_write+288}
> [  430.083379]        <ffffffff80228065>{sys_exit_group+0} <ffffffff80209806>{system_call+126}

do_exit() -- kernel/exit.c

0xffffffff80227f66 <do_exit+2369>:      mov    %rax,0x18(%rbp)
0xffffffff80227f6a <do_exit+2373>:      callq  0xffffffff8048b850 <schedule>
0xffffffff80227f6f <do_exit+2378>:      ud2a
0xffffffff80227f71 <do_exit+2380>:      pushq  $0xffffffff804b7821
0xffffffff80227f76 <do_exit+2385>:      retq   $0x3ba
0xffffffff80227f79 <do_exit+2388>:      jmp    0xffffffff80227f79 <do_exit+2388>

-- 
	Paolo Ornati
	Linux 2.6.17-ga39727f2-dirty on x86_64

Re: Unkillable process in last git -- 100% reproducible

[Paolo Ornati]

On Wed, 28 Jun 2006 14:53:49 +0200
Paolo Ornati <ornati@fastwebnet.it> wrote:

> > [  430.083347] localedef     R  running task       0  8577   8558  8578               (NOTLB)
> > [  430.083352] gzip          X ffff81001e612ee0     0  8578   8577                     (L-TLB)
> > [  430.083358] ffff81001395bef8 ffff81001fd1a310 0000000000000246 ffff81001e612ee0 
> > [  430.083362]        ffff81001e4c0080 ffff81001e612ee0 ffff81001e4c0258 0000000000000001 
> > [  430.083366]        0000000000000046 0000000000000046 ffff81001395bf18 0000000000000010 
> > [  430.083370] Call Trace: <ffffffff80227f6f>{do_exit+2378} <ffffffff802628e9>{vfs_write+288}
> > [  430.083379]        <ffffffff80228065>{sys_exit_group+0} <ffffffff80209806>{system_call+126}
> 
> do_exit() -- kernel/exit.c
> 
> 0xffffffff80227f66 <do_exit+2369>:      mov    %rax,0x18(%rbp)
> 0xffffffff80227f6a <do_exit+2373>:      callq  0xffffffff8048b850 <schedule>
> 0xffffffff80227f6f <do_exit+2378>:      ud2a
> 0xffffffff80227f71 <do_exit+2380>:      pushq  $0xffffffff804b7821
> 0xffffffff80227f76 <do_exit+2385>:      retq   $0x3ba
> 0xffffffff80227f79 <do_exit+2388>:      jmp    0xffffffff80227f79 <do_exit+2388>


that is the end of the function:

...
        schedule();
        BUG();
        /* Avoid "noreturn function does return".  */
        for (;;) ;
}


So the questions are two:

1) why schedule() didn't work?

2) why the process is looping around "ud2a" (placed by BUG()) and
presumibly throwing a lot of "invalid opcode" exceptions?

-- 
	Paolo Ornati
	Linux 2.6.17-ga39727f2-dirty on x86_64

Re: Unkillable process in last git -- 100% reproducible

[Paolo Ornati]

[-- Attachment #1: Type: text/plain, Size: 2280 bytes --]

On Wed, 28 Jun 2006 15:09:43 +0200
Paolo Ornati <ornati@fastwebnet.it> wrote:

> On Wed, 28 Jun 2006 14:53:49 +0200
> Paolo Ornati <ornati@fastwebnet.it> wrote:
> 
> > > [  430.083347] localedef     R  running task       0  8577   8558  8578               (NOTLB)
> > > [  430.083352] gzip          X ffff81001e612ee0     0  8578   8577                     (L-TLB)
> > > [  430.083358] ffff81001395bef8 ffff81001fd1a310 0000000000000246 ffff81001e612ee0 
> > > [  430.083362]        ffff81001e4c0080 ffff81001e612ee0 ffff81001e4c0258 0000000000000001 
> > > [  430.083366]        0000000000000046 0000000000000046 ffff81001395bf18 0000000000000010 
> > > [  430.083370] Call Trace: <ffffffff80227f6f>{do_exit+2378} <ffffffff802628e9>{vfs_write+288}
> > > [  430.083379]        <ffffffff80228065>{sys_exit_group+0} <ffffffff80209806>{system_call+126}
> > 
> > do_exit() -- kernel/exit.c
> > 
> > 0xffffffff80227f66 <do_exit+2369>:      mov    %rax,0x18(%rbp)
> > 0xffffffff80227f6a <do_exit+2373>:      callq  0xffffffff8048b850 <schedule>
> > 0xffffffff80227f6f <do_exit+2378>:      ud2a
> > 0xffffffff80227f71 <do_exit+2380>:      pushq  $0xffffffff804b7821
> > 0xffffffff80227f76 <do_exit+2385>:      retq   $0x3ba
> > 0xffffffff80227f79 <do_exit+2388>:      jmp    0xffffffff80227f79 <do_exit+2388>
> 
> 
> that is the end of the function:
> 
> ...
>         schedule();
>         BUG();
>         /* Avoid "noreturn function does return".  */
>         for (;;) ;
> }
> 
> 
> So the questions are two:
> 
> 1) why schedule() didn't work?
> 
> 2) why the process is looping around "ud2a" (placed by BUG()) and
> presumibly throwing a lot of "invalid opcode" exceptions?

It seems that the first mail didn't hit LKML (maybe it was too big),
here it is (stripped):

------------------------------------------------------------------------
Running "localedef" triggers an infinite loop in kernel mode (or
something) --> localdef becomes unkillable.

This is dmesg after pressing ALT+SysRQ+T three times:

[CUT]

KERNEL:

--
	Paolo Ornati
	Linux 2.6.17-ga39727f2-dirty on x86_64
	                      ^^^^^^^

The -dirty is because of a fix to PS2 Keyboard auto-repeat, nothing else.
------------------------------------------------------------------------


Full config attached.

[-- Attachment #2: config.gz --]
[-- Type: application/x-gzip, Size: 8546 bytes --]

Re: Unkillable process in last git -- Bisected

[Paolo Ornati]

On Wed, 28 Jun 2006 15:19:55 +0200
Paolo Ornati <ornati@fastwebnet.it> wrote:

> > > > [  430.083347] localedef     R  running task       0  8577   8558  8578               (NOTLB)
> > > > [  430.083352] gzip          X ffff81001e612ee0     0  8578   8577                     (L-TLB)
> > > > [  430.083358] ffff81001395bef8 ffff81001fd1a310 0000000000000246 ffff81001e612ee0 
> > > > [  430.083362]        ffff81001e4c0080 ffff81001e612ee0 ffff81001e4c0258 0000000000000001 
> > > > [  430.083366]        0000000000000046 0000000000000046 ffff81001395bf18 0000000000000010 
> > > > [  430.083370] Call Trace: <ffffffff80227f6f>{do_exit+2378} <ffffffff802628e9>{vfs_write+288}
> > > > [  430.083379]        <ffffffff80228065>{sys_exit_group+0} <ffffffff80209806>{system_call+126}
> > > 
> > > do_exit() -- kernel/exit.c
> > > 
> > > 0xffffffff80227f66 <do_exit+2369>:      mov    %rax,0x18(%rbp)
> > > 0xffffffff80227f6a <do_exit+2373>:      callq  0xffffffff8048b850 <schedule>
> > > 0xffffffff80227f6f <do_exit+2378>:      ud2a
> > > 0xffffffff80227f71 <do_exit+2380>:      pushq  $0xffffffff804b7821
> > > 0xffffffff80227f76 <do_exit+2385>:      retq   $0x3ba
> > > 0xffffffff80227f79 <do_exit+2388>:      jmp    0xffffffff80227f79 <do_exit+2388>
> > 
> > 
> > that is the end of the function:
> > 
> > ...
> >         schedule();
> >         BUG();
> >         /* Avoid "noreturn function does return".  */
> >         for (;;) ;
> > }
> > 
> > 
> > So the questions are two:
> > 
> > 1) why schedule() didn't work?
> > 
> > 2) why the process is looping around "ud2a" (placed by BUG()) and
> > presumibly throwing a lot of "invalid opcode" exceptions?
> 
> It seems that the first mail didn't hit LKML (maybe it was too big),
> here it is (stripped):
> 
> ------------------------------------------------------------------------
> Running "localedef" triggers an infinite loop in kernel mode (or
> something) --> localdef becomes unkillable.
> 
> This is dmesg after pressing ALT+SysRQ+T three times:
> 
> [CUT]
> 
> KERNEL:
> 
> --
> 	Paolo Ornati
> 	Linux 2.6.17-ga39727f2-dirty on x86_64
> 	                      ^^^^^^^
> 
> The -dirty is because of a fix to PS2 Keyboard auto-repeat, nothing else.
> ------------------------------------------------------------------------


Hi everybody,

as you can see from the subject the problem is an unkillable process
(localedef) that eats 100% CPU (the system is usable however).


After a git-bisect session I've found that reverting the following
commit fixes the problem.

Any idea?


commit 6527c2bdf1f833cc18e8f42bd97973d583e4aa83
Author: Vladimir V. Saveliev <vs@namesys.com>
Date:   Tue Jun 27 02:53:57 2006 -0700

    [PATCH] generic_file_buffered_write(): deadlock on vectored write
    
    generic_file_buffered_write() prefaults in user pages in order to avoid
    deadlock on copying from the same page as write goes to.
    
    However, it looks like there is a problem when write is vectored:
    fault_in_pages_readable brings in current segment or its part (maxlen).
    OTOH, filemap_copy_from_user_iovec is called to copy number of bytes
    (bytes) which may exceed current segment, so filemap_copy_from_user_iovec
    switches to the next segment which is not brought in yet.  Pagefault is
    generated.  That causes the deadlock if pagefault is for the same page
    write goes to: page being written is locked and not uptodate, pagefault
    will deadlock trying to lock locked page.
    
    [akpm@osdl.org: somewhat rewritten]
    Cc: Neil Brown <neilb@suse.de>
    Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
    Cc: <stable@kernel.org>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/mm/filemap.c b/mm/filemap.c
index 9c7334b..d504d6e 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -2095,14 +2095,21 @@ generic_file_buffered_write(struct kiocb
 	do {
 		unsigned long index;
 		unsigned long offset;
-		unsigned long maxlen;
 		size_t copied;
 
 		offset = (pos & (PAGE_CACHE_SIZE -1)); /* Within page */
 		index = pos >> PAGE_CACHE_SHIFT;
 		bytes = PAGE_CACHE_SIZE - offset;
-		if (bytes > count)
-			bytes = count;
+
+		/* Limit the size of the copy to the caller's write size */
+		bytes = min(bytes, count);
+
+		/*
+		 * Limit the size of the copy to that of the current segment,
+		 * because fault_in_pages_readable() doesn't know how to walk
+		 * segments.
+		 */
+		bytes = min(bytes, cur_iov->iov_len - iov_base);
 
 		/*
 		 * Bring in the user page that we will copy from _first_.
@@ -2110,10 +2117,7 @@ generic_file_buffered_write(struct kiocb
 		 * same page as we're writing to, without it being marked
 		 * up-to-date.
 		 */
-		maxlen = cur_iov->iov_len - iov_base;
-		if (maxlen > bytes)
-			maxlen = bytes;
-		fault_in_pages_readable(buf, maxlen);
+		fault_in_pages_readable(buf, bytes);
 
 		page = __grab_cache_page(mapping,index,&cached_page,&lru_pvec);
 		if (!page) {



-- 
	Paolo Ornati
	Linux 2.6.17.1 on x86_64

Re: Unkillable process in last git -- Bisected

[Vladimir V. Saveliev]

Hello

On Wed, 2006-06-28 at 20:38 +0200, Paolo Ornati wrote:
> > Running "localedef" triggers an infinite loop in kernel mode (or
> > something) --> localdef becomes unkillable.
> > 

Can you, please, run localedef under strace -e set=open,write on a
kernel having the below patch applied, so that we will see arguments of
write which caused write to fall into endless loop.


> commit 6527c2bdf1f833cc18e8f42bd97973d583e4aa83
> Author: Vladimir V. Saveliev <vs@namesys.com>
> Date:   Tue Jun 27 02:53:57 2006 -0700
> 
>     [PATCH] generic_file_buffered_write(): deadlock on vectored write
>     
>     generic_file_buffered_write() prefaults in user pages in order to avoid
>     deadlock on copying from the same page as write goes to.
>     
>     However, it looks like there is a problem when write is vectored:
>     fault_in_pages_readable brings in current segment or its part (maxlen).
>     OTOH, filemap_copy_from_user_iovec is called to copy number of bytes
>     (bytes) which may exceed current segment, so filemap_copy_from_user_iovec
>     switches to the next segment which is not brought in yet.  Pagefault is
>     generated.  That causes the deadlock if pagefault is for the same page
>     write goes to: page being written is locked and not uptodate, pagefault
>     will deadlock trying to lock locked page.
>     
>     [akpm@osdl.org: somewhat rewritten]
>     Cc: Neil Brown <neilb@suse.de>
>     Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
>     Cc: <stable@kernel.org>
>     Signed-off-by: Andrew Morton <akpm@osdl.org>
>     Signed-off-by: Linus Torvalds <torvalds@osdl.org>
> 
> diff --git a/mm/filemap.c b/mm/filemap.c
> index 9c7334b..d504d6e 100644
> --- a/mm/filemap.c
> +++ b/mm/filemap.c
> @@ -2095,14 +2095,21 @@ generic_file_buffered_write(struct kiocb
>  	do {
>  		unsigned long index;
>  		unsigned long offset;
> -		unsigned long maxlen;
>  		size_t copied;
>  
>  		offset = (pos & (PAGE_CACHE_SIZE -1)); /* Within page */
>  		index = pos >> PAGE_CACHE_SHIFT;
>  		bytes = PAGE_CACHE_SIZE - offset;
> -		if (bytes > count)
> -			bytes = count;
> +
> +		/* Limit the size of the copy to the caller's write size */
> +		bytes = min(bytes, count);
> +
> +		/*
> +		 * Limit the size of the copy to that of the current segment,
> +		 * because fault_in_pages_readable() doesn't know how to walk
> +		 * segments.
> +		 */
> +		bytes = min(bytes, cur_iov->iov_len - iov_base);
>  
>  		/*
>  		 * Bring in the user page that we will copy from _first_.
> @@ -2110,10 +2117,7 @@ generic_file_buffered_write(struct kiocb
>  		 * same page as we're writing to, without it being marked
>  		 * up-to-date.
>  		 */
> -		maxlen = cur_iov->iov_len - iov_base;
> -		if (maxlen > bytes)
> -			maxlen = bytes;
> -		fault_in_pages_readable(buf, maxlen);
> +		fault_in_pages_readable(buf, bytes);
>  
>  		page = __grab_cache_page(mapping,index,&cached_page,&lru_pvec);
>  		if (!page) {
> 
> 
> 

Re: Unkillable process in last git -- Bisected

[Paolo Ornati]

On Wed, 28 Jun 2006 23:06:17 +0400
"Vladimir V. Saveliev" <vs@namesys.com> wrote:

> On Wed, 2006-06-28 at 20:38 +0200, Paolo Ornati wrote:
> > > Running "localedef" triggers an infinite loop in kernel mode (or
> > > something) --> localdef becomes unkillable.
> > > 
> 
> Can you, please, run localedef under strace -e set=open,write on a
> kernel having the below patch applied, so that we will see arguments of
> write which caused write to fall into endless loop.

The full strace is short enough, I think:

$ strace localedef --no-archive -c -i en_US -f ISO-8859-1 -A /usr/share/locale/locale.alias en_US

execve("/usr/bin/localedef", ["localedef", "--no-archive", "-c", "-i", "en_US", "-f", "ISO-8859-1", "-A", "/usr/share/locale/locale.alias", "en_US"], [/* 44 vars */]) = 0
uname({sys="Linux", node="tux", ...})   = 0
brk(0)                                  = 0x549000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f18098000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=163137, ...}) = 0
mmap(NULL, 163137, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b0f18099000
close(3)                                = 0
open("/lib/tls/libc.so.6", O_RDONLY)    = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\306"..., 640) = 640
lseek(3, 64, SEEK_SET)                  = 64
read(3, "\6\0\0\0\5\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0"..., 616) = 616
lseek(3, 680, SEEK_SET)                 = 680
read(3, "\4\0\0\0\20\0\0\0\1\0\0\0GNU\0\0\0\0\0\2\0\0\0\6\0\0\0"..., 32) = 32
fstat(3, {st_mode=S_IFREG|0755, st_size=1268224, ...}) = 0
lseek(3, 64, SEEK_SET)                  = 64
read(3, "\6\0\0\0\5\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0"..., 616) = 616
mmap(NULL, 2261000, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b0f1819a000
madvise(0x2b0f1819a000, 2261000, MADV_SEQUENTIAL|0x1) = 0
mprotect(0x2b0f182b9000, 1085448, PROT_NONE) = 0
mmap(0x2b0f183b8000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11e000) = 0x2b0f183b8000
mmap(0x2b0f183be000, 16392, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b0f183be000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f183c3000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f183c4000
mprotect(0x2b0f183b8000, 12288, PROT_READ) = 0
mprotect(0x2b0f18198000, 4096, PROT_READ) = 0
arch_prctl(ARCH_SET_FS, 0x2b0f183c3ae0) = 0
munmap(0x2b0f18099000, 163137)          = 0
open("/dev/urandom", O_RDONLY)          = 3
read(3, "\363\300\254\335\34A\365\327", 8) = 8
close(3)                                = 0
brk(0)                                  = 0x549000
brk(0x56a000)                           = 0x56a000
open("/usr/lib64/locale/locale-archive", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2586, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f18099000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2586
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x2b0f18099000, 4096)            = 0
open("/usr/lib64/locale/en_US.utf8/LC_MESSAGES", O_RDONLY) = 3
fstat(3, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
close(3)                                = 0
open("/usr/lib64/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=52, ...}) = 0
mmap(NULL, 52, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b0f18099000
close(3)                                = 0
open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=21546, ...}) = 0
mmap(NULL, 21546, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f1809a000
close(3)                                = 0
open("/usr/lib64/locale/en_US.utf8/LC_CTYPE", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=208464, ...}) = 0
mmap(NULL, 208464, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b0f180a0000
close(3)                                = 0
access("/usr/lib64/locale/en_US", W_OK) = 0
open("ISO-8859-1", O_RDONLY)            = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/charmaps/ISO-8859-1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/charmaps/ISO-8859-1.gz", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=3150, ...}) = 0
pipe([4, 5])                            = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2b0f183c3b70) = 4258
close(5)                                = 0
close(3)                                = 0
fcntl(4, F_GETFL)                       = 0 (flags O_RDONLY)
fstat(4, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f180d3000
lseek(4, 0, SEEK_CUR)                   = -1 ESPIPE (Illegal seek)
read(4, "<code_set_name> ISO-8859-1\n<comm"..., 4096) = 4096
read(4, "     LATIN CAPITAL LETTER Z\n<U00"..., 4096) = 4096
read(4, "        SUPERSCRIPT THREE\n<U00B4"..., 4096) = 4096
read(4, "L LETTER U WITH CIRCUMFLEX\n<U00F"..., 4096) = 337
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x2b0f180d3000, 4096)            = 0
open("en_US", O_RDONLY)                 = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/en_US", O_RDONLY) = 3
--- SIGCHLD (Child exited) @ 0 (0) ---
fstat(3, {st_mode=S_IFREG|0644, st_size=5480, ...}) = 0
mmap(NULL, 5480, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 5480, SEEK_SET)                = 5480
open("i18n", O_RDONLY)                  = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/i18n", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=95199, ...}) = 0
mmap(NULL, 95199, PROT_READ, MAP_SHARED, 4, 0) = 0x2b0f180d5000
lseek(4, 95199, SEEK_SET)               = 95199
brk(0x58b000)                           = 0x58b000
mmap(NULL, 262144, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f180ed000
mremap(0x2b0f180ed000, 262144, 524288, MREMAP_MAYMOVE) = 0x2b0f180ed000
brk(0x5ac000)                           = 0x5ac000
brk(0x5d4000)                           = 0x5d4000
mmap(NULL, 135168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f1816d000
mmap(NULL, 135168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f183c5000
mmap(NULL, 135168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f183e6000
brk(0x5c7000)                           = 0x5c7000
mremap(0x2b0f1816d000, 135168, 266240, MREMAP_MAYMOVE) = 0x2b0f18407000
mremap(0x2b0f183c5000, 135168, 266240, MREMAP_MAYMOVE) = 0x2b0f18448000
mremap(0x2b0f183e6000, 135168, 266240, MREMAP_MAYMOVE) = 0x2b0f18489000
mremap(0x2b0f180ed000, 524288, 1048576, MREMAP_MAYMOVE) = 0x2b0f184ca000
mremap(0x2b0f18407000, 266240, 528384, MREMAP_MAYMOVE) = 0x2b0f180ed000
mremap(0x2b0f18448000, 266240, 528384, MREMAP_MAYMOVE) = 0x2b0f183c5000
mmap(NULL, 528384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b0f185ca000
brk(0x5a7000)                           = 0x5a7000
mremap(0x2b0f18489000, 266240, 528384, MREMAP_MAYMOVE) = 0x2b0f1864b000
mremap(0x2b0f184ca000, 1048576, 3674112, MREMAP_MAYMOVE) = 0x2b0f186cc000
mremap(0x2b0f186cc000, 3674112, 7344128, MREMAP_MAYMOVE) = 0x2b0f186cc000
mremap(0x2b0f180ed000, 528384, 1052672, MREMAP_MAYMOVE) = 0x2b0f18446000
mremap(0x2b0f183c5000, 528384, 1052672, MREMAP_MAYMOVE) = 0x2b0f18dcd000
mremap(0x2b0f185ca000, 528384, 1052672, MREMAP_MAYMOVE) = 0x2b0f18ece000
mremap(0x2b0f1864b000, 528384, 1052672, MREMAP_MAYMOVE) = 0x2b0f18547000
brk(0x5c8000)                           = 0x5c8000
brk(0x5e9000)                           = 0x5e9000
brk(0x60a000)                           = 0x60a000
brk(0x62b000)                           = 0x62b000
brk(0x64c000)                           = 0x64c000
brk(0x66d000)                           = 0x66d000
fstat(4, {st_mode=S_IFREG|0644, st_size=95199, ...}) = 0
munmap(0x2b0f180d5000, 95199)           = 0
close(4)                                = 0
open("iso14651_t1", O_RDONLY)           = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/iso14651_t1", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=47626, ...}) = 0
mmap(NULL, 47626, PROT_READ, MAP_SHARED, 4, 0) = 0x2b0f180d5000
lseek(4, 47626, SEEK_SET)               = 47626
brk(0x68e000)                           = 0x68e000
brk(0x68d000)                           = 0x68d000
brk(0x6ae000)                           = 0x6ae000
brk(0x6cf000)                           = 0x6cf000
brk(0x6f0000)                           = 0x6f0000
brk(0x711000)                           = 0x711000
brk(0x73d000)                           = 0x73d000
fstat(4, {st_mode=S_IFREG|0644, st_size=47626, ...}) = 0
munmap(0x2b0f180d5000, 47626)           = 0
close(4)                                = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=5480, ...}) = 0
munmap(0x2b0f180d3000, 5480)            = 0
close(3)                                = 0
open("translit_neutral", O_RDONLY)      = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_neutral", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=7383, ...}) = 0
mmap(NULL, 7383, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 7383, SEEK_SET)                = 7383
brk(0x75e000)                           = 0x75e000
fstat(3, {st_mode=S_IFREG|0644, st_size=7383, ...}) = 0
munmap(0x2b0f180d3000, 7383)            = 0
close(3)                                = 0
open("translit_circle", O_RDONLY)       = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_circle", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=14116, ...}) = 0
mmap(NULL, 14116, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 14116, SEEK_SET)               = 14116
brk(0x77f000)                           = 0x77f000
fstat(3, {st_mode=S_IFREG|0644, st_size=14116, ...}) = 0
munmap(0x2b0f180d3000, 14116)           = 0
close(3)                                = 0
open("translit_cjk_compat", O_RDONLY)   = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_cjk_compat", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=59104, ...}) = 0
mmap(NULL, 59104, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 59104, SEEK_SET)               = 59104
brk(0x7a0000)                           = 0x7a0000
brk(0x7c1000)                           = 0x7c1000
brk(0x7e2000)                           = 0x7e2000
brk(0x803000)                           = 0x803000
fstat(3, {st_mode=S_IFREG|0644, st_size=59104, ...}) = 0
munmap(0x2b0f180d3000, 59104)           = 0
close(3)                                = 0
open("translit_compat", O_RDONLY)       = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_compat", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=34361, ...}) = 0
mmap(NULL, 34361, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 34361, SEEK_SET)               = 34361
brk(0x824000)                           = 0x824000
fstat(3, {st_mode=S_IFREG|0644, st_size=34361, ...}) = 0
munmap(0x2b0f180d3000, 34361)           = 0
close(3)                                = 0
open("translit_font", O_RDONLY)         = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_font", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=58986, ...}) = 0
mmap(NULL, 58986, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 58986, SEEK_SET)               = 58986
brk(0x845000)                           = 0x845000
brk(0x866000)                           = 0x866000
brk(0x887000)                           = 0x887000
brk(0x8a8000)                           = 0x8a8000
fstat(3, {st_mode=S_IFREG|0644, st_size=58986, ...}) = 0
munmap(0x2b0f180d3000, 58986)           = 0
close(3)                                = 0
open("translit_fraction", O_RDONLY)     = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_fraction", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2380, ...}) = 0
mmap(NULL, 2380, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 2380, SEEK_SET)                = 2380
fstat(3, {st_mode=S_IFREG|0644, st_size=2380, ...}) = 0
munmap(0x2b0f180d3000, 2380)            = 0
close(3)                                = 0
open("translit_narrow", O_RDONLY)       = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_narrow", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=6210, ...}) = 0
mmap(NULL, 6210, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 6210, SEEK_SET)                = 6210
brk(0x8c9000)                           = 0x8c9000
fstat(3, {st_mode=S_IFREG|0644, st_size=6210, ...}) = 0
munmap(0x2b0f180d3000, 6210)            = 0
close(3)                                = 0
open("translit_small", O_RDONLY)        = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_small", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=3088, ...}) = 0
mmap(NULL, 3088, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 3088, SEEK_SET)                = 3088
fstat(3, {st_mode=S_IFREG|0644, st_size=3088, ...}) = 0
munmap(0x2b0f180d3000, 3088)            = 0
close(3)                                = 0
open("translit_wide", O_RDONLY)         = -1 ENOENT (No such file or directory)
open("/usr/share/i18n/locales/translit_wide", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=5030, ...}) = 0
mmap(NULL, 5030, PROT_READ, MAP_SHARED, 3, 0) = 0x2b0f180d3000
lseek(3, 5030, SEEK_SET)                = 5030
fstat(3, {st_mode=S_IFREG|0644, st_size=5030, ...}) = 0
munmap(0x2b0f180d3000, 5030)            = 0
close(3)                                = 0
brk(0x8ea000)                           = 0x8ea000
brk(0x910000)                           = 0x910000
unlink("/usr/lib64/locale/en_US/LC_CTYPE") = 0
creat("/usr/lib64/locale/en_US/LC_CTYPE", 0666) = 3
writev(3, [{"\25\21\3 X\0\0\0", 8}, {"h\1\0\0h\4\0\0h\n\0\0h\n\0\0h\20\0\0h\20\0\0h\24\0\0h\24"..., 352}, {"\2\0\2\0\2\0\2\0\2\0\2\0\2\0\2\0\2\0\2\0\2\0\2\0\2\0\2"..., 768}, {"\200\0\0\0\201\0\0\0\202\0\0\0\203\0\0\0\204\0\0\0\205"..., 1536}, {NULL, 0}, {"\200\0\0\0\201\0\0\0\202\0\0\0\203\0\0\0\204\0\0\0\205"..., 1536}, {NULL, 0}, {"\0\0\2\0\0\0\2\0\0\0\2\0\0\0\2\0\0\0\2\0\0\0\2\0\0\0\2"..., 1024}, {NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}, {"upper\0", 6}, {"lower\0", 6}, {"alpha\0", 6}, {"digit\0", 6}, {"xdigit\0", 7}, {"space\0", 6}, {"print\0", 6}, {"graph\0", 6}, {"blank\0", 6}, {"cntrl\0", 6}, {"punct\0", 6}, {"alnum\0", 6}, {"combining\0", 10}, {"combining_level3\0", 17}, {"\0\0\0\0", 4}, {"toupper\0", 8}, {"tolower\0", 8}, {"totitle\0", 8}, {"\0\0\0\0", 4}, {"\20\0\0\0\1\0\0\0\7\0\0\0\377\1\0\0\177\0\0\0\30\0\0\0"..., 2328}, ...], 125

-- 
	Paolo Ornati
	Linux 2.6.17.1 on x86_64

Re: Unkillable process in last git -- Bisected

[Andrew Morton]

On Wed, 28 Jun 2006 20:38:25 +0200
Paolo Ornati <ornati@fastwebnet.it> wrote:

> After a git-bisect session I've found that reverting the following
> commit fixes the problem.
> 
> Any idea?
> 
> 
> commit 6527c2bdf1f833cc18e8f42bd97973d583e4aa83
> Author: Vladimir V. Saveliev <vs@namesys.com>
> Date:   Tue Jun 27 02:53:57 2006 -0700
> 
>     [PATCH] generic_file_buffered_write(): deadlock on vectored write



From: Andrew Morton <akpm@osdl.org>

The recent generic_file_write() deadlock fix caused
generic_file_buffered_write() to loop inifinitely when presented with a
zero-length iovec segment.  Fix.

Note that this fix deliberately avoids calling ->prepare_write(),
->commit_write() etc with a zero-length write.  This is because I don't trust
all filesystems to get that right.

This is a cautious approach, for 2.6.17.x.  For 2.6.18 we should just go ahead
and call ->prepare_write() and ->commit_write() with the zero length and fix
any broken filesystems.  So I'll make that change once this code is stabilised
and backported into 2.6.17.x.

The reason for preferring to call ->prepare_write() and ->commit_write() with
the zero-length segment: a zero-length segment _should_ be sufficiently
uncommon that this is the correct way of handling it.  We don't want to
optimise for poorly-written userspace at the expense of well-written
userspace.

Cc: "Vladimir V. Saveliev" <vs@namesys.com>
Cc: Neil Brown <neilb@suse.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: Greg KH <greg@kroah.com>
Cc: <stable@kernel.org>
Cc: walt <wa1ter@myrealbox.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 mm/filemap.c |    9 ++++++++-
 mm/filemap.h |    4 ++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff -puN mm/filemap.c~generic_file_buffered_write-handle-zero-length-iovec-segments-stable mm/filemap.c
--- a/mm/filemap.c~generic_file_buffered_write-handle-zero-length-iovec-segments-stable
+++ a/mm/filemap.c
@@ -2125,6 +2125,12 @@ generic_file_buffered_write(struct kiocb
 			break;
 		}
 
+		if (unlikely(bytes == 0)) {
+			status = 0;
+			copied = 0;
+			goto zero_length_segment;
+		}
+
 		status = a_ops->prepare_write(file, page, offset, offset+bytes);
 		if (unlikely(status)) {
 			loff_t isize = i_size_read(inode);
@@ -2154,7 +2160,8 @@ generic_file_buffered_write(struct kiocb
 			page_cache_release(page);
 			continue;
 		}
-		if (likely(copied > 0)) {
+zero_length_segment:
+		if (likely(copied >= 0)) {
 			if (!status)
 				status = copied;
 
diff -puN mm/filemap.h~generic_file_buffered_write-handle-zero-length-iovec-segments-stable mm/filemap.h
--- a/mm/filemap.h~generic_file_buffered_write-handle-zero-length-iovec-segments-stable
+++ a/mm/filemap.h
@@ -88,7 +88,7 @@ filemap_set_next_iovec(const struct iove
 	const struct iovec *iov = *iovp;
 	size_t base = *basep;
 
-	while (bytes) {
+	do {
 		int copy = min(bytes, iov->iov_len - base);
 
 		bytes -= copy;
@@ -97,7 +97,7 @@ filemap_set_next_iovec(const struct iove
 			iov++;
 			base = 0;
 		}
-	}
+	} while (bytes);
 	*iovp = iov;
 	*basep = base;
 }
_

Re: Unkillable process in last git -- Bisected

[Paolo Ornati]

On Wed, 28 Jun 2006 22:20:36 -0700
Andrew Morton <akpm@osdl.org> wrote:

> From: Andrew Morton <akpm@osdl.org>
> 
> The recent generic_file_write() deadlock fix caused
> generic_file_buffered_write() to loop inifinitely when presented with a
> zero-length iovec segment.  Fix.

It works for me :)

-- 
	Paolo Ornati
	Linux 2.6.17.1 on x86_64