[Bug 211531] Hitting non sleepable lock panic for lock "unp_link_rwlock"

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Aug 2 17:18:24 UTC 2016 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211531

            Bug ID: 211531
           Summary: Hitting non sleepable lock panic for lock
                    "unp_link_rwlock"
           Product: Base System
           Version: 10.3-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: raviprakash.darbha at gmail.com

I encountered a double lock issue in unp_connectat function. After looking at
the code , I think the unp_link_rwlock is being locked once unp_connectat and
once again in unp_detach  (called from sofree ). Below is the exact call stack.


UNP_LINK_WLOCK();         <——————————  1 st call 
…..
…..
if (so->so_proto->pr_flags & PR_CONNREQUIRED) {
     if (so2->so_options & SO_ACCEPTCONN
         CURVNET_SET(so2->so_vnet); 
          so3 = sonewconn(so2, 0);
          // Expanding sonewconn 
          { 
             sonewconn 
              {
                   ……
                   soalloc
                   …….
                   pru_attach 
                   …….
                   if (!(head->so_options & SO_ACCEPTCONN) &&
                   ((head->so_proto->pr_protocol != IPPROTO_SCTP) ||
                    (head->so_type != SOCK_SEQPACKET))) {
                       ……….
                       sofree(so);             /* NB: returns ACCEPT_UNLOCK'ed.
*/
                       // Expanding sofree 

                      {   

                        …….

                        pru_detach

                        // expanding pru_detach 

                        {

                             // Recursive wlock acquiring. 

                             UNP_LINK_WLOCK()     <——————————  2nd Call 

------------------------------------------------

Backtrace:
#0  doadump (textdump=1) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/kern_shutdown.c:269
#1  0xffffffff8041084f in kern_reboot (howto=260) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/kern_shutdown.c:452
#2  0xffffffff80410d32 in vpanic (fmt=<value optimized out>, ap=<value
optimized out>) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/kern_shutdown.c:759
#3  0xffffffff80410f23 in kassert_panic (fmt=0xffffffff805e4300 "%s: recursing
but non-recursive rw %s @ %s:%d\n")
    at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/kern_shutdown.c:647
#4  0xffffffff8040e2c5 in __rw_wlock_hard (c=<value optimized out>,
tid=18446735292422403312, file=0x0, line=0)
    at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/kern_rwlock.c:739
#5  0xffffffff8040ed21 in _rw_wlock_cookie (c=<value optimized out>,
file=0xffffffff805f4e20
"/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/uipc_usrreq.c", 
    line=654) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/kern_rwlock.c:267
#6  0xffffffff8049b1c4 in uipc_detach (so=<value optimized out>) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/uipc_usrreq.c:654
#7  0xffffffff80490203 in sofree (so=0xfffff80372dc5000) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/uipc_socket.c:791
#8  0xffffffff80490c21 in sonewconn (head=0xfffff80735e98000, connstatus=0) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/uipc_socket.c:617
#9  0xffffffff80498f79 in unp_connectat (fd=<value optimized out>,
so=0xfffff8066ee292e0, nam=<value optimized out>, td=0xfffff803727fb4f0)
    at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/uipc_usrreq.c:1359
#10 0xffffffff8049c0c1 in uipc_connect (so=0xfffff8066ee292e0,
nam=0xfffffe085d25d170, td=0xfffff803727fb4f0)
    at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/kern/uipc_usrreq.c:585
#11 0xffffffff83879e5a in clnt_vc_create (so=0xfffff8066ee292e0, raddr=<value
optimized out>, prog=100000, vers=3, sendsz=9000, recvsz=9000, intrflag=1)
    at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/rpc/clnt_vc.c:154
#12 0xffffffff8387caa6 in local_rpcb () at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/rpc/rpcb_clnt.c:461
#13 0xffffffff8387cb0d in rpcb_unset (program=0, version=0, nconf=0x0) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/rpc/rpcb_clnt.c:616
#14 0xffffffff8387f57c in svc_unreg (pool=0xfffffe0003d27000, prog=100003,
vers=2) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/rpc/svc.c:532
#15 0xffffffff8387f991 in svcpool_destroy (pool=0xfffffe0003d27000) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/rpc/svc.c:204
#16 0xffffffff838c3cf9 in nfsrvd_init (terminating=<value optimized out>) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/fs/nfsserver/nfs_nfsdkrpc.c:539
#17 0xffffffff838c490b in nfsrvd_nfsd (td=<value optimized out>,
args=0xfffffe085d25da70)
    at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/fs/nfsserver/nfs_nfsdkrpc.c:516
#18 0xffffffff838d4f9b in nfssvc_nfsd (td=0xfffff803727fb4f0, uap=<value
optimized out>)
    at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/fs/nfsserver/nfs_nfsdport.c:3081
#19 0xffffffff838b111b in sys_nfssvc (td=0xfffff803727fb4f0,
uap=0xfffffe085d25db70) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/nfs/nfs_nfssvc.c:108
#20 0xffffffff805597a6 in amd64_syscall (td=0xfffff803727fb4f0, traced=0) at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/amd64/amd64/../../kern/subr_syscall.c:145
#21 0xffffffff8053e647 in Xfast_syscall () at
/.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_10/20160419.182836_fbsd-builder_10.325814/src/sys/amd64/amd64/exception.S:396
#22 0x0000000800a915fa in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)




I am working on a patch for the fix

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list