Kernel malloc problems with M_NOWAIT.

Thu, 12 Apr 2001 11:31:00 -0700 

There is a hard to duplicate race condition in freebsd's
kernel malloc.  Bassically it is possiables for the kernel    
to tsleep way down in vm_page_sleep_busy even when M_NOWAIT
is spefcied.  Under some conditions this can block the kernel
completly.

Attatched is a kernel module that demonstrates this rare condition,
The module has been tested on 4.2-RELEASE generic kernel configurations
as well as -STABLE.  The module only seems to work about one out of every 
10 or 15 tries which makes me think there is a race condition happening.

# ps -l -N ./kernel.31 -M ./vmcore.31
  UID   PID  PPID CPU PRI NI   VSZ  RSS WCHAN  STAT  TT       TIME COMMAND
    0   474   332   0 -18  0   176    0 vmopar D+   #C1    0:00.00  (kldload)
    0   477   333   0 -18  0  1372    0 thrd_s DV+  #C9    0:00.00  (csh)

(kgdb) proc 474
(kgdb) bt
#0  mi_switch () at ../../kern/kern_synch.c:858
#1  0xc016e0d9 in tsleep (ident=0xc05e0794, priority=4, wmesg=0xc02decd1 "vmopar", 
timo=0) at ../../kern/kern_synch.c:467
#2  0xc0245fbf in vm_object_page_remove (object=0xc0352cc0, start=6882, end=6907, 
clean_only=0) at ../../vm/vm_page.h:565
#3  0xc0242506 in vm_map_delete (map=0xc0352b60, start=3248361472, end=3248463872) at 
../../vm/vm_map.c:1809
#4  0xc02406af in kmem_malloc (map=0xc0352b60, size=102400, flags=1) at 
../../vm/vm_kern.c:365
#5  0xc0166bc7 in malloc (size=100000, type=0xc191d840, flags=1) at 
../../kern/kern_malloc.c:188
#6  0xc191c6da in ?? ()
#7  0xc015b49b in module_register_init (arg=0xc191d824) at ../../kern/kern_module.c:109
#8  0xc015ba57 in linker_file_sysinit (lf=0xc190fa80) at ../../kern/kern_linker.c:151
#9  0xc015bbd8 in linker_load_file (filename=0xc18e1800 
"./test_module_nowait_42_generic.ko", result=0xd3f28f28) at 
../../kern/kern_linker.c:285
#10 0xc015c422 in kldload (p=0xd2b8e400, uap=0xd3f28f80) at 
../../kern/kern_linker.c:678
#11 0xc02a6e09 in syscall2 (frame={tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = 0, 
tf_esi = 1, tf_ebp = -1077937200, tf_isp = -739078188, 
      tf_ebx = -1077937112, tf_edx = 0, tf_ecx = 134559200, tf_eax = 304, tf_trapno = 
12, tf_err = 2, tf_eip = 134513812, tf_cs = 31, 
      tf_eflags = 647, tf_esp = -1077937244, tf_ss = 47}) at 
../../i386/i386/trap.c:1150
#12 0xc029b195 in Xint0x80_syscall ()
#13 0x8048135 in ?? ()

# vmstat -m -N ./kernel.31 -M ./vmcore.31 | tail -2
Memory Totals:  In Use    Free    Requests
                 2315K     50K      322928

malloc.tgz

Reply via email to