Bug #9061
closedofdlock(): assertion failed: lckdat->l_start == 0
100%
Description
Running stress-ng -a 4, I immediately hit a VERIFY in ofdlock():
2018-01-26T09:35:53.727240+00:00 dent unix: [ID 836849 kern.notice] #012#015panic[cpu2]/thread=ffffff04224853a0: 2018-01-26T09:35:53.727248+00:00 dent genunix: [ID 403854 kern.notice] assertion failed: lckdat->l_start == 0, file: ../../common/os/flock.c, line: 312 2018-01-26T09:35:53.727251+00:00 dent unix: [ID 100000 kern.notice] #012 2018-01-26T09:35:53.727254+00:00 dent genunix: [ID 802836 kern.notice] ffffff0016895ab0 fffffffffba7c1d8 () 2018-01-26T09:35:53.727256+00:00 dent genunix: [ID 655072 kern.notice] ffffff0016895c40 genunix:ofdlock+370 () 2018-01-26T09:35:53.727258+00:00 dent genunix: [ID 655072 kern.notice] ffffff0016895eb0 genunix:fcntl+c13 () 2018-01-26T09:35:53.727261+00:00 dent genunix: [ID 655072 kern.notice] ffffff0016895f10 unix:brand_sys_sysenter+1d3 ()
The parameters are straight from user-space, but not sufficiently vetted prior to reaching ofdlock().
This looks very similar to
---OS-5585--- fcntl(F_OFD_GETLK) should return EINVAL on bad parameters
but that push didn't cover at least this case.
--
In the 64-bit fcntl() path:
369 if (cmd == F_OFD_GETLK || cmd == F_OFD_SETLK || 370 cmd == F_OFD_SETLKW) {
But in the 32-bit:
721 if (cmd == F_OFD_SETLK || cmd == F_OFD_SETLKW) {
and indeed we're doing a 32-bit F_OFD_GETLK
Details
Type:
Bug
Status:
Resolved
Priority:
3 - Elevated
Resolution:
Fixed
Affects Version/s:
None
Fix Version/s:
2018-02-01 Kalm
Component/s:
None
Labels:
None
Description
Running stress-ng a 4, I immediately hit a VERIFY in ofdlock():>l_start 0, file: ../../common/os/flock.c, line: 312
2018-01-26T09:35:53.727240+00:00 dent unix: [ID 836849 kern.notice] #012#015panic[cpu2]/thread=ffffff04224853a0:
2018-01-26T09:35:53.727248+00:00 dent genunix: [ID 403854 kern.notice] assertion failed: lckdat
2018-01-26T09:35:53.727251+00:00 dent unix: [ID 100000 kern.notice] #012
2018-01-26T09:35:53.727254+00:00 dent genunix: [ID 802836 kern.notice] ffffff0016895ab0 fffffffffba7c1d8 ()
2018-01-26T09:35:53.727256+00:00 dent genunix: [ID 655072 kern.notice] ffffff0016895c40 genunix:ofdlock+370 ()
2018-01-26T09:35:53.727258+00:00 dent genunix: [ID 655072 kern.notice] ffffff0016895eb0 genunix:fcntl+c13 ()
2018-01-26T09:35:53.727261+00:00 dent genunix: [ID 655072 kern.notice] ffffff0016895f10 unix:brand_sys_sysenter+1d3 ()
The parameters are straight from user-space, but not sufficiently vetted prior to reaching ofdlock().
This looks very similar to
---OS-5585--- fcntl(F_OFD_GETLK) should return EINVAL on bad parameters
but that push didn't cover at least this case.
Attachments
Drop files to attach, or
Add Link
Issue Links
links to
Web Link Gerrit CR 3270 (joyent/illumos-joyent)
Delete this link
Activity
All
Comments
Work Log
History
Activity
Emails
Ascending order - Click to sort in descending order
Permalink Edit Delete
john.levon John Levon added a comment - 26/Jan/18 10:38 AM
thoth at 85c6eead2f2d0f0d1e3af5e676e14314
Permalink Edit Delete
john.levon John Levon added a comment - 26/Jan/18 1:07 PM
In the 64-bit fcntl() path:
369 if (cmd F_OFD_GETLK || cmd F_OFD_SETLK ||
370 cmd F_OFD_SETLKW) {
But in the 32-bit:
721 if (cmd F_OFD_SETLK || cmd F_OFD_SETLKW) {
and indeed we're doing a 32-bit F_OFD_GETLK
Permalink Edit Delete
jerry Jerry Jelinek added a comment - 26/Jan/18 6:14 PM
Output from the new test cases for 32-bit and 64-bit runs
[root@smartos /opt/os-tests/tests/file-locking]# ./runtests.32 # Exclusive lock tests Running fcntl(2) POSIX + fcntl(2) POSIX tests (kill child)... ok Running fcntl(2) POSIX + fcntl(2) POSIX tests (child exits)... ok Running fcntl(2) POSIX + fcntl(2) OFD tests (kill child)... ok Running fcntl(2) POSIX + fcntl(2) OFD tests (child exits)... ok Running fcntl(2) POSIX + flock(3C) tests (kill child)... ok Running fcntl(2) POSIX + flock(3C) tests (child exits)... ok Running fcntl(2) OFD + fcntl(2) POSIX tests (kill child)... ok Running fcntl(2) OFD + fcntl(2) POSIX tests (child exits)... ok Running fcntl(2) OFD + fcntl(2) OFD tests (kill child)... ok Running fcntl(2) OFD + fcntl(2) OFD tests (child exits)... ok Running fcntl(2) OFD + flock(3C) tests (kill child)... ok Running fcntl(2) OFD + flock(3C) tests (child exits)... ok Running flock(3C) + fcntl(2) POSIX tests (kill child)... ok Running flock(3C) + fcntl(2) POSIX tests (child exits)... ok Running flock(3C) + fcntl(2) OFD tests (kill child)... ok Running flock(3C) + fcntl(2) OFD tests (child exits)... ok Running flock(3C) + flock(3C) tests (kill child)... ok Running flock(3C) + flock(3C) tests (child exits)... ok # Shared lock tests Running fcntl(2) POSIX + fcntl(2) POSIX tests (kill child)... ok Running fcntl(2) POSIX + fcntl(2) POSIX tests (child exits)... ok Running fcntl(2) POSIX + fcntl(2) OFD tests (kill child)... ok Running fcntl(2) POSIX + fcntl(2) OFD tests (child exits)... ok Running fcntl(2) POSIX + flock(3C) tests (kill child)... ok Running fcntl(2) POSIX + flock(3C) tests (child exits)... ok Running fcntl(2) OFD + fcntl(2) POSIX tests (kill child)... ok Running fcntl(2) OFD + fcntl(2) POSIX tests (child exits)... ok Running fcntl(2) OFD + fcntl(2) OFD tests (kill child)... ok Running fcntl(2) OFD + fcntl(2) OFD tests (child exits)... ok Running fcntl(2) OFD + flock(3C) tests (kill child)... ok Running fcntl(2) OFD + flock(3C) tests (child exits)... ok Running flock(3C) + fcntl(2) POSIX tests (kill child)... ok Running flock(3C) + fcntl(2) POSIX tests (child exits)... ok Running flock(3C) + fcntl(2) OFD tests (kill child)... ok Running flock(3C) + fcntl(2) OFD tests (child exits)... ok Running flock(3C) + flock(3C) tests (kill child)... ok Running flock(3C) + flock(3C) tests (child exits)... ok # flock(3C) directory lock tests Running flock(3C) + flock(3C) tests (kill child)... ok Running flock(3C) + flock(3C) tests (child exits)... ok Running flock(3C) + flock(3C) tests (kill child)... ok Running flock(3C) + flock(3C) tests (child exits)... ok # Invalid fcntl(2) parameters tests fcntl(fd, F_SETLK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_SETLK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_SETLKW, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_SETLKW, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_GETLK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_GETLK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_FLOCK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_FLOCK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_FLOCKW, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_FLOCKW, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_FLOCK, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_FLOCK, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_FLOCK, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_FLOCKW, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_FLOCKW, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_FLOCKW, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_SETLK64, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK64, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_SETLK64, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_SETLKW64, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLKW64, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_SETLKW64, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_GETLK64, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_GETLK64, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_GETLK64, { 2, 0, 0, 1, ... })... ok # Testing that multiple OFD locks work in a process Acquiring first two shared locks... ok Acquiring an exclusive lock should fail w/ EWOULDBLOCK... ok Releasing to acquire an exclusive lock... ok Acquiring an exclusive lock... ok Acquiring a shared lock should fail w/ EWOULDBLOCK... ok Releasing exclusive lock... ok # Testing flock(3C) upgrade/downgrade tests Acquiring shared locks 1, 2 and 3... ok Upgrading lock 3 should fail w/ EWOULDBLOCK... ok Upgrading 3 should succeed after releasing locks 1 & 2... ok Starting up child, then downgrading lock 3 to shared... ok Releasing child and upgrading... ok Releasing lock 3... ok [root@smartos /opt/os-tests/tests/file-locking]# ./runtests.64 # Exclusive lock tests Running fcntl(2) POSIX + fcntl(2) POSIX tests (kill child)... ok Running fcntl(2) POSIX + fcntl(2) POSIX tests (child exits)... ok Running fcntl(2) POSIX + fcntl(2) OFD tests (kill child)... ok Running fcntl(2) POSIX + fcntl(2) OFD tests (child exits)... ok Running fcntl(2) POSIX + flock(3C) tests (kill child)... ok Running fcntl(2) POSIX + flock(3C) tests (child exits)... ok Running fcntl(2) OFD + fcntl(2) POSIX tests (kill child)... ok Running fcntl(2) OFD + fcntl(2) POSIX tests (child exits)... ok Running fcntl(2) OFD + fcntl(2) OFD tests (kill child)... ok Running fcntl(2) OFD + fcntl(2) OFD tests (child exits)... ok Running fcntl(2) OFD + flock(3C) tests (kill child)... ok Running fcntl(2) OFD + flock(3C) tests (child exits)... ok Running flock(3C) + fcntl(2) POSIX tests (kill child)... ok Running flock(3C) + fcntl(2) POSIX tests (child exits)... ok Running flock(3C) + fcntl(2) OFD tests (kill child)... ok Running flock(3C) + fcntl(2) OFD tests (child exits)... ok Running flock(3C) + flock(3C) tests (kill child)... ok Running flock(3C) + flock(3C) tests (child exits)... ok # Shared lock tests Running fcntl(2) POSIX + fcntl(2) POSIX tests (kill child)... ok Running fcntl(2) POSIX + fcntl(2) POSIX tests (child exits)... ok Running fcntl(2) POSIX + fcntl(2) OFD tests (kill child)... ok Running fcntl(2) POSIX + fcntl(2) OFD tests (child exits)... ok Running fcntl(2) POSIX + flock(3C) tests (kill child)... ok Running fcntl(2) POSIX + flock(3C) tests (child exits)... ok Running fcntl(2) OFD + fcntl(2) POSIX tests (kill child)... ok Running fcntl(2) OFD + fcntl(2) POSIX tests (child exits)... ok Running fcntl(2) OFD + fcntl(2) OFD tests (kill child)... ok Running fcntl(2) OFD + fcntl(2) OFD tests (child exits)... ok Running fcntl(2) OFD + flock(3C) tests (kill child)... ok Running fcntl(2) OFD + flock(3C) tests (child exits)... ok Running flock(3C) + fcntl(2) POSIX tests (kill child)... ok Running flock(3C) + fcntl(2) POSIX tests (child exits)... ok Running flock(3C) + fcntl(2) OFD tests (kill child)... ok Running flock(3C) + fcntl(2) OFD tests (child exits)... ok Running flock(3C) + flock(3C) tests (kill child)... ok Running flock(3C) + flock(3C) tests (child exits)... ok # flock(3C) directory lock tests Running flock(3C) + flock(3C) tests (kill child)... ok Running flock(3C) + flock(3C) tests (child exits)... ok Running flock(3C) + flock(3C) tests (kill child)... ok Running flock(3C) + flock(3C) tests (child exits)... ok # Invalid fcntl(2) parameters tests fcntl(fd, F_SETLK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_SETLK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_SETLKW, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_SETLKW, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_GETLK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_GETLK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_FLOCK, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_FLOCK, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_FLOCKW, { 200, 0, 0, 0, ... })... ok fcntl(fd, F_FLOCKW, { -1, 0, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_FLOCK, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_FLOCK, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_FLOCK, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_FLOCKW, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_FLOCKW, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_FLOCKW, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_SETLK, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_SETLKW, { 2, 0, 0, 1, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 1, 0, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 0, 1, 0, ... })... ok fcntl(fd, F_OFD_GETLK, { 2, 0, 0, 1, ... })... ok # Testing that multiple OFD locks work in a process Acquiring first two shared locks... ok Acquiring an exclusive lock should fail w/ EWOULDBLOCK... ok Releasing to acquire an exclusive lock... ok Acquiring an exclusive lock... ok Acquiring a shared lock should fail w/ EWOULDBLOCK... ok Releasing exclusive lock... ok # Testing flock(3C) upgrade/downgrade tests Acquiring shared locks 1, 2 and 3... ok Upgrading lock 3 should fail w/ EWOULDBLOCK... ok Upgrading 3 should succeed after releasing locks 1 & 2... ok Starting up child, then downgrading lock 3 to shared... ok Releasing child and upgrading... ok Releasing lock 3... ok
Updated by Electric Monk about 4 years ago
- Status changed from New to Closed
git commit 9c7f1ae01d2294b79bc57dff1f29ac9b813d6172
commit 9c7f1ae01d2294b79bc57dff1f29ac9b813d6172 Author: Jerry Jelinek <jerry.jelinek@joyent.com> Date: 2018-05-14T17:14:00.000Z 9061 ofdlock(): assertion failed: lckdat->l_start == 0 Reviewed by: Cody Mello <cody.mello@joyent.com> Reviewed by: John Levon <john.levon@joyent.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Approved by: Dan McDonald <danmcd@joyent.com>