Patch Name: PHKL_29851 Patch Description: s700_800 11.00 ufs(hfs) deadlock causes system hang Creation Date: 03/10/06 Post Date: 03/10/17 Hardware Platforms - OS Releases: s700: 11.00 s800: 11.00 Products: N/A Filesets: OS-Core.CORE2-KRN,fr=B.11.00,fa=HP-UX_B.11.00_32,v=HP OS-Core.CORE2-KRN,fr=B.11.00,fa=HP-UX_B.11.00_64,v=HP Automatic Reboot?: Yes Status: General Release Critical: Yes PHKL_29851: HANG PHKL_22932: HANG Category Tags: defect_repair general_release critical halts_system Path Name: /hp-ux_patches/s700_800/11.X/PHKL_29851 Symptoms: PHKL_29851: ( SR:8606320306 CR:JAGae82790 ) Two threads hang due to a deadlock between the two. The stacktraces of the hanging threads will look like the following. _swtch+0xd4 _sleep+0x154 blkflush+0x3ac ufspgin_blkflsh+0x70 ufs_pagein+0x3dc virtual_fault+0x378 vfault+0x118 trap+0x284 thandler+0xd20 _swtch+0xd4 _sleep_one+0x170 cilock_sleep+0x148 ieget+0x400 in_get+0x30 iget+0x18 dircheckforname+0x274 dircheckwithsdo+0x58 dirremove+0xbc ufs_remove+0x34 vns_remove+0xa4 vn_remove+0xa4 unlink+0x28 syscall+0x394 syscallinit+0x54c PHKL_22932: (SR:8606160762 CR:JAGad30082) A deadlock occurs while mmaping part of a file into a buffer, and when that buffer is used to do a read or write call to the very same file. If the file is opened with file descriptor "fd", and the same file is memory mapped to the region starting at address "addr", I/O to that file done with system call write/read will cause the system to hang. The problem occurs with UFS and some versions of netscape mail server. The thread will deadlock itself with the stack trace: ilock_reader+0x170 ufs_lock_inode+0x14 ufs_pagein+0x60 virtual_fault+0x378 vfault+0x118 trap+0x590 nokgdb+0x8 copyin+0x104 uiomove+0xc0 rwip+0x380 ufs_rdwr+0xe0 vno_rw+0x80 write+0x104 syscall+0x480 Defect Description: PHKL_29851: ( SR:8606320306 CR:JAGae82790 ) This is a two-way deadlock. The first thread has acquired an inode lock and is waiting for a buffer lock. The second thread has acquired the buffer lock and is waiting for the inode lock to become free. This happens as the pagein routine tries to flush buffers for a 4k page from the buffer cache for a file. However the file size might not be 4k aligned. This could result in the attempt of flushing buffers belonging to a different file or directory. Resolution: The pagein routine was modified not to flush those blocks from the buffer cache which did not belong to the file which is being paged in. PHKL_22932: (SR:8606160762 CR:JAGad30082) A deadlock occurs because write to a rwip requires an inode lock in ilock() and later uiomove (copying from the user buffer to the buffer cache) can trigger a vfault which requires a read lock on the same inode. The deadlock occurs on the inode between read/write and ufs_pagein() when a page fault occurs on a mmaped buffer during the uiomove called by the read/write system call. Resolution: In ufs_pagein(), if the inode lock is already owned by the current thread, it is not locked again. This is the only path were a inode lock is tried to be locked twice, first in write mode then in reade mode. Ignoring the second locking is good enough to avoid the deadlock and does not break any protection. Enhancement: No SR: 8606160762 8606320306 Patch Files: OS-Core.CORE2-KRN,fr=B.11.00,fa=HP-UX_B.11.00_32,v=HP: /usr/conf/lib/libhp-ux.a(ufs_vm.o) OS-Core.CORE2-KRN,fr=B.11.00,fa=HP-UX_B.11.00_64,v=HP: /usr/conf/lib/libhp-ux.a(ufs_vm.o) what(1) Output: OS-Core.CORE2-KRN,fr=B.11.00,fa=HP-UX_B.11.00_32,v=HP: /usr/conf/lib/libhp-ux.a(ufs_vm.o): ufs_vm.c $Date: 2003/10/03 06:52:35 $Revision: r11ro s/4 PATCH_11.00 (PHKL_29851) OS-Core.CORE2-KRN,fr=B.11.00,fa=HP-UX_B.11.00_64,v=HP: /usr/conf/lib/libhp-ux.a(ufs_vm.o): ufs_vm.c $Date: 2003/10/03 06:52:35 $Revision: r11ro s/4 PATCH_11.00 (PHKL_29851) cksum(1) Output: OS-Core.CORE2-KRN,fr=B.11.00,fa=HP-UX_B.11.00_32,v=HP: 3275950579 13896 /usr/conf/lib/libhp-ux.a(ufs_vm.o) OS-Core.CORE2-KRN,fr=B.11.00,fa=HP-UX_B.11.00_64,v=HP: 880946365 24024 /usr/conf/lib/libhp-ux.a(ufs_vm.o) Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: PHKL_22932 Equivalent Patches: None Patch Package Size: 40 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHKL_29851 5. Run swinstall to install the patch: swinstall -x autoreboot=true -x patch_match_target=true \ -s /tmp/PHKL_29851.depot By default swinstall will archive the original software in /var/adm/sw/save/PHKL_29851. If you do not wish to retain a copy of the original software, include the patch_save_files option in the swinstall command above: -x patch_save_files=false WARNING: If patch_save_files is false when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. For future reference, the contents of the PHKL_29851.text file is available in the product readme: swlist -l product -a readme -d @ /tmp/PHKL_29851.depot To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHKL_29851.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None