On Fri, Mar 25, 2005 at 03:22:38PM -0800, Daniel McNeil wrote: > Looking at the code, the problem is a race condition between > dlm_astd() and release_lockspace(). dlm_astd can pull an > lkb off the ast_queue and still be processing it while the > release_lockspace() is running calls dlm_dir_clear() and > then kfree()s ls->ls_dirtbl. When dlm_astd() calls > release_rsb() it leads to a dlm_dir_remove() which accesses > the freed ls_dirtbl which is freed. With slab debug, this > leads a spinning write_lock() and a hung umount. My machines > are 2 cpu systems which also might expose the race condition. > > The fix is below and is fairly simple, just do the astd_suspend() > in release_lockspace() before the dlm_dir_clear() and kfree(). > That way astd won't be process lkb on the astqueue will it > is being freed. Excellent, patch applied. Thanks -- Dave Teigland <teigland@xxxxxxxxxx>
