Skip to content

Kea deadlock because signal handler is doing malloc

Describe the bug If I simultaneously restart kea when calling lease-get command, kea will enter a deadlock after a while. Observing the traceback, it's determined that deadlock occurs because we're doing a malloc when a signal handler is called, and inside the signal handler, another malloc is called.

#0  0xf773fc29 in __kernel_vsyscall () 
#1  0xf6a16822 in __lll_lock_wait_private () from /lib/libc.so.6
#2  0xf6989f10 in _L_lock_17416 () from /lib/libc.so.6
#3  0xf6986c89 in malloc () from /lib/libc.so.6
#4  0xf6ba6059 in operator new(unsigned int) () from /lib/libstdc++.so.6
#5  0xf6f74df7 in __gnu_cxx::new_allocator<std::_List_node<int> >::allocate (this=<optimized out>, __n=<optimized out>) at /usr/include/c++/6.3.1/ext/new_allocator.h:104
#6  std::allocator_traits<std::allocator<std::_List_node<int> > >::allocate (__a=..., __n=<optimized out>) at /usr/include/c++/6.3.1/bits/alloc_traits.h:436
#7  std::_List_base<int, std::allocator<int> >::_M_get_node (this=<optimized out>) at /usr/include/c++/6.3.1/bits/stl_list.h:383
#8  std::list<int, std::allocator<int> >::_M_create_node<int const&> (this=<optimized out>) at /usr/include/c++/6.3.1/bits/stl_list.h:568
#9  std::list<int, std::allocator<int> >::_M_insert<int const&> (this=<optimized out>, __position=...) at /usr/include/c++/6.3.1/bits/stl_list.h:1770
#10 std::list<int, std::allocator<int> >::push_back (__x=<optimized out>, this=<optimized out>) at /usr/include/c++/6.3.1/bits/stl_list.h:1098
#11 (anonymous namespace)::internalHandler (sig=15) at signal_set.cc:76
#12 <signal handler called>
#13 0xf69823b9 in malloc_consolidate () from /lib/libc.so.6
#14 0xf6984b7f in _int_malloc () from /lib/libc.so.6
#15 0xf6986c94 in malloc () from /lib/libc.so.6
#16 0xf6ba6059 in operator new(unsigned int) () from /lib/libstdc++.so.6
#17 0xf6bf0a9d in std::string::_Rep::_S_create(unsigned int, unsigned int, std::allocator<char> const&) () from /lib/libstdc++.so.6
#18 0xf6bf2266 in std::string::_Rep::_M_clone(std::allocator<char> const&, unsigned int) () from /lib/libstdc++.so.6
#19 0xf6bf23c2 in std::string::reserve(unsigned int) () from /lib/libstdc++.so.6
#20 0xf6be7c60 in std::basic_stringbuf<char, std::char_traits<char>, std::allocator<char> >::overflow(int) () from /lib/libstdc++.so.6
#21 0xf6c48e22 in std::basic_streambuf<char, std::char_traits<char> >::xsputn(char const*, int) () from /lib/libstdc++.so.6
#22 0xf6c2aa39 in std::ostreambuf_iterator<char, std::char_traits<char> > std::num_put<char, std::ostreambuf_iterator<char, std::char_traits<char> > >::_M_insert_int<unsigned long>(std::ostreambuf_iterator<char, std::char_traits<char> >, std::ios_base&, char, unsigned long) const () from /lib/libstdc++.so.6
#23 0xf6c2abda in std::num_put<char, std::ostreambuf_iterator<char, std::char_traits<char> > >::do_put(std::ostreambuf_iterator<char, std::char_traits<char> >, std::ios_base&, char, unsigned long) const () from /lib/libstdc++.so.6
#24 0xf6c3753c in std::ostream& std::ostream::_M_insert<unsigned long>(unsigned long) () from /lib/libstdc++.so.6
#25 0xf7710b40 in std::ostream::operator<< (__n=<optimized out>, this=<optimized out>) at /usr/include/c++/6.3.1/ostream:196
#26 isc::lease_cmds::LeaseCmdsImpl::leaseGetPageHandler (this=0x57157cc0, handle=...) at lease_cmds.cc:678
#27 0xf7711fcb in isc::lease_cmds::LeaseCmds::leaseGetPageHandler (this=0x570f2010, handle=...) at lease_cmds.cc:1018
#28 0xf77183f1 in lease6_get_page (handle=...) at lease_cmds_callouts.cc:110
#29 0xf700682e in isc::hooks::CalloutManager::callCallouts (this=0x5706b6f0, hook_index=1461260144, callout_handle=...) at callout_manager.cc:175
#30 0xf7009106 in isc::hooks::CalloutManager::callCommandHandlers (this=0x570f2010, command_name=<error reading variable: Cannot access memory at address 0xfffffff4>, callout_handle=...) at callout_manager.cc:228
#31 0xf700c9da in isc::hooks::HooksManager::callCommandHandlersInternal (this=0xf7028558 <isc::hooks::HooksManager::getHooksManager()::manager>, command_name=<error reading variable: Cannot access memory at address 0x78>, handle=...) at hooks_manager.cc:81
#32 0xf700ca2e in isc::hooks::HooksManager::callCommandHandlers (command_name=<error reading variable: Cannot access memory at address 0x78>, handle=...) at hooks_manager.cc:87
#33 0xf7367279 in isc::config::HookedCommandMgr::delegateCommandToHookLibrary (this=0xf7374560 <isc::config::CommandMgr::instance()::cmd_mgr>, cmd_name="lease4-get-page", params=..., original_cmd=..., answer=...) at hooked_command_mgr.cc:52
#34 0xf7367e3a in isc::config::HookedCommandMgr::handleCommand (this=0xf7374560 <isc::config::CommandMgr::instance()::cmd_mgr>, cmd_name="lease4-get-page", params=..., original_cmd=...) at hooked_command_mgr.cc:77
#35 0xf73527a2 in isc::config::BaseCommandMgr::processCommand (this=0xf7374560 <isc::config::CommandMgr::instance()::cmd_mgr>, cmd=...) at base_command_mgr.cc:126

I'm using kea 1.5.0 and this can be reproduced using either kea-dhcp4 or kea-dhcp6. OS: Fedora 15

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information