dead lock in forked child

Jokea tfengjun at gmail.com
Fri May 25 02:02:30 PDT 2012


I've found that a forked child runs into dead lock in a multithreaded
application.
The test code is:

[root at localhost]# cat a.c
#include <stdio.h>
#include <stdlib.h>
#include <pthread.h>
#include "include/jemalloc/jemalloc.h"

void *worker(void *arg) {
int j;
char *p;

while (1) {
for (j=1; j<5000; ++j) {
p = je_malloc(j);
je_free(p);
}
}
return NULL;
}

int main(int argc, char **argv) {
int pid;
int j;
char *p;
pthread_t tid;
int n = 20;

if (argc > 1)
n = atoi(argv[1]);

for (j=0; j<10; ++j)
pthread_create(&tid, NULL, worker, NULL);

int i = 0;
while (i++<n) {
if ((pid = fork()) == 0) {
/* child */
fprintf(stderr, "child %d\n", i);
int cnt;
for (cnt=0; cnt<100; ++cnt) {
for (j=1; j<5000; ++j) {
p = je_malloc(j);
je_free(p);
}
}
exit(0);
}
usleep(10000);
}

sleep(1);
while (n--) {
fprintf(stderr, "%d children running...\n", n+1);
pid = wait(NULL);
}
return 0;
}

1. jemalloc is configured using:
# ./configure CFLAGS=-std=gnu99 -Wall -pipe -g3 -O2 -funroll-loops
--with-jemalloc-prefix=je_ --enable-cc-silence && make lib/libjemalloc.a

2. compile the test code using:
# gcc -g -ggdb -o 3.0.0 a.c lib/libjemalloc.a -lpthread -ldl

3. run the test:
[root at localhost]# ./3.0.0 4
child 1
child 2
child 3
child 4
4 children running...
3 children running...
2 children running...
^C
[root at localhost]#

4. Two children are blocked, backtrace:
first:
(gdb) bt
#0 malloc_init_hard () at src/jemalloc.c:626
#1 0x0000000000402f75 in malloc_init (size=1) at src/jemalloc.c:282
#2 je_malloc (size=1) at src/jemalloc.c:804
#3 0x00000000004011f3 in main (argc=2, argv=0x7fffa509d888) at a.c:40

second:
(gdb) bt
#0 0x0000003e4ea0d594 in __lll_lock_wait () from /lib64/libpthread.so.0
#1 0x0000003e4ea08e8a in _L_lock_1034 () from /lib64/libpthread.so.0
#2 0x0000003e4ea08d4c in pthread_mutex_lock () from /lib64/libpthread.so.0
#3 0x000000000040148f in malloc_mutex_lock () at
include/jemalloc/internal/mutex.h:77
#4 malloc_init_hard () at src/jemalloc.c:611
#5 0x0000000000402f75 in malloc_init (size=1) at src/jemalloc.c:282
#6 je_malloc (size=1) at src/jemalloc.c:804
#7 0x00000000004011f3 in main (argc=2, argv=0x7fffa509d888) at a.c:40

I've tested the code against jemalloc-2.2.5 and jemalloc-3.0.0, they
shows the same result.
The default libc malloc does not have this issue.

System info:
CentOS-5.4 x86_64,

Regards,
tfengjun

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jemalloc.net/mailman/jemalloc-discuss/attachments/20120525/63b7bedc/attachment.html>


More information about the jemalloc-discuss mailing list