Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 30 Jul 2018 11:31:55 +0200
From:      Roger Pau =?utf-8?B?TW9ubsOp?= <royger@freebsd.org>
To:        Pratyush Yadav <pratyush@freebsd.org>
Cc:        FreeBSD-Xen <freebsd-xen@freebsd.org>, Akshay Jaggi <jaggi@freebsd.org>, Edward Napierala <trasz@freebsd.org>
Subject:   Re: Recursion in non-recursive mutex when using the grant table free callbacks
Message-ID:  <20180730093155.c6ihgafia5ducw65@mac.bytemobile.com>
In-Reply-To: <CA%2BX=3T%2BnHO6_Uhx=HFhcjQGe=GF_yOyEnO_nm6GS%2Bu7wfXR5qg@mail.gmail.com>
References:  <CA%2BX=3T%2BnHO6_Uhx=HFhcjQGe=GF_yOyEnO_nm6GS%2Bu7wfXR5qg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Sun, Jul 29, 2018 at 06:08:56PM +0530, Pratyush Yadav wrote:
> Hi,
> 
> Currently, the grant table free callbacks can not work. This is
> because of a recursion on a non-recursive mutex that causes a kernel
> panic. The cause of the recursion is: check_free_callbacks() is always
> called with the lock gnttab_list_lock held. So, the callback function
> is called with the lock held. So, when the client uses any of the
> grant reference allocation methods get_free_entries() is called, which
> tries to acquire gnttab_list_lock(grant_table.c:77 [0]), causing a
> recursion on the lock.
> 
> I'm not sure what the correct fix would be though. One way I can think
> of is that check_free_callback() should be called without the lock
> held. But with this fix, it is possible for the callback to be called
> even though the grant references it needs are not available. This
> would happen when another thread takes those references while the
> current thread has completed the check if(gnttab_free_count >=
> callback->count) but has not yet called the callback
> (grant_table,c:105 [1]).
> 
> I think a better way to fix this would be to have a check in
> get_free_entries() whether the current thread holds the lock, so it
> does not try to acquire the lock if the current thread already holds
> it.

I agree in the analysis, however I think the proper solution is to use
a recursive lock.

Roger.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180730093155.c6ihgafia5ducw65>