Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 28 Jul 2003 14:53:12 -0700
From:      Kris Kennaway <kris@obsecurity.org>
To:        Robert Watson <rwatson@FreeBSD.org>
Cc:        Kris Kennaway <kris@obsecurity.org>
Subject:   Re: Another LOR with filedesc structure and Giant
Message-ID:  <20030728215312.GA89925@rot13.obsecurity.org>
In-Reply-To: <Pine.NEB.3.96L.1030728110437.57321A-100000@fledge.watson.org>
References:  <20030727233351.GB80934@rot13.obsecurity.org> <Pine.NEB.3.96L.1030728110437.57321A-100000@fledge.watson.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--liOOAslEiF7prFVr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jul 28, 2003 at 11:09:55AM -0400, Robert Watson wrote:
>=20
> On Sun, 27 Jul 2003, Kris Kennaway wrote:
>=20
> > After upgrading last night, one of the package machines found this:
>=20
> I've bumped into some similar problems -- it's a property of how we
> current lock select().  We hold the file descriptor lock for the duration
> of polling each object being "selected", and if any of those objects has
> to grab a lock for any reason, it has to implicitly fall after the file
> descriptor lock.  I actually run into this in some of our MAC code,
> because I need to grab a vnode lock to authorize polling the vnode using
> VOP_POLL(), and since the vnode lock is a sleep lock, this generates a
> WITNESS warning.  Unfortunately, it's not immediately clear what a better
> locking scheme would look like without going overboard on the fine-grained
> side.  We probably need to grab Giant before entering the select code
> since it's highly likely something in there will require Giant -- it
> reaches down into VFS, the device stuff, socket code, tc.

Also

lock order reversal
 1st 0xc6a69634 filedesc structure (filedesc structure) @ /a/asami/portbuil=
d/i386/src-client/sys/kern/sys_generic.c:1071
 2nd 0xc04aa120 Giant (Giant) @ /a/asami/portbuild/i386/src-client/sys/fs/s=
pecfs/spec_vnops.c:372
Stack backtrace:
backtrace(c043d4af,c04aa120,c0439aa4,c0439aa4,c0434e3d) at backtrace+0x17
witness_lock(c04aa120,8,c0434e3d,174,246) at witness_lock+0x672
_mtx_lock_flags(c04aa120,0,c0434e3d,174,c043daba) at _mtx_lock_flags+0xba
spec_poll(d8dfcb44,d8dfcb64,c02d119c,d8dfcb44,c04939a0) at spec_poll+0x134
spec_vnoperate(d8dfcb44,c04939a0,c52cfa44,41,c6cfd280) at spec_vnoperate+0x=
18
vn_poll(c45dc880,41,c6cfd280,c5f7a4c0,c6cfd280) at vn_poll+0x3c
pollscan(c5f7a4c0,d8dfcbd4,2,3e7,10) at pollscan+0xb0
poll(c5f7a4c0,d8dfcd10,c0455899,3ee,3) at poll+0x252
syscall(2f,2f,2f,0,2) at syscall+0x273
Xint0x80_syscall() at Xint0x80_syscall+0x1d
--- syscall (209), eip =3D 0x281c4934, esp =3D 0xbfbfeee4, ebp =3D 0xbfbfef=
20 ---
Debugger("witness_lock")
Stopped at      Debugger+0x54:  xchgl   %ebx,in_Debugger.0
db>

Kris

--liOOAslEiF7prFVr
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)

iD8DBQE/JZtIWry0BWjoQKURAnQbAJ9qZ80mnAhT9KQbKyE8T5U5QKYYRgCfVMQ9
EmJdTFP2+AqDmIe1R6vk+Dk=
=LbJW
-----END PGP SIGNATURE-----

--liOOAslEiF7prFVr--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030728215312.GA89925>