From owner-freebsd-bugs@FreeBSD.ORG Mon Feb 19 00:18:38 2007 Return-Path: X-Original-To: freebsd-bugs@FreeBSD.org Delivered-To: freebsd-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EE5FD16A402; Mon, 19 Feb 2007 00:18:38 +0000 (UTC) (envelope-from bde@zeta.org.au) Received: from mailout1.pacific.net.au (mailout1-3.pacific.net.au [61.8.2.210]) by mx1.freebsd.org (Postfix) with ESMTP id B438713C461; Mon, 19 Feb 2007 00:18:38 +0000 (UTC) (envelope-from bde@zeta.org.au) Received: from mailproxy2.pacific.net.au (mailproxy2.pacific.net.au [61.8.2.163]) by mailout1.pacific.net.au (Postfix) with ESMTP id 812A45A7E01; Mon, 19 Feb 2007 11:18:36 +1100 (EST) Received: from besplex.bde.org (katana.zip.com.au [61.8.7.246]) by mailproxy2.pacific.net.au (Postfix) with ESMTP id 801ED27428; Mon, 19 Feb 2007 11:18:35 +1100 (EST) Date: Mon, 19 Feb 2007 11:18:34 +1100 (EST) From: Bruce Evans X-X-Sender: bde@besplex.bde.org To: Dmitry Pryanishnikov In-Reply-To: <200702181417.l1IEHsCJ001879@homelynx.homenet> Message-ID: <20070219101530.Q9237@besplex.bde.org> References: <200702181417.l1IEHsCJ001879@homelynx.homenet> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-bugs@FreeBSD.org, FreeBSD-gnats-submit@FreeBSD.org Subject: Re: kern/109277: kernel ppp(4) botches clist reservation in RELENG_6 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2007 00:18:39 -0000 On Sun, 18 Feb 2007, Dmitry Pryanishnikov wrote: >> Description: > Very rare (maybe, once a month) spontaneous crashes occur during the > active simultaneous use of kernel ppp and system console. When console > is in X.org mode, system just silently reboots. OTOH, there is a certain > chance to get valid crash dump when system console is in text mode. > Last such a crash was "panic: clist reservation botch" (see cblock_alloc() > function in /sys/kern/tty_subr.c), this was RELENG_6 as of 1-Feb-2007, > backtrace was: > ... > Looks like ppp(4) enters cblock_alloc(), then gets preempted, then > ttyinput() reenters cblock_alloc(). > >> Fix: > I'm ready to provide further debugging information on this issue. > Unfortunately, I'm not familiar enough with the locking concepts > in modern FreeBSD kernels (and in tty subsystem particularly) > in order to make the fix myself. Tty locking is especially simple and not very good -- everything must be Giant-locked to work. However, the default for network drivers is now not to use Giant locking. ppp doesn't seem to be aware of this. The only simple fix seems to be to pessimize all network drivers by configuring Giant locking for them all -- see netisr.c. I'm not sure if this is enough -- it is probably necessary to Giant-lock all calls into ppp (especially ioctls), but things in netisr.c only logically affect isrs. Bruce