From owner-freebsd-bugs@FreeBSD.ORG  Mon Feb 19 00:20:21 2007
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 9213216A400
	for <freebsd-bugs@hub.freebsd.org>;
	Mon, 19 Feb 2007 00:20:21 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40])
	by mx1.freebsd.org (Postfix) with ESMTP id 4390313C48E
	for <freebsd-bugs@hub.freebsd.org>;
	Mon, 19 Feb 2007 00:20:21 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l1J0KKIq076513
	for <freebsd-bugs@freefall.freebsd.org>; Mon, 19 Feb 2007 00:20:20 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l1J0KKtY076512;
	Mon, 19 Feb 2007 00:20:20 GMT (envelope-from gnats)
Date: Mon, 19 Feb 2007 00:20:20 GMT
Message-Id: <200702190020.l1J0KKtY076512@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Bruce Evans <bde@zeta.org.au>
Cc: 
Subject: Re: kern/109277: kernel ppp(4) botches clist reservation in RELENG_6
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Bruce Evans <bde@zeta.org.au>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Feb 2007 00:20:21 -0000

The following reply was made to PR kern/109277; it has been noted by GNATS.

From: Bruce Evans <bde@zeta.org.au>
To: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>
Cc: FreeBSD-gnats-submit@FreeBSD.org, freebsd-bugs@FreeBSD.org
Subject: Re: kern/109277: kernel ppp(4) botches clist reservation in RELENG_6
Date: Mon, 19 Feb 2007 11:18:34 +1100 (EST)

 On Sun, 18 Feb 2007, Dmitry Pryanishnikov wrote:
 
 >> Description:
 >    Very rare (maybe, once a month) spontaneous crashes occur during the
 >    active simultaneous use of kernel ppp and system console. When console
 >    is in X.org mode, system just silently reboots. OTOH, there is a certain
 >    chance to get valid crash dump when system console is in text mode.
 >    Last such a crash was "panic: clist reservation botch" (see cblock_alloc()
 >    function in /sys/kern/tty_subr.c), this was RELENG_6 as of 1-Feb-2007,
 >    backtrace was:
 > ...
 >    Looks like ppp(4) enters cblock_alloc(), then gets preempted, then
 >    ttyinput() reenters cblock_alloc().
 >
 >> Fix:
 >    I'm ready to provide further debugging information on this issue.
 >    Unfortunately, I'm not familiar enough with the locking concepts
 >    in modern FreeBSD kernels (and in tty subsystem particularly)
 >    in order to make the fix myself.
 
 Tty locking is especially simple and not very good -- everything must
 be Giant-locked to work.  However, the default for network drivers is
 now not to use Giant locking.  ppp doesn't seem to be aware of this.
 The only simple fix seems to be to pessimize all network drivers by
 configuring Giant locking for them all -- see netisr.c.  I'm not sure
 if this is enough -- it is probably necessary to Giant-lock all calls
 into ppp (especially ioctls), but things in netisr.c only logically
 affect isrs.
 
 Bruce