Date: Thu, 19 Jan 2006 16:23:57 -0500 From: Kris Kennaway <kris@obsecurity.org> To: Alan Cox <alc@cs.rice.edu> Cc: alc@freebsd.org, freebsd-current@freebsd.org, Suleiman Souhlal <ssouhlal@freebsd.org>, Kris Kennaway <kris@obsecurity.org> Subject: Re: System call munmap returning with the following locks held: Giant Message-ID: <20060119212357.GA97268@xor.obsecurity.org> In-Reply-To: <20060119203833.GC7599@cs.rice.edu> References: <20060118070549.GA617@xor.obsecurity.org> <43CEEBD4.3060604@FreeBSD.org> <200601190802.31914.jhb@freebsd.org> <200601191114.27075.jhb@freebsd.org> <20060119203833.GC7599@cs.rice.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--J2SCkAp4GZ/dPZZf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 19, 2006 at 02:38:33PM -0600, Alan Cox wrote: > On Thu, Jan 19, 2006 at 11:14:24AM -0500, John Baldwin wrote: > [snip] > >=20 > > Are you really sure the object's type can change or does the caller of= =20 > > vm_object_deallocate() hold some sort of reference or what not that pre= vents=20 > > the type from changing? > >=20 >=20 > My recollection is that the object does not change type until all of > the references have been drained and it is about to be freed by > vm_object_terminate(). At the point where the type check is being > performed, the caller should hold a reference on the object. Thus, > the type should not be changing. >=20 > That said, an unexpected type change still strikes me as the most > plausible cause. >=20 > Is there a test that easily reproduces this problem? Racing mmap/munmap on NFS with umount -f. I'll send you the code I'm using (from ups@) separately. Kris --J2SCkAp4GZ/dPZZf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD0ANsWry0BWjoQKURAoJbAJ4xEOcYApEkfHp9wsCcBXfFqO9kMACfZ4LU TvBjH/8KY8mli0shRwX96ww= =kG2G -----END PGP SIGNATURE----- --J2SCkAp4GZ/dPZZf--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060119212357.GA97268>