From owner-freebsd-arch  Sat Oct  5  3: 0:45 2002
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id D99E137B401; Sat,  5 Oct 2002 03:00:43 -0700 (PDT)
Received: from gw.catspoiler.org (217-ip-163.nccn.net [209.79.217.163])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 6E2EB43E6A; Sat,  5 Oct 2002 03:00:43 -0700 (PDT)
	(envelope-from dl-freebsd@catspoiler.org)
Received: from mousie.catspoiler.org (mousie.catspoiler.org [192.168.101.2])
	by gw.catspoiler.org (8.12.5/8.12.5) with ESMTP id g95A0ZvU023752;
	Sat, 5 Oct 2002 03:00:39 -0700 (PDT)
	(envelope-from dl-freebsd@catspoiler.org)
Message-Id: <200210051000.g95A0ZvU023752@gw.catspoiler.org>
Date: Sat, 5 Oct 2002 03:00:35 -0700 (PDT)
From: Don Lewis <dl-freebsd@catspoiler.org>
Subject: Re: [jmallett@FreeBSD.org: [PATCH] Reliable signal queues, etc., [for review]]
To: jmallett@FreeBSD.ORG
Cc: arch@FreeBSD.ORG
In-Reply-To: <20021005002021.A14635@FreeBSD.org>
MIME-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

On  5 Oct, Juli Mallett wrote:

> diff -Nrdu -x *CVS* -x *dev* sys/kern/kern_exit.c kernel/kern/kern_exit.c
> --- sys/kern/kern_exit.c	Tue Oct  1 12:15:51 2002
> +++ kernel/kern/kern_exit.c	Sat Oct  5 01:20:57 2002

> @@ -209,12 +210,12 @@
>  	PROC_LOCK(p);
>  	if (p == p->p_leader) {
>  		q = p->p_peers;
> +		PROC_UNLOCK(p);
>  		while (q != NULL) {
> -			PROC_LOCK(q);
>  			psignal(q, SIGKILL);
> -			PROC_UNLOCK(q);
>  			q = q->p_peers;
>  		}
> +		PROC_LOCK(p);
>  		while (p->p_peers) 
>  			msleep(p, &p->p_mtx, PWAIT, "exit1", 0);
>  	}

This scary looking fragment of code in exit1() is relying on the lock on
p->p_leader being continuously held to prevent the p_peers list from
changing while the list traversal is in progress.  The code in
kern_fork.c and elsewhere in kern_exit.c holds a lock on p_leader while
the list modifications are done.

The existing code looks like it could deadlock if q is locked because it
is in fork() or exit().  Process p will block when it tries to lock q,
and q will block when it tries to lock its p_leader, which happens to be
p.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message