Re: Another LOR with filedesc structure and Giant

From: Kris Kennaway <kris_at_obsecurity.org>
Date: Mon, 28 Jul 2003 14:53:12 -0700
On Mon, Jul 28, 2003 at 11:09:55AM -0400, Robert Watson wrote:
> 
> On Sun, 27 Jul 2003, Kris Kennaway wrote:
> 
> > After upgrading last night, one of the package machines found this:
> 
> I've bumped into some similar problems -- it's a property of how we
> current lock select().  We hold the file descriptor lock for the duration
> of polling each object being "selected", and if any of those objects has
> to grab a lock for any reason, it has to implicitly fall after the file
> descriptor lock.  I actually run into this in some of our MAC code,
> because I need to grab a vnode lock to authorize polling the vnode using
> VOP_POLL(), and since the vnode lock is a sleep lock, this generates a
> WITNESS warning.  Unfortunately, it's not immediately clear what a better
> locking scheme would look like without going overboard on the fine-grained
> side.  We probably need to grab Giant before entering the select code
> since it's highly likely something in there will require Giant -- it
> reaches down into VFS, the device stuff, socket code, tc.

Also

lock order reversal
 1st 0xc6a69634 filedesc structure (filedesc structure) _at_ /a/asami/portbuild/i386/src-client/sys/kern/sys_generic.c:1071
 2nd 0xc04aa120 Giant (Giant) _at_ /a/asami/portbuild/i386/src-client/sys/fs/specfs/spec_vnops.c:372
Stack backtrace:
backtrace(c043d4af,c04aa120,c0439aa4,c0439aa4,c0434e3d) at backtrace+0x17
witness_lock(c04aa120,8,c0434e3d,174,246) at witness_lock+0x672
_mtx_lock_flags(c04aa120,0,c0434e3d,174,c043daba) at _mtx_lock_flags+0xba
spec_poll(d8dfcb44,d8dfcb64,c02d119c,d8dfcb44,c04939a0) at spec_poll+0x134
spec_vnoperate(d8dfcb44,c04939a0,c52cfa44,41,c6cfd280) at spec_vnoperate+0x18
vn_poll(c45dc880,41,c6cfd280,c5f7a4c0,c6cfd280) at vn_poll+0x3c
pollscan(c5f7a4c0,d8dfcbd4,2,3e7,10) at pollscan+0xb0
poll(c5f7a4c0,d8dfcd10,c0455899,3ee,3) at poll+0x252
syscall(2f,2f,2f,0,2) at syscall+0x273
Xint0x80_syscall() at Xint0x80_syscall+0x1d
--- syscall (209), eip = 0x281c4934, esp = 0xbfbfeee4, ebp = 0xbfbfef20 ---
Debugger("witness_lock")
Stopped at      Debugger+0x54:  xchgl   %ebx,in_Debugger.0
db>

Kris

Received on Mon Jul 28 2003 - 12:53:23 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:16 UTC