Crash with FreeBSD 6.1 STABLE of today

Max Laier max at love2party.net
Fri Jun 23 17:29:03 UTC 2006 

On Friday 23 June 2006 18:03, Gavin Atkinson wrote:
> On Fri, 2006-06-23 at 13:46 +0200, Martin Blapp wrote:
> > Hi,
> >
> > Maybe this is the solution ? IMHO there is a race window
> > open between the first tp->t_session test and the locking
> > of the proc tree.
>
> I'm not sure if t_session is supposed to be protected by the proctree
> lock though.  With an initial glance of the code, it would seem odd to
> be protected by the proctree lock, although I can't see any other locks
> Someone with more knowledge of this code will probably know the answer
> to this.
>
> There does seem to be a worrying comment above tty_close (which is the
> only place that t_session seems to be set to NULL):
>
>  * XXX our caller should have done `spltty(); l_close(); tty_close();'
>  * and l_close() should have flushed, but we repeat the spltty() and
>  * the flush in case there are buggy callers.
>
> As I understand it, spltty() is now a no-op.  Does this mean that this
> code is now essentially running without any locks that were used to
> serialise changes to struct tty in days gone by?  Or is the whole tty
> subsystem still running under Giant?

Just as a random note.  I remember looking at a somewhat similar problem 
during the 6.0 release cycle and comming up with a patch[1].  Somehow the 
problem went away and I lost track of the patch.  Can't remember who was 
testing it.  I think I talked with Christan about it, though [CC-list++]

Note, I am not sure if the patch still applies or is correct at all, but from 
looking at it (and the name of the file) I seem to remember that there was a 
problem with t_pgrp and t_session being accessed unlocked in some places.  
Maybe it helps, maybe it doesn't.

[1] http://people.freebsd.org/~mlaier/tty.t_pgrp.diff

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20060623/e0384681/attachment.pgp

More information about the freebsd-stable mailing list