Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 18 Feb 2015 08:50:26 +0000
From:      "hselasky (Hans Petter Selasky)" <phabric-noreply@FreeBSD.org>
To:        freebsd-net@freebsd.org
Subject:   [Differential] [Commented On] D1711: Changes to the callout code to restore active semantics and also add a test-framework and test to validate thecallout code (and potentially for use by other tests).
Message-ID:  <c29bb6794aa614be43a5d142d94388d8@localhost.localdomain>
In-Reply-To: <differential-rev-PHID-DREV-vhk6ww63dvpj6egspuyt-req@FreeBSD.org>
References:  <differential-rev-PHID-DREV-vhk6ww63dvpj6egspuyt-req@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
hselasky added a comment.

Randall: Shooting again:

Thread 1 is executing in "softclock_call_cc()" in the "new_cc = callout_cpu_switch(c, cc, new_cpu)" it has set "c->c_cpu = CPUBLOCK;"
Thread 2 is now executing callout_reset(). As you can see in the implementation detail, it is reading "c_cpu" without CC_LOCK() locked and without checking if it was reading the c_cpu while it was equal to CPUBLOCK !

#define callout_reset(c, on_tick, fn, arg)                              \
    callout_reset_on((c), (on_tick), (fn), (arg), (c)->c_cpu)

This results in migrating the callout to CPUBLOCK, and subsequent calls will hang in callout_lock() like in hirens panic.

--HPS

REVISION DETAIL
  https://reviews.freebsd.org/D1711

To: rrs, gnn, rwatson, lstewart, jhb, kostikbel, sbruno, imp, adrian, hselasky
Cc: julian, hiren, jhb, kostikbel, emaste, delphij, neel, erj, freebsd-net



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c29bb6794aa614be43a5d142d94388d8>