From: Philippe Gerum <rpm@xenomai.org>
To: Dmitry Adamushko <dmitry.adamushko@domain.hid>
Cc: Jan Kiszka <jan.kiszka@domain.hid>, xenomai@xenomai.org
Subject: [Xenomai-core] Re: [Xenomai-help] Bad EIP kernel-Oops
Date: Thu, 14 Sep 2006 10:46:35 +0200 [thread overview]
Message-ID: <1158223595.5040.16.camel@domain.hid> (raw)
In-Reply-To: <b647ffbd0609140055t328fec1fi3b5d86da178d790e@domain.hid>
On Thu, 2006-09-14 at 09:55 +0200, Dmitry Adamushko wrote:
>
>
> On 13/09/06, Jan Kiszka <jan.kiszka@domain.hid> wrote:
>
> It's the indirect call to the event handler.
>
> 8b3: 8b 55 e4 mov 0xffffffe4(%ebp),%edx
> 8b6: 50 push %eax
> -> 8b7: ff 94 93 80 22 00 00 call *0x2280(%ebx,%edx,4)
> 8be: 83 c4 0c add $0xc,%esp
> 8c1: 85 c0 test %eax,%eax
>
> In my case the kernel tries to access the address 0xd09bc5e5
> which seems
> like it used to be a valid one.
>
> I suppose, you have <= 256 Mb on this machine? If so, 0xd09bc5e5
> belongs to vmalloc()'ed area (in the past). So that was likely some
> module (e.g. nucleus).
>
>
> So this looks like we really need some mechanism to make sure
> all CPUs
> use the updated pointers after unhooking some event handler
> and before
> proceeding with further cleanups.
>
> It's more complicated, I'm afraid. We need to be sure the event
> handler function itself will not disappear in the mean time. Hence,
> module unloading should be delayed, iow something alike
> synchronize_rcu() that blocks a "cleanup caller" (which calls
> unregister_domain()) untill all the readers are done with their
> activities.
>
> Maybe it's wrong. Some more code reading would be required.
>
The proper fix is to synchronize ipipe_catch_event(..., NULL) with the
event dispatcher, so that any caller could legitimately assume that no
subsequent call to the former handler will happen on any CPU after this
service has returned. Since ipipe_unregister_domain() may already
legitimately assume that all event handlers have been cleared using
ipipe_catch_event() by the caller before proceeding, the issue would be
solved.
The difficult part is to refrain from masking the hw interrupts when
running the event handlers for the sake of keeping short latencies
(nothing would prevent those handlers to re-enable interrupts anyway).
IOW, using a big stick like the critical inter-CPU lock is not the
preferred option.
>
>
> Jan
>
>
> --
> Best regards,
> Dmitry Adamushko
--
Philippe.
next prev parent reply other threads:[~2006-09-14 8:46 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-09-12 13:24 [Xenomai-help] Bad EIP kernel-Oops Nils Kemper
2006-09-12 17:19 ` Jan Kiszka
2006-09-12 20:11 ` Philippe Gerum
2006-09-12 20:58 ` [Xenomai-core] " Dmitry Adamushko
2006-09-12 21:34 ` Jan Kiszka
2006-09-13 8:43 ` Jan Kiszka
2006-09-14 7:55 ` Dmitry Adamushko
2006-09-14 8:46 ` Philippe Gerum [this message]
2006-09-14 22:12 ` Dmitry Adamushko
2006-09-15 8:21 ` Philippe Gerum
2006-09-15 8:33 ` Jan Kiszka
2006-09-15 9:09 ` Philippe Gerum
2006-09-15 9:15 ` Dmitry Adamushko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1158223595.5040.16.camel@domain.hid \
--to=rpm@xenomai.org \
--cc=dmitry.adamushko@domain.hid \
--cc=jan.kiszka@domain.hid \
--cc=xenomai@xenomai.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.