From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <4651BE7B.4080909@domain.hid> Date: Mon, 21 May 2007 17:44:59 +0200 From: Jan Kiszka MIME-Version: 1.0 References: <465099CE.2010004@domain.hid> <4651AFF9.5030402@domain.hid> <4651B821.2080704@domain.hid> In-Reply-To: <4651B821.2080704@domain.hid> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigB4C77C03288050C3752EC722" Sender: jan.kiszka@domain.hid Subject: Re: [Xenomai-core] [BUG] module_put called over non-root domain List-Id: "Xenomai life and development \(bug reports, patches, discussions\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Gilles Chanteperdrix Cc: xenomai-core This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigB4C77C03288050C3752EC722 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Gilles Chanteperdrix wrote: > Jan Kiszka wrote: >> Hi Philippe, >> >> Jan Kiszka wrote: >> >>> Just ran into this with CONFIG_IPIPE_DEBUG_CONTEXT (maybe due to some= >>> bug of my own): >> >> Here is some code to trigger the issue reliably: >> >> #include >> #include >> >> void task_fnct(void *arg) >> { >> rt_task_delete(NULL); >> } >> >> main() >> { >> RT_TASK task; >> mlockall(MCL_CURRENT|MCL_FUTURE); >> rt_task_spawn(&task, "task", 0, 10, 0, task_fnct, NULL); >> } >> >> >> >>> [ 102.616000] I-pipe: Detected illicit call from domain 'Xenomai' >>> [ 102.616000] into a service reserved for domain 'Linux' and= below. >>> [ 102.616000] c741bdc8 00000000 00000000 c8860ef8 c741bdec c0= 105683 c032c200 c13fe22c >>> [ 102.616000] c0361f00 c741be08 c01519ed c032f5b8 c032c742 c0= 3380b3 c8885100 c78beac0 >>> [ 102.616000] c741be14 c0142ce9 c7a80b30 c741be3c c884d075 c8= 85f150 c8860ef8 c741be3c >>> [ 102.616000] Call Trace: >>> [ 102.616000] [] show_trace_log_lvl+0x1f/0x40 >>> [ 102.616000] [] show_stack_log_lvl+0xb1/0xe0 >>> [ 102.616000] [] show_stack+0x33/0x40 >>> [ 102.616000] [] ipipe_check_context+0xad/0xc0 >>> [ 102.616000] [] module_put+0x19/0x90 >>> [ 102.616000] [] xnshadow_unmap+0xb5/0x130 [xeno_nucleus]= >>> [ 102.616000] [] __shadow_delete_hook+0x25/0x30 [xeno_nat= ive] >>> [ 102.616000] [] xnpod_schedule+0xb58/0x12f0 [xeno_nucleu= s] >>> [ 102.616000] [] xnpod_delete_thread+0x2cb/0x3d0 [xeno_nu= cleus] >>> [ 102.616000] [] rt_task_delete+0x20d/0x220 [xeno_native]= >>> >>> I would dare to say that module_put in xnshadow_unmap is not well pla= ced >>> as it can wakeup a Linux process. The module ref-counter maintenance >>> needs some postponing, I guess. >> >> Attached is a patch proposal. It solves the issue by postponing the >> module_put via a new schedule_linux_call. Note that this approach issu= es >> LO_WAKEUP_REQ where the old test (p->state !=3D TASK_RUNNING) would no= t >> have done so. I don't see negative side effects yet, and I'm furthermo= re >> not sure of the old code was handling SMP scenarios safely (What if th= e >> thread to be unmapped was running on different CPU than xnshadow_unmap= ? >> How to ensure test-atomicity then?). >=20 > This one counts as mine! I am Ok with the fix, but IMHO, the > "if(p->state !=3D TASK_RUNNING)" probably has a reason, so I would leav= e > it in the new implementation. >=20 But then I need some official declaration, that this test cannot race with whatever in case the target task runs on another CPU. I tried to direct my brain along this twisted path, but stopped before it started hurting too much (others would call it laziness). :) Jan --------------enigB4C77C03288050C3752EC722 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGUb57niDOoMHTA+kRAoB/AJ9Pqb88WqAjs8xCA3hXEpZnTliSxgCbB8xi IaCIp/LhiZsw7Ud71xn6Das= =gOi2 -----END PGP SIGNATURE----- --------------enigB4C77C03288050C3752EC722--