Date: Fri, 12 Aug 2016 11:17:45 -0400 From: "Kenneth D. Merry" <ken@FreeBSD.ORG> To: Warner Losh <imp@bsdimp.com> Cc: "Andrey V. Elsukov" <ae@freebsd.org>, Bryan Drewery <bdrewery@freebsd.org>, Peter Wemm <peter@wemm.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>, src-committers <src-committers@freebsd.org> Subject: Re: svn commit: r303019 - head/sys/geom Message-ID: <20160812151745.GA52527@mithlond.kdm.org> In-Reply-To: <CANCZdfqJ7_0PAKvvziscP1GJ%2BmVwtzkEhVt6kL7a1rVu1HZCXw@mail.gmail.com> References: <201607190536.u6J5aLl7015268@repo.freebsd.org> <3277576.dFZ2EGo2Fh@overcee.wemm.org> <6198652.UmU69kS6Zt@overcee.wemm.org> <181fcc35-3a5d-043f-7dc4-7a01a53eebae@FreeBSD.org> <7372bf93-69a2-f5f5-1d07-204fd31f252c@FreeBSD.org> <20160812151117.GA52309@mithlond.kdm.org> <CANCZdfqJ7_0PAKvvziscP1GJ%2BmVwtzkEhVt6kL7a1rVu1HZCXw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 12, 2016 at 09:13:58 -0600, Warner Losh wrote: > On Fri, Aug 12, 2016 at 9:11 AM, Kenneth D. Merry <ken@freebsd.org> wrote: > > On Fri, Aug 12, 2016 at 13:38:21 +0300, Andrey V. Elsukov wrote: > >> On 12.08.16 03:26, Bryan Drewery wrote: > >> > On r303467 I ran into this: > >> > > >> > panic @ time 1470916206.652, thread 0xfffff8000412f000: > >> > g_resize_provider_event but withered > >> > cpuid = 0 > >> > Panic occurred in module kernel loaded at 0xffffffff80200000: > >> > > >> > Stack: -------------------------------------------------- > >> > kernel:kassert_panic+0x166 > >> > kernel:g_resize_provider_event+0x181 > >> > kernel:g_run_events+0x186^M^M > >> > kernel:fork_exit+0x83^M^M > >> > -------------------------------------------------- > >> > > >> > No further information available unfortunately. > >> > >> This one is related to r302087 :) > > > > It looks like there is a race. I think we need to replace the KASSERT > > in g_resize_provider_event() with a return in case the provider is > > withered. > > > > I won't be able to work on or test this until sometime next week. So if > > you guys want to go ahead and make the change, please do. > > But why are we calling g_resize_provider on a withered object? That's > the part I don't understand in this thread. It isn't withered when the event is queued, but it is withered by the time the event is executed. There is a check in g_resize_provider() to make sure it isn't withered. If not, the event is queued. But once g_resize_provider_event() runs, it is withered and we run into the KASSERT. There isn't adequate locking and ordering in there to prevent the race from happening, so the assert should be replaced with an "if (withered) return" statement. Ken -- Kenneth Merry ken@FreeBSD.ORG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160812151745.GA52527>