Date: Tue, 21 Mar 2023 19:19:49 -0700 From: Mark Millard <marklmi@yahoo.com> To: FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org>, FreeBSD Toolchain <freebsd-toolchain@freebsd.org> Cc: George Mitchell <george@m5p.com> Subject: releng/13.1 amd64 atomic_fcmpset_long parameter order and dst,expect,src (source) vs. src,dst,expect (crash dump report) Message-ID: <CC26C8DE-9F27-4686-9BC3-09FCBCC2FC58@yahoo.com> References: <CC26C8DE-9F27-4686-9BC3-09FCBCC2FC58.ref@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Anyone know what to make of the below mismatch between the source
and what crash log is reporting about the atomic_fcmpset_long
parameter order?
A releng/13.1 sys/amd64/include/atomic.h has the likes of:
int atomic_fcmpset_long(volatile u_long *dst, u_long *expect, u_long =
src);
Note the order: dst, expect, src. Later it has the implementation:
/*
* Atomic compare and set, used by the mutex functions.
*
* cmpset:
* if (*dst =3D=3D expect)
* *dst =3D src
*
* fcmpset:
* if (*dst =3D=3D *expect)
* *dst =3D src
* else
* *expect =3D *dst
*
* Returns 0 on failure, non-zero on success.
*/
#define ATOMIC_CMPSET(TYPE) \
static __inline int \
atomic_cmpset_##TYPE(volatile u_##TYPE *dst, u_##TYPE expect, u_##TYPE =
src) \
{ \
u_char res; \
\
__asm __volatile( \
" lock; cmpxchg %3,%1 ; " \
"# atomic_cmpset_" #TYPE " " \
: "=3D@cce" (res), /* 0 */ \
"+m" (*dst), /* 1 */ \
"+a" (expect) /* 2 */ \
: "r" (src) /* 3 */ \
: "memory", "cc"); \
return (res); \
} \
\
static __inline int \
atomic_fcmpset_##TYPE(volatile u_##TYPE *dst, u_##TYPE *expect, u_##TYPE =
src) \
{ \
u_char res; \
\
__asm __volatile( \
" lock; cmpxchg %3,%1 ; " \
"# atomic_fcmpset_" #TYPE " " \
: "=3D@cce" (res), /* 0 */ \
"+m" (*dst), /* 1 */ \
"+a" (*expect) /* 2 */ \
: "r" (src) /* 3 */ \
: "memory", "cc"); \
return (res); \
}
ATOMIC_CMPSET(char);
ATOMIC_CMPSET(short);
ATOMIC_CMPSET(int);
ATOMIC_CMPSET(long);
which still shows dst,expect,src for the order.
But a releng/13.1 crash dump log shows the name order: src, dst, expect
(in #7 below):
#4 0xffffffff80c1ba63 in panic (fmt=3D<unavailable>)
at /usr/src/sys/kern/kern_shutdown.c:844
#5 0xffffffff810addf5 in trap_fatal (frame=3D0xfffffe00b555dae0, eva=3D0)
at /usr/src/sys/amd64/amd64/trap.c:944
#6 <signal handler called>
#7 0xffffffff80c895cb in atomic_fcmpset_long (src=3D18446741877726026240,=20=
dst=3D<optimized out>, expect=3D<optimized out>)
at /usr/src/sys/amd64/include/atomic.h:225
The atomic_fcmpset_long (from a mtx_lock(?) use) got a:
Fatal trap 9: general protection fault while in kernel mode
crash. The code was inside nfsd.
( Note: 18446741877726026240 =3D=3D 0xfffffe00b52e9a00 )
The crash is not mine. It is a new type of example from
an ongoing crash-evidence gathering session. See:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267028#c147
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267028#c148
=3D=3D=3D
Mark Millard
marklmi at yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CC26C8DE-9F27-4686-9BC3-09FCBCC2FC58>