FreeBSD Mail Archives

Date:      Sat, 25 Jan 2014 01:58:15 +0000 (UTC)
From:      Alexander Motin <mav@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org
Subject:   svn commit: r261145 - stable/10/sys/cam
Message-ID:  <201401250158.s0P1wFgv048762@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help

Author: mav
Date: Sat Jan 25 01:58:15 2014
New Revision: 261145
URL: http://svnweb.freebsd.org/changeset/base/261145

Log:
  MFC r260549:
  Move xpt_run_devq() call before request completion callback where it was
  originally.
  
  I am not sure why exactly have I moved it during one of many refactorings
  during camlock project, but obviously it opens race window that may cause
  use after free panics during SIM (in reported cases umass(4)) detach.

Modified:
  stable/10/sys/cam/cam_xpt.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/cam/cam_xpt.c
==============================================================================
--- stable/10/sys/cam/cam_xpt.c	Sat Jan 25 01:08:35 2014	(r261144)
+++ stable/10/sys/cam/cam_xpt.c	Sat Jan 25 01:58:15 2014	(r261145)
@@ -5186,8 +5186,7 @@ xpt_done_process(struct ccb_hdr *ccb_h)
 
 	if ((ccb_h->flags & CAM_DEV_QFRZDIS)
 	 && (ccb_h->status & CAM_DEV_QFRZN)) {
-		xpt_release_devq(ccb_h->path, /*count*/1,
-				 /*run_queue*/FALSE);
+		xpt_release_devq(ccb_h->path, /*count*/1, /*run_queue*/TRUE);
 		ccb_h->status &= ~CAM_DEV_QFRZN;
 	}
 
@@ -5216,6 +5215,7 @@ xpt_done_process(struct ccb_hdr *ccb_h)
 
 		if (!device_is_queued(dev))
 			(void)xpt_schedule_devq(devq, dev);
+		xpt_run_devq(devq);
 		mtx_unlock(&devq->send_mtx);
 
 		if ((dev->flags & CAM_DEV_TAG_AFTER_COUNT) != 0) {
@@ -5245,10 +5245,6 @@ xpt_done_process(struct ccb_hdr *ccb_h)
 	(*ccb_h->cbfcnp)(ccb_h->path->periph, (union ccb *)ccb_h);
 	if (mtx != NULL)
 		mtx_unlock(mtx);
-
-	mtx_lock(&devq->send_mtx);
-	xpt_run_devq(devq);
-	mtx_unlock(&devq->send_mtx);
 }
 
 void

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201401250158.s0P1wFgv048762>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation