Date: Mon, 26 Apr 2004 15:32:33 -0700 (PDT) From: Julian Elischer <julian@elischer.org> To: Daniel Eischen <eischen@vigrid.com> Cc: Dan Nelson <dnelson@allantgroup.com> Subject: Re: panic: Exit: Single threading fouled up Message-ID: <Pine.BSF.4.21.0404261530090.45911-100000@InterJet.elischer.org> In-Reply-To: <Pine.GSO.4.10.10404261714360.10647-100000@pcnet5.pcnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 26 Apr 2004, Daniel Eischen wrote:
>
> There is a race in kse_release() and kse_wakeup() that looks
> to have been introduced when sleepqueues were added. msleep()
> drops the mutex too early (in this case the proc lock) and
> TDF_SINTR gets set after the mutex has been released. So
> the code in thread_single():
>
> if (force_exit == SINGLE_EXIT) {
> if (TD_IS_SUSPENDED(td2)) {
> thread_unsuspend_one(td2);
> }
> -> if (TD_ON_SLEEPQ(td2) &&
> -> (td2->td_flags & TDF_SINTR)) {
> sleepq_abort(td2);
> }
>
> may not abort the thread in the sleep queue.
I don't see imediatly how that would allow two processes
to get into the same code twice.. or someone could leave the
pointer set after doing single-threading, but
it does show that this is tricky stuff.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0404261530090.45911-100000>