Date: Tue, 20 Sep 2005 13:56:54 -0600 (MDT) From: "M. Warner Losh" <imp@bsdimp.com> To: jhb@FreeBSD.org Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, ru@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/dev/an if_an.c src/sys/dev/arl if_arl_isa.c src/sys/dev/awi if_awi_pccard.c src/sys/dev/cm if_cm_isa.c src/sys/dev/cnw if_cnw.c src/sys/dev/cp if_cp.c src/sys/dev/cs if_cs.c src/sys/dev/ed if_ed.c src/sys/dev/em if_em.c ... Message-ID: <20050920.135654.73653698.imp@bsdimp.com> In-Reply-To: <200509201551.11396.jhb@FreeBSD.org> References: <20050919055028.GC65954@ip.net.ua> <20050919.083146.105425670.imp@bsdimp.com> <200509201551.11396.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <200509201551.11396.jhb@FreeBSD.org>
John Baldwin <jhb@FreeBSD.org> writes:
: On Monday 19 September 2005 10:31 am, M. Warner Losh wrote:
: > In message: <20050919055028.GC65954@ip.net.ua>
: >
: > Ruslan Ermilov <ru@freebsd.org> writes:
: > : Hi,
: > :
: > : On Mon, Sep 19, 2005 at 03:10:21AM +0000, Warner Losh wrote:
: > : > imp 2005-09-19 03:10:21 UTC
: > : >
: > : > FreeBSD src repository
: > : >
: > : > Modified files:
: > : > sys/dev/an if_an.c
: > :
: > : [...]
: > :
: > : > sys/dev/xe if_xe_pccard.c
: > : > Log:
: > : > Make sure that we call if_free(ifp) after bus_teardown_intr. Since
: > : > we could get an interrupt after we free the ifp, and the interrupt
: > : > handler depended on the ifp being still alive, this could, in theory,
: > : > cause a crash. Eliminate this possibility by moving the if_free to
: > : > after the bus_teardown_intr() call.
: > :
: > : I'm going into more details in my other reply to your ed(4) commit,
: > : but I'm pretty sure you're attacking a wrong problem here. Most
: > : drivers don' assume and will behave badly (read: panic) if foo_intr()
: > : is called after foo_stop() (foo_stop() disables interrupts and
: > : usually frees some resources needed by code called from foo_intr()).
: > : A better fix that I had in mind (and that I think jhb@ has suggested)
: > : would be to return from foo_intr() quickly if IFF_DRV_RUNNING is not
: > : set. Can you reproduce the problem that you mention on real hardware?
: >
: > You can't test IFF_DRV_RUNNING in memory that's already been freed.
:
: Then do this:
:
: foo_stop();
: callout_drain();
: ether_ifdetach();
: bus_teardowin_intr();
: if_free();
That's what my patches did :-) ruslan apparently thought I was fixing
a different problem.
: Regarding other comments I saw today on some e-mail or another, I do think
: that to make the locking sane, we might should push the checks for
: IFF_DRV_RUNNING down into the foo_start() routines rather than doing it in
: the network layer where the driver lock isn't held.
After playing around a bit, I'm convinced that we need to have the
flags tested in the driver. While we might be able to do a dead_if
sort of thing, driver checks, though tedious, are likely the way to
go.
Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050920.135654.73653698.imp>