Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 14 Jun 2017 00:32:21 +0100
From:      Andrew Turner <andrew@fubar.geek.nz>
To:        Zbigniew Bodek <zbb@freebsd.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r319913 - head/sys/dev/hwpmc
Message-ID:  <8886277B-6036-41E8-819D-47AD6990F019@fubar.geek.nz>
In-Reply-To: <201706131853.v5DIruKH034954@repo.freebsd.org>
References:  <201706131853.v5DIruKH034954@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

> On 13 Jun 2017, at 19:53, Zbigniew Bodek <zbb@freebsd.org> wrote:
>=20
> Author: zbb
> Date: Tue Jun 13 18:53:56 2017
> New Revision: 319913
> URL: https://svnweb.freebsd.org/changeset/base/319913
>=20
> Log:
>  Fix INVARIANTS debug code in HWPMC
>=20
>  When HWPMC stops sampling, ps_pmc may be freed before samples
>  are processed. In such situation treat PMC as stopped.

What is the sequence leading up to this?

...
> Modified: head/sys/dev/hwpmc/hwpmc_mod.c
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> --- head/sys/dev/hwpmc/hwpmc_mod.c	Tue Jun 13 18:52:39 2017	=
(r319912)
> +++ head/sys/dev/hwpmc/hwpmc_mod.c	Tue Jun 13 18:53:56 2017	=
(r319913)
> @@ -4224,7 +4224,8 @@ pmc_capture_user_callchain(int cpu, int ring, =
struct t
> 	ps_end =3D psb->ps_write;
> 	do {
> #ifdef	INVARIANTS
> -		if (ps->ps_pmc->pm_state !=3D PMC_STATE_RUNNING)
> +		if ((ps->ps_pmc =3D=3D NULL) ||
> +		    (ps->ps_pmc->pm_state !=3D PMC_STATE_RUNNING))

Isn=E2=80=99t this just moving the NULL pointer dereference later in the =
function? I=E2=80=99m interested in knowing how the NULL pointer got =
into this function.

> 			nfree++;
> #endif
> 		if (ps->ps_nsamples !=3D PMC_SAMPLE_INUSE)
> @@ -4262,9 +4263,11 @@ next:
> 			ps =3D psb->ps_samples;
> 	} while (ps !=3D ps_end);
>=20
> +#ifdef	INVARIANTS
> 	KASSERT(ncallchains > 0 || nfree > 0,
> 	    ("[pmc,%d] cpu %d didn't find a sample to collect", =
__LINE__,
> 		cpu));
> +#endif

Why is this needed? KASSERT is a top when INVARIANTS is undefined.

Andrew

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8886277B-6036-41E8-819D-47AD6990F019>