From owner-svn-src-all@FreeBSD.ORG Thu Dec 23 15:17:28 2010 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 73708106564A; Thu, 23 Dec 2010 15:17:28 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 633848FC0C; Thu, 23 Dec 2010 15:17:28 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id oBNFHSu3061339; Thu, 23 Dec 2010 15:17:28 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id oBNFHS5t061337; Thu, 23 Dec 2010 15:17:28 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <201012231517.oBNFHS5t061337@svn.freebsd.org> From: John Baldwin Date: Thu, 23 Dec 2010 15:17:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r216679 - head/sys/x86/x86 X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Dec 2010 15:17:28 -0000 Author: jhb Date: Thu Dec 23 15:17:28 2010 New Revision: 216679 URL: http://svn.freebsd.org/changeset/base/216679 Log: Drop the icu_lock spinlock while pausing briefly after masking the interrupt in the I/O APIC before moving it to a different CPU. If the interrupt had been triggered by the I/O APIC after locking icu_lock but before we masked the pin in the I/O APIC, then this could cause the interrupt to be pending on the "old" CPU and it would finally trigger after we had moved the interrupt to the new CPU. This could cause us to panic as there was no interrupt source associated with the old IDT vector on the old CPU. Dropping the lock after the interrupt is masked but before it is moved allows the interrupt to fire and be handled in this case before it is moved. Tested by: Daniel Braniss danny of cs huji ac il MFC after: 1 week Modified: head/sys/x86/x86/io_apic.c Modified: head/sys/x86/x86/io_apic.c ============================================================================== --- head/sys/x86/x86/io_apic.c Thu Dec 23 03:12:03 2010 (r216678) +++ head/sys/x86/x86/io_apic.c Thu Dec 23 15:17:28 2010 (r216679) @@ -359,7 +359,9 @@ ioapic_assign_cpu(struct intsrc *isrc, u if (!intpin->io_masked && !intpin->io_edgetrigger) { ioapic_write(io->io_addr, IOAPIC_REDTBL_LO(intpin->io_intpin), intpin->io_lowreg | IOART_INTMSET); + mtx_unlock_spin(&icu_lock); DELAY(100); + mtx_lock_spin(&icu_lock); } intpin->io_cpu = apic_id;