This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[Bug runtime/17052] New: race between _stp_ctl_work_callback and _stp_runtime_contexts_free
- From: "jistone at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: systemtap at sourceware dot org
- Date: Thu, 12 Jun 2014 21:16:06 +0000
- Subject: [Bug runtime/17052] New: race between _stp_ctl_work_callback and _stp_runtime_contexts_free
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=17052
Bug ID: 17052
Summary: race between _stp_ctl_work_callback and
_stp_runtime_contexts_free
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: runtime
Assignee: systemtap at sourceware dot org
Reporter: jistone at redhat dot com
Commit d2d39de664924 introduced get_context into the transport layer, to
prevent a nasty lock recursion bug. However, there's now a race where the
transport's timer for _stp_ctl_work_callback might fire at the same time we are
in the middle of shutdown with _stp_runtime_contexts_free. Thus it's possible
for get_context to see context c!=NULL, but fault on modifying c->busy.
BUG: unable to handle kernel paging request at ffffc900003c7000
IP: [<ffffffffa0629115>] _stp_runtime_entryfn_get_context+0x25/0x40
[...]
[<ffffffffa062cf61>] _stp_ctl_work_callback+0x11/0xf0
[<ffffffff8106d236>] call_timer_fn+0x36/0x110
Disassembly showing c->busy triggering this:
return i + xadd(&v->counter, i);
20: b9 01 00 00 00 mov $0x1,%ecx
25: f0 0f c1 0a lock xadd %ecx,(%rdx)
if (atomic_inc_return(&c->busy) == 1)
29: 85 c9 test %ecx,%ecx
--
You are receiving this mail because:
You are the assignee for the bug.