[issue2092] Panic: Bad link elm 0x... next->prev != elm
Magliano Andrea (via DragonFly issue tracker)
sinknull at leaf.dragonflybsd.org
Mon Jul 4 03:10:45 PDT 2011
Magliano Andrea <masterblaster at tiscali.it> added the comment:
A further possible source of problems:
in sys/bus/cam/cam_xpt.c:camisr() a TAILQ_REMOVE is done before CAM_SIM_LOCK(sim).
With the attached patch it's now running stable since a week.
As i'm new to dfly kernel, could please someone at least say if these changes
are meaningful at all?
----------
status: chatting -> testing
_____________________________________________________
DragonFly issue tracker <bugs at lists.dragonflybsd.org>
<http://bugs.dragonflybsd.org/issue2092>
_____________________________________________________From 7d030949f06a69f721b27167364b4a573315bae8 Mon Sep 17 00:00:00 2001
From: Magliano Andrea <masterblaster at tiscali.it>
Date: Mon, 4 Jul 2011 11:37:11 +0200
Subject: [PATCH 3/3] Fix race condition on cam simqueue
* move spin_lock after local queue init (doesn't need it)
* lock the sim before tailq removing: this possible solves issue 2092,
as it's running stable over 1 week now
---
sys/bus/cam/cam_xpt.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/sys/bus/cam/cam_xpt.c b/sys/bus/cam/cam_xpt.c
index a3b5651..82341bf 100644
--- a/sys/bus/cam/cam_xpt.c
+++ b/sys/bus/cam/cam_xpt.c
@@ -7230,16 +7230,16 @@ camisr(void *dummy)
cam_simq_t queue;
struct cam_sim *sim;
- spin_lock(&cam_simq_spin);
TAILQ_INIT(&queue);
+ spin_lock(&cam_simq_spin);
while (!TAILQ_EMPTY(&cam_simq)) {
TAILQ_CONCAT(&queue, &cam_simq, links);
spin_unlock(&cam_simq_spin);
while ((sim = TAILQ_FIRST(&queue)) != NULL) {
- TAILQ_REMOVE(&queue, sim, links);
CAM_SIM_LOCK(sim);
+ TAILQ_REMOVE(&queue, sim, links);
sim->flags &= ~CAM_SIM_ON_DONEQ;
camisr_runqueue(sim);
CAM_SIM_UNLOCK(sim);
--
1.7.4.1
More information about the Bugs
mailing list