On 03/05/09 22:17, Liu, Jiang wrote:
Hi all,
I have some questions when reading source code of callb and scheduler
subsystems, which seem to me like possble race conditions.
The first case is race between callb_execute_class() and callb_delete().
Relative code from uts/common/os/callb.c as below:
...
Suspicious code is
/*
* cont if the callb is deleted while we're sleeping
*/
if (cp->c_flag == CALLB_FREE)
continue;
Actually, when (cp->c_flag == CALLB_FREE) is true, cp->c_next should
already point to next node on freelist instead of on class list.
Yes. This one is a bug. This may not be a problem in
practice though since callb_delete() is called mostly during shutdown
of the system.
Please file a bug using http://bugs.opensolaris.org/.
The second case is relative to function disp_setup() in
uts/common/disp/disp.c.
I don't know enough to comment on this one.
Regards,
-Krishna
dsip_setup() tries to grow dispatch queue entries in dispatch table when
increasing max
global priority. In current implementation, all other CPUs will be paused when
replacing
per-CPU dispatch table to protect it, but there's no such protection when
replacing
CPU partition level preempt dispatch table.
The above possible race condition could be triggered by configure
"kpqpri" to
a value less than 100 in /etc/system.
BTW, following code in function disp_setup() may be isn not what we
want because
kpqpri has been already set to kpreemptpri in disp_init(), so test "(kpqpri ==
KPQPRI)" will
always be false.
if (kpqpri == KPQPRI)
kpqpri = kpreemptpri;
_______________________________________________
opensolaris-code mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
