kern/149586: _callout_stop_safe prematurely unsets CALLOUT_ACTIVE
John Giacomoni
John.Giacomoni at LineRateSystems.com
Thu Aug 12 18:40:04 UTC 2010
>Number: 149586
>Category: kern
>Synopsis: _callout_stop_safe prematurely unsets CALLOUT_ACTIVE
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Aug 12 18:40:03 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: John Giacomoni
>Release: 7.3/8.1
>Organization:
LineRate Systems
>Environment:
>Description:
in kern/kern_timeout.c
_callout_stop_safe(c, 0) prematurely unsets CALLOUT_ACTIVE on inflight callouts making it impossible to know when a callout is actually stopped (one cannot spin on callout_active() to know when it is drained/dead/idle).
This is problematic for unsleepable threads that need to deallocate an object shared with a callout but cannot call callout_drain to guarantee that the reference has been implicitly freed.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list