|
|
>Number: 42685
>Category: kern
>Synopsis: waiting a kqueue concurrently may cause kernel panic
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jan 28 16:40:00 +0000 2010
>Originator: BaiYang
>Release: 5.0.1 / i386
>Organization:
>Environment:
>Description:
If we are using the kevent api to waiting a kqueue on multi-threads
concurrently like this:
// ...
int r = kevent(sg_kqfd, NULL, 0, &evt, 1, &m_tspTMOUT);
// ...
Two situations may be ocurred:
1. When an event is raised, more than one kevent will return the same (which
was just raised) event.
2. When an event is raised, a kernel panic may occured with the "fatal page
fault" error.
On the other hand, the same code works very well on FreeBSD.
We can simply accept the situation 1 as a different behaviour from FreeBSD and
other systems. But the situation 2 is obviously a system bug because in any
case, a user mode process should not cause a kernel panic.
>How-To-Repeat:
Just wait a kqueue concurrently in a thread pool.
>Fix:
Include the code segment with a critical section could resolve the problem:
// ...
pthread_mutex_lock(&mutex);
int r = kevent(sg_kqfd, NULL, 0, &evt, 1, &m_tspTMOUT);
pthread_mutex_unlock(&mutex);
// ...
|
|