NetBSD Problem Report #44679
From yamt@NetBSD.org Fri Mar 4 09:55:42 2011
Return-Path: <yamt@NetBSD.org>
Received: by www.NetBSD.org (Postfix, from userid 1270)
id CC0ED63B84D; Fri, 4 Mar 2011 09:55:42 +0000 (UTC)
Message-Id: <20110304095542.CC0ED63B84D@www.NetBSD.org>
Date: Fri, 4 Mar 2011 09:55:42 +0000 (UTC)
From: yamt@NetBSD.org
Reply-To: yamt@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: libpuffs leaks cc
X-Send-Pr-Version: 3.95
>Number: 44679
>Category: lib
>Synopsis: libpuffs leaks cc
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: lib-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Mar 04 10:00:01 +0000 2011
>Closed-Date: Sat Nov 05 16:15:52 +0000 2011
>Last-Modified: Sat Nov 05 16:15:52 +0000 2011
>Originator: YAMAMOTO Takashi
>Release: NetBSD current
>Organization:
>Environment:
>Description:
[ reminder to myself and pooka ]
the main loop starts with cc-A.
theloop -> framev_input -> gotfb -> ml_dispatch -> fs vector -> cc_yield
cc_yield jumps to theloop with newly allocated cc, cc-B.
it clears MLCONT for cc-A.
someone (say cc-B) cc_schedule cc-A.
cc-B runs the loop and picks the scheduled cc-A and puffs__goto to it.
it sets BORROWED flag on cc-A.
cc-A finishes the fs vector. BORROWED flag makes it call cc_yield.
it jumps back to cc-B.
now cc-B continues to run theloop. cc-A is never destroyed.
>How-To-Repeat:
>Fix:
the following patch fixes the problem for my workload.
i don't know if it is safe for other uses of puffs__goto
in framebuf.c.
Index: callcontext.c
===================================================================
RCS file: /cvsroot/src/lib/libpuffs/callcontext.c,v
retrieving revision 1.25
diff -u -p -r1.25 callcontext.c
--- callcontext.c 4 Mar 2011 09:47:47 -0000 1.25
+++ callcontext.c 4 Mar 2011 09:49:39 -0000
@@ -78,6 +78,14 @@ puffs_cc_yield(struct puffs_cc *pcc)
assert(puffs_fakecc == 0);
+ if ((~pcc->pcc_flags & (PCC_BORROWED|PCC_DONE)) == 0) {
+ pcc->pcc_flags &= ~(PCC_BORROWED|PCC_DONE);
+ /*
+ * see the XXX comment in puffs__cc_cont
+ */
+ puffs__cc_destroy(pcc, 1);
+ setcontext(&pcc->pcc_uc_ret);
+ }
pcc->pcc_flags &= ~PCC_BORROWED;
/* romanes eunt domus */
>Release-Note:
>Audit-Trail:
From: "YAMAMOTO Takashi" <yamt@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/44679 CVS commit: src/lib/libpuffs
Date: Wed, 2 Nov 2011 16:43:04 +0000
Module Name: src
Committed By: yamt
Date: Wed Nov 2 16:43:04 UTC 2011
Modified Files:
src/lib/libpuffs: callcontext.c
Log Message:
puffs_cc_yield: fix a cc leak. PR/44679
To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 src/lib/libpuffs/callcontext.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sat, 05 Nov 2011 16:15:52 +0000
State-Changed-Why:
fixed (I assume?)
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.