diff options
| author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2013-08-23 12:19:13 +0200 |
|---|---|---|
| committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2013-08-26 10:22:36 +0200 |
| commit | ab0da63e3cad12924d82e468e73d1b47375b0c0d (patch) | |
| tree | 8d5b1c10b459c031ec6ffb45a2f554fddd7ecb25 /cpukit | |
| parent | score: PR2140: _Thread_queue_Extract() (diff) | |
| download | rtems-ab0da63e3cad12924d82e468e73d1b47375b0c0d.tar.bz2 | |
score: PR2140: Fix _Thread_queue_Process_timeout()
The _Thread_queue_Process_timeout() operation had several race
conditions in the event of nested interrupts. Protect the critical
sections via disabled interrupts.
Diffstat (limited to 'cpukit')
| -rw-r--r-- | cpukit/score/src/threadqprocesstimeout.c | 45 |
1 files changed, 37 insertions, 8 deletions
diff --git a/cpukit/score/src/threadqprocesstimeout.c b/cpukit/score/src/threadqprocesstimeout.c index 9683a6e728..a5812bfad5 100644 --- a/cpukit/score/src/threadqprocesstimeout.c +++ b/cpukit/score/src/threadqprocesstimeout.c @@ -29,7 +29,8 @@ void _Thread_queue_Process_timeout( Thread_Control *the_thread ) { - Thread_queue_Control *the_thread_queue = the_thread->Wait.queue; + Thread_queue_Control *the_thread_queue; + ISR_Level level; /* * If the_thread_queue is not synchronized, then it is either @@ -43,15 +44,43 @@ void _Thread_queue_Process_timeout( * a timeout is not allowed to occur. */ - if ( the_thread_queue->sync_state != THREAD_BLOCKING_OPERATION_SYNCHRONIZED && - _Thread_Is_executing( the_thread ) ) { - if ( the_thread_queue->sync_state != THREAD_BLOCKING_OPERATION_SATISFIED ) { - the_thread->Wait.return_code = the_thread->Wait.queue->timeout_status; - the_thread_queue->sync_state = THREAD_BLOCKING_OPERATION_TIMEOUT; + _ISR_Disable( level ); + the_thread_queue = the_thread->Wait.queue; + if ( the_thread_queue != NULL ) { + if ( the_thread_queue->sync_state != THREAD_BLOCKING_OPERATION_SYNCHRONIZED && + _Thread_Is_executing( the_thread ) ) { + if ( the_thread_queue->sync_state != THREAD_BLOCKING_OPERATION_SATISFIED ) { + the_thread->Wait.return_code = the_thread_queue->timeout_status; + the_thread_queue->sync_state = THREAD_BLOCKING_OPERATION_TIMEOUT; + } + _ISR_Enable( level ); + } else { + bool we_did_it; + + _ISR_Enable( level ); + + /* + * After we enable interrupts here, a lot may happen in the meantime, + * e.g. nested interrupts may release the resource that times out here. + * So we enter _Thread_queue_Extract() speculatively. Inside this + * function we check the actual status under ISR disable protection. + * This ensures that exactly one executing context performs the extract + * operation (other parties may call _Thread_queue_Dequeue()). If this + * context won, then we have a timeout. + * + * We can use the_thread_queue pointer here even if + * the_thread->Wait.queue is already set to NULL since the extract + * operation will only use the thread queue discipline to select the + * right extract operation. The timeout status is set during thread + * queue initialization. + */ + we_did_it = _Thread_queue_Extract( the_thread_queue, the_thread ); + if ( we_did_it ) { + the_thread->Wait.return_code = the_thread_queue->timeout_status; + } } } else { - the_thread->Wait.return_code = the_thread->Wait.queue->timeout_status; - _Thread_queue_Extract( the_thread->Wait.queue, the_thread ); + _ISR_Enable( level ); } } |