#807 closed defect (fixed)
Timer chain corruption if same timer set simultaneously by different priority interrupts. (rtems_timer_fire_after, rtems_timer_server_fire_after)
Reported by: | andrew.sinclair | Owned by: | Joel Sherrill |
---|---|---|---|
Priority: | normal | Milestone: | 2 |
Component: | score | Version: | 4.6 |
Severity: | major | Keywords: | |
Cc: | bugs@…, andrew.sinclair@… | Blocked By: | |
Blocking: |
Description
There is a critical section in rtems_timer_fire_after and rtems_timer_server_fire_after and watchdog_insert. According to previous discussions on the mailing list it is acceptable to call rtems_timer_fire_after and rtems_timer_server_fire_after during interrupts.
If a task or low priority interrupt modify the same timer as a high priority interrupt, then corruption of the timer chain can occur.
For sake of simplicity, I have listed the general algorithm in RTEMS below.
Consider a task/low priority interrupt calling rtems_timer_fire_after. Inside the marked critical section, a high priority interrupt may occur and insert the same timer into the chain without the task/lower priority interrupt having knowledge. When the task/lower priority interrupt resumes, it blindly modifies watchdog->state back to inactive, and reinserts the timer. This usually results in the timer chain previous and next pointers forming a loop, and ultimately locking up the device when another timer must be inserted.
Task
\-->rtems_timer_fire_after
\-->Watchdog_Remove
\--> disable interrrupts
\--> remove timer if WATCHDOG_ACTIVE or stop if being inserted
\--> watchdog->state=WATCHDOG_INACTIVE
\--> enable interrupts
[critical section start]
\-->Watchdog_Initialize
\--> watchdog->state=WATCHDOG_INACTIVE
\-->Watchdog_Insert_ticks
\-->Watchdog_Insert
\-->watchdog->state=WATCHDOG_BEING_INSERTED
[critical section end]
\-->disable interrupts
\-->while in timer chain
\-->if at insert position exit
\-->flash interrupts
\-->check if timer has been touched
\-->insert timer
\-->enable interrupts
Release:
4.6.2
How-To-Repeat:
Call rtems_timer_fire_after or rtems_timer_server_fire_after on the same timer, simultaneously in low and high priority tasks.
Attachments (3)
Change History (3)
comment:1 Changed on 08/17/05 at 21:47:28 by Joel Sherrill
Status: | assigned → waiting |
---|
comment:2 Changed on 08/18/05 at 12:38:57 by Joel Sherrill
Status: | waiting → closed |
---|
Changed on 12/03/06 at 13:31:13 by andrew.sinclair
Attachment: | rtems-4.6.2_timerCS20050620.diff added |
---|
rtems-4.6.2_timerCS20050620.diff
State-Changed-From-To: feedback->closed
State-Changed-Why: Per feedback from Andrew, added _Thread_Enable_dispatch().
pr807a.diff is an ADDITION not a replacement for pr807.diff.