race in rsrv on asInit
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| EPICS Base |
Fix Released
|
Medium
|
Jeff Hill | ||
Bug Description
This issue is observed with epics 3.14.11.
I've observed a race when attempting to reload the access security file from a subroutine record (iocStats includes such a record). The symptom is a crash which occurs when using the command line caput utility to process this subroutine. If caput is invoked with -c, or if a longer running CA client is used, no crash is observed (so far).
Stack traces for the relevant threads are given below. The crash occurs in casAccessRightsCB() when attempting to remove an pCIU from chanList when that element is not in the list. This occurs because clear_channel_
The client and channel in question is the one to the subroutine which calls asInit.
Thread 64 (Thread 0xb547db70 (LWP 30077)):
#0 0xb7d76c5d in ellDelete (pList=0x86047c0, pNode=0x86e89d0) at ../../.
#1 0xb7ea8c74 in casAccessRightsCB (ascpvt=0x8659e68, type=asClientCOAR) at ../camessage.c:1107
#2 0xb7e94333 in asComputePvt (asClientPvt=
#3 0xb7e93f36 in asAddMemberPvt (pasMemberPvt=
#4 0xb7e91adc in asInitialize (inputfunction=
#5 0xb7e91e43 in asInitFP (fp=0x86a6680, substitutions=
#6 0xb7e91b88 in asInitFile (filename=0x80536d8 "/epics/
at ../asLibRoutine
#7 0xb7e8fe24 in asInitCommon () at ../asDbLib.c:136
#8 0xb7e8fecf in asInitTask (pcallback=
#9 0xb7d92d4a in start_routine (arg=0x86c1e68) at ../../.
#10 0xb7968955 in start_thread () from /lib/i686/
#11 0xb7b9fe7e in clone () from /lib/i686/
Thread 63 (Thread 0xb54feb70 (LWP 30076)):
#0 0xb7fe2424 in __kernel_vsyscall ()
#1 0xb796fc39 in __lll_lock_wait () from /lib/i686/
#2 0xb796b049 in _L_lock_839 () from /lib/i686/
#3 0xb796aedb in pthread_mutex_lock () from /lib/i686/
#4 0xb7bacfd6 in pthread_mutex_lock () from /lib/i686/
#5 0xb7d94261 in mutexLock (id=0x8598ccc) at ../../.
#6 0xb7d944c7 in epicsMutexOsdLock (pmutex=0x8598cc8) at ../../.
#7 0xb7d8bbd9 in epicsMutexLock (pmutexNode=
#8 0xb7e9245e in asRemoveClient (asClientPvt=
#9 0xb7eaac79 in clear_channel_reply (mp=0xb54fe210, pPayload=
#10 0xb7eabb5b in camessage (client=0x8604780) at ../camessage.c:2508
#11 0xb7ea68ca in camsgtask (pParm=0x8604780) at ../camsgtask.c:123
#12 0xb7d92d4a in start_routine (arg=0x86c0508) at ../../.
#13 0xb7968955 in start_thread () from /lib/i686/
#14 0xb7b9fe7e in clone () from /lib/i686/
The record in question, from iocAdminSoft.db.
record( sub, "$(IOC,
{
field( DESC, "$(IOC,undefined) ACF Update")
field( ASG, "IOCMANAGERS")
field( INAM, "asSubInit")
field( SNAM, "asSubProcess")
field( BRSV, "INVALID")
}
Related branches
| Changed in epics-base: | |
| status: | New → Confirmed |
| Jeff Hill (johill-lanl) wrote | #1 |
| Changed in epics-base: | |
| assignee: | nobody → Jeff Hill (johill-lanl) |
| importance: | Undecided → Medium |
| mdavidsaver (mdavidsaver) wrote | #2 |
| Andrew Johnson (anj) wrote | #3 |
| Jeff Hill (johill-lanl) wrote | #4 |
| Changed in epics-base: | |
| status: | Confirmed → Fix Committed |
| Changed in epics-base: | |
| status: | Fix Committed → Fix Released |
Thanks for your bug report David. I propose this fix; the issue is that it should remove the channel from the as library before starting to destroy the channel. Please verify that it fixes your issue. If it does I will commit a fix.
=== modified file src/rsrv/
--- src/rsrv/
+++ src/rsrv/
@@ -1992,6 +1992,15 @@
cas_
SEND_
+ /*
+ * remove from access control list
+ */
+ status = asRemoveClient(
+ if(status != 0 && status != S_asLib_
+ errMessage(status, RECORD_
+ return RSRV_ERROR;
+ }
+
epicsMute
if ( pciu->state == rsrvCS_inService ||
@@ -2011,15 +2020,6 @@
}
epicsMute
- /*
- * remove from access control list
- */
- status = asRemoveClient(
- if(status != 0 && status != S_asLib_
- errMessage(status, RECORD_
- return RSRV_ERROR;
- }
-
LOCK_CLIENTQ;
status = bucketRemoveIte
if(status != S_bucket_success){