Describe the bug
I have found a path where we attempt to recursively lock _sched_spinlock (something that is not allowed in Zephyr).
It occurs under very specific circumstances--aborting a user thread that has dynamic objects but there are threads waiting for the memory that aborting it would be free.
I stumbled across this when I tried refactoring z_unpend_all() so that it had _sched_spinlock locked for its whole loop.
Regression
Steps to reproduce
Inspection.
- k_thread_abort() calls z_thread_abort().
- z_thread_abort() locks _sched_spinlock <<<< Important
- z_thread_abort() calls z_thread_halt()
- z_thread_halt() calls halt_thread()
- halt_thread() calls k_thread_perms_all_clear() when CONFIG_USERSPACE=y
- k_thread_perms_all_clear() calls clear_perms_cb() foreach object wordlist.
- clear_perms_cb() calls unref_check()
- unref_check() calls k_free() when CONFIG_DYNAMIC_OBJECTS=y
- k_free() calls k_heap_free()
- k_heap_free() calls z_unpend_all()
- z_unpend_all() wakes any threads blocked waiting for memory from the heap
- z_unpend_all() calls z_unpend_thread()
- z_unpend_thread() calls z_unpend_thread_no_timeout()
- z_unpend_thread_no_timeout() locks _sched_spinlock <<<< Recursive attempt.
Relevant log output
Impact
Functional Limitation – Some features not working as expected, but system usable.
Environment
Current SHA: 77eb31e
Additional Context
No response
Describe the bug
I have found a path where we attempt to recursively lock _sched_spinlock (something that is not allowed in Zephyr).
It occurs under very specific circumstances--aborting a user thread that has dynamic objects but there are threads waiting for the memory that aborting it would be free.
I stumbled across this when I tried refactoring z_unpend_all() so that it had _sched_spinlock locked for its whole loop.
Regression
Steps to reproduce
Inspection.
Relevant log output
Impact
Functional Limitation – Some features not working as expected, but system usable.
Environment
Current SHA: 77eb31e
Additional Context
No response