cvs commit: src/sys/kern subr_turnstile.c
John Baldwin
jhb at freebsd.org
Tue Sep 9 21:04:38 UTC 2008
On Tuesday 09 September 2008 06:09:34 am Robert Watson wrote:
> On Mon, 8 Sep 2008, John Baldwin wrote:
>
> > SVN rev 182879 on 2008-09-08 21:40:15Z by jhb
> >
> > - Reduce scope of #ifdef's in uma_zcreate() call in init_turnstile0().
> > - Set UMA_ZONE_NOFREE so that the per-turnstile spin locks are type
stable
> > to avoid a race where one thread might dereference a lock in a free'd
> > turnstile that was previously used by another thread.
>
> Is this a feature or a workaround for a bug? Normally in the above scenario
> we would consider use-after-free a bug or symptom of a larger architectural
> problem rather than a feature. At least, that's what I consider similar use
> of UMA_ZONE_NOFREE where it persists in the network stack :-).
Well, it's a workaround for the fact that the way thread_lock works is it
tries to acquire what it thinks is the current lock for a given thread. Once
it has that lock, then it checks to see if the thread has switched to a
different lock. If so, it drops the lock it has and tries to get the "new"
lock. Anytime you lose this race, you can end up holding a lock that isn't
necessarily associated with the thread anymore. For that reason, locks used
as thread locks should generally be type-stable. Most of the locks used as
thread locks are in static data structures (runqueues, sleepq hash table
buckets, the global "blocked lock", etc.) so they are already type-stable.
The turnstile locks are the one case where locks used as thread locks are
dynamically allocated IIRC.
--
John Baldwin
More information about the cvs-src
mailing list