Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 28 Feb 2007 03:19:41 -0500
From:      Kris Kennaway <kris@obsecurity.org>
To:        Greg 'groggy' Lehey <grog@FreeBSD.org>
Cc:        cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org, Kris Kennaway <kris@obsecurity.org>
Subject:   Re: cvs commit: src/share/man/man9 sleep.9
Message-ID:  <20070228081940.GA64315@xor.obsecurity.org>
In-Reply-To: <20070228075755.GL8399@wantadilla.lemis.com>
References:  <200702272309.l1RN9Xum011236@repoman.freebsd.org> <20070227235843.GA59138@xor.obsecurity.org> <20070228064334.GG8399@wantadilla.lemis.com> <20070228070904.GA63343@xor.obsecurity.org> <20070228075755.GL8399@wantadilla.lemis.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 28, 2007 at 06:27:55PM +1030, Greg 'groggy' Lehey wrote:
> On Wednesday, 28 February 2007 at  2:09:04 -0500, Kris Kennaway wrote:
> > On Wed, Feb 28, 2007 at 05:13:34PM +1030, Greg 'groggy' Lehey wrote:
> >> How would you address the case?  Recall that we're talking here about
> >> two different programmers, and you don't even know who the second one
> >> is.  It would be nice to have some mechanism like WITLESS to detect
> >> the problem, but I can't see how it would work.
> >
> > Who are the two different programmers, you and who else? :-)
> 
> You're obviously one of them.  Otherwise you're not involved.  And as
> I said, you don't know who the other one is.

OK, I can't parse this, but I can't help but think that you're trying
to pose as a general situation a bug that you found in your own code,
and you're proceeding to assume that this problem is wide-spread.

> > If there are parts of the FreeBSD kernel that are abusing a sleep
> > channel to create this situation, we should fix them.
> 
> See the rest of the thread.  A "sleep channel" is a memory address.
> It's usually in the kernel, so you're talking about a 30 bit address
> space on ia32.  That's really not very many.

You can use e.g. the address of a structure, which you know is
globally unique for its lifetime (since no other structure will have
the same address) and you structure your code so that it is only slept
on by threads which are all equivalent, i.e. any of them can be woken
up with the same effect.

If you can't find or allocate a suitable address local only to your
set of threads, that's a pretty good indication that they're not
really equivalent for the purposes of wakeups, and you should re-think
the way you're approaching the problem.

> > If not, the most that should be done in the FreeBSD manpage is to
> > clearly explain how not to introduce such a bug in a programmer's
> > own code.
> 
> Until the advent of wakeup_one, this wasn't a bug.  wakeup works fine
> under these circumstances.

Advocating the use of wakeup was perhaps acceptable when uniprocessor
machines were the norm.  Now that we're in the 21st century and SMP
kernels are ubiquitous, it is no longer responsible advice.

> > As far as I'm aware, nowhere else in our manpages do we provide
> > advice for the lazy programmer who cannot be bothered figuring out
> > whether his code is correct and who just wants an expedient hack in
> > case it's not.
> 
> Maybe you should be a little less combative and consider that the
> paradigms have changed.  The whole idea of sleeping on memory
> addresses is an expedient hack.  The fact that people usually choose
> different addresses means that even wakeup_one seldom has problems.
> But most people aren't even aware of the issue.  As I say, how would
> you address the status quo?

The status quo does not appear to require addressing.  If you have
evidence that this problem exists in the FreeBSD kernel, provide it so
it can be fixed.

Kris



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070228081940.GA64315>