Robust Mutexes

From owner-svn-doc-head@freebsd.org Thu Jun 30 14:41:00 2016 Return-Path: Delivered-To: svn-doc-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 160C2B86E4D; Thu, 30 Jun 2016 14:41:00 +0000 (UTC) (envelope-from dru@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E50D7256A; Thu, 30 Jun 2016 14:40:59 +0000 (UTC) (envelope-from dru@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u5UEexhg083129; Thu, 30 Jun 2016 14:40:59 GMT (envelope-from dru@FreeBSD.org) Received: (from dru@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u5UEexk9083128; Thu, 30 Jun 2016 14:40:59 GMT (envelope-from dru@FreeBSD.org) Message-Id: <201606301440.u5UEexk9083128@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dru set sender to dru@FreeBSD.org using -f From: Dru Lavigne Date: Thu, 30 Jun 2016 14:40:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r49022 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jun 2016 14:41:00 -0000 Author: dru Date: Thu Jun 30 14:40:58 2016 New Revision: 49022 URL: https://svnweb.freebsd.org/changeset/doc/49022 Log: Add robust mutexes report from kib@FreeBSD.org. Reviewed by: wblock@freebsd.org Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2016-04-2016-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2016-04-2016-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2016-04-2016-06.xml Wed Jun 29 12:43:37 2016 (r49021) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2016-04-2016-06.xml Thu Jun 30 14:40:58 2016 (r49022) @@ -244,4 +244,86 @@ interest. + + + Robust Mutexes + + + + + Konstantin + Belousov + + kib@FreeBSD.org + + + + Ed + Maste + + emaste@FreeBSD.org + + + + +

Now that the process-shared locks are implemented for our + POSIX threads implementation library, libthr, + the only major lacking feature for POSIX compliance is robust + mutexes. Robust mutexes allow the application to detect, and + theoretically, recover from crashes which occur while + modifying the shared state. The supported model is to protect + shared state by a pthread_mutex, and the crash is + detected as the thread termination while owning the mutex. A + thread might terminate alone, or it could be killed due to the + termination of the containing process. As such, the robust + attribute is applicable to both process-private and -shared + mutexes.

+ +

An application must be specifically modified to handle and + recover from failures. The pthread_mutex_lock() + function may return new error EOWNERDEAD, which + indicates that the previous owner of the lock terminated while + still owning the lock. Despite returning the non-zero value, + the lock is granted to the caller. In the simplest form, an + application may detect the error and refuse to operate until + the persistent shared data is recovered, such as by manual + reinitialization. More sophisticated applications could try + to automatically recover from the condition, in which case + pthread_mutex_consistent(3) must be called on the + lock before the unlock. However, such recovery can be + considered to be very hard. Still, even the detection of + inconsistent shared state is useful, since it avoids further + corruption and random faults of the affected application. +

+ +

It is curious but not unexpected that this interface is not + used widely. The only real-life application which utilizes it + is Samba. Using Samba with an updated FreeBSD base uncovered + minor bugs both in the FreeBSD robustness implementation, and + in Samba itself.

+ +

It is believed that libthr in FreeBSD 11 is + POSIX-compliant for large features. Further work is planned + to look at the lock structures inlining to remove overhead + and improve performance of the library.

+ +

Most of the implementation of the robustness feature + consisted of making small changes in the lock and unlock + paths, both in libthr and in kern_umtx.c. + This literally required reading all of the code dealing with + mutexes and conditional variables, which was something I + wanted to help future developers with. In the end, with the + help of Ed Maste, the man pages for umtx(2) and all + thr*(2) syscalls were written and added to the base + system's documentation set. +

+ + + The FreeBSD Foundation + + + Use the implementation in real-word applications and + report issues. + +