Date: Sat, 25 Oct 2014 12:46:58 -0700 From: John-Mark Gurney <jmg@funkthat.com> To: Ian Lepore <ian@FreeBSD.org> Cc: Mateusz Guzik <mjguzik@gmail.com>, freebsd-arch@FreeBSD.org Subject: Re: refcount_release_take_##lock Message-ID: <20141025194658.GV82214@funkthat.com> In-Reply-To: <1414265035.12052.646.camel@revolution.hippie.lan> References: <20141025184448.GA19066@dft-labs.eu> <20141025190407.GU82214@funkthat.com> <1414265035.12052.646.camel@revolution.hippie.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
Ian Lepore wrote this message on Sat, Oct 25, 2014 at 13:23 -0600:
> On Sat, 2014-10-25 at 12:04 -0700, John-Mark Gurney wrote:
> > Mateusz Guzik wrote this message on Sat, Oct 25, 2014 at 20:44 +0200:
> > > The following idiom is used here and there:
> > >
> > > int old;
> > > old = obj->ref;
> > > if (old > 1 && atomic_cmpset_int(&obj->ref, old, old -1))
> > > return;
> > > lock(&something);
> > > if (refcount_release(&obj->ref) == 0) {
> > > unlock(&something);
> > > return;
> > > }
> > > free up
> > > unlock(&something);
> > >
> > > ==========
> >
> > Couldn't this be better written as:
> > if (__predict_false(refcount_release(&obj->ref) == 0)) {
>
> Could you not get preempted at this point, whereupon another thread
> acquires then releases obj, deletes it because it keeps running through
> this point, then eventually your original thread wakes up, gets the
> lock, and dereferences the now-defunct obj pointer?
Depends upon how you handle reference counts...
If you allow someone to create a reference when they don't have one
(by definition since the object has 0 references), then yes, that would
be a problem... But by definition, if the current thread transitions
an object from 1 to 0 count, you are the only one w/ a reference, and
are safe from another thread getting a reference and doing what you
said...
Now if you're talking about a data structure that keeps a reference
so that others can create references to the object, then shouldn't
there be one more reference for the data structure? And that case
is different, and you are correct, if the above code is used, a race
will be introduced...
> (Also, I think that should be != 0, above?)
Yes, or just drop the comparision... I didn't read the refcount_release
man page to check for return value...
> > lock(&something);
> > if (__predict_true(!obj->ref)) {
> > free up
> > }
> > unlock(&something);
> > }
> >
> > The reason I'm asking is that I changed how IPsec SA ref counting was
> > handled, and used something similar...
> >
> > My code gets rid of a branch, and is better in that it uses refcount
> > API properly, instead of using atomic_cmpset_int...
> >
> > > I decided to implement it as a common function.
> > >
> > > We have only refcount.h and I didn't want to bloat all including code
> > > with additional definitions and as such I came up with a macro that has
> > > to be used in .c file and that will define appropriate inline func.
> > >
> > > I'm definitely looking for better names for REFCOUNT_RELEASE_TAKE_USE_
> > > macro, assuming it has to stay.
> >
> > You could shorten it to REFCNT_REL_TAKE_
> >
> > > Comments?
> >
> > Will you update the refcount(9) man page w/ documentation before
> > committing?
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141025194658.GV82214>