From owner-freebsd-net@FreeBSD.ORG  Tue Jul 26 09:09:12 2011
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 770A6106566B;
	Tue, 26 Jul 2011 09:09:12 +0000 (UTC)
	(envelope-from rwatson@freebsd.org)
Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 513D58FC12;
	Tue, 26 Jul 2011 09:09:12 +0000 (UTC)
Received: from [192.168.2.112]
	(host86-148-225-194.range86-148.btcentralplus.com [86.148.225.194])
	by cyrus.watson.org (Postfix) with ESMTPSA id 2A90C46B23;
	Tue, 26 Jul 2011 05:09:11 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=us-ascii
From: "Robert N. M. Watson" <rwatson@freebsd.org>
In-Reply-To: <201107251300.20832.Daan@vitsch.nl>
Date: Tue, 26 Jul 2011 10:09:09 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <1836450A-72C5-4796-811E-91C3974C1932@freebsd.org>
References: <20110714154457.GI70776@FreeBSD.org>
	<CAFMmRNwBbxR-F7PjkwF8E4GjwFQy_0USKW-3u-ZRNxPMJSOQcA@mail.gmail.com>
	<E05FE767-1923-4D47-9759-FA040E403618@freebsd.org>
	<201107251300.20832.Daan@vitsch.nl>
To: Daan Vreeken <Daan@vitsch.nl>
X-Mailer: Apple Mail (2.1084)
Cc: freebsd-net@freebsd.org, bz@freebsd.org, Ryan Stone <rysto32@gmail.com>,
	gnn@freebsd.org
Subject: Re: m_pkthdr.rcvif dangling pointer problem
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2011 09:09:12 -0000


On 25 Jul 2011, at 12:00, Daan Vreeken wrote:

> Couldn't the dangling pointer problem be solved by adding a =
'generation' field=20
> to the mbuf structure?
> The 'generation' could be a system-wide number that gets incremented =
whenever=20
> an interface is removed. The mbuf* functions could keep a (per CPU?)=20=

> reference count on the number of mbufs allocated/freed during=20
> that 'generation'. After interface removal, the ifnet structure could =
be=20
> freed when all the reference counters of generations before the =
current=20
> generation reach zero (whenever that happens).

I think a hybrid approach makes sense, combining a number of the ideas =
we've been kicking about:

(1) Add per-CPU ifnet refcounts that don't imply cache-line misses on =
each mbuf alloc/free
(2) Add optional subsystem drain functions so that subsystems that may =
have unbounded queueing times for mbufs deterministically ensure =
reference release, perhaps by substituting a common deadif for =
outstanding dying references.

The former gives us actual correctness in terms of avoiding races, the =
latter gives us deterministic freeing by subsystems that potentially =
queue mbufs forever (i.e., TCP) but no longer require the ifnet =
reference.

Robert=