From owner-svn-src-head@FreeBSD.ORG Fri Jul 27 14:11:09 2012 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C61AC1065672; Fri, 27 Jul 2012 14:11:09 +0000 (UTC) (envelope-from listlog2011@gmail.com) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 90DCE8FC08; Fri, 27 Jul 2012 14:11:09 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q6REB2mk057079; Fri, 27 Jul 2012 14:11:06 GMT (envelope-from listlog2011@gmail.com) Message-ID: <5012A173.9090105@gmail.com> Date: Fri, 27 Jul 2012 22:10:59 +0800 From: David Xu User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20120713 Thunderbird/14.0 MIME-Version: 1.0 To: Bruce Evans References: <201207270916.q6R9Gm23086648@svn.freebsd.org> <20120727111237.GC2676@deviant.kiev.zoral.com.ua> <20120727111904.GQ14135@FreeBSD.org> <20120727221529.K7360@besplex.bde.org> <20120727124534.GT14135@FreeBSD.org> <20120727232757.X7759@besplex.bde.org> In-Reply-To: <20120727232757.X7759@besplex.bde.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Konstantin Belousov , svn-src-head@freebsd.org, svn-src-all@freebsd.org, Gleb Smirnoff , src-committers@freebsd.org Subject: Re: svn commit: r238828 - head/sys/sys X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: davidxu@freebsd.org List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2012 14:11:10 -0000 On 2012/7/27 21:30, Bruce Evans wrote: > On Fri, 27 Jul 2012, Gleb Smirnoff wrote: > >> On Fri, Jul 27, 2012 at 10:32:55PM +1000, Bruce Evans wrote: >> B> I just noticed that there is a technical problem -- the count is read >> B> unlocked in the KASSERT. And since the comparision is for equality, >> B> if you lose the race reading the count when it reaches the overflow >> B> threshold, then you won't see it overflow unless it wraps again and >> B> you win the race next time (or later). atomic_cmpset could be used >> B> to clamp the value at the max, but that is too much for an assertion. >> >> We have discussed that. As alternative I proposed: >> >> @@ -50,8 +51,14 @@ >> static __inline void >> refcount_acquire(volatile u_int *count) >> { >> +#ifdef INVARIANTS >> + u_int old; >> + old = atomic_fetchadd_int(count, 1); >> + KASSERT(old < UINT_MAX, ("refcount %p overflowed", count)); >> +#else >> atomic_add_acq_int(count, 1); >> +#endif >> } >> >> Konstantin didn't like that production code differs from INVARIANTS. >> >> So we ended with what I committed, advocating to the fact that although >> assertion is racy and bad panics still can occur, the "good panics" >> would occur much more often, and a single "good panic" is enough to >> show what's going on. > > Yes, it is excessive. > > So why do people even care about this particular overflow? There are > many integers that can overflow in the kernel. Some binary wraparounds > are even intentional. > > Bruce > The overflow might not be important. if it is important, all code which use 32-bit generation number could also be a problem, how about if it is wrapped around to same value another thread has just read and waiting for a CPU to run. :D