Page MenuHomeFreeBSD

Fix pointer loads in uma_vm_zone_stats().
ClosedPublic

Authored by markj on Oct 18 2019, 4:51 PM.
Tags
None
Referenced Files
F80160155: D22081.id63453.diff
Thu, Mar 28, 5:34 PM
Unknown Object (File)
Wed, Mar 20, 8:56 AM
Unknown Object (File)
Mon, Mar 18, 1:16 AM
Unknown Object (File)
Mon, Mar 18, 1:16 AM
Unknown Object (File)
Mon, Mar 18, 1:16 AM
Unknown Object (File)
Mon, Mar 18, 1:16 AM
Unknown Object (File)
Feb 22 2024, 5:26 AM
Unknown Object (File)
Feb 19 2024, 1:59 PM
Subscribers

Details

Summary

Ensure that each bucket pointer is loaded only once.
This happens already in practice, but without a change
like this one the compiler is permitted to issue two loads,
resulting in a race condition. This can happen when compiling
with -O0, for instance.

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 27110
Build 25389: arc lint + arc unit

Event Timeline

Restore the original loop, we need to always zero the structure.

Fix the right loop this time.

markj added reviewers: alc, jeff, kib, dougm.

Peter, could you post the disassembly of uma_vm_zone_stats() from your -O0 kernel?

Perhaps adding a sentence to the preceding comment explaining why atomic_load would be useful.

This revision is now accepted and ready to land.Oct 18 2019, 5:33 PM
This revision now requires review to proceed.Oct 18 2019, 5:39 PM

Peter, could you post the disassembly of uma_vm_zone_stats() from your -O0 kernel?

Sure.

In D22081#482499, @pho wrote:

Peter, could you post the disassembly of uma_vm_zone_stats() from your -O0 kernel?

Sure.

Thanks. Indeed, that code contains a race that should be fixed by this diff.

I tested 63458 for 17 hours with a "-O0" build of uma_core.c. LGTM.

This revision was not accepted when it landed; it landed in state Needs Review.Oct 22 2019, 2:20 PM
This revision was automatically updated to reflect the committed changes.