This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug nscd/5381] nscd: Race condition of mempool_alloc() .. cache_add() and gc()


------- Additional Comments From pasky at suse dot cz  2008-11-22 11:08 -------
The current fix is not really working at all, since the mem_in_flight_list
checking in gc() is incomplete. You do mark these areas as used during garbage
collect, but then if you actually hit them, you do not handle the case at all,
since you assume you always hit either hash entry or data.

We cannot move a mem_in_flight_list entry around since we use the pointers in
the cacheadd routines.  Options:

(i) Cover the cacheadd routines with wider-span locks

(ii) Break the shifts on such an entry:

moves->size = off_alloc - off_alloc_start
off_free = off_allocend
disp = 0

I still think the (i) is simpler, but even (ii) should be ok, since typically,
the mem_in_flight entries will be at the top of the garbage-collected area and
thus on the next garbage collect we will shake them down.

I didn't have time to come up with an actual patch yet, I will do that next week
unless you beat me to it (or point out any mistake).

-- 
           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |


http://sourceware.org/bugzilla/show_bug.cgi?id=5381

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]