This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
Re: linuxthreads/spinlock.c bug
- To: kaz at ashi dot footprints dot net
- Subject: Re: linuxthreads/spinlock.c bug
- From: Wolfram Gloger <wmglo at dent dot med dot uni-muenchen dot de>
- Date: 19 Oct 2001 10:35:57 -0000
- CC: libc-alpha at sourceware dot cygnus dot com
- References: <Pine.LNX.4.33.0110171031280.15687-100000@ashi.FootPrints.net>
>E.g. suppose
>you evaluate the head pointer while the list looks like this:
>
> X -> Y -> Z -> 0
>
>Meanwhile some other threads comes along and do:
>
>(pop X)
>
> Y -> Z -> 0
>
>(pop Y)
>
> Z -> 0
>(push X)
>
> X -> Z -> 0
>
> So now the original thread's compare_and_swap can still succeed, due
> to the match on the X, even though the list is different now.
Hmm, to me it looks like you are right. You mean that wait_node_alloc
could erroneously put Y 'back' on the free list, even though it has
been removed/used by another thread. Bad.
> I propose to scrap the ``optimization'' in wait_node_alloc/free and just
> use malloc/free directly.
Couldn't we just use the code conditional on !HAS_COMPARE_AND_SWAP
with the spinlock? Isn't there the assumption elsewhere that
wait_node's are never actually free()d?
Regards,
Wolfram.