Opened 15 years ago
Closed 15 years ago
#154 closed defect (fixed)
Futexes are broken
Reported by: | Jakub Jermář | Owned by: | Jakub Jermář |
---|---|---|---|
Priority: | major | Milestone: | 0.4.2 |
Component: | helenos/lib/c | Version: | mainline |
Keywords: | futex | Cc: | jakub@… |
Blocker for: | Depends on: | ||
See also: |
Description
Tomas Brambora wrote:
Consider the following scenario:
Threads A, B. missed_wakeups == 0 && futex_counter == -1; A in crit.
sec., B sleeping on the futex with timeout.
1) A leaves crit. section ⇒ calls futex_wakeup and changes futex_counter to 0;
2) B times out and is removed from the waitq, but gets preempted
before returning to userspace.
3) A find empty waitq and increments the missed_wakeup count.
4) A returns to userspace and before getting preempted calls futex_down.
5) futex_counter == 0 ⇒ A decrements it to -1 and calls futex_sleep.
Return ESYNCH_OK_ATOMIC because missed_wakeups ==1 ⇒ calls
futex_sleep again and gets blocked there. Now futex_counter == -1 and
missed_wakeups == 0.
6) B is scheduled, returns to userspace with ESYNCH_TIMEOUT and
increments futex_counter.
So we have futex_counter == 0 and missed_wakeups == 0. While there is
NO THREAD in the critical section (A is sleeping on the futex, B has
timed out while sleeping).
Ergo, it is broken.
Change History (3)
comment:1 by , 15 years ago
Summary: | Futexes are borken → Futexes are broken |
---|
comment:2 by , 15 years ago
Cc: | added |
---|
comment:3 by , 15 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Fixed in changeset:head,160.
This changeset replaces the original incorrect futex implementation with a simplified one, which, I believe, is correct.