This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug nscd/5381] nscd: Race condition of mempool_alloc() .. cache_add() and gc()
- From: "pasky at suse dot cz" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 22 Nov 2008 11:08:35 -0000
- Subject: [Bug nscd/5381] nscd: Race condition of mempool_alloc() .. cache_add() and gc()
- References: <20071121045836.5381.pasky@suse.cz>
- Reply-to: sourceware-bugzilla at sourceware dot org
------- Additional Comments From pasky at suse dot cz 2008-11-22 11:08 -------
The current fix is not really working at all, since the mem_in_flight_list
checking in gc() is incomplete. You do mark these areas as used during garbage
collect, but then if you actually hit them, you do not handle the case at all,
since you assume you always hit either hash entry or data.
We cannot move a mem_in_flight_list entry around since we use the pointers in
the cacheadd routines. Options:
(i) Cover the cacheadd routines with wider-span locks
(ii) Break the shifts on such an entry:
moves->size = off_alloc - off_alloc_start
off_free = off_allocend
disp = 0
I still think the (i) is simpler, but even (ii) should be ok, since typically,
the mem_in_flight entries will be at the top of the garbage-collected area and
thus on the next garbage collect we will shake them down.
I didn't have time to come up with an actual patch yet, I will do that next week
unless you beat me to it (or point out any mistake).
--
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
http://sourceware.org/bugzilla/show_bug.cgi?id=5381
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.