~zequence/pulseaudio/ubuntu.precise-fix

Viewing changes to debian/patches/0110-flist-Avoid-the-ABA-problem.patch

Committer: David Henningsson
Date: 2012-03-08 23:10:53 UTC
Revision ID: david.henningsson@canonical.com-20120308231053-4xgey3vkwibmykci

[ Luke Yelavich ]
[ David Henningsson ]
0110-flist-Avoid-the-ABA-problem.patch:
Fix occasional crashes in pa_memblock_free, pa_memblock_ref and drop_block
(LP: #924416)

files added:
debian/patches/0110-flist-Avoid-the-ABA-problem.patch

files modified:
debian/changelog

debian/patches/series

Show diffs side-by-side

added added

removed removed

debian/patches/0110-flist-Avoid-the-ABA-problem.patch

From 641103314a423328094624db0f518630d5d90dee Mon Sep 17 00:00:00 2001

From: David Henningsson <david.henningsson@canonical.com>

Date: Sun, 4 Mar 2012 06:07:37 +0100

Subject: [PATCH 1/2] flist: Avoid the ABA problem

Our flist implementation suffers from the ABA problem

(see http://en.wikipedia.org/wiki/ABA_problem), causing PulseAudio

to crash very rarely, usually inside memblock operations.

By turning stored pointers into stored table indices, we have some

extra bits that we can use to store tag bits, which is a known

workaround for the ABA problem.

Buglink: https://bugs.launchpad.net/bugs/924416

Signed-off-by: David Henningsson <david.henningsson@canonical.com>

---

src/pulsecore/flist.c | 70 ++++++++++++++++++++++++++++++++++--------------

1 files changed, 49 insertions(+), 21 deletions(-)

diff --git a/src/pulsecore/flist.c b/src/pulsecore/flist.c

index d279271..fa8974a 100644

--- a/src/pulsecore/flist.c

+++ b/src/pulsecore/flist.c

@@ -3,6 +3,7 @@

Contact: Jyri Sarha <Jyri.Sarha@nokia.com>

@@ -38,9 +39,15 @@

#define FLIST_SIZE 128

+/* Atomic table indices contain

+ sign bit = if set, indicates empty/NULL value

+ tag bits (to avoid the ABA problem)

+ actual index bits

+*/

/* Lock free single linked list element. */

struct pa_flist_elem {

- pa_atomic_ptr_t next;

+ pa_atomic_t next;

pa_atomic_ptr_t ptr;

};

@@ -49,34 +56,49 @@ typedef struct pa_flist_elem pa_flist_elem;

struct pa_flist {

const char *name;

unsigned size;

+ pa_atomic_t current_tag;

+ int index_mask;

+ int tag_shift;

+ int tag_mask;

/* Stack that contains pointers stored into free list */

- pa_atomic_ptr_t stored;

+ pa_atomic_t stored;

/* Stack that contains empty list elements */

- pa_atomic_ptr_t empty;

+ pa_atomic_t empty;

pa_flist_elem table[];

};

/* Lock free pop from linked list stack */

-static pa_flist_elem *stack_pop(pa_atomic_ptr_t *list) {

- pa_flist_elem *poped;

+static pa_flist_elem *stack_pop(pa_flist *flist, pa_atomic_t *list) {

+ pa_flist_elem *popped;

+ int idx;

pa_assert(list);

do {

- poped = (pa_flist_elem *) pa_atomic_ptr_load(list);

- } while (poped != NULL && !pa_atomic_ptr_cmpxchg(list, poped, pa_atomic_ptr_load(&poped->next)));

+ idx = pa_atomic_load(list);

+ if (idx < 0)

+ return NULL;

+ popped = &flist->table[idx & flist->index_mask];

+ } while (!pa_atomic_cmpxchg(list, idx, pa_atomic_load(&popped->next)));

- return poped;

+ return popped;

}

/* Lock free push to linked list stack */

-static void stack_push(pa_atomic_ptr_t *list, pa_flist_elem *new_elem) {

- pa_flist_elem *next;

+static void stack_push(pa_flist *flist, pa_atomic_t *list, pa_flist_elem *new_elem) {

+ int tag, newindex, next;

pa_assert(list);

+ tag = pa_atomic_inc(&flist->current_tag);

+ newindex = new_elem - flist->table;

+ pa_assert(newindex >= 0 && newindex < (int) flist->size);

+ newindex |= (tag << flist->tag_shift) & flist->tag_mask;

100

do {

101

- next = pa_atomic_ptr_load(list);

102

- pa_atomic_ptr_store(&new_elem->next, next);

103

- } while (!pa_atomic_ptr_cmpxchg(list, next, new_elem));

104

+ next = pa_atomic_load(list);

105

+ pa_atomic_store(&new_elem->next, next);

106

+ } while (!pa_atomic_cmpxchg(list, next, newindex));

107

}

108

109

pa_flist *pa_flist_new_with_name(unsigned size, const char *name) {

110

@@ -91,10 +113,16 @@ pa_flist *pa_flist_new_with_name(unsigned size, const char *name) {

111

112

l->name = pa_xstrdup(name);

113

l->size = size;

114

- pa_atomic_ptr_store(&l->stored, NULL);

115

- pa_atomic_ptr_store(&l->empty, NULL);

116

117

+ while (1 << l->tag_shift < (int) size)

118

+ l->tag_shift++;

119

+ l->index_mask = (1 << l->tag_shift) - 1;

120

+ l->tag_mask = INT_MAX - l->index_mask;

121

122

+ pa_atomic_store(&l->stored, -1);

123

+ pa_atomic_store(&l->empty, -1);

124

for (i=0; i < size; i++) {

125

- stack_push(&l->empty, &l->table[i]);

126

+ stack_push(l, &l->empty, &l->table[i]);

127

}

128

return l;

129

}

130

@@ -109,7 +137,7 @@ void pa_flist_free(pa_flist *l, pa_free_cb_t free_cb) {

131

132

if (free_cb) {

133

pa_flist_elem *elem;

134

- while((elem = stack_pop(&l->stored)))

135

+ while((elem = stack_pop(l, &l->stored)))

136

free_cb(pa_atomic_ptr_load(&elem->ptr));

137

}

138

139

@@ -122,14 +150,14 @@ int pa_flist_push(pa_flist *l, void *p) {

140

pa_assert(l);

141

pa_assert(p);

142

143

- elem = stack_pop(&l->empty);

144

+ elem = stack_pop(l, &l->empty);

145

if (elem == NULL) {

146

if (pa_log_ratelimit(PA_LOG_DEBUG))

147

pa_log_debug("%s flist is full (don't worry)", l->name);

148

return -1;

149

}

150

pa_atomic_ptr_store(&elem->ptr, p);

151

- stack_push(&l->stored, elem);

152

+ stack_push(l, &l->stored, elem);

153

154

return 0;

155

}

156

@@ -139,13 +167,13 @@ void* pa_flist_pop(pa_flist *l) {

157

void *ptr;

158

pa_assert(l);

159

160

- elem = stack_pop(&l->stored);

161

+ elem = stack_pop(l, &l->stored);

162

if (elem == NULL)

163

return NULL;

164

165

ptr = pa_atomic_ptr_load(&elem->ptr);

166

167

- stack_push(&l->empty, elem);

168

+ stack_push(l, &l->empty, elem);

169

170

return ptr;

171

}

172

173

1.7.5.4

174

Older »