m_pkthdr.rcvif dangling pointer problem
Robert N. M. Watson
rwatson at freebsd.org
Tue Jul 26 09:09:12 UTC 2011
On 25 Jul 2011, at 12:00, Daan Vreeken wrote:
> Couldn't the dangling pointer problem be solved by adding a 'generation' field
> to the mbuf structure?
> The 'generation' could be a system-wide number that gets incremented whenever
> an interface is removed. The mbuf* functions could keep a (per CPU?)
> reference count on the number of mbufs allocated/freed during
> that 'generation'. After interface removal, the ifnet structure could be
> freed when all the reference counters of generations before the current
> generation reach zero (whenever that happens).
I think a hybrid approach makes sense, combining a number of the ideas we've been kicking about:
(1) Add per-CPU ifnet refcounts that don't imply cache-line misses on each mbuf alloc/free
(2) Add optional subsystem drain functions so that subsystems that may have unbounded queueing times for mbufs deterministically ensure reference release, perhaps by substituting a common deadif for outstanding dying references.
The former gives us actual correctness in terms of avoiding races, the latter gives us deterministic freeing by subsystems that potentially queue mbufs forever (i.e., TCP) but no longer require the ifnet reference.
Robert
More information about the freebsd-net
mailing list