Linux 什么是“FUTEX_REQUEUE”bug?
我将Linux手册页指定为操作系统课程中的必读内容,以警告学生在设计同步原语时不要自满Linux 什么是“FUTEX_REQUEUE”bug?,linux,synchronization,Linux,Synchronization,我将Linux手册页指定为操作系统课程中的必读内容,以警告学生在设计同步原语时不要自满 futex()系统调用是Linux提供的API,允许用户级线程同步原语在必要时休眠和唤醒。手册页描述了可使用futex()系统调用调用的5种不同操作。这两个基本操作是FUTEX\u WAIT(当线程试图获取同步对象并且有人已经持有它时,它会将自己置于睡眠状态)和FUTEX\u WAKE(当线程释放同步对象时,它会用它唤醒所有等待的线程) 接下来的三个操作是乐趣的开始。手册页的描述如下所示: FUTEX_FD
futex()futex()FUTEX\u WAITFUTEX\u WAKEFUTEX_FD (present up to and including Linux 2.6.25)
[...]
Because it was inherently racy, FUTEX_FD has been removed
from Linux 2.6.26 onward.
FUTEX_REQUEUE (since Linux 2.5.70)
This operation was introduced in order to avoid a
"thundering herd" effect when FUTEX_WAKE is used and all
processes woken up need to acquire another futex. [...]
FUTEX_CMP_REQUEUE (since Linux 2.6.7)
There was a race in the intended use of FUTEX_REQUEUE, so
FUTEX_CMP_REQUEUE was introduced. [...]
FUTEX_REQUEUE的比赛是什么?Ulrich的论文甚至没有提到它(论文描述了一个函数
futex_-requeue()futex_-CMP_-requeuefutex_-requeueFUTEX\u CMP\u REQUEUE来源:旧的重新请求操作采用两个地址addr1和addr2,首先它在addr1上解析等待者,然后将它们停回addr2 新的requeue操作在验证
*addr1==用户提供的\u val找出可能的竞争条件,考虑以下两个线程:
wait(cv, mutex);
lock(&cv.lock);
cv.mutex_ref = &mutex;
unlock(&mutex);
let futexval = ++cv.futex;
unlock(&cv.lock);
FUTEX_WAIT(&cv.futex, futexval); // --- (1)
唤醒等待futexvalfutexvalFUTEX\u WAIT还值得一提的是,上述答案基于pthread实现的历史版本。最新版本的
pthread\u condREQUEUElock(&mutex);
broadcast(cv);
lock(&cv.lock);
let futexval = cv.futex;
unlock(&cv.lock);
FUTEX_CMP_REQUEUE(&cv.futex, // --- (2)
1 /*wake*/,
ALL /*queue*/,
&cv.mutex_ref.lock,
futexval);