From mboxrd@z Thu Jan  1 00:00:00 1970
From: Keir Fraser <keir.fraser@eu.citrix.com>
Subject: Re: cpupools and locking
Date: Tue, 4 May 2010 22:52:46 +0100
Message-ID: <C80655BE.134DF%keir.fraser@eu.citrix.com>
References: <w2jde76405a1005041151lded10645z70c2ed600e0728a1@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <w2jde76405a1005041151lded10645z70c2ed600e0728a1@mail.gmail.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: George Dunlap <George.Dunlap@eu.citrix.com>, "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>, Juergen Gross <juergen.gross@fujitsu-siemens.com>
List-Id: xen-devel@lists.xenproject.org

On 04/05/2010 19:51, "George Dunlap" <George.Dunlap@eu.citrix.com> wrote:

> Something seems not quite right about the cpupool locking... in
> xen/common/cpupool.c:cpupool_do_domctl(), the cpupool_lock is only
> held during the find for several operations.  Doesn't that mean that,
> for instance, it's possible for someone to call CPUPOOL_OP_DESTROY,
> while someone concurrently calls CPUPOOL_OP_INFO, such that in the
> INFO case, the find succeeds, but the structure is shortly thereafter
> freed by DESTROY, even though INFO code still has a pointer to it
> which may be dereferenced?  I don't see any reference counting... am I
> missing something?

It certainly looks like "optimistic" concurrency control to me. :-)

 -- Keir

>  -George