On Sat, Apr 02, 2016 at 11:09:18AM -0000, Thomas Gleixner wrote:
> +/**
> + * futex_detach_task - Detach task from global state
> + * @slot: Slot number in the task local cache
> + *
> + * If the global state refcount drops to zero, the global state is destroyed.
> + */
> +static void futex_detach_task(int slot)
> +{
> + struct futex_cache *tc = current->futex_cache;
> + struct futex_state *fs = tc->slots[slot].fs;
> + struct futex_hash_bucket *hb = fs->global_hb;
> + struct futex_q *q = &fs->q;
> +
> + /* Remove it from the task local cache */
> + __clear_bit(slot, tc->cache_map);
> + tc->slots[slot].uaddr = NULL;
> + tc->slots[slot].fs = NULL;
> +
> + /*
> + * Lock the global hash bucket. Decrement global state refcount. If 0
> + * remove it from the global hash and free it.
> + */
> + spin_lock(&hb->lock);
> + if (--fs->refcount == 0)
> + hb_remove_q(q, hb);
> + else
> + fs = NULL;
> + spin_unlock(&hb->lock);
So you could play funny games like:
if (atomic_add_unless(&fs->recount, -1, 1))
return;
spin_lock(&hb->lock);
if (atomic_dec_return(&fs->refcount) == 0)
hb_remove_q(q, hb);
else
fs = NULL;
spin_unlock(&hb->lock);
To avoid taking that lock entirely in the 'fast' path, but I'm not sure
how performance critical this path is.
> + kfree(fs);
> +}
