On Fri, 2006-06-09 at 15:52, Jonathan Adams wrote:
> If I remember correctly, the main problems you can run into with signaling
> after dropping the lock is that there can be destruction races:
>
> thread 1 Thread 2
>
> mutex_exit(&obj->mutex)
> -------------------------->
> mutex_enter(&obj->mutex)
> set up object for destruction
> mutex_exit(&obj->mutex)
> kmem_free(obj);
> <--------------------------
> cv_signal(&obj->cv);
this code may already have a race in the absence of *other*
synchronization to prevent reording like:
-------------------------->
mutex_enter(&obj->mutex)
set up object for destruction
mutex_exit(&obj->mutex)
<--------------------------
mutex_enter(&obj->mutex)
...
mutex_exit(&obj->mutex) kmem_free(obj);
cv_signal(&obj->cv);
aka "an object cannot synchronize its own destruction."
- Bill
