mirror of
https://github.com/isc-projects/bind9.git
synced 2026-03-21 01:50:07 -04:00
c377e0a9e3
All the places the qp-trie code was using `call_rcu()` needed `__tsan_release()` and `__tsan_acquire()` annotations, so add a couple of wrappers to encapsulate this pattern. With these wrappers, the tests run almost clean under thread sanitizer. The remaining problems are due to `rcu_barrier()` which can be suppressed using `.tsan-suppress`. It does not suppress the whole of `liburcu`, because we would like thread sanitizer to detect problems in `call_rcu()` callbacks, which are called from `liburcu`. The CI jobs have been updated to use `.tsan-suppress` by default, except for a special-case job that needs the additional suppressions in `.tsan-suppress-extra`. We might be able to get rid of some of this after liburcu gains support for thread sanitizer. Note: the `rcu_barrier()` suppression is not entirely effective: tsan sometimes reports races that originate inside `rcu_barrier()` but tsan has discarded the stack so it does not have the information required to suppress the report. These "races" can be made much easier to reproduce by adding `atexit_sleep_ms=1000` to `TSAN_OPTIONS`. The problem with tsan's short memory can be addressed by increasing `history_size`: when it is large enough (6 or 7) the `rcu_barrier()` stack usually survives long enough for suppression to work.
129 lines
3.3 KiB
C
129 lines
3.3 KiB
C
/*
|
|
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
*
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*
|
|
* See the COPYRIGHT file distributed with this work for additional
|
|
* information regarding copyright ownership.
|
|
*/
|
|
|
|
/*! \file */
|
|
|
|
#include <stddef.h>
|
|
|
|
#include <isc/atomic.h>
|
|
#include <isc/quota.h>
|
|
#include <isc/urcu.h>
|
|
#include <isc/util.h>
|
|
|
|
#define QUOTA_MAGIC ISC_MAGIC('Q', 'U', 'O', 'T')
|
|
#define VALID_QUOTA(p) ISC_MAGIC_VALID(p, QUOTA_MAGIC)
|
|
|
|
void
|
|
isc_quota_init(isc_quota_t *quota, unsigned int max) {
|
|
atomic_init("a->max, max);
|
|
atomic_init("a->used, 0);
|
|
atomic_init("a->soft, 0);
|
|
cds_wfcq_init("a->jobs.head, "a->jobs.tail);
|
|
ISC_LINK_INIT(quota, link);
|
|
quota->magic = QUOTA_MAGIC;
|
|
}
|
|
|
|
void
|
|
isc_quota_soft(isc_quota_t *quota, unsigned int soft) {
|
|
REQUIRE(VALID_QUOTA(quota));
|
|
REQUIRE(atomic_load_relaxed("a->max) > soft);
|
|
atomic_store_relaxed("a->soft, soft);
|
|
}
|
|
|
|
void
|
|
isc_quota_max(isc_quota_t *quota, unsigned int max) {
|
|
REQUIRE(VALID_QUOTA(quota));
|
|
atomic_store_relaxed("a->max, max);
|
|
}
|
|
|
|
unsigned int
|
|
isc_quota_getmax(isc_quota_t *quota) {
|
|
REQUIRE(VALID_QUOTA(quota));
|
|
return (atomic_load_relaxed("a->max));
|
|
}
|
|
|
|
unsigned int
|
|
isc_quota_getsoft(isc_quota_t *quota) {
|
|
REQUIRE(VALID_QUOTA(quota));
|
|
return (atomic_load_relaxed("a->soft));
|
|
}
|
|
|
|
unsigned int
|
|
isc_quota_getused(isc_quota_t *quota) {
|
|
REQUIRE(VALID_QUOTA(quota));
|
|
return (atomic_load_relaxed("a->used));
|
|
}
|
|
|
|
void
|
|
isc_quota_release(isc_quota_t *quota) {
|
|
/*
|
|
* We are using the cds_wfcq_dequeue_blocking() variant here that
|
|
* has an internal mutex because we need synchronization on
|
|
* multiple dequeues running from different threads.
|
|
*/
|
|
struct cds_wfcq_node *node =
|
|
cds_wfcq_dequeue_blocking("a->jobs.head, "a->jobs.tail);
|
|
if (node == NULL) {
|
|
uint_fast32_t used = atomic_fetch_sub_relaxed("a->used, 1);
|
|
INSIST(used > 0);
|
|
return;
|
|
}
|
|
|
|
isc_job_t *job = isc_urcu_container(node, isc_job_t, wfcq_node);
|
|
job->cb(job->cbarg);
|
|
}
|
|
|
|
isc_result_t
|
|
isc_quota_acquire_cb(isc_quota_t *quota, isc_job_t *job, isc_job_cb cb,
|
|
void *cbarg) {
|
|
REQUIRE(VALID_QUOTA(quota));
|
|
REQUIRE(job == NULL || cb != NULL);
|
|
|
|
uint_fast32_t used = atomic_fetch_add_relaxed("a->used, 1);
|
|
uint_fast32_t max = atomic_load_relaxed("a->max);
|
|
if (max != 0 && used >= max) {
|
|
(void)atomic_fetch_sub_relaxed("a->used, 1);
|
|
if (job != NULL) {
|
|
job->cb = cb;
|
|
job->cbarg = cbarg;
|
|
cds_wfcq_node_init(&job->wfcq_node);
|
|
|
|
/*
|
|
* The cds_wfcq_enqueue() is non-blocking (no internal
|
|
* mutex involved), so it offers a slight advantage.
|
|
*/
|
|
__tsan_release(job);
|
|
cds_wfcq_enqueue("a->jobs.head, "a->jobs.tail,
|
|
&job->wfcq_node);
|
|
}
|
|
return (ISC_R_QUOTA);
|
|
}
|
|
|
|
uint_fast32_t soft = atomic_load_relaxed("a->soft);
|
|
if (soft != 0 && used >= soft) {
|
|
return (ISC_R_SOFTQUOTA);
|
|
}
|
|
|
|
return (ISC_R_SUCCESS);
|
|
}
|
|
|
|
void
|
|
isc_quota_destroy(isc_quota_t *quota) {
|
|
REQUIRE(VALID_QUOTA(quota));
|
|
quota->magic = 0;
|
|
|
|
INSIST(atomic_load("a->used) == 0);
|
|
INSIST(cds_wfcq_empty("a->jobs.head, "a->jobs.tail));
|
|
|
|
cds_wfcq_destroy("a->jobs.head, "a->jobs.tail);
|
|
}
|