Re: [patch 0/5] lightweight robust futexes: -V1

[Johannes Stezenbach]

On Thu, Feb 16, 2006, Ingo Molnar wrote:
> 
> * Johannes Stezenbach <js@xxxxxxxxxxx> wrote:
> 
> > Anyway: If a process can trash its robust futext list and then die 
> > with a segfault, why are the futexes still robust? In this case the 
> > kernel has no way to wake up waiters with FUTEX_OWNER_DEAD, or does 
> > it?
> 
> that's memory corruption - which robust futexes do not (and cannot) 
> solve. Robustness is mostly about handling sudden death (e.g. which is 
> due to oom, or is due to a user killing the task, or due to the 
> application crashing in some non-memory-corrupting way), but it cannot 
> handle all possible failure modes.

Hm, OK, from reading this and the other threads on this
topic I get:

- there is a tradeoff between speed and robustness
- the focus for "robust futexes" is on speed
  (else they wouldn't deserve to be called futexes)
- thus it is acceptable if they are just 99% robust

That's OK, but IMHO it wouldn't hurt to clearly spell
it out in the documentation.


However, this leaves the question: Is there a slower, but 100% robust
alternative on Linux for applications which need it?


Johannes
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/