From d21b8f9013bbcc84b6483d2ff014e66d74dfdb7c Mon Sep 17 00:00:00 2001 From: Andreas Kling Date: Sun, 8 Aug 2021 19:03:01 +0200 Subject: [PATCH] Kernel/SMP: Fix ProcessorMessage deallocation bug Due to a boolean mistake in smp_return_to_pool(), we didn't retry pushing the message onto the freelist after a failed attempt. This caused the message pool to eventually become completely empty after enough contentious access attempts. This patch also adds a pause hint to the CPU in the failed attempt code path. --- Kernel/Arch/x86/common/Processor.cpp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Kernel/Arch/x86/common/Processor.cpp b/Kernel/Arch/x86/common/Processor.cpp index 12d091b2d4..3ffc06064a 100644 --- a/Kernel/Arch/x86/common/Processor.cpp +++ b/Kernel/Arch/x86/common/Processor.cpp @@ -668,9 +668,12 @@ void Processor::flush_tlb(Memory::PageDirectory const* page_directory, VirtualAd void Processor::smp_return_to_pool(ProcessorMessage& msg) { ProcessorMessage* next = nullptr; - do { + for (;;) { msg.next = next; - } while (s_message_pool.compare_exchange_strong(next, &msg, AK::MemoryOrder::memory_order_acq_rel)); + if (s_message_pool.compare_exchange_strong(next, &msg, AK::MemoryOrder::memory_order_acq_rel)) + break; + Processor::pause(); + } } ProcessorMessage& Processor::smp_get_from_pool()