refcounts assertion

[Samuel Thibault]

Hello,

Some kind of refcount assertion failure we have been having is "refcount
detected use-after-free!" from the call to refcounts_ref inside
_ports_bucket_class_iterate, called for instance by the periodic sync.
I'm thinking: what about this scenario:

- thread A calls diskfs_nput()
- that calls refcounts_deref_weak(), which gets both hard and weak
  counts to 0
- thread B calls diskfs_sync_everything, which calls
  ports_bucket_iterate, which calls _ports_bucket_class_iterate
- _ports_bucket_class_iterate iterates over nodes, and calls
  refcounts_ref for the node deref-ed above. It then traps on the
  assertion.

So the situation is that diskfs_nput is releasing a node while
sync_everything is trying to sync it.

Just using refcounts_unsafe_ref is most probably not a solution since
the node is on its way out, the function called by the iterator will
most probably get it all wrong on a node being destroyed.

Another way would be as attached: just skip nodes which didn't have any
reference.  I however don't know libports enough to say whether that's
correct behavior for libports or not: AIUI callers of refcounts_deref*
are supposed to check for 0,0 and are then responsible for destroying
the node?

Samuel

patch
Description: Text document