Chinaunix首页 | 论坛 | 博客
  • 博客访问: 241181
  • 博文数量: 36
  • 博客积分: 743
  • 博客等级: 中士
  • 技术积分: 846
  • 用 户 组: 普通用户
  • 注册时间: 2011-03-26 01:02
文章分类

全部博文(36)

文章存档

2014年(3)

2013年(4)

2012年(29)

分类: LINUX

2012-11-14 16:55:28

近日,听说pthread_create会造成内存泄漏,觉得不可思议,因此对posix(nptl)的线程创建和销毁进行了分析。

分析结果:如果使用不当,确实会造成内存泄漏。
产生根源:pthread_create默认创建的线程是非detached的。
预防方式:要么创建detached的线程,要么线程线程的start_routine结束之前detached,要么join

分析过程如下:

  1.查看pthread_create源代码,核心代码如下(nptl/pthread_create.c):

点击(此处)折叠或打开

  1. int
  2. __pthread_create_2_1 (newthread, attr, start_routine, arg)
  3.      pthread_t *newthread;
  4.      const pthread_attr_t *attr;
  5.      void *(*start_routine) (void *);
  6.      void *arg;
  7. {
  8.   STACK_VARIABLES;

  9.   const struct pthread_attr *iattr = (struct pthread_attr *) attr;
  10.   if (iattr == NULL)
  11.     /* Is this the best idea? On NUMA machines this could mean
  12.        accessing far-away memory. */
  13.     iattr = &default_attr;

  14.   struct pthread *pd = NULL;
  15.   int err = ALLOCATE_STACK (iattr, &pd);//为tcb分配内存
  16.   if (__builtin_expect (err != 0, 0))
  17.     /* Something went wrong. Maybe a parameter of the attributes is
  18.        invalid or we could not allocate memory. */
  19.     return err;
  20. //……
  21. err = create_thread (pd, iattr, STACK_VARIABLES_ARGS);//正式创建线程


2.查看createthread.c(nptl/sysdeps/pthread/createthread.c)

点击(此处)折叠或打开

  1. static int
  2. create_thread (struct pthread *pd, const struct pthread_attr *attr,
  3.            STACK_VARIABLES_PARMS)
  4. {
  5. #ifdef TLS_TCB_AT_TP
  6.   assert (pd->header.tcb != NULL);
  7. #endif
  8. //……

  9. int res = do_clone (pd, attr, clone_flags, start_thread,
  10.                   STACK_VARIABLES_ARGS, 1);//clone一个进程
3.接着看start_thread(nptl/pthread_create.c)做了什么

点击(此处)折叠或打开

  1. static int
  2. start_thread (void *arg)
  3. {
  4.   struct pthread *pd = (struct pthread *) arg;
  5. //……

  6.       /* Run the code the user provided. */
  7. #ifdef CALL_THREAD_FCT
  8.       THREAD_SETMEM (pd, result, CALL_THREAD_FCT (pd))
  9. #else
  10.       THREAD_SETMEM (pd, result, pd->start_routine (pd->arg)); //正式启动线程的执行,并等待执行完成
  11. #endif
  12. //……
  13. if (IS_DETACHED (pd))
  14.     /* Free the TCB.  */
  15.     __free_tcb (pd);//如果设置detached标志,则释放tcb占用的内容,否则直接返回
  16.   else if (__builtin_expect (pd->cancelhandling & SETXID_BITMASK, 0))
  17.     {
  18.       /* Some other thread might call any of the setXid functions and expect
  19.      us to reply.  In this case wait until we did that.  */
  20.       do
  21.     lll_futex_wait (&pd->setxid_futex, 0, LLL_PRIVATE);
  22.       while (pd->cancelhandling & SETXID_BITMASK);

  23.       /* Reset the value so that the stack can be reused.  */
  24.       pd->setxid_futex = 0;
  25.     }
从上面的过程,我们可以看到,如果在创建线程的时候,如果没有设置detached标志,则tcb内存永远不会释放

接下来,我们看看pthread_detach(npth/pthread_detach.c)做了什么

点击(此处)折叠或打开

  1. int
  2. pthread_detach (th)
  3.      pthread_t th;
  4. {
  5.   struct pthread *pd = (struct pthread *) th;

  6.   /* Make sure the descriptor is valid. */
  7.   if (INVALID_NOT_TERMINATED_TD_P (pd))
  8.     /* Not a valid thread handle. */
  9.     return ESRCH;

  10.   int result = 0;

  11.   /* Mark the thread as detached. */
  12.   if (atomic_compare_and_exchange_bool_acq (&pd->joinid, pd, NULL))
  13.     {
  14.       /* There are two possibilities here. First, the thread might
  15.      already be detached. In this case we return EINVAL.
  16.      Otherwise there might already be a waiter. The standard does
  17.      not mention what happens in this case. */
  18.       if (IS_DETACHED (pd))
  19.     result = EINVAL;
  20.     }
  21.   else
  22.     /* Check whether the thread terminated meanwhile. In this case we
  23.        will just free the TCB. */
  24.     if ((pd->cancelhandling & EXITING_BITMASK) != 0)
  25.       /* Note that the code in __free_tcb makes sure each thread
  26.      control block is freed only once. */
  27.       __free_tcb (pd);//经过一系列的容错判断,直接释放tcb占用的内存

  28.   return result;
  29. }
最后,我们看一下pthread_join(nptl/pthread_join.c)做了什么

点击(此处)折叠或打开

  1. int
  2. pthread_join (threadid, thread_return)
  3.      pthread_t threadid;
  4.      void **thread_return;
  5. {
  6.   struct pthread *pd = (struct pthread *) threadid;

  7.   /* Make sure the descriptor is valid. */
  8.   if (INVALID_NOT_TERMINATED_TD_P (pd))
  9.     /* Not a valid thread handle. */
  10.     return ESRCH;

  11.   /* Is the thread joinable?. */
  12.   if (IS_DETACHED (pd))
  13.     /* We cannot wait for the thread. */
  14.     return EINVAL;

  15.   struct pthread *self = THREAD_SELF;
  16.   int result = 0;

  17.   /* During the wait we change to asynchronous cancellation. If we
  18.      are canceled the thread we are waiting for must be marked as
  19.      un-wait-ed for again. */
  20.   pthread_cleanup_push (cleanup, &pd->joinid);

  21.   /* Switch to asynchronous cancellation. */
  22.   int oldtype = CANCEL_ASYNC ();

  23.   if ((pd == self
  24.        || (self->joinid == pd
  25.      && (pd->cancelhandling
  26.      & (CANCELING_BITMASK | CANCELED_BITMASK | EXITING_BITMASK
  27.          | TERMINATED_BITMASK)) == 0))
  28.       && !CANCEL_ENABLED_AND_CANCELED (self->cancelhandling))
  29.     /* This is a deadlock situation. The threads are waiting for each
  30.        other to finish. Note that this is a "may" error. To be 100%
  31.        sure we catch this error we would have to lock the data
  32.        structures but it is not necessary. In the unlikely case that
  33.        two threads are really caught in this situation they will
  34.        deadlock. It is the programmer's problem to figure this
  35.        out. */
  36.     result = EDEADLK;
  37.   /* Wait for the thread to finish. If it is already locked something
  38.      is wrong. There can only be one waiter. */
  39.   else if (__builtin_expect (atomic_compare_and_exchange_bool_acq (&pd->joinid,
  40.                                  self,
  41.                                  NULL), 0))
  42.     /* There is already somebody waiting for the thread. */
  43.     result = EINVAL;
  44.   else
  45.     /* Wait for the child. */
  46.     lll_wait_tid (pd->tid);


  47.   /* Restore cancellation mode. */
  48.   CANCEL_RESET (oldtype);

  49.   /* Remove the handler. */
  50.   pthread_cleanup_pop (0);


  51.   if (__builtin_expect (result == 0, 1))
  52.     {
  53.       /* We mark the thread as terminated and as joined. */
  54.       pd->tid = -1;

  55.       /* Store the return value if the caller is interested. */
  56.       if (thread_return != NULL)
  57.     *thread_return = pd->result;//设置返回值


  58.       /* Free the TCB. */
  59.       __free_tcb (pd);/释放TCB占用内存
  60.     }

  61.   return result;
  62. }

综上,如果要保证创建线程之后,确保无内存泄漏,必须采用如下方法来规范pthread_create的使用:
方法一、创建detached的线程

点击(此处)折叠或打开

  1. void run() {
  2.     return;
  3. }
  4.                                                                                                        
  5. int main(){
  6.     pthread_t thread;
  7.     pthread_attr_t attr;
  8.     pthread_attr_init( &attr );
  9.     pthread_attr_setdetachstate(&attr,1);
  10.     pthread_create(&thread, &attr, run, 0);
  11.           
  12.     //...... 
  13.     return 0;
  14. }

方法二、要么线程线程的start_routine结束之前detached

点击(此处)折叠或打开

  1. void run() {
  2.     pthread_detach(pthread_self());
  3. }
  4.                                                                                                        
  5. int main(){
  6.     pthread_t thread;  
  7.     pthread_create(&thread, NULL, run, 0);
  8.               
  9.     //...... 
  10.     return 0;
  11. }

方法三、主线程使用pthread_join

点击(此处)折叠或打开

  1. void run() {
  2.     return;
  3. }
  4.                                                                                                        
  5. int main(){
  6.     pthread_t thread; 
  7.     pthread_create(&thread, NULL, run, 0);  
  8.                                        
  9.     //...... 
  10.     pthread_join(thread,NULL);
  11.     return 0;
  12. }

阅读(7705) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~