Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Release the collision if we find one.

Browse Source 
Candidate fix for:

panic: lock error: Mutex: mutex_vector_enter,542: locking against myself: lock 0xffff8f611abd37e0 cpu 8 lwp 0xffff8f60a3c6a040
cpu8: Begin traceback...
vpanic() at netbsd:vpanic+0x178
snprintf() at netbsd:snprintf
lockdebug_abort() at netbsd:lockdebug_abort+0xe6
mutex_vector_enter() at netbsd:mutex_vector_enter+0x3c1
ksem_close_fop() at netbsd:ksem_close_fop+0x17
closef() at netbsd:closef+0x69
fd_free() at netbsd:fd_free+0x101
exit1() at netbsd:exit1+0x118
sys_exit() at netbsd:sys_exit+0x3d
syscall() at netbsd:syscall+0x299

Would be nice to have an automatic test for this.  Since semids are
only 24 bits, we only need to create a few thousand of them to have a
high probability of collision.  Maybe we should bump default semmax
while here...
This commit is contained in:
riastradh 2020-05-04 13:58:48 +00:00
parent 36c01c395b
commit c89c01dec4
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sys/kern/uipc_sem.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: uipc_sem.c,v 1.58 2019/12/17 18:16:05 ad Exp $ */
/* $NetBSD: uipc_sem.c,v 1.59 2020/05/04 13:58:48 riastradh Exp $ */
/*-
* Copyright (c) 2011, 2019 The NetBSD Foundation, Inc.
@ -60,7 +60,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: uipc_sem.c,v 1.58 2019/12/17 18:16:05 ad Exp $");
__KERNEL_RCSID(0, "$NetBSD: uipc_sem.c,v 1.59 2020/05/04 13:58:48 riastradh Exp $");
#include <sys/param.h>
#include <sys/kernel.h>
@ -110,6 +110,7 @@ static kauth_listener_t ksem_listener;
static int ksem_sysinit(void);
static int ksem_sysfini(bool);
static int ksem_modcmd(modcmd_t, void *);
static void ksem_release(ksem_t *, int);
static int ksem_close_fop(file_t *);
static int ksem_stat_fop(file_t *, struct stat *);
static int ksem_read_fop(file_t *, off_t *, struct uio *,
@ -365,6 +366,7 @@ ksem_lookup_pshared(intptr_t id)
static void
ksem_alloc_pshared_id(ksem_t *ksem)
{
ksem_t *ksem0;
uint32_t try;
KASSERT(ksem->ks_pshared_proc != NULL);
@ -374,10 +376,11 @@ ksem_alloc_pshared_id(ksem_t *ksem)
try = (cprng_fast32() & ~KSEM_MARKER_MASK) |
KSEM_PSHARED_MARKER;
if (ksem_lookup_pshared_locked(try) == NULL) {
if ((ksem0 = ksem_lookup_pshared_locked(try)) == NULL) {
/* Got it! */
break;
}
ksem_release(ksem0, -1);
}
ksem->ks_pshared_id = try;
u_long bucket = KSEM_PSHARED_HASH(ksem->ks_pshared_id);