need to reparent the process to initproc, so that child wouldn't
have its p_pptr pointer still pointing on the exited parent
pointed out by Dave Sainty in private mail (the patch in kern/14443
didn't have this bug)
in this case, and even if not, the process would be already woken up by the
wakeup() call
change sent as part of kern/17517 by David Laight
XXX perhaps should KASSERT() sel_pid is zero in the SI_COLL case
the same file multiple times because of recursive loading (ie: libx require
liby and libz and liby require libz, so libz would be loaded twice)
This is probably suboptimal, but it enable /bin/sh to load on the PowerPC,
so it's a good interim solution until we figure precisely how things should
work.
I'm not sure whether this makes the excessive recursive check useless or not.
reparented back to original parent before it's killed.
This makes the original parent aware that the child has exited if
the debugger failed to wait() on the debugged zombie before exiting.
Since we clear tracing flags before killing the child, the reparenting
logic in wait4() wouldn't be triggered, so it's necessary to do it here.
Problem reported and fix provided in kern/14443 by David Sainty.
macho_hdr, argc, *argv, NULL, *envp, NULL, progname, NULL,
*progname, **argv, **envp
Where progname is a pointer to the program name as given in the first
argument to execve(), and macho_hdr a pointer to the Mach-O header at
the beginning of the executable file.
backed by physical pages (ie. because it reused a previously-freed one),
so that we can skip a bunch of useless work in that case.
this fixes the underlying problem behind PR 18543, and also speeds up fork()
quite a bit (eg. 7% on my pc, 1% on my ultra2) when we get a cache hit.
original system call number, which can be negative for a Mach trap.
We cannot just replace code by realcode, because ktrsyscall uses it as
an index in the system call table, thus crashing the kernel when the
value is negative.
this gives:
* linux sysconf(_SC_CLK_TCK) gives correct value for linux binaries (hz)
even if hz != 100
* glibc gets proper information on real/effective uid and enables
secure mode for suid binaries
g/c LINUX_COPYARGS_FUNCTION, replaced by linux ELF copyargs function
g/c alpha-specific linux ELF copyargs function and linux ELF defines
device. Should help performance when no fingerprints are loaded.
* Back down the securelevel, now securelevel of 2 will make lack of
fingerprint or fingerprint mismatch a fatal error. Previously this
was done at securelevel 3 or greater.
and friends should either be made first-class citizens and moved
to an include file (systm.h perhaps), or nuked completely, but
not be redefined in a lot of files.
that can be used to block a process after fork(2) or exec(2) calls. The
new process is created in the SSTOP state and is never scheduled for running.
This feature is designed so that it is esay to attach the process using gdb
before it has done anything.
It works also with sproc, kthread_create, clone...
in the event that it needs to use a special VM range (x86_64 falls
into this category). We fall back onto kernel_map if machine-dependent
code doesn't create a special map.
wanted sizeof(struct disk_sysctl), use the old size. for non-COMPAT_16,
however, we return EINVAL so that all future programs are forced into
passing the wanted size. 1.6 iostat(8) works with -current kernel again.
as seen on tech-kern.
userland structure size (if passed in).
Use the supplied userland structure size (if passed in) to check if
there is enough room to copyout the next structure.
- disk_unbusy() gets a new parameter to tell the IO direction.
- struct disk_sysctl gets 4 new members for read/write bytes/transfers.
when processing hw.diskstats, add the read&write bytes/transfers for
the old combined stats to attempt to keep backwards compatibility.
unfortunately, due to multiple bugs, this will cause new kernels and old
vmstat/iostat/systat programs to fail. however, the next time this is
change it will not fail again.
this is just the kernel portion.
be32toh produces an unsigned long result, causing a printf argument
mismatch. This is the wrong fix, but I am not going to change the
powerpc macros; fix the powerpc macros and revert my change.
While a hard link to a symbolic link is not ruled out by POSIX-2001,
the link(2) interface is to perform normal pathname resolution,
which includes the resolution of symbolic links.
kqueue provides a stateful and efficient event notification framework
currently supported events include socket, file, directory, fifo,
pipe, tty and device changes, and monitoring of processes and signals
kqueue is supported by all writable filesystems in NetBSD tree
(with exception of Coda) and all device drivers supporting poll(2)
based on work done by Jonathan Lemon for FreeBSD
initial NetBSD port done by Luke Mewburn and Jason Thorpe
with privilege elevation no suid or sgid binaries are necessary any
longer. Applications can be executed completely unprivileged. Systrace
raises the privileges for a single system call depending on the
configured policy.
Idea from discussions with Perry Metzger, Dug Song and Marcus Watts.
Approved by christos and thorpej.
now carries the name of the attachment (e.g. "tlp_pci" or "audio"),
and cfattach structures are registered at boot time on a per-driver
basis. The cfdriver and cfattach pointers are cached in the device
structure when attached.
devices have been discovered. All finalizer routines are iteratively
invoked until all of them report that they have done no work.
Use this hook to fix a latent bug in RAIDframe autoconfiguration of
RAID sets exposed by the rework of SCSI device discovery.
the most "officially looking" is IEC 60027-2, ie "Ki", "Mi", ...,
which is not too popular, and which would require more code changes.
So stick with the traditional capital "K" for (divisor==1024), and use
the SI "k" otherwise (ie (divisor==1000)).
a vector of indices into the cfdata table to specify potential parents,
record the interface attributes that devices have and add a new "parent
spec" structure which lists the iattr, as well as optionally listing
specific parent device instances.
See:
http://mail-index.netbsd.org/tech-kern/2002/09/25/0014.html
...for a detailed description.
While here, const poison some things, as suggested by Matt Thomas.
This is done by adding an extra argument to mi_switch() and
cpu_switch() which specifies the new process. If NULL is passed,
then the new function chooseproc() is invoked to wait for a new
process to appear on the run queue.
Also provides an opportunity for optimisations if "switching to self".
Also added are C versions of the setrunqueue() and remrunqueue()
low-level primitives if __HAVE_MD_RUNQUEUE is not defined by MD code.
All these changes are contingent upon the __HAVE_CHOOSEPROC flag being
defined by MD code to indicate that cpu_switch() supports the changes.
memory fault handler. IRIX uses irix_vm_fault, and all other emulation
use NULL, which means to use uvm_fault.
- While we are there, explicitely set to NULL the uninitialized fields in
struct emul: e_fault and e_sysctl on most ports
- e_fault is used by the trap handler, for now only on mips. In order to avoid
intrusive modifications in UVM, the function pointed by e_fault does not
has exactly the same protoype as uvm_fault:
int uvm_fault __P((struct vm_map *, vaddr_t, vm_fault_t, vm_prot_t));
int e_fault __P((struct proc *, vaddr_t, vm_fault_t, vm_prot_t));
- In IRIX share groups, all the VM space is shared, except one page.
This bounds us to have different VM spaces and synchronize modifications
to the VM space accross share group members. We need an IRIX specific hook
to the page fault handler in order to propagate VM space modifications
caused by page faults.
return failure if swap is full and there are no free physical pages.
have malloc() use this flag if M_CANFAIL is passed to it.
use M_CANFAIL to allow amap_extend() to fail when memory is scarce.
this should prevent most of the remaining hangs in low-memory situations.
This merge changes the device switch tables from static array to
dynamically generated by config(8).
- All device switches is defined as a constant structure in device drivers.
- The new grammer ``device-major'' is introduced to ``files''.
device-major <prefix> char <num> [block <num>] [<rules>]
- All device major numbers must be listed up in port dependent majors.<arch>
by using this grammer.
- Added the new naming convention.
The name of the device switch must be <prefix>_[bc]devsw for auto-generation
of device switch tables.
- The backward compatibility of loading block/character device
switch by LKM framework is broken. This is necessary to convert
from block/character device major to device name in runtime and vice versa.
- The restriction to assign device major by LKM is completely removed.
We don't need to reserve LKM entries for dynamic loading of device switch.
- In compile time, device major numbers list is packed into the kernel and
the LKM framework will refer it to assign device major number dynamically.
being written to. Breakpoints aren't good in a RAS. This test isn't
infallible, since we can't protect memory which will be registered
as a RAS in the future.
Also, set the PC before attempting to single-step, so we can backout
from single-stepping. Just in case we try to single-step into a RAS.
name to start up as init (rather than just cycling thru initpaths[]
and panicing when out of options). if RB_ASKNAME isn't set, the old
behaviour remains. inspired by changes in der Mouse's patchtree.
resolves [kern/18027] from me.
counters. These counters do not exist on all CPUs, but where they
do exist, can be used for counting events such as dcache misses that
would otherwise be difficult or impossible to instrument by code
inspection or hardware simulation.
pmc(9) is meant to be a general interface. Initially, the Intel XScale
counters are the only ones supported.
- avoid race conditions by having seqno in ioctl
- better uid/gid tracking
- "replace" policy to replace args
- less diffs, as many of local changes were fed back to openbsd already
due to the 1st item, it was impossible for us to provide backward-compatibility
(new kernel + old bin/systrace won't work). upgrade both.
* In pool_prime_page(), assert that the object being placed onto the
free list meets the alignment constraints (that "ioff" within the
object is aligned to "align").
* In pool_init(), round up the object size to the alignment value (or
ALIGN(1), if no special alignment is needed) so that the above invariant
holds true.
gets reset properly when the old parent exits before the child. A flag
is set in old parent process when the child is reparented in ptrace(2).
If it's set when process is exiting, all running processes have their
'old parent process' pointer checked and reset if appropriate. Also
change to use 'struct proc *' pointer directly, rather than pid_t.
This fixes security/14444 by David Sainty.
Reviewed by Christos Zoulas.
One basic struct, a function to setup a queue with a specific strategy and
three macros to put buf's into the queue, get and remove the next buf or
get the next buf without removal.
The BUFQ_XXX interface will be removed in the future.
The B_ORDERED flag is not longer supported.
Approved by: Jason R. Thorpe <thorpej@wasabisystems.com>
* struct sigacts gets a new sigact_sigdesc structure, which has the
sigaction and the trampoline/version. Version 0 means "legacy kernel
provided trampoline". Other versions are coordinated with machine-
dependent code in libc.
* sigaction1() grows two more arguments -- the trampoline pointer and
the trampoline version.
* A new __sigaction_sigtramp() system call is provided to register a
trampoline along with a signal handler.
* The handler is no longer passed to sensig() functions. Instead,
sendsig() looks up the handler by peeking in the sigacts for the
process getting the signal (since it has to look in there for the
trampoline anyway).
* Native sendsig() functions now select the appropriate trampoline and
its arguments based on the trampoline version in the sigacts.
Changes to libc to use the new facility will be checked in later. Kernel
version not bumped; we will ride the 1.6C bump made recently.
* Keep pointers to the first and last mbufs of the last record in the
socket buffer.
* Use the sb_lastrecord pointer in the sbappend*() family of functions
to avoid traversing the packet chain to find the last record.
* Add a new sbappend_stream() function for stream protocols which
guarantee that there will never be more than one record in the
socket buffer. This function uses the sb_mbtail pointer to perform
the data insertion. Make TCP use sbappend_stream().
On a profiling run, this makes sbappend of a TCP transmission using
a 1M socket buffer go from 50% of the time to .02% of the time.
Thanks to Bill Sommerfeld and YAMAMOTO Takashi for their debugging
assistance!
as necessary:
* Implement a new mbuf utility routine, m_copyup(), is is like
m_pullup(), except that it always prepends and copies, rather
than only doing so if the desired length is larger than m->m_len.
m_copyup() also allows an offset into the destination mbuf, which
allows space for packet headers, in the forwarding case.
* Add *_HDR_ALIGNED_P() macros for IP, IPv6, ICMP, and IGMP. These
macros expand to 1 if __NO_STRICT_ALIGNMENT is defined, so that
architectures which do not have strict alignment constraints don't
pay for the test or visit the new align-if-needed path.
* Use the new macros to check if a header needs to be aligned, or to
assert that it already is, as appropriate.
Note: This code is still somewhat experimental. However, the new
code path won't be visited if individual device drivers continue
to guarantee that packets are delivered to layer 3 already properly
aligned (which are rules that are already in use).
still in the chroot. If not, teleport the lookup to the chroot
and log. Closes an assisted-jail escape method pointed out by
xs@kittenz.org. Patch from xs@kittenz.org and myself
It's not even built if the option isn't present.
* Use cdev_decl() to generate prototypes for the devsw functions.
* Minor whitespace cleanup.
* Nuke the SYSTR_CLONE ioctl from orbit; instead, just clone it in
systraceopen(), like we do with svr4_net.
trying to MSG_PEEK for more than the socket can hold. The second is that
before sleeping waiting for more data, upcall the protocol telling it you
have just received data so it can kick itself to re-fill the just drained
socket buffer.
and an error occurs, make sure the socket doesn't retain a partial
copy by dropping the rest of the record.
This would otherwise trigger a panic("receive 1a") under DIAGNOSTIC.
Fixes PR#16990, suggested fix adapted.
Reviewed by Matt Thomas.
- implement SIMPLEQ_REMOVE(head, elm, type, field). whilst it's O(n),
this mirrors the functionality of SLIST_REMOVE() (the other
singly-linked list type) and FreeBSD's STAILQ_REMOVE()
- remove the unnecessary elm arg from SIMPLEQ_REMOVE_HEAD().
this mirrors the functionality of SLIST_REMOVE_HEAD() (the other
singly-linked list type) and FreeBSD's STAILQ_REMOVE_HEAD()
- remove notes about SIMPLEQ not supporting arbitrary element removal
- use SIMPLEQ_FOREACH() instead of home-grown for loops
- use SIMPLEQ_EMPTY() appropriately
- use SIMPLEQ_*() instead of accessing sqh_first,sqh_last,sqe_next directly
- reorder manual page; be consistent about how the types are listed
- other minor cleanups
enough to be useful, and broadening it so that it did would have meant
that operations possibly requiring synchronous disk activity would have
to be done in splbio(). This clearly was not going to work.
Worked around this in the LFS case by having lfs_cluster_callback put an
extra hold on the vnode before calling biodone(), and taking the hold
off without HOLDRELE's problematic list swapping. lfs_vunref() will take
care of that---in thread context---on the next write if need be.
Also, ensure that the list walking in lfs_{writevnodes,segunlock,gather}
takes into account the possibility that the list may change
underneath it (possibly because it itself deleted an element).
Tested on i386, test-compiled on alpha.
by default, and can be enabled by adding the SOSEND_LOAN option to your
kernel config. The SOSEND_COUNTERS option can be used to provide some
instrumentation.
Use of this option, combined with an application that does large enough
writes, gets us zero-copy on the TCP and UDP transmit path.
closed, open those fds to /dev/null.
XXX: This needs to be fixed in a better way. The kernel should not need to
know about /dev/null or special case 0, 1, 2.
This generates more useful information of a process who catches SIGINFO,
rather than always printing "runnable" (the process is marked runnable
because of the signal).
Inspired by the behavior of BSD/OS.
indicating an unhandled "command". ERESTART is -1, which can lead to
confusion. ERESTART has been moved to -3 and EPASSTHROUGH has been
placed at -4. No ioctl code should now return -1 anywhere. The
ioctl() system call is now properly restartable.
on the <bsd-api-discuss@wasabisystems.com> mailing list. PT_IO
is a more general inferior I/D space I/O mechanism. FreeBSD and
OpenBSD have also added PT_IO.
From lha@stacken.kth.se, kern/15945.
back in rev. 1.51, bread() and breadn() were changed to assume that
if B_DONE is set on a buffer returned by bio_doread(), that the buffer
must have already been in the cache, and thus the overall bread() should
return success. but if the requested buffer is not in the cache and
is past the end of the device, bounds_check_with_label() will set B_ERROR
on the buffer and the caller will call biodone(), which will cause bread()
to think the buffer was already in the cache and thus return success.
to fix this, undo rev. 1.51 and instead have biowait() treat both B_DONE
and B_DELWRI as indicators that it doesn't need to sleep waiting for an
i/o to complete.
Changes:
* MP locking changes (mostly FreeBSD specific)
XXXSMP the MP locking macros are noops on NetBSD for now
* kevent fix (FreeBSD rev. 1.87): when the last reader/writer
disconnects, ensure that anybody who is waiting for the kevent
on the other end of the pipe gets EV_EOF
* kill __P
first. This is necessary to avoid warnings with -fshort-enums. Casting
to an int really should be enough, but turns out not to be.
This change will be documented in doc/HACKS.
m_reclaim() to match the drain hook signature. This allows us to
delete m_retry() and m_retryhdr(), as the pool allocator will now
perform the reclaimation step for us.
From art@openbsd.org.
and the latter, while there was some code tested the bit, was woefully
incomplete and also unused by anything. Besides, PR_STATIC functionality
could be better handled by backend allocators anyhow.
From art@openbsd.org
pool_set_drain_hook(). This hook is called in three cases:
* When a pool has hit the hard limit, just before either erroring
out or sleeping.
* When a backend allocator fails to allocate memory.
* Just before trying to reclaim pages in pool_reclaim().
This hook requests the client to try and free some items back to
the pool.
From art@openbsd.org.
deal with shortages of the VM maps where the backing pages are mapped
(usually kmem_map). Try to deal with this:
* Group all information about the backend allocator for a pool in a
separate structure. The pool references this structure, rather than
the individual fields.
* Change the pool_init() API accordingly, and adjust all callers.
* Link all pools using the same backend allocator on a list.
* The backend allocator is responsible for waiting for physical memory
to become available, but will still fail if it cannot callocate KVA
space for the pages. If this happens, carefully drain all pools using
the same backend allocator, so that some KVA space can be freed.
* Change pool_reclaim() to indicate if it actually succeeded in freeing
some pages, and use that information to make draining easier and more
efficient.
* Get rid of PR_URGENT. There was only one use of it, and it could be
dealt with by the caller.
From art@openbsd.org.
header to distinguish between o32, n32 and n64 ABIs. We now use this.
This suppress the need of the mips_option test, which had some fake positive.
This also removes the mandatory ordering of n32 vs o32 in the exec switch
(exec_conf.c)
since bounds_check_with_label() will truncate a buffer that crosses
the end of the partition. adjust the assertion to account for this.
fixes PRs 7938, 12156, 12698, 13076, 13210 and 13288.
rounded up to respect boundary limits, adjust newstart and last before
skiping to the next region. Otherwise we may check the same candidate
region against the start of the next region, no the one immediatly following
the hole, leading to corrupted map.
This fixes the panic seen on sparc64 with scsi drivers, and probably fixes
PR 15489.
easy, convenient dropping into DDB at the "root device: " prompt.
Useful if your console can't do it w/o actually taking an interrupt
and you want to, say, look at the boot messages.
as an added measure to make sure that we can execute a binary.
These default to (1) if elf_machdep.h does not override them.
On Sun2, ELF32_EHDR_FLAGS_OK() checks for the presense of EF_M68000,
since the 68010 cannot run binaries for the 68020-and-up.
was successfully changed. previously, successfully viewing the
current value would flush the cache :-/
- similarly, don't change hostid and sb_max unless the value was
successfully changed
ltsleep() is calling CURSIG() which can call issignal() and issignal()
could not deal with being called from a locked context. This happens
when a process receives SIGTTIN, and issignal() calls psignal() to
post SIGCHLD to the parent.
XXX: It is really messy to have issignal() handle the job control
functionality and the whole signal interlocking protocol needs to
be re-designed. For now this fix (provided by enami) does the trick.
I've been running with this fix for weeks, and atatat has stress-tested
the kernel running ~30 make kernels...
expecting pmap_kenter_pa() to be used to replace an existing mapping,
plus it just seems like a bad idea to keep around mappings of pages
that may be freed and reused.
uint32_t namei_hash(const char *p, const char **ep)
which determines the equivalent MI hash32_str() hash for p.
If *ep != NULL, calculate the hash to the character before ep.
If *ep == NULL, calculate the has to the first / or NUL found, and
point *ep to that location.
- Use namei_hash() to calculate cn_hash in lookup() and relookup().
Hash distribution goes from 35-40% to 55-70%, with similar profiled
time spent in cache_lookup() and cache_enter() on my P3-600.
- Use namei_hash() to calculate cn_hash in nfs_readdirplusrpc(),
insetad of homegrown code (that differed from that in lookup() !)
namei_hash() has better spread and is faster than previous code
(which used a non-constant multiplication).
in f_flag of struct file
for now, keep former f_iflags of struct file as _f_spare0, it will be g/c'ed
when struct file will be changed (this will happen soon)
VOP_PUTPAGES() just because the vnode has no pages. layered filesystems
will want to pass these calls on through to the underlying filesystem,
and non-layered filesystems may need to remove the vnode from the
syncer queues. fix up MP locking and add some locking assertions.
fixes PRs 12284 and 14640.
(__HAVE_PTRACE_MACHDEP) and procfs (__HAVE_PROCFS_MACHDEP).
These changes will allow platforms like x86 (XMM) and PowerPC
(AltiVec) to export extended register sets in a sane manner.
* Use __HAVE_PTRACE_MACHDEP to export x86 XMM registers (standard
FP + SSE/SSE2) using PT_{GET,SET}XMMREGS (in the machdep
ptrace request space).
* Use __HAVE_PROCFS_MACHDEP to export x86 XMM registers via
/proc/N/xmmregs in procfs.
case when the requested memory size can't ever be granted - instead
of panic, malloc(9) would return failure (NULL).
Note kernel code should do proper bound checking, rather than
depend on M_CANFAIL. This flag is only supposed to be used in very
special cases, where common bound checking is not appropriate.
Discussed on tech-kern@, name ``M_CANFAIL'' suggested by Chuck Cranor.
is freed prematurely the check won't be triggered immediatelly, probably
since the memory is likely to be reused fast; but it _would_ be triggered
eventually
at all, it's only needed in LKM case
use #if defined(LKM) || defined(_LKM) condition for netbsd32_execve.c,
to DTRT when either compiled statically into kernel with LKM support,
or compiled as a LKM
* return EINVAL if specified current limit exceeds specified hard limit.
This behaviour is required by SUSv2 (noted by Giles Lean on tech-kern)
* return EINVAL if an attempt is made to lower stack size limit below
current usage; this addresses bin/3045 by Jason Thorpe, and conforms to SUSv2
- replace opt_kgdb_machdep.h with opt_kgdb.h
- defparam opt_kgdb.h:
KGDB_DEV KGDB_DEVNAME KGDB_DEVADDR KGDB_DEVRATE KGDB_DEVMODE
- move from opt_ddbparam.h to opt_ddb.h:
DDB_FROMCONSOLE DDB_ONPANIC DDB_HISTORY_SIZE DDB_BREAK_CHAR SYMTAB_SPACE
- replace KGDBDEV with KGDB_DEV
- replace KGDBADDR with KGDB_DEVADDR
- replace KGDBMODE with KGDB_DEVMODE
- replace KGDBRATE with KGDB_DEVRATE
- use `9600' instead of `0x2580' for 9600 baud rate
- use correct quotes for options KGDB_DEVNAME="\"com\""
- use correct quotes for options KGDB_DEV="17*256+0"
- remove unnecessary dependancy on Makefile for kgdb_stub.o
- minor whitespace cleanup
This is a followup to PR/14558.
- itimerfix(9) limited the number of seconds to 100M, before I changed
it to 1000M for PR/14558.
- nanosleep(2) documents a limit of 1000M seconds.
- setitimer(2), select(2), and other library functions that indirectly
use setitimer(2) for example alarm(3) don't specify a limit.
So it only seems appropriate that any positive number of seconds in
struct timeval should be accepted by any code that uses itimerfix(9)
directly, except nanosleep(2) which should check for 1000M seconds
manually. This changes makes the manual pages of select(2), nanosleep(2),
setitimer(2), and alarm(3) consistent with the code.
pages loaned to the kernel. this implies that we also need to
call pmap_kremove() before uvm_km_free().
other general cleanup: remove argument names from prototypes,
rename some variables, etc.
executable mappings. Stop overloading VTEXT for this purpose (VTEXT
also has another meaning).
- Rename vn_marktext() to vn_markexec(), and use it when executable
mappings of a vnode are established.
- In places where we want to set VTEXT, set it in v_flag directly, rather
than making a function call to do this (it no longer makes sense to
use a function call, since we no longer overload VTEXT with VEXECMAP's
meaning).
VEXECMAP suggested by Chuq Silvers.
THAT accurate and microtime(9) is painlessly slow on i386 currently.
This speeds up small transfers much. The gain for large transfers
is less significant, but notable too.
Bottleneck was found by Andreas Persson (Re: kern/14246).
Performance improvement with PIII on 661 Mhz according to hbench (with
PIPE_MINDIRECT=8192):
buffersize before after
512 17 49
1024 33 110
2048 52 143
4096 77 163
8192 142 190
64K 577 662
128K 372 392
vnode, we should not attempt to remove the namecache entry. this is because
vget() can sleep (eg. if VXLOCK is set because the vnode is being reclaimed),
and so multiple threads can end up in this context at the same time.
if this happens, each thread ends up removing the cache entry, but
the code to remove the entry assumes that the entry is still valid.
so we should just leave the (now stale) entry in the cache.
if another thread finds the entry again before it is reused,
that thread will notice that the entry is stale and remove it safely.
fixes PR 14042.