269277 2023-02-01 15:38:08 +0000 On 12.3, process-shared mutex may fail locking operations after usage of ANOTHER process-shared mutex. 2023-08-27 07:12:25 +0000 1 1 1 Unclassified Base System kern 12.3-RELEASE amd64 Any Closed FIXED --- Affects Some People --- 1 rau8344 kib delphij emaste kib oldest_to_newest 1245202 0 239841 rau8344 2023-02-01 15:38:08 +0000 Created attachment 239841 Minimal code to recreate issue On FreeBSD 12.3 amd64, a process-shared mutex may fail locking operations after usage of ANOTHER process-shared mutex. Original issue was seen running a particular sequence of unit tests against a complex codebase; sometimes saw two threads lock the same mutex at the same time, or fail on lock with EINVAL. Issue recreated Recreated the EINVAL issue with a minimal example on a single thread (see attached), both with gtest and without. Tested on two physical quad-core machines (a Beckhoff 2040 and a Beckhoff 2042). 1245223 1 kib 2023-02-01 20:19:26 +0000 https://reviews.freebsd.org/D38345 1245236 2 commit-hook 2023-02-01 23:41:45 +0000 A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=25c862ae503a1c99458f4e055fd50c878fadbea3 commit 25c862ae503a1c99458f4e055fd50c878fadbea3 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-02-01 20:12:45 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-02-01 22:59:27 +0000 libthr pshared: correct a bug in allocation When __thr_pshared_offpage() is called for allocation, it must not use the cached offpage for the key. Instead, the cached offpage must be unmapped and removed from the cache, if any. It is legitimate for the user code to unmap the shared lock object without destroying it, and then mapping something over the freed VA to carry another shared lock. In this case the cached offpage must be un-cached. PR: 269277 Reported by: rau8344@gmail.com Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D38345 lib/libthr/thread/thr_pshared.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) 1246030 3 commit-hook 2023-02-08 00:27:56 +0000 A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=c8452bdeed4fc1f1feadf36c6008367263292254 commit c8452bdeed4fc1f1feadf36c6008367263292254 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-02-01 20:12:45 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-02-08 00:26:59 +0000 libthr pshared: correct a bug in allocation PR: 269277 (cherry picked from commit 25c862ae503a1c99458f4e055fd50c878fadbea3) lib/libthr/thread/thr_pshared.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) 1271815 4 delphij 2023-08-27 07:03:03 +0000 Could you please also backport 3cf37d1251bf71b2171e67af8f2ca43cbe3d874d and 25c862ae503a1c99458f4e055fd50c878fadbea3 to stable/12? (These will apply cleanly). 1271817 5 commit-hook 2023-08-27 07:12:25 +0000 A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=e579e7e3281f8f096d5a3ca341adcf26bb0df765 commit e579e7e3281f8f096d5a3ca341adcf26bb0df765 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-02-01 20:12:45 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-08-27 07:10:52 +0000 libthr pshared: correct a bug in allocation PR: 269277 (cherry picked from commit 25c862ae503a1c99458f4e055fd50c878fadbea3) lib/libthr/thread/thr_pshared.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) 239841 2023-02-01 15:38:08 +0000 2023-02-01 15:38:08 +0000 Minimal code to recreate issue main_lock_issue_fbsd12.cpp text/plain 5031 rau8344 I2luY2x1ZGUgPGVycm5vLmg+DQojaW5jbHVkZSA8ZmNudGwuaD4KI2luY2x1ZGUgPHB0aHJlYWQu aD4KI2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9tbWFuLmg+CgojZGVmaW5l IGd0ZXN0IDEKCiNpZmRlZiBndGVzdAojaW5jbHVkZSA8Z3Rlc3QvZ3Rlc3QuaD4KI2Vsc2UNCiNp bmNsdWRlIDxzeXMvc3RhdC5oPgojaW5jbHVkZSA8c3N0cmVhbT4KI2luY2x1ZGUgPHN0cmluZz4K I2luY2x1ZGUgPHVuaXN0ZC5oPgojaW5jbHVkZSA8aW9zdHJlYW0+CiNkZWZpbmUgRkFJTCgpIGNv dXQgPDwgIkZBSUw6IgojZW5kaWYKCnVzaW5nIG5hbWVzcGFjZSBzdGQ7Cgpjb25zdCBzdHJpbmcg TVVURVgxX05BTUUgPSAibXV0ZXhfMSI7CmNvbnN0IHN0cmluZyBNVVRFWDJfTkFNRSA9ICJtdXRl eF8yIjsKCnN0cnVjdCBOYW1lZF9tdXRleF90CnsKICAgcHRocmVhZF9tdXRleF90IG11dGV4Owog ICBwdGhyZWFkX211dGV4YXR0cl90IG11dGV4YXR0cjsKfTsKCnN0cmluZyBnZXRfc2hhcmVkX21l bW9yeV9wYXRoKGNvbnN0IHN0cmluZyAmbmFtZSkKewogICAvL2h0dHBzOi8vbWFuLmZyZWVic2Qu b3JnL2NnaS9tYW4uY2dpP3F1ZXJ5PXNobV9vcGVuJmFwcm9wb3M9MCZzZWt0aW9uPTImbWFucGF0 aD1GcmVlQlNEKzEyLjMtUkVMRUFTRSZhcmNoPWRlZmF1bHQmZm9ybWF0PWh0bWwKICAgLy8gVHdv IHByb2Nlc3NlcyBvcGVuaW5nIHRoZSBzYW1lIHBhdGgNCiAgIC8vIGFyZSBndWFyYW50ZWVkIHRv IGFjY2VzcyB0aGUgc2FtZSBzaGFyZWQgbWVtb3J5IG9iamVjdCBpZiBhbmQgb25seSBpZg0KICAg Ly8gcGF0aCBiZWdpbnMgd2l0aCBhIHNsYXNoKGAvJykgY2hhcmFjdGVyLgogICBzdHJpbmcgczsK ICAgcyA9ICIvdG1wLyI7CiAgIHMgKz0gbmFtZTsKICAgcmV0dXJuIHM7Cn0KCmNsYXNzIFNoYXJl ZF9tdXRleF9yZWdpb24KewpwdWJsaWM6CiAgIFNoYXJlZF9tdXRleF9yZWdpb24oY29uc3Qgc3Rk OjpzdHJpbmcgJm5hbWUpIDoKICAgICAgcGF0aChnZXRfc2hhcmVkX21lbW9yeV9wYXRoKG5hbWUp KSwKICAgICAgZmQoLTEpCiAgIHsKICAgICAgZmQgPSBzaG1fb3BlbihwYXRoLmNfc3RyKCksCiAg ICAgICAgIE9fUkRXUiB8IE9fQ1JFQVQgfCBPX0VYQ0wsCiAgICAgICAgIFNfSVJVU1IgfCBTX0lX VVNSIHwgU19JUkdSUCB8IFNfSVdHUlAgfCBTX0lST1RIIHwgU19JV09USCk7CiAgICAgIGZ0cnVu Y2F0ZShmZCwgc2l6ZW9mKE5hbWVkX211dGV4X3QpKTsKICAgfQogICB+U2hhcmVkX211dGV4X3Jl Z2lvbigpCiAgIHsKICAgICAgc2htX3VubGluayhwYXRoLmNfc3RyKCkpOwogICAgICBjbG9zZShm ZCk7CiAgIH0KcHJpdmF0ZToKICAgY29uc3Qgc3RkOjpzdHJpbmcgcGF0aDsKICAgaW50IGZkOwp9 OwoKDQpjbGFzcyBTaGFyZWRfbXV0ZXhfcG9pbnRlcg0Kew0KcHVibGljOg0KICAgU2hhcmVkX211 dGV4X3BvaW50ZXIoY29uc3Qgc3RkOjpzdHJpbmcgJm5hbWUpIDoNCiAgICAgIHBhdGgoZ2V0X3No YXJlZF9tZW1vcnlfcGF0aChuYW1lKSksDQogICAgICBmZCgtMSksCiAgICAgIGFkZHJlc3MoMCkN CiAgIHsKICAgICAgaW50IGZkID0gc2htX29wZW4ocGF0aC5jX3N0cigpLAogICAgICAgICBPX1JE V1IsCiAgICAgICAgIFNfSVJPVEggfCBTX0lXT1RIKTsKICAgICAgYWRkcmVzcyA9IG1tYXAoMCwg c2l6ZW9mKE5hbWVkX211dGV4X3QpLCBQUk9UX1JFQUQgfCBQUk9UX1dSSVRFLCBNQVBfU0hBUkVE LCBmZCwgMCk7DQogICB9DQogICB+U2hhcmVkX211dGV4X3BvaW50ZXIoKQ0KICAgewogICAgICBt dW5tYXAoYWRkcmVzcywgc2l6ZW9mKE5hbWVkX211dGV4X3QpKTsKICAgICAgY2xvc2UoZmQpOwog ICB9CiAgIE5hbWVkX211dGV4X3QgKiBvcGVyYXRvci0+ICgpIHsgcmV0dXJuIHN0YXRpY19jYXN0 PE5hbWVkX211dGV4X3QgKj4oYWRkcmVzcyk7IH0KcHJpdmF0ZToKICAgY29uc3Qgc3RkOjpzdHJp bmcgcGF0aDsNCiAgIGludCBmZDsNCiAgIHZvaWQgKiBhZGRyZXNzOw0KfTsKCnZvaWQgcHRocmVh ZF90cnlfc2FtZV90aHJlYWQoKQp7CiAgIHRyeQogICB7CiAgICAgIC8vIGNvdXQgPDwgIkNyZWF0 ZSBtdXRleCAxIGluIHNoYXJlZCBtZW1vcnksIGdldCByZWZlcmVuY2UsIGFuZCBpbml0aWFsaXpl IiA8PCBlbmRsOwogICAgICBTaGFyZWRfbXV0ZXhfcmVnaW9uIHBlcnNpc3RlbnRfZXZlbnRfcmVn aW9uKE1VVEVYMV9OQU1FKTsKICAgICAgU2hhcmVkX211dGV4X3BvaW50ZXIgcGVyc2lzdGVudF9l dmVudF9wb2ludGVyKE1VVEVYMV9OQU1FKTsKICAgICAgaWYgKHB0aHJlYWRfbXV0ZXhhdHRyX2lu aXQoJnBlcnNpc3RlbnRfZXZlbnRfcG9pbnRlci0+bXV0ZXhhdHRyKSkgeyBGQUlMKCkgPDwgIkZh aWxlZCBwdGhyZWFkX211dGV4YXR0cl9pbml0IiA8PCBlbmRsOyB9DQogICAgICBpZiAocHRocmVh ZF9tdXRleGF0dHJfc2V0cHNoYXJlZCgmcGVyc2lzdGVudF9ldmVudF9wb2ludGVyLT5tdXRleGF0 dHIsIFBUSFJFQURfUFJPQ0VTU19TSEFSRUQpKSB7IEZBSUwoKSA8PCAiRmFpbGVkIHB0aHJlYWRf bXV0ZXhhdHRyX3NldHBzaGFyZWQiIDw8IGVuZGw7IH0NCiAgICAgIGlmIChwdGhyZWFkX211dGV4 X2luaXQoJnBlcnNpc3RlbnRfZXZlbnRfcG9pbnRlci0+bXV0ZXgsICZwZXJzaXN0ZW50X2V2ZW50 X3BvaW50ZXItPm11dGV4YXR0cikpIHsgRkFJTCgpIDw8ICJGYWlsZWQgcHRocmVhZF9tdXRleF9p bml0IiA8PCBlbmRsOyB9DQoKICAgICAgLy8gY291dCA8PCAiR2V0IGFub3RoZXIgcmVmZXJlbmNl LCBsb2NrICYgdW5sb2NrLCBhbmQgY2xlYW51cCByZWZlcmVuY2UiIDw8IGVuZGw7DQogICAgICB7 CiAgICAgICAgIFNoYXJlZF9tdXRleF9wb2ludGVyIHRlbXBfZXZlbnRfcG9pbnRlcihNVVRFWDFf TkFNRSk7CiAgICAgICAgIGlmIChwdGhyZWFkX211dGV4X2xvY2soJnRlbXBfZXZlbnRfcG9pbnRl ci0+bXV0ZXgpKSB7IEZBSUwoKSA8PCAiRmFpbGVkIHB0aHJlYWRfbXV0ZXhfbG9jayIgPDwgZW5k bDsgfQ0KICAgICAgICAgaWYgKHB0aHJlYWRfbXV0ZXhfdW5sb2NrKCZ0ZW1wX2V2ZW50X3BvaW50 ZXItPm11dGV4KSkgeyBGQUlMKCkgPDwgIkZhaWxlZCBwdGhyZWFkX211dGV4X3VubG9jayIgPDwg ZW5kbDsgfQogICAgICB9CgogICAgICAvLyBjb3V0IDw8ICJJZiBPTkxZIHRoZSBsb2dpYyBhZnRl ciB0aGlzIGlzIHJ1biwgZXZlcnl0aGluZyBpcyBPSy4uLiIgPDwgZW5kbDsKICAgICAgLy8gY291 dCA8PCAiSWYgRVhUUkEgIGxvZ2ljIGlzIHJ1biBiZWZvcmUgdGhpcyAoaS5lLiBpbiB1bml0IHRl c3RzKSwgdGhhdCBtYXkgYWZmZWN0IHJlcHJvZHVjaWJpbGl0eS4iIDw8IGVuZGw7CgogICAgICAv LyBjb3V0IDw8ICJDcmVhdGUgbXV0ZXggMiBpbiBzaGFyZWQgbWVtb3J5LCBnZXQgcmVmZXJlbmNl LCBhbmQgaW5pdGlhbGl6ZSIgPDwgZW5kbDsKICAgICAgU2hhcmVkX211dGV4X3JlZ2lvbiByZWdp b24oTVVURVgyX05BTUUpOwogICAgICBTaGFyZWRfbXV0ZXhfcG9pbnRlciBwb2ludGVyKE1VVEVY Ml9OQU1FKTsKICAgICAgaWYgKHB0aHJlYWRfbXV0ZXhhdHRyX2luaXQoJnBvaW50ZXItPm11dGV4 YXR0cikpIHsgRkFJTCgpIDw8ICJGYWlsZWQgcHRocmVhZF9tdXRleGF0dHJfaW5pdCIgPDwgZW5k bDsgfQ0KICAgICAgaWYgKHB0aHJlYWRfbXV0ZXhhdHRyX3NldHBzaGFyZWQoJnBvaW50ZXItPm11 dGV4YXR0ciwgUFRIUkVBRF9QUk9DRVNTX1NIQVJFRCkpIHsgRkFJTCgpIDw8ICJGYWlsZWQgcHRo cmVhZF9tdXRleGF0dHJfc2V0cHNoYXJlZCIgPDwgZW5kbDsgfQ0KICAgICAgaWYgKHB0aHJlYWRf bXV0ZXhfaW5pdCgmcG9pbnRlci0+bXV0ZXgsICZwb2ludGVyLT5tdXRleGF0dHIpKSB7IEZBSUwo KSA8PCAiRmFpbGVkIHB0aHJlYWRfbXV0ZXhfaW5pdCIgPDwgZW5kbDsgfQ0KDQogICAgICAvLyBj b3V0IDw8ICJsb2NrICYgdW5sb2NrIiA8PCBlbmRsOw0KICAgICAgaWYgKHB0aHJlYWRfbXV0ZXhf bG9jaygmcG9pbnRlci0+bXV0ZXgpKSB7IEZBSUwoKSA8PCAiRmFpbGVkIHB0aHJlYWRfbXV0ZXhf bG9jayIgPDwgZW5kbDsgfQ0KICAgICAgaWYgKHB0aHJlYWRfbXV0ZXhfdW5sb2NrKCZwb2ludGVy LT5tdXRleCkpIHsgRkFJTCgpIDw8ICJGYWlsZWQgcHRocmVhZF9tdXRleF91bmxvY2siIDw8IGVu ZGw7IH0KCiAgICAgIC8vIGNvdXQgPDwgIkdldCBhbm90aGVyIHJlZmVyZW5jZTsgbG9jayBGQUlM UyBkdWUgdG8gaW52YWxpZCBtdXRleCIgPDwgZW5kbDsKICAgICAgU2hhcmVkX211dGV4X3BvaW50 ZXIgcG9pbnRlcjIoTVVURVgyX05BTUUpOw0KICAgICAgaW50IHJlc3VsdDsNCiAgICAgIGlmICgo cmVzdWx0ID0gcHRocmVhZF9tdXRleF9sb2NrKCZwb2ludGVyMi0+bXV0ZXgpKSkgeyBGQUlMKCkg PDwgIkZhaWxlZCBwdGhyZWFkX211dGV4X2xvY2sgKHNlY29uZCBwb2ludGVyKVsiIDw8IHJlc3Vs dCA8PCAiXSAiIDw8IHN0cmVycm9yKHJlc3VsdCkgPDwgZW5kbDsgfQ0KICAgICAgLy8gRkFJTEVE IHdpdGggRUlOVkFMDQogICAgICBpZiAocHRocmVhZF9tdXRleF91bmxvY2soJnBvaW50ZXIyLT5t dXRleCkpIHsgRkFJTCgpIDw8ICJGYWlsZWQgcHRocmVhZF9tdXRleF91bmxvY2sgKHNlY29uZCBw b2ludGVyKSIgPDwgZW5kbDsgfQogICB9CiAgIGNhdGNoIChydW50aW1lX2Vycm9yICZlKQogICB7 CiAgICAgIEZBSUwoKSA8PCAiZXhjZXB0aW9uOiAiIDw8IGUud2hhdCgpIDw8IGVuZGw7CiAgIH0K fQojaWZkZWYgZ3Rlc3QKVEVTVChMb2NrLCBwdGhyZWFkX3RyeV9zYW1lX3RocmVhZCkgewogICBw dGhyZWFkX3RyeV9zYW1lX3RocmVhZCgpOwp9CiNlbmRpZgoKaW50IG1haW4oaW50IGFyZ2MsIGNo YXIgKmFyZ3ZbXSkKewogICBpbnQgcmV0ID0gMDsKI2lmZGVmIGd0ZXN0CiAgIGNvdXQgPDwgIlVz aW5nIGd0ZXN0IiA8PCBlbmRsOwogICB0ZXN0aW5nOjpJbml0R29vZ2xlVGVzdCgmYXJnYywgYXJn dik7CiAgIHJldCA9IFJVTl9BTExfVEVTVFMoKTsKI2Vsc2UKICAgY291dCA8PCAiTk9UIHVzaW5n IGd0ZXN0IiA8PCBlbmRsOwogICBwdGhyZWFkX3RyeV9zYW1lX3RocmVhZCgpOwojZW5kaWYKICAg cmV0dXJuIHJldDsKfQoK