git: 25c862ae503a - main - libthr pshared: correct a bug in allocation
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 01 Feb 2023 23:41:38 UTC
The branch main has been updated by kib:
URL: https://cgit.FreeBSD.org/src/commit/?id=25c862ae503a1c99458f4e055fd50c878fadbea3
commit 25c862ae503a1c99458f4e055fd50c878fadbea3
Author: Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-02-01 20:12:45 +0000
Commit: Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-02-01 22:59:27 +0000
libthr pshared: correct a bug in allocation
When __thr_pshared_offpage() is called for allocation, it must not use
the cached offpage for the key. Instead, the cached offpage must be
unmapped and removed from the cache, if any.
It is legitimate for the user code to unmap the shared lock object without
destroying it, and then mapping something over the freed VA to carry
another shared lock. In this case the cached offpage must be un-cached.
PR: 269277
Reported by: rau8344@gmail.com
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D38345
---
lib/libthr/thread/thr_pshared.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/lib/libthr/thread/thr_pshared.c b/lib/libthr/thread/thr_pshared.c
index 37b44ab73582..446e9983bcae 100644
--- a/lib/libthr/thread/thr_pshared.c
+++ b/lib/libthr/thread/thr_pshared.c
@@ -232,11 +232,16 @@ __thr_pshared_offpage(void *key, int doalloc)
int fd, ins_done;
curthread = _get_curthread();
- pshared_rlock(curthread);
- res = pshared_lookup(key);
- pshared_unlock(curthread);
- if (res != NULL)
- return (res);
+ if (doalloc) {
+ pshared_destroy(curthread, key);
+ res = NULL;
+ } else {
+ pshared_rlock(curthread);
+ res = pshared_lookup(key);
+ pshared_unlock(curthread);
+ if (res != NULL)
+ return (res);
+ }
fd = _umtx_op(NULL, UMTX_OP_SHM, doalloc ? UMTX_SHM_CREAT :
UMTX_SHM_LOOKUP, key, NULL);
if (fd == -1)