Page MenuHomeFreeBSD
Differential D34559

clock_gettime(CLOCK_THREAD_CPUTIME_ID) was not monotonic due to race
ClosedPublic
Actions

Authored by firk_cantconnect.ru on Mar 14 2022, 11:18 PM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 3 2024, 4:54 PM
Unknown Object (File)
Jan 19 2024, 3:05 PM
Unknown Object (File)
Jan 19 2024, 3:02 PM
Unknown Object (File)
Jan 19 2024, 2:53 PM
Unknown Object (File)
Dec 20 2023, 8:12 AM
Unknown Object (File)
Sep 15 2023, 12:39 PM
Unknown Object (File)
Sep 15 2023, 11:12 AM
Unknown Object (File)
Jun 22 2023, 12:41 AM
View All 25 Files
Subscribers
dsl
imp
markj

Details

Reviewers
markj
Summary

There is a race between switchtime/runtime reading in kern_thread_cputime() and switchtime/runtime updating in statclock(). Critical section does not prevent statclock and so not enough, replaced it with PROC_STAT spinlock. Bug introduced around 12.1 when runtime updating added to statclock.

PR: 262273

Test Plan
#include <stdio.h>
#include <time.h>

int main(void)
{
        struct timespec before, after;

        while (1) {
                clock_gettime(CLOCK_THREAD_CPUTIME_ID, &before);
                clock_gettime(CLOCK_THREAD_CPUTIME_ID, &after);

                printf("before: %lu:%lu after %lu:%lu\n",
                        before.tv_sec, before.tv_nsec,
                        after.tv_sec, after.tv_nsec);

                if (after.tv_sec < before.tv_sec ||
                        after.tv_sec==before.tv_sec && after.tv_nsec<before.tv_nsec) return -1;
        }
        return 0;
}

This program (better to run with | tail) failing on something like this:

before: 0:18195000 after 0:18198000
before: 0:26005000 after 0:18258000

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

firk_cantconnect.ru created this revision.Mar 14 2022, 11:18 PM
Herald added a subscriber: imp. · View Herald TranscriptMar 14 2022, 11:18 PM
firk_cantconnect.ru requested review of this revision.Mar 14 2022, 11:18 PM
markj added a subscriber: markj.Mar 15 2022, 9:15 PM
markj added inline comments.
head/sys/kern/kern_time.c
266

If the intent is only to disable interrupts to avoid a race with statclock(), then a spinlock_enter()/_exit() section replacing the critical_enter()/_exit() would be cheaper and clearer.

368

What's the purpose of acquiring the proc lock?

firk_cantconnect.ru marked 2 inline comments as done.Mar 15 2022, 11:51 PM
firk_cantconnect.ru added inline comments.
head/sys/kern/kern_time.c
368

Everywhere I've seen PROC_STATLOCK's they were wrapped by PROC_LOCK's. It seems this wasn't a rule, just coincidence.

firk_cantconnect.ru updated this revision to Diff 103905.Mar 15 2022, 11:52 PM
firk_cantconnect.ru marked an inline comment as done.

simplify things according to replies

markj accepted this revision.Mar 16 2022, 2:39 PM

Looks ok, thanks. I'll try the patch and commit if it fixes the test case. Is "firk <firk@cantconnect.ru>" the desired author for the git commit?

head/sys/kern/kern_time.c
368

It depends. For CLOCK_PROCESS_CPUTIME_ID, the proc lock is required because kern_process_cputime()->rufetch() will iterate over the set of threads belonging to the process, and this set is synchronized by the proc lock. It may serve a different purpose elsewhere.

This revision is now accepted and ready to land.Mar 16 2022, 2:39 PM
firk_cantconnect.ru added a comment.Mar 16 2022, 3:04 PM

Is "firk <firk@cantconnect.ru>" the desired author for the git commit?

Yes.

firk_cantconnect.ru edited the test plan for this revision. (Show Details)Mar 17 2022, 7:01 PM
markj closed this revision.Mar 17 2022, 7:44 PM

Committed in https://reviews.freebsd.org/R10:28d08dc7d051a4e058cc0004cf4dd884f87037a2 , the review link is wrong, sorry.

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
4 lines

Diff 103905

View Options

head/sys/kern/kern_time.c

Loading...