Page MenuHomeFreeBSD
Differential D41982

timerfd: kernel random crash due to race condition to access the timerfd list
Needs RevisionPublic
Actions

Authored by weike.chen_dell.com on Sep 26 2023, 10:01 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Oct 7, 8:48 AM
Unknown Object (File)
Mon, Sep 23, 1:15 PM
Unknown Object (File)
Sep 9 2024, 4:56 PM
Unknown Object (File)
Sep 2 2024, 1:40 AM
Unknown Object (File)
Aug 30 2024, 10:00 AM
Unknown Object (File)
Aug 30 2024, 10:00 AM
Unknown Object (File)
Aug 30 2024, 9:48 AM
Unknown Object (File)
Aug 12 2024, 12:58 AM
View All 31 Files
Subscribers
emaste
imp

Details

Reviewers
jfree
imp
Summary

Add locker while add/remove/read the timerfd list.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

weike.chen_dell.com created this revision.Sep 26 2023, 10:01 AM
Herald added a subscriber: imp. · View Herald TranscriptSep 26 2023, 10:01 AM
weike.chen_dell.com requested review of this revision.Sep 26 2023, 10:01 AM
weike.chen_dell.com added a reviewer: dchagin.
dchagin added a comment.EditedSep 26 2023, 10:23 AM

https://cgit.freebsd.org/src/commit/sys/kern/sys_timerfd.c?id=02f534b57f84d6f4f97c337b05b383c8b3aaf18c

btw, do you have a reproducer? I assume that it is sufficient to use the CK_LIST without locking

dchagin added a comment.Sep 26 2023, 3:30 PM
In D41982#957204, @dchagin wrote:

https://cgit.freebsd.org/src/commit/sys/kern/sys_timerfd.c?id=02f534b57f84d6f4f97c337b05b383c8b3aaf18c

btw, do you have a reproducer? I assume that it is sufficient to use the CK_LIST without locking

^^^^^^

ah, never mind, CK is not lock free

dchagin removed a reviewer: dchagin.Sep 26 2023, 3:30 PM
imp added inline comments.Sep 27 2023, 5:50 PM
sys/kern/sys_timerfd.c
62

where do you initialize this lock?

imp accepted this revision.Sep 27 2023, 7:38 PM
imp added inline comments.
sys/kern/sys_timerfd.c
62

Ah, never mind, I see that's the next line.

This revision is now accepted and ready to land.Sep 27 2023, 7:38 PM
imp requested changes to this revision.Sep 27 2023, 10:08 PM

I'm confused... this has actually already been committed.

This revision now requires changes to proceed.Sep 27 2023, 10:08 PM
weike.chen_dell.com added a comment.Sep 28 2023, 7:29 AM
In D41982#957755, @imp wrote:

I'm confused... this has actually already been committed.

Yes, I see: https://cgit.freebsd.org/src/commit/sys/kern/sys_timerfd.c?id=02f534b57f84d6f4f97c337b05b383c8b3aaf18c. But it looks like this commit hasn't been merged to releng/14.0 yet.

emaste added a subscriber: emaste.Nov 21 2023, 2:33 PM

Was merged to releng/14.0 in fcafa24531021555976b4945d9c58667c0f75ca2

Revision Contents
Changeset List

PathSize
sys/
kern/
8 lines

Diff 127814

View Options

sys/kern/sys_timerfd.c

Loading...