Page MenuHomeFreeBSD
Differential D41982

timerfd: kernel random crash due to race condition to access the timerfd list
Needs RevisionPublic
Actions

Authored by weike.chen_dell.com on Sep 26 2023, 10:01 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Sep 30, 8:37 PM
Unknown Object (File)
Mon, Sep 22, 11:44 PM
Unknown Object (File)
Fri, Sep 19, 7:28 PM
Unknown Object (File)
Wed, Sep 17, 6:24 AM
Unknown Object (File)
Sun, Sep 14, 2:54 AM
Unknown Object (File)
Sat, Sep 13, 9:05 AM
Unknown Object (File)
Sep 11 2025, 11:21 PM
Unknown Object (File)
Sep 1 2025, 4:41 PM
View All 69 Files
Subscribers
emaste
imp

Details

Reviewers
jfree
imp
Summary

Add locker while add/remove/read the timerfd list.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

weike.chen_dell.com created this revision.Sep 26 2023, 10:01 AM
Herald added a subscriber: imp. · View Herald TranscriptSep 26 2023, 10:01 AM
weike.chen_dell.com requested review of this revision.Sep 26 2023, 10:01 AM
weike.chen_dell.com added a reviewer: dchagin.
dchagin added a comment.EditedSep 26 2023, 10:23 AM

https://cgit.freebsd.org/src/commit/sys/kern/sys_timerfd.c?id=02f534b57f84d6f4f97c337b05b383c8b3aaf18c

btw, do you have a reproducer? I assume that it is sufficient to use the CK_LIST without locking

dchagin added a comment.Sep 26 2023, 3:30 PM
In D41982#957204, @dchagin wrote:

https://cgit.freebsd.org/src/commit/sys/kern/sys_timerfd.c?id=02f534b57f84d6f4f97c337b05b383c8b3aaf18c

btw, do you have a reproducer? I assume that it is sufficient to use the CK_LIST without locking

^^^^^^

ah, never mind, CK is not lock free

dchagin removed a reviewer: dchagin.Sep 26 2023, 3:30 PM
imp added inline comments.Sep 27 2023, 5:50 PM
sys/kern/sys_timerfd.c
62

where do you initialize this lock?

imp accepted this revision.Sep 27 2023, 7:38 PM
imp added inline comments.
sys/kern/sys_timerfd.c
62

Ah, never mind, I see that's the next line.

This revision is now accepted and ready to land.Sep 27 2023, 7:38 PM
imp requested changes to this revision.Sep 27 2023, 10:08 PM

I'm confused... this has actually already been committed.

This revision now requires changes to proceed.Sep 27 2023, 10:08 PM
weike.chen_dell.com added a comment.Sep 28 2023, 7:29 AM
In D41982#957755, @imp wrote:

I'm confused... this has actually already been committed.

Yes, I see: https://cgit.freebsd.org/src/commit/sys/kern/sys_timerfd.c?id=02f534b57f84d6f4f97c337b05b383c8b3aaf18c. But it looks like this commit hasn't been merged to releng/14.0 yet.

emaste added a subscriber: emaste.Nov 21 2023, 2:33 PM

Was merged to releng/14.0 in fcafa24531021555976b4945d9c58667c0f75ca2

Revision Contents
Changeset List

PathSize
sys/
kern/
8 lines

Diff 127814

View Options

sys/kern/sys_timerfd.c

Loading...