Sebastien Marie <[email protected]> wrote:
> On Sun, Sep 13, 2020 at 03:29:57PM +0200, Martin Pieuchot wrote:
> > I'm no longer able to reproduce the corruption while building lang/go
> > with the diff below. Something relevant to threading change in go since
> > march?
> >
> > Can someone try this diff and tell me if go and/or rust still fail?
>
> quickly tested with rustc build (nightly here), and it is failing at random
> places (not always at the same) with memory errors (signal 11, compiler ICE
> signal 6...)
Ah, so that is a firm no. Totally busted.
Clearly uvm_map_inentry_fix() obviously needs the KERNEL_LOCK in the
presence of threads, I guess one thread can get into here while another
is changing the map.
The first check in uvm_map_inentry_fix does two checks against the map,
but the map is not locked:
if (addr < map->min_offset || addr >= map->max_offset)
>
>
> > Index: uvm/uvm_map.c
> > ===================================================================
> > RCS file: /cvs/src/sys/uvm/uvm_map.c,v
> > retrieving revision 1.266
> > diff -u -p -r1.266 uvm_map.c
> > --- uvm/uvm_map.c 12 Sep 2020 17:08:50 -0000 1.266
> > +++ uvm/uvm_map.c 13 Sep 2020 10:12:25 -0000
> > @@ -1893,16 +1893,16 @@ uvm_map_inentry(struct proc *p, struct p
> > boolean_t ok = TRUE;
> >
> > if (uvm_map_inentry_recheck(serial, addr, ie)) {
> > - KERNEL_LOCK();
> > ok = uvm_map_inentry_fix(p, ie, addr, fn, serial);
> > if (!ok) {
> > + KERNEL_LOCK();
> > printf(fmt, p->p_p->ps_comm, p->p_p->ps_pid, p->p_tid,
> > addr, ie->ie_start, ie->ie_end);
> > p->p_p->ps_acflag |= AMAP;
> > sv.sival_ptr = (void *)PROC_PC(p);
> > trapsignal(p, SIGSEGV, 0, SEGV_ACCERR, sv);
> > + KERNEL_UNLOCK();
> > }
> > - KERNEL_UNLOCK();
> > }
> > return (ok);
> > }
> >
>
> --
> Sebastien Marie
>
