Re: PR/53998 CVS commit: src/sys/kern

[BERTRAND Joël <joel.bertrand%systella.fr@localhost>]

	Christos,

	I have applied bith patch (you will find in attachment patch against -8).

	This patch partially fixes this PR as my test program can create more
threads before first sem_init() failure. But I think there is another
race condition somewhere in semaphore subsystem.

	After sem_init() failure, there is no specific message in dmesg or logfile.

	I don't understand why atomic_dec_uint(&nsems_total) or
atomic_inc_uint(&nsems_total) are not protected by a lock.

	Best regards,

	JB

? sys/arch/amd64/conf/CUSTOM
Index: sys/kern/uipc_sem.c
===================================================================
RCS file: /cvsroot/src/sys/kern/uipc_sem.c,v
retrieving revision 1.47
diff -u -r1.47 uipc_sem.c
--- sys/kern/uipc_sem.c	31 Oct 2016 15:08:45 -0000	1.47
+++ sys/kern/uipc_sem.c	25 Feb 2019 12:25:45 -0000
@@ -374,7 +374,11 @@
 	kmem_free(ks, sizeof(ksem_t));
 
 	atomic_dec_uint(&nsems_total);
- 	atomic_dec_uint(&curproc->p_nsems);	
+	while((int)atomic_dec_uint_nv(&curproc->p_nsems) < 0) {
+		printf("%s: pid=%d sem=%p negative refcount %u\n", __func__,
+				curproc->p_pid, ks, curproc->p_nsems);
+		atomic_inc_uint(&curproc->p_nsems);
+	}
 }
 
 int
Index: sys/sys/proc.h
===================================================================
RCS file: /cvsroot/src/sys/sys/proc.h,v
retrieving revision 1.340.6.1
diff -u -r1.340.6.1 proc.h
--- sys/sys/proc.h	12 Apr 2018 13:42:49 -0000	1.340.6.1
+++ sys/sys/proc.h	25 Feb 2019 12:25:46 -0000
@@ -314,7 +314,6 @@
 	pid_t 		p_vfpid_done;	/* :: vforked done pid */
 	lwpid_t		p_lwp_created;	/* :: lwp created */
 	lwpid_t		p_lwp_exited;	/* :: lwp exited */
-	u_int		p_nsems;	/* Count of semaphores */
 
 /*
  * End area that is zeroed on creation
@@ -335,7 +334,7 @@
 
 	vaddr_t		p_psstrp;	/* :: address of process's ps_strings */
 	u_int		p_pax;		/* :: PAX flags */
-
+	u_int		p_nsems;	/* Count of semaphores */
 	int		p_xexit;	/* p: exit code */
 /*
  * End area that is copied on creation