NetBSD Problem Report #55386

From www@netbsd.org  Sun Jun 14 16:03:58 2020
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 1905A1A9213
	for <gnats-bugs@gnats.NetBSD.org>; Sun, 14 Jun 2020 16:03:58 +0000 (UTC)
Message-Id: <20200614160356.D880B1A9219@mollari.NetBSD.org>
Date: Sun, 14 Jun 2020 16:03:56 +0000 (UTC)
From: coypu@sdf.org
Reply-To: coypu@sdf.org
To: gnats-bugs@NetBSD.org
Subject: ksem implementation doesn't allow destroying on another process, causing firefox to leak fds and fail
X-Send-Pr-Version: www-1.0

>Number:         55386
>Category:       kern
>Synopsis:       ksem implementation doesn't allow destroying on another process, causing firefox to leak fds and fail
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jun 14 16:05:00 +0000 2020
>Last-Modified:  Sun Jun 14 18:45:01 +0000 2020
>Originator:     coypu
>Release:        NetBSD 9.99.63, NetBSD 9.x
>Organization:
>Environment:
NetBSD planets 9.99.63 NetBSD 9.99.63 (GENERIC) #4: Sun May 24 22:55:24 IDT 2020  fly@planets:/home/fly/obj/sys/arch/amd64/compile/GENERIC amd64

>Description:
Running firefox, you will eventually hit kern.maxfiles, or RLIMIT_NOFILE.
When this happens, Firefox will fail to render elements. Eventually tabs will crash.

If we run firefox as follows:

ktruss -i firefox |grep sem

We will see that many ksem_destroy calls are failing with EINVAL.

  1951    782 firefox  _ksem_destroy               Err#22 EINVAL
  1951    782 firefox  _ksem_destroy(0x70374ac1)   Err#22 EINVAL
  1951    782 firefox  _ksem_post(0x70478b3b)      = 0
  1951    782 firefox  _ksem_destroy               Err#22 EINVAL
  1951    782 firefox  _ksem_destroy(0x70478b3b)   Err#22 EINVAL
  9270   9270 firefox  _ksem_timedwait(0x70341e73, 0x7f7fff1c5d90) = 0
  9270   9270 firefox  _ksem_post(0x70341e73)      = 0
  9270   9270 firefox  _ksem_wait                  = 0
  1951    782 firefox  _ksem_post                  = 0
  1951    782 firefox  _ksem_post(0x705a6971)      = 0
  1951    782 firefox  _ksem_destroy(0x70bce973)   Err#22 EINVAL
  1951    782 firefox  _ksem_destroy               Err#22 EINVAL
  1951    782 firefox  _ksem_post(0x7098485b)      = 0
  1951    782 firefox  _ksem_destroy(0x707c5bdb)   Err#22 EINVAL
  1951    782 firefox  _ksem_destroy(0x7098485b)   Err#22 EINVAL

These end up remaining as open files, so we hit the open file limits.

According to thorpej, the current implementation doesn't allow ksem_destroy'ing a semaphore initialized on another process, but the standard requires this, and Firefox expects it.

We didn't have this problem: pshared semaphores are new.
But newer Firefox has far worse support for non-multiprocess, so avoiding them is very hard.
>How-To-Repeat:

>Fix:

>Audit-Trail:
From: "Maya Rashish" <maya@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/55386 CVS commit: pkgsrc/www/firefox
Date: Sun, 14 Jun 2020 18:42:19 +0000

 Module Name:	pkgsrc
 Committed By:	maya
 Date:		Sun Jun 14 18:42:19 UTC 2020

 Modified Files:
 	pkgsrc/www/firefox: Makefile distinfo
 Added Files:
 	pkgsrc/www/firefox/patches: patch-gfx_thebes_gfxPlatform.cpp
 Removed Files:
 	pkgsrc/www/firefox/patches: patch-ipc_glue_CrossProcessSemaphore.h
 	    patch-ipc_glue_CrossProcessSemaphore__posix.cpp

 Log Message:
 firefox: different way of avoiding pshared semaphores for NetBSD

 NetBSD has slightly (NetBSD>=9.x) or very (NetBSD<8) broken pshared
 semaphores. Fortunately, so does macOS, so there's an easy way to avoid
 reaching the code relying on it which works better.

 Do so for NetBSD unconditionally, and enable multiprocess unconditionally.
 Avoids PR kern/55386 for NetBSD>9.0
 Avoids corrupt output on major websites, webGL bugs, etc. for NetBSD<=9.0


 To generate a diff of this commit:
 cvs rdiff -u -r1.430 -r1.431 pkgsrc/www/firefox/Makefile
 cvs rdiff -u -r1.397 -r1.398 pkgsrc/www/firefox/distinfo
 cvs rdiff -u -r0 -r1.7 \
     pkgsrc/www/firefox/patches/patch-gfx_thebes_gfxPlatform.cpp
 cvs rdiff -u -r1.4 -r0 \
     pkgsrc/www/firefox/patches/patch-ipc_glue_CrossProcessSemaphore.h
 cvs rdiff -u -r1.7 -r0 \
     pkgsrc/www/firefox/patches/patch-ipc_glue_CrossProcessSemaphore__posix.cpp

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.