From: VMware, Inc <>
Date: Thu, 17 Jun 2010 21:56:45 +0000 (-0700)
Subject: We've discovered a race in MXUserWaitCondVar, where waiting threads
X-Git-Tag: 2010.06.16-268169~76
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2d5f60d63aec4f391d7695bebcd70a6f71ebdecc;p=thirdparty%2Fopen-vm-tools.git

We've discovered a race in MXUserWaitCondVar, where waiting threads
may miss a signal. Backing out until this is addressed.

Signed-off-by: Marcelo Vanzin <mvanzin@vmware.com>
---

diff --git a/open-vm-tools/lib/lock/ulCondVar.c b/open-vm-tools/lib/lock/ulCondVar.c
index 5956da4f9..2e5e62ab0 100644
--- a/open-vm-tools/lib/lock/ulCondVar.c
+++ b/open-vm-tools/lib/lock/ulCondVar.c
@@ -28,7 +28,6 @@
 #include "util.h"
 #include "userlock.h"
 #include "ulInt.h"
-#include "ulIntShared.h"
 
 /*
  * A portable condition variable
@@ -507,9 +506,9 @@ MXUserWaitInternal(MXRecLock *lock,         // IN:
       uint64 endNS;
 
       /*
-       * pthread_cond_timedwait takes an absolute time. Yes, this is beyond
-       * ridiculous, and the justifications for this vs. relative time make
-       * no sense. But IIWII.
+       * pthread_cond_timedwait takes an absolute time. Yes, this is
+       * beyond ridiculous, and the justifications for this
+       * vs. relative time make no sense. But IIWII.
        */
 #define A_BILLION (1000 * 1000 * 1000)
       gettimeofday(&curTime, NULL);
@@ -521,10 +520,11 @@ MXUserWaitInternal(MXRecLock *lock,         // IN:
       endTime.tv_nsec = (long int) (endNS % A_BILLION);
 #undef A_BILLION
 
-      err = pthread_cond_timedwait(&condVar->condObject, &lock->nativeLock,
+      err = pthread_cond_timedwait(&condVar->condObject,
+                                   &lock->nativeLock,
                                    &endTime);
 
-      signalled = (err == 0);
+      signalled = (err == 0) ? TRUE : FALSE;
 
       if (err == ETIMEDOUT) {
          err = 0;
@@ -673,31 +673,7 @@ MXUserWaitCondVar(MXUserHeader *header,    // IN:
    }
 
    Atomic_Inc(&condVar->referenceCount);
-
-   /*
-    * When the watchdog callback has been planted - lib/thread is present
-    * and initialized - call the watchdog periodically on long or infinite
-    * waits.
-    */
-
-   if (MXUserVThreadWatchDog) {
-      do {
-         uint32 thisWait = (msecWait > 1000) ? 1000 : msecWait;
-
-         signalled = MXUserWaitInternal(lock, condVar, thisWait);
-
-         if (thisWait != 0) {
-            (*MXUserVThreadWatchDog)();
-
-            if (msecWait != MXUSER_WAIT_INFINITE) {
-               msecWait -= thisWait;
-            }
-         }
-      } while ((msecWait != 0) && !signalled);
-   } else {
-      signalled = MXUserWaitInternal(lock, condVar, msecWait);
-   }
-
+   signalled = MXUserWaitInternal(lock, condVar, msecWait);
    Atomic_Dec(&condVar->referenceCount);
 
    return signalled;