Skip to content

WritePriorityMutex: Fix rare case of dropped read waiter wakes #5161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Sonicadvance1 merged 1 commit into from
Dec 27, 2025
Merged

WritePriorityMutex: Fix rare case of dropped read waiter wakes #5161

Sonicadvance1 merged 1 commit into from
Dec 27, 2025
+6 −6

Conversation

@bylaws
Copy link
Collaborator

@bylaws bylaws commented Dec 25, 2025

The Race:

  1. A Reader sets READ_WAITER_BIT (Bit 15) and sleeps on the High 16 bits (Futex+2).
  2. Writer A unlocks. It clears READ_WAITER_BIT (in Low 16 bits) and WRITE_OWNED (in High 16 bits).
  3. Writer B immediately steals the lock. It sets WRITE_OWNED but preserves the now-cleared READ_WAITER_BIT.
  4. The Reader, checking Futex+2, sees WRITE_OWNED is set. Since it cannot see that Bit 15 was unset (as it is watching High 16 bits), it assumes its wait signal is still valid and sleeps.
  5. Writer B unlocks. It sees no READ_WAITER_BIT and wakes nobody. Deadlock.

The Fix:
Move READ_WAITER_BIT to Bit 30 (High 16 bits).

Now, when Writer A clears the flag, the High 16 bits change value which will prevent the wait from occurring within WaitForAddress

Sonicadvance1
Sonicadvance1 approved these changes Dec 25, 2025
View reviewed changes
Copy link
Member

@Sonicadvance1 Sonicadvance1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reasonable enough to me

Sonicadvance1
Sonicadvance1 reviewed Dec 25, 2025
View reviewed changes
Sonicadvance1
Sonicadvance1 reviewed Dec 25, 2025
View reviewed changes
@bylaws
WritePriorityMutex: Fix rare case of dropped read waiter wakes
2edee28 
The Race:
1. A Reader sets `READ_WAITER_BIT` (Bit 15) and sleeps on the High 16 bits (`Futex+2`).
2. Writer A unlocks. It clears `READ_WAITER_BIT` (in Low 16 bits) and `WRITE_OWNED` (in High 16 bits).
3. Writer B immediately steals the lock. It sets `WRITE_OWNED` but preserves the now-cleared `READ_WAITER_BIT`.
4. The Reader, checking `Futex+2`, sees `WRITE_OWNED` is set. Since it cannot see that Bit 15 was unset (as it is watching High 16 bits), it assumes its wait signal is still valid and sleeps.
5. Writer B unlocks. It sees no `READ_WAITER_BIT` and wakes nobody. Deadlock.

The Fix:
Move `READ_WAITER_BIT` to Bit 30 (High 16 bits).

Now, when Writer A clears the flag, the High 16 bits change value which will prevent the wait from occurring within WaitForAddress
@bylaws
Copy link
Collaborator Author

bylaws commented Dec 27, 2025

Addressed

@Sonicadvance1 Sonicadvance1 merged commit ce9824a into main Dec 27, 2025
13 checks passed
@Sonicadvance1 Sonicadvance1 deleted the bylaws-patch-1 branch December 27, 2025 23:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Sonicadvance1 Sonicadvance1 Sonicadvance1 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bylaws @Sonicadvance1