Handle FUTEX_OWNER_DIED properly

Author: ruihe774

library/std/src/sync/mutex.rs

@@ -313,10 +313,11 @@ impl<T: ?Sized> Mutex<T> {
     /// ```
     #[stable(feature = "rust1", since = "1.0.0")]
     pub fn lock(&self) -> LockResult<MutexGuard<'_, T>> {
-        unsafe {
-            self.inner.lock();
-            MutexGuard::new(self)
+        if self.inner.lock() == sys::MutexState::Poisoned {
+            self.poison.set();
         }
+
+        unsafe { MutexGuard::new(self) }
     }
 
     /// Attempts to acquire this lock.

library/std/src/sync/poison.rs

@@ -75,6 +75,12 @@ impl Flag {
         #[cfg(panic = "unwind")]
         self.failed.store(false, Ordering::Relaxed)
     }
+
+    #[inline]
+    pub fn set(&self) {
+        #[cfg(panic = "unwind")]
+        self.failed.store(true, Ordering::Relaxed)
+    }
 }
 
 #[derive(Clone)]

library/std/src/sync/reentrant_lock.rs

@@ -289,7 +289,7 @@ impl<T: ?Sized> ReentrantLock<T> {
             if self.owner.contains(this_thread) {
                 self.increment_lock_count().expect("lock count overflow in reentrant mutex");
             } else {
-                self.mutex.lock();
+                let _ = self.mutex.lock();
                 self.owner.set(Some(this_thread));
                 debug_assert_eq!(*self.lock_count.get(), 0);
                 *self.lock_count.get() = 1;

library/std/src/sys/pal/unix/pi_futex.rs

@@ -1,15 +1,9 @@
 #![cfg(any(target_os = "linux", target_os = "android"))]
 
+use crate::io;
+use crate::ptr::null;
 use crate::sync::atomic::AtomicU32;
 use crate::sys::cvt;
-use crate::sys::os::errno;
-use crate::{io, ptr};
-
-pub enum FutexLockError {
-    TryAgain,
-    DeadLock,
-    Other(io::Error),
-}
 
 pub const fn unlocked() -> u32 {
     0
@@ -23,25 +17,26 @@ pub fn is_contended(futex_val: u32) -> bool {
     (futex_val & libc::FUTEX_WAITERS) != 0
 }
 
-pub fn futex_lock(futex: &AtomicU32) -> Result<(), FutexLockError> {
-    if (unsafe {
-        libc::syscall(
-            libc::SYS_futex,
-            futex as *const AtomicU32,
-            libc::FUTEX_LOCK_PI | libc::FUTEX_PRIVATE_FLAG,
-            0,
-            ptr::null::<u32>(),
-            // remaining args are unused
-        )
-    } == -1)
-    {
-        Err(match errno() {
-            libc::EAGAIN | libc::EINTR => FutexLockError::TryAgain,
-            libc::EDEADLK => FutexLockError::DeadLock,
-            errno => FutexLockError::Other(io::Error::from_raw_os_error(errno)),
-        })
-    } else {
-        Ok(())
+pub fn is_owned_died(futex_val: u32) -> bool {
+    (futex_val & libc::FUTEX_OWNER_DIED) != 0
+}
+
+pub fn futex_lock(futex: &AtomicU32) -> io::Result<()> {
+    loop {
+        match cvt(unsafe {
+            libc::syscall(
+                libc::SYS_futex,
+                futex as *const AtomicU32,
+                libc::FUTEX_LOCK_PI | libc::FUTEX_PRIVATE_FLAG,
+                0,
+                null::<u32>(),
+                // remaining args are unused
+            )
+        }) {
+            Ok(_) => return Ok(()),
+            Err(e) if e.raw_os_error() == Some(libc::EINTR) => continue,
+            Err(e) => return Err(e),
+        }
     }
 }
 

library/std/src/sys/sync/condvar/futex.rs

@@ -50,7 +50,7 @@ impl Condvar {
         let r = futex_wait(&self.futex, futex_value, timeout);
 
         // Lock the mutex again.
-        mutex.lock();
+        let _ = mutex.lock();
 
         r
     }

library/std/src/sys/sync/mod.rs

@@ -6,7 +6,7 @@ mod rwlock;
 mod thread_parking;
 
 pub use condvar::Condvar;
-pub use mutex::Mutex;
+pub use mutex::{Mutex, MutexState};
 pub use once::{Once, OnceState};
 #[allow(unused)] // Only used on some platforms.
 use once_box::OnceBox;

library/std/src/sys/sync/mutex/fuchsia.rs

@@ -37,6 +37,7 @@
 //!
 //! [mutex in Fuchsia's libsync]: https://cs.opensource.google/fuchsia/fuchsia/+/main:zircon/system/ulib/sync/mutex.c
 
+use super::MutexState;
 use crate::sync::atomic::AtomicU32;
 use crate::sync::atomic::Ordering::{Acquire, Relaxed, Release};
 use crate::sys::futex::zircon::{
@@ -88,7 +89,7 @@ impl Mutex {
     }
 
     #[inline]
-    pub fn lock(&self) {
+    pub fn lock(&self) -> MutexState {
         let thread_self = unsafe { zx_thread_self() };
         if let Err(state) =
             self.futex.compare_exchange(UNLOCKED, to_state(thread_self), Acquire, Relaxed)
@@ -97,6 +98,7 @@ impl Mutex {
                 self.lock_contested(state, thread_self);
             }
         }
+        MutexState::Normal
     }
 
     /// # Safety

library/std/src/sys/sync/mutex/futex.rs

@@ -1,3 +1,4 @@
+use super::MutexState;
 use crate::sync::atomic::Ordering::{Acquire, Relaxed, Release};
 use crate::sys::futex::{self, futex_wait, futex_wake};
 
@@ -24,10 +25,11 @@ impl Mutex {
     }
 
     #[inline]
-    pub fn lock(&self) {
+    pub fn lock(&self) -> MutexState {
         if self.futex.compare_exchange(UNLOCKED, LOCKED, Acquire, Relaxed).is_err() {
             self.lock_contended();
         }
+        MutexState::Normal
     }
 
     #[cold]

library/std/src/sys/sync/mutex/itron.rs

@@ -2,6 +2,7 @@
 //! `TA_INHERIT` are available.
 #![forbid(unsafe_op_in_unsafe_fn)]
 
+use super::MutexState;
 use crate::sys::pal::itron::abi;
 use crate::sys::pal::itron::error::{ItronError, expect_success, expect_success_aborting, fail};
 use crate::sys::pal::itron::spin::SpinIdOnceCell;
@@ -37,9 +38,10 @@ impl Mutex {
         }
     }
 
-    pub fn lock(&self) {
+    pub fn lock(&self) -> MutexState {
         let mtx = self.raw();
         expect_success(unsafe { abi::loc_mtx(mtx) }, &"loc_mtx");
+        MutexState::Normal
     }
 
     pub unsafe fn unlock(&self) {

library/std/src/sys/sync/mutex/mod.rs

@@ -1,3 +1,9 @@
+#[derive(Copy, Clone, Eq, PartialEq)]
+pub enum MutexState {
+    Normal,
+    Poisoned,
+}
+
 cfg_if::cfg_if! {
     if #[cfg(any(
         target_os = "linux",

library/std/src/sys/sync/mutex/no_threads.rs

@@ -1,3 +1,4 @@
+use super::MutexState;
 use crate::cell::Cell;
 
 pub struct Mutex {
@@ -16,8 +17,9 @@ impl Mutex {
     }
 
     #[inline]
-    pub fn lock(&self) {
+    pub fn lock(&self) -> MutexState {
         assert_eq!(self.locked.replace(true), false, "cannot recursively acquire mutex");
+        MutexState::Normal
     }
 
     #[inline]

library/std/src/sys/sync/mutex/pi_futex.rs

@@ -1,6 +1,8 @@
+use super::MutexState;
 use crate::sync::atomic::AtomicU32;
 use crate::sync::atomic::Ordering::{Acquire, Relaxed, Release};
 use crate::sys::pi_futex as pi;
+
 pub struct Mutex {
     futex: AtomicU32,
 }
@@ -17,36 +19,30 @@ impl Mutex {
     }
 
     #[inline]
-    pub fn lock(&self) {
+    pub fn lock(&self) -> MutexState {
         if self.futex.compare_exchange(pi::unlocked(), pi::locked(), Acquire, Relaxed).is_err() {
-            self.lock_contended();
+            self.lock_contended()
+        } else {
+            MutexState::Normal
         }
     }
 
     #[cold]
-    fn lock_contended(&self) {
-        loop {
-            // Spin first to speed things up if the lock is released quickly.
-            let state = self.spin();
-
-            // If it's unlocked now, attempt to take the lock.
-            if state == pi::unlocked() {
-                if self.try_lock() {
-                    return;
-                }
-            };
+    fn lock_contended(&self) -> MutexState {
+        // Spin first to speed things up if the lock is released quickly.
+        let state = self.spin();
 
-            if let Err(e) = pi::futex_lock(&self.futex) {
-                const MSG_PREFIX: &str = "failed to lock mutex";
-                match e {
-                    pi::FutexLockError::TryAgain => (), // Try again in this case.
-                    pi::FutexLockError::DeadLock => panic!("{MSG_PREFIX}: deadlock detected"),
-                    pi::FutexLockError::Other(e) => panic!("{MSG_PREFIX}: {e}"),
-                }
-            } else {
-                return;
+        // If it's unlocked now, attempt to take the lock.
+        if state == pi::unlocked() {
+            if self.try_lock() {
+                return MutexState::Normal;
             }
-        }
+        };
+
+        pi::futex_lock(&self.futex).expect("failed to lock mutex");
+
+        let state = self.futex.load(Relaxed);
+        if pi::is_owned_died(state) { MutexState::Poisoned } else { MutexState::Normal }
     }
 
     fn spin(&self) -> u32 {

library/std/src/sys/sync/mutex/pthread.rs

@@ -1,3 +1,4 @@
+use super::MutexState;
 use crate::cell::UnsafeCell;
 use crate::io::Error;
 use crate::mem::{MaybeUninit, forget};
@@ -102,7 +103,7 @@ impl Mutex {
     }
 
     #[inline]
-    pub fn lock(&self) {
+    pub fn lock(&self) -> MutexState {
         #[cold]
         #[inline(never)]
         fn fail(r: i32) -> ! {
@@ -121,6 +122,8 @@ impl Mutex {
         if r != 0 {
             fail(r)
         }
+
+        MutexState::Normal
     }
 
     #[inline]

library/std/src/sys/sync/mutex/sgx.rs

@@ -1,3 +1,4 @@
+use super::MutexState;
 use crate::sys::pal::waitqueue::{SpinMutex, WaitQueue, WaitVariable, try_lock_or_false};
 use crate::sys::sync::OnceBox;
 
@@ -17,7 +18,7 @@ impl Mutex {
     }
 
     #[inline]
-    pub fn lock(&self) {
+    pub fn lock(&self) -> MutexState {
         let mut guard = self.get().lock();
         if *guard.lock_var() {
             // Another thread has the lock, wait
@@ -27,6 +28,7 @@ impl Mutex {
             // We are just now obtaining the lock
             *guard.lock_var_mut() = true;
         }
+        MutexState::Normal
     }
 
     #[inline]

library/std/src/sys/sync/mutex/windows7.rs

@@ -14,6 +14,7 @@
 //! 3. While CriticalSection is fair and SRWLock is not, the current Rust policy
 //!    is that there are no guarantees of fairness.
 
+use super::MutexState;
 use crate::cell::UnsafeCell;
 use crate::sys::c;
 
@@ -36,10 +37,11 @@ impl Mutex {
     }
 
     #[inline]
-    pub fn lock(&self) {
+    pub fn lock(&self) -> MutexState {
         unsafe {
             c::AcquireSRWLockExclusive(raw(self));
         }
+        MutexState::Normal
     }
 
     #[inline]

library/std/src/sys/sync/mutex/xous.rs

@@ -1,3 +1,4 @@
+use super::MutexState;
 use crate::os::xous::ffi::{blocking_scalar, do_yield};
 use crate::os::xous::services::{TicktimerScalar, ticktimer_server};
 use crate::sync::atomic::Ordering::{Acquire, Relaxed, Release};
@@ -34,14 +35,14 @@ impl Mutex {
     }
 
     #[inline]
-    pub unsafe fn lock(&self) {
+    pub unsafe fn lock(&self) -> MutexState {
         // Try multiple times to acquire the lock without resorting to the ticktimer
         // server. For locks that are held for a short amount of time, this will
         // result in the ticktimer server never getting invoked. The `locked` value
         // will be either 0 or 1.
         for _attempts in 0..3 {
             if unsafe { self.try_lock() } {
-                return;
+                return MutexState::Normal;
             }
             do_yield();
         }
@@ -51,7 +52,7 @@ impl Mutex {
         // locked, then the value will be more than 1, for example if there are multiple other
         // threads waiting on this lock.
         if unsafe { self.try_lock_or_poison() } {
-            return;
+            return MutexState::Normal;
         }
 
         // When this mutex is dropped, we will need to deregister it with the server.
@@ -65,6 +66,8 @@ impl Mutex {
             crate::os::xous::services::TicktimerScalar::LockMutex(self.index()).into(),
         )
         .expect("failure to send LockMutex command");
+
+        MutexState::Normal
     }
 
     #[inline]