Kernel.Vmm: Fix potential race condition involving concurrent Allocate and Free calls (#3978)

* Avoid nullptr dereference on GetSocket Was gonna include this in my socket PR, but that got merged before I could push this. * Lock unmap mutex in PoolExpand and Allocate PAYDAY 2 has a rare race condition involving dmem releases. I'm not certain this commit will fix it, but this would cause a race condition that could cause asserts like what PAYDAY 2 can hit, so I'll just pray this does the job until I can prove it doesn't.
2026-01-31 00:55:19 +01:00 · 2026-01-29 22:22:15 -06:00
parent 4f3aabd7af
commit 5bc4183e36
2 changed files with 5 additions and 2 deletions
--- a/src/core/file_sys/fs.cpp
+++ b/src/core/file_sys/fs.cpp
@@ -232,6 +232,9 @@ File* HandleTable::GetSocket(int d) {
        return nullptr;
    }
    auto file = m_files.at(d);
+    if (!file) {
+        return nullptr;
+    }
    if (file->type != Core::FileSys::FileType::Socket) {
        return nullptr;
    }
--- a/src/core/memory.cpp
+++ b/src/core/memory.cpp
@@ -177,7 +177,7 @@ bool MemoryManager::TryWriteBacking(void* address, const void* data, u64 size) {
 }

 PAddr MemoryManager::PoolExpand(PAddr search_start, PAddr search_end, u64 size, u64 alignment) {
-    std::scoped_lock lk{mutex};
+    std::scoped_lock lk{mutex, unmap_mutex};
    alignment = alignment > 0 ? alignment : 64_KB;

    auto dmem_area = FindDmemArea(search_start);
@@ -219,7 +219,7 @@ PAddr MemoryManager::PoolExpand(PAddr search_start, PAddr search_end, u64 size,

 PAddr MemoryManager::Allocate(PAddr search_start, PAddr search_end, u64 size, u64 alignment,
                              s32 memory_type) {
-    std::scoped_lock lk{mutex};
+    std::scoped_lock lk{mutex, unmap_mutex};
    alignment = alignment > 0 ? alignment : 16_KB;

    auto dmem_area = FindDmemArea(search_start);