diff options
author | Rich Felker <dalias@aerifal.cx> | 2022-10-05 10:41:30 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2022-10-19 14:01:32 -0400 |
commit | 36b72cd6fdfed2cac6b6ff1ed58a96d8265785cf (patch) | |
tree | b47d2641194ff8bbaea800495a6206a3a104748c /src/setjmp/longjmp.c | |
parent | 833a469167521040c7ae94f3c990e258e29445f9 (diff) | |
download | musl-36b72cd6fdfed2cac6b6ff1ed58a96d8265785cf.tar.gz musl-36b72cd6fdfed2cac6b6ff1ed58a96d8265785cf.tar.bz2 musl-36b72cd6fdfed2cac6b6ff1ed58a96d8265785cf.tar.xz musl-36b72cd6fdfed2cac6b6ff1ed58a96d8265785cf.zip |
fix potential deadlock in dlerror buffer handling at thread exit
ever since commit 8f11e6127fe93093f81a52b15bb1537edc3fc8af introduced
the thread list lock, this has been wrong. initially, it was wrong via
calling free from the context with the thread list lock held. commit
aa5a9d15e09851f7b4a1668e9dbde0f6234abada deferred the unsafe free but
added a lock, which was also unsafe. in particular, it could deadlock
if code holding freebuf_queue_lock was interrupted by a signal handler
that takes the thread list lock.
commit 4d5aa20a94a2d3fae3e69289dc23ecafbd0c16c4 observed that there
was a lock here but failed to notice that it's invalid.
there is no easy solution to this problem with locks; any attempt at
solving it while still using locks would require the lock to be an
AS-safe one (blocking signals on each access to the dlerror buffer
list to check if there's deferred free work to be done) which would be
excessively costly, and there are also lock order considerations with
respect to how the lock would be handled at fork.
instead, just use an atomic list.
Diffstat (limited to 'src/setjmp/longjmp.c')
0 files changed, 0 insertions, 0 deletions