fix data race between new pthread_key_delete and dtor execution

access to clear the entry in each thread's tsd array for the key being
deleted was not synchronized with __pthread_tsd_run_dtors. I probably
made this mistake from a mistaken belief that the thread list lock was
held during the latter, which of course is not possible since it
executes application code in a still-live-thread context.

while we're at it, expand the interval during which signals are
blocked to cover taking the write lock on key_lock, so that a signal
at an inopportune time doesn't block forward progress of readers.

1 files changed, 4 insertions, 2 deletions

diff --git a/src/thread/pthread_key_create.c b/src/thread/pthread_key_create.c
index dc20cc3f..210605c6 100644
--- a/src/thread/pthread_key_create.c
+++ b/src/thread/pthread_key_create.c
@@ -51,15 +51,17 @@ int __pthread_key_delete(pthread_key_t k)
 	pthread_t self = __pthread_self(), td=self;
 
 	__block_app_sigs(&set);
+	__pthread_rwlock_wrlock(&key_lock);
+
 	__tl_lock();
 	do td->tsd[k] = 0;
 	while ((td=td->next)!=self);
 	__tl_unlock();
-	__restore_sigs(&set);
 
-	__pthread_rwlock_wrlock(&key_lock);
 	keys[k] = 0;
+
 	__pthread_rwlock_unlock(&key_lock);
+	__restore_sigs(&set);
 
 	return 0;
 }