fix deadlock in synccall after threaded fork

synccall may be called by AS-safe functions such as setuid/setgid after fork. although fork() resets libc.threads_minus_one, causing synccall to take the single-threaded path, synccall still takes the thread list lock. This lock may be held by another thread if for example fork() races with pthread_create(). After fork(), the value of the lock is meaningless, so clear it. maintainer's note: commit 8f11e612 and e4235d70 introduced this regression. the state protected by this lock is the linked list, which is entirely replaced in the child path of fork (next=prev=self), so resetting it is semantically sound.

fix deadlock in synccall after threaded fork
synccall may be called by AS-safe functions such as setuid/setgid after fork. although fork() resets libc.threads_minus_one, causing synccall to take the single-threaded path, synccall still takes the thread list lock. This lock may be held by another thread if for example fork() races with pthread_create(). After fork(), the value of the lock is meaningless, so clear it. maintainer's note: commit 8f11e612 and e4235d70 introduced this regression. the state protected by this lock is the linked list, which is entirely replaced in the child path of fork (next=prev=self), so resetting it is semantically sound.
84ebec6c · Samuel Holland · Rich Felker · 3d178a7e · 84ebec6c
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

src/process/fork.c src/process/fork.c +1 -0

未找到文件。
--- a/src/process/fork.c
+++ b/src/process/fork.c
@@ -28,6 +28,7 @@ pid_t fork(void)
 		self->robust_list.off = 0;
 		self->robust_list.pending = 0;
 		self->next = self->prev = self;
+		__thread_list_lock = 0;
 		libc.threads_minus_1 = 0;
 	}
 	__restore_sigs(&set);