On Nov 24 22:56, Takashi Yano wrote:
> Previously, variable i_all_lf was allocated and released in several
> functions: lf_setlock(), lf_clearlock(), and lf_getlock(), and was
> used only temporarily as noted in flock.cc. This pattern easily leads
> to bugs like those that occurred in flock.cc, such as:
>
> lf_setlock() lf_clearlock()
>
> | .
> i_all_lf = tp.w_get() .
> | .
> +---------------------->+
> |
> i_all_lf = tp.wget()
> |
> do something
> |
> (release i_all_lf implicitly)
> |
> +<----------------------+
> |
> accessing i_all_lf (may destroy tmp_pathbuf area)
> |
>
> With this patch, to fix and prevent the bugs, move i_all_lf from
> each function that uses it to fhaldler_base::lock(). Moreover, move
> get_all_locks_list() call in lf_clearlock() to fhandler_base::lock()
> to avoid calling the function twice. Furthermore, make i_all_lf local
> variable rather than inode_t member to prevent reentrant(?) problem.
>
> Addresses: https://cygwin.com/pipermail/cygwin/2025-October/258914.html
> Fixes: e181b0ff122 ("Cygwin: lockf: Make lockf() return ENOLCK when too many
> locks")
ae181b0ff122
Corinna
