Author: jhb Date: Wed Mar 21 21:13:26 2018 New Revision: 331324 URL: https://svnweb.freebsd.org/changeset/base/331324
Log: Ensure thread library is initialized in pthread_testcancel(). Call _thr_check_init() before reading curthread in pthread_testcancel(). If a constructor in a library creates a semaphore via sem_init() and then waits for it via sem_wait(), the program can core dump in _pthread_testcancel() called from sem_wait(). This is because the semaphore implementation lives in libc, so the library's constructors can be run before libthr's constructors. Reported by: arichardson Reviewed by: kib Obtained from: CheriBSD MFC after: 1 week Sponsored by: DARPA / AFRL Differential Revision: https://reviews.freebsd.org/D14786 Modified: head/lib/libthr/thread/thr_cancel.c Modified: head/lib/libthr/thread/thr_cancel.c ============================================================================== --- head/lib/libthr/thread/thr_cancel.c Wed Mar 21 21:10:49 2018 (r331323) +++ head/lib/libthr/thread/thr_cancel.c Wed Mar 21 21:13:26 2018 (r331324) @@ -132,8 +132,10 @@ _pthread_setcanceltype(int type, int *oldtype) void _pthread_testcancel(void) { - struct pthread *curthread = _get_curthread(); + struct pthread *curthread; + _thr_check_init(); + curthread = _get_curthread(); testcancel(curthread); } _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
