summaryrefslogtreecommitdiff
path: root/src/thread/pthread_mutex_timedlock.c
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2011-08-02 20:31:15 -0400
committerRich Felker <dalias@aerifal.cx>2011-08-02 20:31:15 -0400
commitc68de0be2fb649f91b31080224fb6e48084eaaee (patch)
treed9495283490f37833ca6e32f4b6876ca10ac06eb /src/thread/pthread_mutex_timedlock.c
parent344ea148852ed02f280cb92f8fc1611529d60448 (diff)
downloadmusl-c68de0be2fb649f91b31080224fb6e48084eaaee.tar.gz
avoid accessing mutex memory after atomic unlock
this change is needed to fix a race condition and ensure that it's possible to unlock and destroy or unmap the mutex as soon as pthread_mutex_lock succeeds. POSIX explicitly gives such an example in the rationale and requires an implementation to allow such usage.
Diffstat (limited to 'src/thread/pthread_mutex_timedlock.c')
-rw-r--r--src/thread/pthread_mutex_timedlock.c22
1 files changed, 15 insertions, 7 deletions
diff --git a/src/thread/pthread_mutex_timedlock.c b/src/thread/pthread_mutex_timedlock.c
index f1c3eed7..ae1e2c31 100644
--- a/src/thread/pthread_mutex_timedlock.c
+++ b/src/thread/pthread_mutex_timedlock.c
@@ -2,15 +2,23 @@
int pthread_mutex_timedlock(pthread_mutex_t *m, const struct timespec *at)
{
- int r, w=0;
+ int r, t;
+
+ if (m->_m_type == PTHREAD_MUTEX_NORMAL && !a_cas(&m->_m_lock, 0, EBUSY))
+ return 0;
+
while ((r=pthread_mutex_trylock(m)) == EBUSY) {
if (!(r=m->_m_lock) || (r&0x40000000)) continue;
- if (!w) a_inc(&m->_m_waiters), w++;
- if (__timedwait(&m->_m_lock, r, CLOCK_REALTIME, at, 0) == ETIMEDOUT) {
- if (w) a_dec(&m->_m_waiters);
- return ETIMEDOUT;
- }
+ if ((m->_m_type&3) == PTHREAD_MUTEX_ERRORCHECK
+ && (r&0x1fffffff) == pthread_self()->tid)
+ return EDEADLK;
+
+ a_inc(&m->_m_waiters);
+ t = r | 0x80000000;
+ a_cas(&m->_m_lock, r, t);
+ r = __timedwait(&m->_m_lock, t, CLOCK_REALTIME, at, 0);
+ a_dec(&m->_m_waiters);
+ if (r && r != EINTR) break;
}
- if (w) a_dec(&m->_m_waiters);
return r;
}