From c21f750727515602a9e84f2a190ee8a0a2aeb2a1 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Tue, 17 Apr 2018 23:59:41 -0400 Subject: fix stdio lock dependency on read-after-free not faulting instead of using a waiters count, add a bit to the lock field indicating that the lock may have waiters. threads which obtain the lock after contending for it will perform a potentially-spurious wake when they release the lock. --- src/stdio/flockfile.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src/stdio/flockfile.c') diff --git a/src/stdio/flockfile.c b/src/stdio/flockfile.c index a196c1ef..6b574cf0 100644 --- a/src/stdio/flockfile.c +++ b/src/stdio/flockfile.c @@ -1,10 +1,14 @@ #include "stdio_impl.h" #include "pthread_impl.h" +#define MAYBE_WAITERS 0x40000000 + void flockfile(FILE *f) { while (ftrylockfile(f)) { int owner = f->lock; - if (owner) __wait(&f->lock, &f->waiters, owner, 1); + if (!owner) continue; + a_cas(&f->lock, owner, owner|MAYBE_WAITERS); + __futexwait(&f->lock, owner|MAYBE_WAITERS, 1); } } -- cgit 1.4.1