Skip to content

Commit b4edbcc

Browse files
Sergey Komarovjengelh
Sergey Komarov
authored and
jengelh
committed
timer_agent: fixed race condition by adding locks
CID 1558772: (#1 of 1): Data race condition (MISSING_LOCK) 5. missing_lock: Accessing g_lost_list[abi:cxx11] without holding lock g_back_lock. Elsewhere, g_lost_list[abi:cxx11] is written to with g_back_lock held 7 out of 9 times.
1 parent 438424e commit b4edbcc

File tree

1 file changed

+8
-3
lines changed

1 file changed

+8
-3
lines changed

exch/timer_agent.cpp

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ static gromox::atomic_bool g_notify_stop;
4646
static char g_timer_ip[40];
4747
static uint16_t g_timer_port;
4848
static pthread_t g_scan_id;
49-
static std::mutex g_back_lock;
49+
static std::mutex g_back_lock; /* protects g_back_list & g_lost_list */
5050
static std::list<BACK_CONN> g_back_list, g_lost_list;
5151

5252
static constexpr cfg_directive timer_agent_cfg_defaults[] = {
@@ -86,16 +86,18 @@ BOOL SVC_timer_agent(enum plugin_op reason, const struct dlfuncs &ppdata)
8686
mlog(LV_INFO, "timer_agent: timer address is [%s]:%hu",
8787
*g_timer_ip == '\0' ? "*" : g_timer_ip, g_timer_port);
8888

89+
std::unique_lock bk_hold(g_back_lock);
8990
for (size_t i = 0; i < conn_num; ++i) try {
9091
g_lost_list.emplace_back();
9192
} catch (const std::bad_alloc &) {
9293
mlog(LV_ERR, "E-1655: ENOMEM");
9394
}
94-
95+
bk_hold.unlock();
9596
g_notify_stop = false;
9697
auto ret = pthread_create4(&g_scan_id, nullptr, tmrag_scanwork, nullptr);
9798
if (ret != 0) {
9899
g_notify_stop = true;
100+
bk_hold.lock();
99101
g_back_list.clear();
100102
mlog(LV_ERR, "timer_agent: failed to create scan thread: %s",
101103
strerror(ret));
@@ -112,13 +114,14 @@ BOOL SVC_timer_agent(enum plugin_op reason, const struct dlfuncs &ppdata)
112114
}
113115
return TRUE;
114116
}
115-
case PLUGIN_FREE:
117+
case PLUGIN_FREE: {
116118
if (!g_notify_stop) {
117119
g_notify_stop = true;
118120
if (!pthread_equal(g_scan_id, {})) {
119121
pthread_kill(g_scan_id, SIGALRM);
120122
pthread_join(g_scan_id, NULL);
121123
}
124+
std::unique_lock bk_hold(g_back_lock);
122125
g_lost_list.clear();
123126
while (g_back_list.size() > 0) {
124127
auto pback = &g_back_list.front();
@@ -128,8 +131,10 @@ BOOL SVC_timer_agent(enum plugin_op reason, const struct dlfuncs &ppdata)
128131
g_back_list.pop_front();
129132
}
130133
}
134+
std::unique_lock bk_hold(g_back_lock);
131135
g_back_list.clear();
132136
return TRUE;
137+
}
133138
default:
134139
return TRUE;
135140
}

0 commit comments

Comments
 (0)