Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 26 Feb 2017 12:41:07 +0100
From: Szabolcs Nagy <nsz@...t70.net>
To: ???????????? ?????????? <leo@...iev.ru>
Cc: musl@...ts.openwall.com
Subject: Re: ldso pthread finalization

* ???????????? ?????????? <leo@...iev.ru> [2017-02-26 12:48:07 +0300]:
> In glibc there are a couple of problems. I do not know whether they
> are relevant for Musl. However, I think should pay attention.
> 
> So, please take in accound two glibc bugs:
> 
> 1) pthread_key_delete() race with thread finalization.
> 
> A race condition could occur between the pthread_key_delete() and the
> __nptl_deallocate_tsd().
> 
> For instance, __nptl_deallocate_tsd() could call a destructor for the
> key, immediately before the pthread_key_delete() invalidates it (from
> an another thread), and will continue destructor execution after the
> completion of pthread_key_delete().
> 
> >From a user code this looks as if the corresponding destructor
> executes after the key has been removed by pthread_key_delete(), and
> there is no way to know whether was destructor called/executed or not.
> 
> Suggest add pthread_rwlock_rdlock() for __nptl_deallocate_tsd() and
> pthread_rwlock_wrlock() for pthread_key_delete().
> == https://sourceware.org/bugzilla/show_bug.cgi?id=21031
> 

i dont think the standard requires that dtors
must finish running when pthread_key_delete
returns: a long running dtor could hold up
pthread_key_delete indefinitely.

if there were a lock, like you suggest, then
the dtor could deadlock when it synchronizes
with other threads doing a pthread_key_delete.

the standard is not very clear, so it is
better to treat it unspecified if dtors
must finish or not.

> 
> 2) pthread_key_create() destructors and segfault after a DSO unloading.
> 
> The pthread_key_create() and __nptl_deallocate_tsd() do not track the
> references to destructor's DSO like the __cxa_thread_atexit_impl().
> 
> Therefore the DSO, which holds a destructor's code, could be unloaded
> before destructor execution or before deleting a corresponding key.
> 
> So in a complex environment there is no way to know whether it is safe
> to unload a particular DSO or some tls-destructors are still left.
> 
> Suggest this should be fixed or documented, e.g. that the
> pthread_create_key() with a destructor should not be used from lib.so.
> == https://sourceware.org/bugzilla/show_bug.cgi?id=21032
> 

the standard even gives this as an example why
there is pthread_key_delete: it's the user's
responsibility to delete keys registered by the
dso before dso unload.
http://pubs.opengroup.org/onlinepubs/9699919799/functions/pthread_key_delete.html

one could argue that in c++ unloading a dso with
tls dtors is undefined so you should not rely on
that working either.
(dso tracking logic requires special abi which
a platform may or may not have in place, the
standard does not say anything about this.
in particular the hack that is used to track
the dsos of atexit handlers is non-conforming
so at least dlclose+atexit cannot work the
way you expect on a conforming system.)

in any case, musl is not affected because its
dlclose is a nop.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.