Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID:
 <SJ0PR11MB51366335E39CA3F993BBDDD3C740A@SJ0PR11MB5136.namprd11.prod.outlook.com>
Date: Wed, 2 Jul 2025 06:20:02 +0000
From: "Deng, Wenbin (CN)" <Wenbin.Deng.CN@...driver.com>
To: "Zhang, Huilin (Rebecca) (CN)" <Rebecca.Zhang.CN@...driver.com>,
        Markus
 Wichmann <nullplan@....net>,
        "musl@...ts.openwall.com"
	<musl@...ts.openwall.com>
Subject: RE: [PATCH] __libc_exit_fini forgets to do
 pthread_mutex_unlock

Hell Markus, 

I think the key issue in the "vfork+execv" case is that :  

With vfork, the parent and the child process share the same virtual memory space. Once after child execv failed and exit, the child process locks init_fini_lock but not unlock it. This causes the parent process pended on the same init_fini_lock forever and can't exit normally. My understanding is the child process's execv failed should not blocks parent process exit.

Thanks,
Wenbin

-----Original Message-----
From: Zhang, Huilin (Rebecca) (CN) <Rebecca.Zhang.CN@...driver.com> 
Sent: Wednesday, July 2, 2025 2:06 PM
To: Markus Wichmann <nullplan@....net>; musl@...ts.openwall.com
Cc: Deng, Wenbin (CN) <Wenbin.Deng.CN@...driver.com>
Subject: RE: [musl] [PATCH] __libc_exit_fini forgets to do pthread_mutex_unlock

Hello, Markus,

Please see attached test code main.c. Assume we compile it with MUSL and generate the executable program named myApp.
This myApp needs an input parameter which is an another executable program. If this parameter pointed to a nonexistent program, this myApp will get stuck.

For example: (aaa is a nonexistent program) ./myApp aaa


The attached .png file is the snapshot that I ran myApp on ubutntu 22.04.3.

Thanks,
Rebecca


-----Original Message-----
From: Markus Wichmann <nullplan@....net>
Sent: Wednesday, July 2, 2025 12:31 PM
To: musl@...ts.openwall.com
Cc: Zhang, Huilin (Rebecca) (CN) <Rebecca.Zhang.CN@...driver.com>; Deng, Wenbin (CN) <Wenbin.Deng.CN@...driver.com>
Subject: Re: [musl] [PATCH] __libc_exit_fini forgets to do pthread_mutex_unlock

CAUTION: This email comes from a non Wind River email account!
Do not click links or open attachments unless you recognize the sender and know the content is safe.

Am Wed, Jul 02, 2025 at 10:28:54AM +0800 schrieb rebecca.zhang.cn@...driver.com:
> From: Rebecca Zhang <rebecca.zhang.cn@...driver.com>
>
> This commit fixes the issue that __libc_exit_fini only do 
> pthread_mutex_lock, but forget to do pthread_mutex_unlock.
> ---
>  ldso/dynlink.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/ldso/dynlink.c b/ldso/dynlink.c index ceca3c9..7885675
> 100644
> --- a/ldso/dynlink.c
> +++ b/ldso/dynlink.c
> @@ -1492,6 +1492,7 @@ void __libc_exit_fini()
>                       fpaddr(p, dyn[DT_FINI])();  #endif
>       }
> +     pthread_mutex_unlock(&init_fini_lock);
>  }
>
>  void __ldso_atfork(int who)
> --
> 2.34.1
>
I think that is a deliberate omision. __libc_exit_fini() is called on process exit. After it runs, it must not run again, and no new initializer must run at all. The process will exit very soon anyway. The only way to deadlock here is if a destructor calls exit(), which they aren't allowed to do.

Ciao,
Markus

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.