diff options
| author | Steven Laver <lavers@google.com> | 2019-08-07 15:49:43 -0700 |
|---|---|---|
| committer | Steven Laver <lavers@google.com> | 2019-08-07 15:49:43 -0700 |
| commit | bfda022dd6fbbcea60e9f52496d90ece514b32da (patch) | |
| tree | 97c69d2bdd0e0ff59d55a0d2a8596ed678cded3e /libc/private/bionic_lock.h | |
| parent | 70ebd716b3e81d304cda14d2bd77996cc2840962 (diff) | |
| parent | 848e1d8a30a3465040edc27085927309fe6cbcff (diff) | |
Merge RP1A.190528.001
Change-Id: If6e905407e26a19e0266185af46b4ff461c4d45e
Diffstat (limited to 'libc/private/bionic_lock.h')
| -rw-r--r-- | libc/private/bionic_lock.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/libc/private/bionic_lock.h b/libc/private/bionic_lock.h index ec179d1b6..d70ba6c5c 100644 --- a/libc/private/bionic_lock.h +++ b/libc/private/bionic_lock.h @@ -72,6 +72,12 @@ class Lock { void unlock() { bool shared = process_shared; /* cache to local variable */ if (atomic_exchange_explicit(&state, Unlocked, memory_order_release) == LockedWithWaiter) { + // The Lock object may have been deallocated between the atomic exchange and the futex wake + // call, so avoid accessing any fields of Lock here. In that case, the wake call may target + // unmapped memory or trigger a spurious futex wakeup. The same situation happens with + // pthread mutexes. References: + // - https://lkml.org/lkml/2014/11/27/472 + // - http://austingroupbugs.net/view.php?id=811#c2267 __futex_wake_ex(&state, shared, 1); } } |