[Issue 24741] New: Stop the world logic is invalid and might stop a thread mid critical section.
d-bugmail at puremagic.com
d-bugmail at puremagic.com
Mon Sep 2 15:47:21 UTC 2024
https://issues.dlang.org/show_bug.cgi?id=24741
Issue ID: 24741
Summary: Stop the world logic is invalid and might stop a
thread mid critical section.
Product: D
Version: D2
Hardware: x86
OS: Windows
Status: NEW
Severity: enhancement
Priority: P1
Component: druntime
Assignee: nobody at puremagic.com
Reporter: deadalnix at gmail.com
A thread enter critical section by taking the criticalRegionLock and setting
its m_isInCriticalRegion flag.
A thread leaves critical section in a similar way, taking the
criticalRegionLock and unsetting its m_isInCriticalRegion flag.
When stopping the world, the criticalRegionLock is taken during the whole
process. For each thread, m_isInCriticalRegion before suspending. If it is set,
then the lock is temporarily released and we wait to give the thread an
opportunity to exit its critical section, and then then lock is taken again,
and we check again if the thread is in its critical section, etc...
To suspend a thread, we send a signal using pthread_kill , which is
asynchronous. This means that by the time we try to suspend thread n + 1,
thread n might not be suspended yet.
If thread n + 1 is is in its critical section, we'll release
criticalRegionLock, allowing thread n to enter a critical section before it had
the chance to suspend.
In practice, critical section are rare enough this doesn't happen much, but a
carefully designed test case can trigger the race condition, and potentially an
attacker feeding malicious input to an application.
--
More information about the Digitalmars-d-bugs
mailing list