Sources Bugzilla – Bug 14333
Fix the race between atexit() and exit()
Last modified: 2012-12-03 23:58:31 UTC
Created attachment 6511 [details] The Patch can fix the race betweent atexit() and exit() exit() uses global variable __exit_funcs indirectly, which are not protected. It is not safe in multithread circumstance. When call exit() and atexit() simultaneously in multithread circumstance, the following case will cause unsafe. The case has main process A and thread B. a. thread B call atexit() b. process A call exit() to traverse the __exit_funcs list c. thread B call calloc() to create a new entry p, and next to listp: p->next = *listp; d. process A modify listp to cur's next, then free cur: *listp = cur->next; e. thread B modify listp to p: *listp = p; f. when get f, the f is undefined: const struct exit_function *const f = &cur->fns[--cur->idx]; g. programme may be Segmentation fault
We're seeing failures on hppa in this area while running some of gcc's testsuite and it looks like a similar issue. John David Anglin is investigating for me on the gcc side.
Created attachment 6682 [details] The Patch can fix the race betweent atexit() and exit()
Please post the patch on libc-alpha. If you've posted before and not got a response, then please repost it.
(In reply to comment #3) > Please post the patch on libc-alpha. If you've posted before and not got a > response, then please repost it. I have reposted the patch to libc-alpha, please review. URL: http://sourceware.org/ml/libc-alpha/2012-10/msg00567.html Thanks.