From b812179e82894049c06903cc6c0d1f5a75125270 Mon Sep 17 00:00:00 2001 From: Martin Stein Date: Tue, 5 Dec 2017 11:46:26 +0100 Subject: [PATCH] signal: fix race in Signal_receiver pending_signal In the past, we had the lock of the context we found for the rest of the scope of pending_signal. Now we use for_each_locked to find the context and the lock is released as soon as we return from for_each_locked. Thus, we need to lock the context again before returning it to avoid that the copy constructor during the return reads values that are currently changing. Fixes #2532 --- repos/base/src/lib/base/signal_common.cc | 1 + 1 file changed, 1 insertion(+) diff --git a/repos/base/src/lib/base/signal_common.cc b/repos/base/src/lib/base/signal_common.cc index f136e5271..a3baae1c2 100644 --- a/repos/base/src/lib/base/signal_common.cc +++ b/repos/base/src/lib/base/signal_common.cc @@ -175,6 +175,7 @@ Signal Signal_receiver::pending_signal() throw Context_ring::Break_for_each(); }); if (result.context) { + Lock::Guard lock_guard(result.context->_lock); if (result.num == 0) warning("returning signal with num == 0");