Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use After Free In Nemesis Shutdown Code #188

Closed
insertinterestingnamehere opened this issue Dec 1, 2023 · 1 comment
Closed

Use After Free In Nemesis Shutdown Code #188

insertinterestingnamehere opened this issue Dec 1, 2023 · 1 comment
Labels
bug medium priority tsan Thread Sanitizer Errors

Comments

@insertinterestingnamehere
Copy link
Collaborator

There's a race condition and use after free bug in the Nemesis threadqueue termination code where a worker thread may access a queue node after the main thread has already freed it. Relevant lines are:

Read from worker thread:

qthreads/src/threadqueues/nemesis_threadqueues.c

Line 393 in d6ce514

node = qt_internal_NEMESIS_dequeue(&q->q);

Write (free) by main thread:

qthreads/src/threadqueues/nemesis_threadqueues.c

Line 399 in d6ce514

FREE_TQNODE(node);

This is part of #149.
Merged
@insertinterestingnamehere
Copy link
Collaborator Author

This appears to have been resolved by one of the other thread sanitizer patches. Probably #206. This can also be closed when that one's merged.

@insertinterestingnamehere insertinterestingnamehere added the tsan Thread Sanitizer Errors label Feb 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug medium priority tsan Thread Sanitizer Errors
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@insertinterestingnamehere