Re: Use-after-free in __unlock

mailing list of musl libc
 help / color / mirror / code / Atom feed

From: Jens Gustedt <jens.gustedt@inria.fr>
To: musl@lists.openwall.com
Subject: Re: Use-after-free in __unlock
Date: Fri, 2 Jun 2017 12:11:41 +0200	[thread overview]
Message-ID: <20170602121141.0a6de2ce@inria.fr> (raw)
In-Reply-To: <20170602054835.GB1214367@wirbelwind>

[-- Attachment #1: Type: text/plain, Size: 1291 bytes --]

Hello Joakim,

On Fri, 2 Jun 2017 07:48:36 +0200 Joakim Sindholt
<opensource@zhasha.com> wrote:

> Wouldn't this be the time to consider Jens' lock?[1]

Thanks for the suggestion. I think this algorithm would in fact be
suited as a replacement for the internal lock. For the problem that
originated this thread, this algorithm is safer, because it never
dereferences the pointer to the lock after the lock is released. It
only passes the pointer to a futex_wake syscall. So eventually there
could be a spurious wake up for some completely unrelated lock that
happens to be allocated on the same address, but no dereferencing of a
deallocated variable.

The current implementation is much intertwined with the implementation
of stdatomic. While I'd still would like to maintain my long time goal
to integrate the whole package into musl, it would perhaps be
indicated to work on a more direct implementation of just the lock
algorithm in a first phase.

Thanks
Jens

-- 
:: INRIA Nancy Grand Est ::: Camus ::::::: ICube/ICPS :::
:: ::::::::::::::: office Strasbourg : +33 368854536   ::
:: :::::::::::::::::::::: gsm France : +33 651400183   ::
:: ::::::::::::::: gsm international : +49 15737185122 ::
:: http://icube-icps.unistra.fr/index.php/Jens_Gustedt ::

[-- Attachment #2: Digitale Signatur von OpenPGP --]
[-- Type: application/pgp-signature, Size: 195 bytes --]

     prev parent reply	other threads:[~2017-06-02 10:11 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-06-01 15:32 Alex Crichton
2017-06-01 15:42 ` Alexander Monakov
2017-06-01 15:57 ` Rich Felker
2017-06-01 16:16   ` Rich Felker
2017-06-02  5:48   ` Joakim Sindholt
2017-06-02 10:11     ` Jens Gustedt [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170602121141.0a6de2ce@inria.fr \
    --to=jens.gustedt@inria.fr \
    --cc=musl@lists.openwall.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/musl/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).