From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/11387 Path: news.gmane.org!.POSTED!not-for-mail From: Jens Gustedt Newsgroups: gmane.linux.lib.musl.general Subject: Re: Use-after-free in __unlock Date: Fri, 2 Jun 2017 12:11:41 +0200 Organization: inria.fr Message-ID: <20170602121141.0a6de2ce@inria.fr> References: <20170601155753.GK1627@brightrain.aerifal.cx> <20170602054835.GB1214367@wirbelwind> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/HWtzOkX6vM3r+swBuTPeX+y"; protocol="application/pgp-signature" X-Trace: blaine.gmane.org 1496398317 4518 195.159.176.226 (2 Jun 2017 10:11:57 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Fri, 2 Jun 2017 10:11:57 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-11400-gllmg-musl=m.gmane.org@lists.openwall.com Fri Jun 02 12:11:53 2017 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by blaine.gmane.org with smtp (Exim 4.84_2) (envelope-from ) id 1dGjYe-0000yf-IG for gllmg-musl@m.gmane.org; Fri, 02 Jun 2017 12:11:52 +0200 Original-Received: (qmail 25927 invoked by uid 550); 2 Jun 2017 10:11:55 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 25906 invoked from network); 2 Jun 2017 10:11:54 -0000 X-IronPort-AV: E=Sophos;i="5.39,284,1493676000"; d="scan'208";a="277071738" In-Reply-To: <20170602054835.GB1214367@wirbelwind> X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu) X-Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAAXNSR0IArs4c6QAAACRQTFRFERslNjAsLTE9Ok9wUk9TaUs8iWhSrYZkj42Rz6aD3sGZ Xref: news.gmane.org gmane.linux.lib.musl.general:11387 Archived-At: --Sig_/HWtzOkX6vM3r+swBuTPeX+y Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Hello Joakim, On Fri, 2 Jun 2017 07:48:36 +0200 Joakim Sindholt wrote: > Wouldn't this be the time to consider Jens' lock?[1] Thanks for the suggestion. I think this algorithm would in fact be suited as a replacement for the internal lock. For the problem that originated this thread, this algorithm is safer, because it never dereferences the pointer to the lock after the lock is released. It only passes the pointer to a futex_wake syscall. So eventually there could be a spurious wake up for some completely unrelated lock that happens to be allocated on the same address, but no dereferencing of a deallocated variable. The current implementation is much intertwined with the implementation of stdatomic. While I'd still would like to maintain my long time goal to integrate the whole package into musl, it would perhaps be indicated to work on a more direct implementation of just the lock algorithm in a first phase. Thanks Jens --=20 :: INRIA Nancy Grand Est ::: Camus ::::::: ICube/ICPS ::: :: ::::::::::::::: office Strasbourg : +33 368854536 :: :: :::::::::::::::::::::: gsm France : +33 651400183 :: :: ::::::::::::::: gsm international : +49 15737185122 :: :: http://icube-icps.unistra.fr/index.php/Jens_Gustedt :: --Sig_/HWtzOkX6vM3r+swBuTPeX+y Content-Type: application/pgp-signature Content-Description: Digitale Signatur von OpenPGP -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQSN9stI2OFN1pLljN0P0+hp2tU34gUCWTE53gAKCRAP0+hp2tU3 4pnNAKCIUhRhTVm8VDAr5wavbaK/hm1IbgCdEI/k7A4IZss1jqQw4Lu/LAvwO5A= =GFq0 -----END PGP SIGNATURE----- --Sig_/HWtzOkX6vM3r+swBuTPeX+y--