Commit 265f265c authored by Mark Janossy's avatar Mark Janossy Committed by Allison Karlitskaya

deprecated threads: fix race in GStaticRecMutex

The very last access to the 'depth' field of GStaticRecMutex in
g_static_rec_mutex_unlock_full() was being performed after dropping the
implementation mutex for the last time.

This allowed the lock to be dropped an additional time if it was
acquired in another thread right at that instant (which is somewhat
likely, since another thread could have just been woken up by the lock
being released).

https://bugzilla.gnome.org/show_bug.cgi?id=670846
parent cb44e96d
...@@ -807,14 +807,17 @@ g_static_rec_mutex_unlock_full (GStaticRecMutex *mutex) ...@@ -807,14 +807,17 @@ g_static_rec_mutex_unlock_full (GStaticRecMutex *mutex)
{ {
GRecMutex *rm; GRecMutex *rm;
gint depth; gint depth;
gint i;
rm = g_static_rec_mutex_get_rec_mutex_impl (mutex); rm = g_static_rec_mutex_get_rec_mutex_impl (mutex);
/* all access to mutex->depth done while still holding the lock */
depth = mutex->depth; depth = mutex->depth;
while (mutex->depth) i = mutex->depth;
{ mutex->depth = 0;
mutex->depth--;
g_rec_mutex_unlock (rm); while (i--)
} g_rec_mutex_unlock (rm);
return depth; return depth;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment