Project

General

Profile

Bug #4912

soft_giant_mutex in pkcs11_softtoken stays held after fork

Added by Dan McDonald over 6 years ago. Updated over 6 years ago.

Status:
New
Priority:
Normal
Assignee:
Category:
lib - userland libraries
Start date:
2014-06-05
Due date:
% Done:

0%

Estimated time:
Difficulty:
Hard
Tags:
needs-triage
Gerrit CR:

Description

If (and only if) a parent process has

1.) Created threads

and

2.) Called C_Initialize/C_Finalize/C_Initialize after thread creation

the child process hangs with this stack:

fee96189 lwp_park (0, 0, 0)
fee8f395 mutex_lock_impl (feb3f3c4, 0, 80479c8, feffb0a4, feffc8c0) + 291
fee8fd81 mutex_lock (feb3f3c4, feffb0a4, 80479d8, feadc41a) + 64
feadc80b softtoken_fini (feffb0a4, febc06d8, 80479d8, fefce462, feffb0a4, feb50150) + 1e
feb222b0 _fini (feffc8c0, 0, feb50150, f, febc0710, fee0d5e0) + 20
fefd1a02 call_fini (feffc8c0, febc06d8, fef501a8, 0) + b3
fefd80b4 remove_hdl (feb505f8, fef501a8, 0, fefd3b55, fef0a000, feda2a40) + 744
fefd3bff dlclose_core (feb505f8, fef501a8, feffc8c0, fef0e1c0, feda2a40, fef790cc) + b8
fefd3c4f dlclose_intn (feb505f8, fef501a8, fefd3cc1, feb505f8) + 25
fefd3d35 dlclose_check (feb505f8, fef501a8, 9c, fef0a000, 8061608, 8061610) + 92
fefd3d7d dlclose (feb505f8, feda0080, 8047bb8, 0) + 3d
fef3432a pkcs11_slottable_delete (fef4c43c, 0, 18, fef4c000, feda0300, feda0080) + b5
fef30289 finalize_common (0, 0, 0, fef30071, 0, fef0a000) + 10f
fef302e8 pkcs11_fini (feda0140, feda0080, 8047c48, fee0d8a9, fee6da9b, 3) + 57
fef30309 pkcs11_fork_child_fini (fee6da9b, 3, 0, 4, 0, 0) + b
fee0d8a9 _postfork_child_handler (fef0e240, feda2bcc, fef10100, 0, 0, fef0e240) + 69
fee87305 forkx (0, 0, 0, 8047cbe, 8047cd8) + 1d6
fee873e3 fork (1, 1, 1, ae8f8, 29, fef14068) + 1e
08050e6b main (3, 8047d08, 8047d18, 8047cfc) + 16b
08050c3d _start (3, 8047de0, 8047de8, 8047dea, 0, 8047dec) + 7d

This is soft_giant_mutex() in the softtoken provider.

#1

Updated by Dan McDonald over 6 years ago

Because pkcs11_fork_child_fini() (pthread_atfork post-fork handler) invokes dlclose(), the softtoken's _fini is called BEFORE softtoken's pthread_atfork() post-fork handler is called. The pre-fork handler of softtoken acquires its soft_giant_lock, but then the _fini function tries to acquire it as well, causing deadlock.

Also available in: Atom PDF