[lttng-dev] [PATCH LTTNG-UST] Fix: Cleanup local_apps sock_info in lttng_ust_cleanup

Jérémie Galarneau jeremie.galarneau at efficios.com
Tue Jul 7 14:35:54 EDT 2015

LTTng-UST will deadlock after a fork while waiting on the
"constructor_wait" semaphore if local apps, handled the session daemon
running under the current UID, are disabled or "not_allowed".

This deadlock can be triggered by setting an infinite registration
timeout, clearing the HOME environment variable and launching an app
which calls FORK(3). This will cause setup_local_apps() to fail to
determine the local_apps sock_path, thus leaving
local_apps.allowed == 0.

This, in turn, would cause lttng_ust_cleanup to skip the cleanup
of the local_apps sock_info after a fork,
leaving local_apps.constructor_sem_posted == 1. This would cause
handle_register_done() in the child to skip over the decrementation
of sem_count and post of the constructor_wait semaphore.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau at efficios.com>
 liblttng-ust/lttng-ust-comm.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/liblttng-ust/lttng-ust-comm.c b/liblttng-ust/lttng-ust-comm.c
index b290204..9f71839 100644
--- a/liblttng-ust/lttng-ust-comm.c
+++ b/liblttng-ust/lttng-ust-comm.c
@@ -1554,9 +1554,7 @@ static
 void lttng_ust_cleanup(int exiting)
 	cleanup_sock_info(&global_apps, exiting);
-	if (local_apps.allowed) {
-		cleanup_sock_info(&local_apps, exiting);
-	}
+	cleanup_sock_info(&local_apps, exiting);
 	 * The teardown in this function all affect data structures
 	 * accessed under the UST lock by the listener thread. This

More information about the lttng-dev mailing list