From 6ea962e0946da7564a774b08dd3eda28d64e9e56 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sat, 27 Jan 2018 10:08:04 -0800
Subject: [PATCH] Acquire ld.so lock before switching to malloc_atfork

The patch is from
  https://sourceware.org/bugzilla/show_bug.cgi?id=4578

If a thread happens to hold dl_load_lock and have r_state set to RT_ADD or
RT_DELETE at the time another thread calls fork(), then the child exit code
from fork (in nptl/sysdeps/unix/sysv/linux/fork.c in our case) re-initializes
dl_load_lock but does not restore r_state to RT_CONSISTENT. If the child
subsequently requires ld.so functionality before calling exec(), then the
assertion will fire.

The patch acquires dl_load_lock on entry to fork() and releases it on exit
from the parent path.  The child path is initialized as currently done.
This is essentially pthreads_atfork, but forced to be first because the
acquisition of dl_load_lock must happen before malloc_atfork is active
to avoid a deadlock.

The patch has not yet been integrated upstream.

Upstream-Status: Pending [ Not Author See bugzilla]

Signed-off-by: Raghunath Lolur <Raghunath.Lolur@kpit.com>
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 sysdeps/nptl/fork.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/sysdeps/nptl/fork.c b/sysdeps/nptl/fork.c
index 0f48933ff1..eef3f9669b 100644
--- a/sysdeps/nptl/fork.c
+++ b/sysdeps/nptl/fork.c
@@ -25,6 +25,7 @@
 #include <tls.h>
 #include <hp-timing.h>
 #include <ldsodefs.h>
+#include <libc-lock.h>
 #include <stdio-lock.h>
 #include <atomic.h>
 #include <nptl/pthreadP.h>
@@ -56,6 +57,9 @@ __libc_fork (void)
   bool multiple_threads = THREAD_GETMEM (THREAD_SELF, header.multiple_threads);
 
   __run_fork_handlers (atfork_run_prepare);
+  /* grab ld.so lock BEFORE switching to malloc_atfork */
+  __rtld_lock_lock_recursive (GL(dl_load_lock));
+  __rtld_lock_lock_recursive (GL(dl_load_write_lock));
 
   /* If we are not running multiple threads, we do not have to
      preserve lock state.  If fork runs from a signal handler, only
@@ -150,6 +154,9 @@ __libc_fork (void)
 
       /* Run the handlers registered for the parent.  */
       __run_fork_handlers (atfork_run_parent);
+      /* unlock ld.so last, because we locked it first */
+      __rtld_lock_unlock_recursive (GL(dl_load_write_lock));
+      __rtld_lock_unlock_recursive (GL(dl_load_lock));
     }
 
   return pid;