From: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Date: Tue, 7 Jul 2015 18:35:54 +0000 (-0400)
Subject: Fix: Cleanup local_apps sock_info in lttng_ust_cleanup
X-Git-Tag: v2.6.3~6
X-Git-Url: http://git.liburcu.org/?p=lttng-ust.git;a=commitdiff_plain;h=dda3bcd6707d6178eae7ac581cb13c0c307222a2

Fix: Cleanup local_apps sock_info in lttng_ust_cleanup

LTTng-UST will deadlock after a fork while waiting on the
"constructor_wait" semaphore if local apps, handled the session daemon
running under the current UID, are disabled or "not_allowed".

This deadlock can be triggered by setting an infinite registration
timeout, clearing the HOME environment variable and launching an app
which calls FORK(3). This will cause setup_local_apps() to fail to
determine the local_apps sock_path, thus leaving
local_apps.allowed == 0.

This, in turn, would cause lttng_ust_cleanup to skip the cleanup
of the local_apps sock_info after a fork,
leaving local_apps.constructor_sem_posted == 1. This would cause
handle_register_done() in the child to skip over the decrementation
of sem_count and post of the constructor_wait semaphore.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
---

diff --git a/liblttng-ust/lttng-ust-comm.c b/liblttng-ust/lttng-ust-comm.c
index 50e76765..049667bf 100644
--- a/liblttng-ust/lttng-ust-comm.c
+++ b/liblttng-ust/lttng-ust-comm.c
@@ -1556,9 +1556,7 @@ static
 void lttng_ust_cleanup(int exiting)
 {
 	cleanup_sock_info(&global_apps, exiting);
-	if (local_apps.allowed) {
-		cleanup_sock_info(&local_apps, exiting);
-	}
+	cleanup_sock_info(&local_apps, exiting);
 	/*
 	 * The teardown in this function all affect data structures
 	 * accessed under the UST lock by the listener thread. This