Re: (ITS#8452) LMDB: mdb_env_copyfd2 can deadlock due to missing mdb_env_cthr_toggle check

[lorenz@cloudflare.com]

--94eb2c033d26fe88ce053654a1b2
Content-Type: text/plain; charset=UTF-8

I had a look at your changes, it seems like they obsolete my other bug
report as well.

At the same time, I think you are introducing a double free? In copyfd1, if
memalign (and friends) fails you goto done, which then proceeds to free().
Same for the case where CreateMutex or CreateFree return an error, since
they happen before allocation, but also goto done.

--
Lorenz

On 28 June 2016 at 11:09, Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no
> wrote:

> Looks like a dup of ITS#8209.  I've pushed a fix to
> mdb.master.  Hadn't gotten around to testing it properly.
>
> --
> Hallvard
>

--94eb2c033d26fe88ce053654a1b2
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">I had a look at your changes, it seems like they obsolete =
my other bug report as well.<div><br></div><div>At the same time, I think y=
ou are introducing a double free? In copyfd1, if memalign (and friends) fai=
ls you goto done, which then proceeds to free(). Same for the case where Cr=
eateMutex or CreateFree return an error, since they happen before allocatio=
n, but also goto done.</div><div><br></div><div>--</div><div>Lorenz</div></=
div><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">On 28 June 20=
16 at 11:09, Hallvard Breien Furuseth <span dir=3D"ltr">&lt;<a href=3D"mail=
to:h.b.furuseth@usit.uio.no" target=3D"_blank">h.b.furuseth@usit.uio.no</a>=
&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0=
 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Looks like a dup of IT=
S#8209.=C2=A0 I&#39;ve pushed a fix to<br>
mdb.master.=C2=A0 Hadn&#39;t gotten around to testing it properly.<span cla=
ss=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
-- <br>
Hallvard<br>
</font></span></blockquote></div><br></div>

--94eb2c033d26fe88ce053654a1b2--