mirrors/nodejs
mirrors/nodejs
0
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-12-01 16:10:02 +01:00
Code Issues Releases Activity

worker: fix race condition in node_messaging.cc

Browse Source 
`AddToIncomingQueue()` relies on `owner_` only being modified with
`mutex_` being locked, but in these two places, that didn’t happen.

Modify them to use `Detach()` instead, which has the same effect
as setting `owner_ = nullptr` here, but does it with proper locking.

This race condition probably only shows up in practice when Node.js
is compiled in debug mode, because the compiler eliminates the
duplicate load in `AddToIncomingQueue()` when compiling with
optimizations enabled.

PR-URL: https://github.com/nodejs/node/pull/33429
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Anna Henningsen 2020-05-16 12:03:32 +02:00
parent 61189d3981
commit 0e92ae64f0
No known key found for this signature in database
GPG Key ID: A94130F0BFC8EBE9
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/node_messaging.cc
View File

@ -464,8 +464,7 @@ void MessagePortData::Disentangle() {
}
MessagePort::~MessagePort() {
if (data_)
data_->owner_ = nullptr;
if (data_) Detach();
}
MessagePort::MessagePort(Environment* env,
@ -662,10 +661,9 @@ void MessagePort::OnMessage() {
void MessagePort::OnClose() {
Debug(this, "MessagePort::OnClose()");
if (data_) {
data_->owner_ = nullptr;
data_->Disentangle();
// Detach() returns move(data_).
Detach()->Disentangle();
}
data_.reset();
}
std::unique_ptr<MessagePortData> MessagePort::Detach() {