Bugfix: Clean up ThreadContext pointers when Connection is destroyed #106

pull ryanofsky wants to merge 1 commits into bitcoin-core:master from ryanofsky:pr/connthread changing 3 files +94 −43
  1. ryanofsky commented at 12:46 PM on August 9, 2024: collaborator

    Currently ThreadContext Connection* pointers are not removed up when a connection is destroyed. This is only a problem if a Connection instance is destroyed and new Connection is allocated at the same address, because the code assumes pointers uniquely identify connections. This causes a bug in a bitcoin IPC test which creates multiple connections in a loop, described in https://github.com/bitcoin/bitcoin/pull/30509#issuecomment-2276739868, and depending on how the heap allocator behaves, a new Connection could have the same address as a previously destroyed connection, and the code tries to use a thread reference associated with the previous connection when making a new call, and there is a segfault because the thread no longer exists.

    Fix this problem by adding Connection cleanup callbacks to remove Connection* pointers from the ThreadContext struct if the connection is destroyed before the thread is.

  2. Bugfix: Clean up ThreadContext pointers when Connection is destroyed
    Currently ThreadContext Connection* pointers are not removed up when a
connection is destroyed. This is only a problem if a Connection instance is
destroyed and new Connection is allocated at the same address, because the code
assumes pointers uniquely identify connections. This causes a bug in a bitcoin
IPC test which creates multiple connections in a loop, described in
https://github.com/bitcoin/bitcoin/pull/30509#issuecomment-2276739868, where
connections are created and destroyed in a loop, and depending on how the heap
allocator behaves, a new Connection could have the same address as a previously
destroyed connection, and the code tries to use a thread reference associated
with the previous connection when making a new call, and there is a segfault
because the thread no longer exists.

Fix this problem by adding Connection cleanup callbacks to remove Connection*
pointers from the ThreadContext struct if the connection is destroyed before
the thread is.
    8ba0d03b44
  3. ryanofsky referenced this in commit c701d02573 on Aug 9, 2024
  4. ryanofsky force-pushed on Aug 9, 2024
  5. ryanofsky merged this on Aug 9, 2024
  6. ryanofsky closed this on Aug 9, 2024
  7. ryanofsky referenced this in commit ef57db8711 on Aug 9, 2024
  8. Sjors referenced this in commit eb3ea306f8 on Aug 13, 2024
  9. Sjors referenced this in commit 664860e111 on Aug 13, 2024
  10. ryanofsky referenced this in commit 746b97124b on Sep 6, 2024
  11. ryanofsky referenced this in commit 8d5802c713 on Sep 6, 2024
  12. ryanofsky referenced this in commit 4da20434d4 on Sep 6, 2024
  13. ryanofsky referenced this in commit d04d4f9aa9 on Sep 6, 2024
  14. ryanofsky referenced this in commit 357a6bc97b on Sep 9, 2024
  15. ryanofsky referenced this in commit 210700f319 on Sep 10, 2024
  16. janus referenced this in commit dab2532139 on Jan 12, 2025
  17. bitcoin-core locked this on Aug 9, 2025
Contributors
ryanofsky
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/libmultiprocess. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-20 18:30 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me