Fix lll_unlock twice in pthread_cond_broadcast

lll_unlock() will be called again if it goes to "wake_all" in
pthread_cond_broadcast(). This may make another thread which is
waiting for lock in pthread_cond_timedwait() unlock.  So there are
more than one threads get the lock, it will break the shared data.

It's introduced by commit 8313cb997d2d("FUTEX_*_REQUEUE_PI support for
non-x86 code")

diff --git a/ChangeLog b/ChangeLog
index 2b0821f..6bacb5c 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2014-04-30  Yang Yingliang  <yangyingliang@huawei.com>
+
+       * nptl/pthread_cond_broadcast.c (__pthread_cond_broadcast):
+       Return immediately after lll_futex_wake.
+
 2014-04-30  Siddhesh Poyarekar  <siddhesh@redhat.com>
 
        [BZ #16791]

diff --git a/nptl/pthread_cond_broadcast.c b/nptl/pthread_cond_broadcast.c
index ed30e7c..7c6c9ea 100644 (file)
--- a/nptl/pthread_cond_broadcast.c
+++ b/nptl/pthread_cond_broadcast.c
@@ -81,6 +81,7 @@ __pthread_cond_broadcast (cond)
 
 wake_all:
       lll_futex_wake (&cond->__data.__futex, INT_MAX, pshared);
+      return 0;
     }
 
   /* We are done.  */