Fix potential deadlock when starting the encryption thread (#8403) B3_0_Release backport (#8412)

MochalovAlexey · AlexeyMochalov · web-flow · commit e7801a5a27ac · 2025-01-28T08:43:39.000+03:00
add a check to verify thread matching between the encryption thread and the thread where we release the attachment. If they match, use a dummy mutex instead of the actual dbb_thread_mutex to avoid a deadlock

Co-authored-by: aleksey.mochalov &lt;aleksey.mochalov@red-soft.ru&gt;
diff --git a/src/common/ThreadStart.cpp b/src/common/ThreadStart.cpp
@@ -219,9 +219,19 @@ ThreadId Thread::getId()
 #endif
 }
 
+ThreadId Thread::getIdFromHandle(Handle threadHandle)
+{
+	return threadHandle;
+}
+
+bool Thread::isCurrent(InternalId iid)
+{
+	return pthread_equal(iid, pthread_self());
+}
+
 bool Thread::isCurrent()
 {
-	return pthread_equal(internalId, pthread_self());
+	return isCurrent(internalId);
 }
 
 void Thread::sleep(unsigned milliseconds)
@@ -363,9 +373,19 @@ ThreadId Thread::getId()
 	return GetCurrentThreadId();
 }
 
+ThreadId Thread::getIdFromHandle(Handle threadHandle)
+{
+	return GetThreadId(threadHandle);
+}
+
+bool Thread::isCurrent(InternalId iid)
+{
+	return GetCurrentThreadId() == iid;
+}
+
 bool Thread::isCurrent()
 {
-	return GetCurrentThreadId() == internalId;
+	return isCurrent(internalId);
 }
 
 void Thread::sleep(unsigned milliseconds)
@@ -410,6 +430,10 @@ Thread::Handle Thread::getId()
 {
 }
 
+Thread::Handle Thread::getIdFromHandle(Handle)
+{
+}
+
 void Thread::sleep(unsigned milliseconds)
 {
 }
diff --git a/src/common/ThreadStart.h b/src/common/ThreadStart.h
@@ -83,10 +83,12 @@ class Thread
 	static void kill(Handle& handle);
 
 	static ThreadId getId();
+	static ThreadId getIdFromHandle(Handle threadHandle);
 
 	static void sleep(unsigned milliseconds);
 	static void yield();
 
+	static bool isCurrent(InternalId iid);
 	bool isCurrent();
 
 	Thread()
diff --git a/src/jrd/CryptoManager.cpp b/src/jrd/CryptoManager.cpp
@@ -328,7 +328,7 @@ namespace Jrd {
 		  keyConsumers(getPool()),
 		  hash(getPool()),
 		  dbInfo(FB_NEW DbInfo(this)),
-		  cryptThreadId(0),
+		  cryptThreadHandle(0),
 		  cryptPlugin(NULL),
 		  checkFactory(NULL),
 		  dbb(*tdbb->getDatabase()),
@@ -346,8 +346,8 @@ namespace Jrd {
 
 	CryptoManager::~CryptoManager()
 	{
-		if (cryptThreadId)
-			Thread::waitForCompletion(cryptThreadId);
+		if (cryptThreadHandle)
+			Thread::waitForCompletion(cryptThreadHandle);
 
 		delete stateLock;
 		delete threadLock;
@@ -933,10 +933,10 @@ namespace Jrd {
 	void CryptoManager::terminateCryptThread(thread_db*, bool wait)
 	{
 		flDown = true;
-		if (wait && cryptThreadId)
+		if (wait && cryptThreadHandle)
 		{
-			Thread::waitForCompletion(cryptThreadId);
-			cryptThreadId = 0;
+			Thread::waitForCompletion(cryptThreadHandle);
+			cryptThreadHandle = 0;
 		}
 	}
 
@@ -995,7 +995,7 @@ namespace Jrd {
 
 			// ready to go
 			guard.leave();		// release in advance to avoid races with cryptThread()
-			Thread::start(cryptThreadStatic, (THREAD_ENTRY_PARAM) this, THREAD_medium, &cryptThreadId);
+			Thread::start(cryptThreadStatic, (THREAD_ENTRY_PARAM) this, THREAD_medium, &cryptThreadHandle);
 		}
 		catch (const Firebird::Exception&)
 		{
diff --git a/src/jrd/CryptoManager.h b/src/jrd/CryptoManager.h
@@ -302,6 +302,10 @@ class CryptoManager FB_FINAL : public Firebird::PermanentStorage, public BarSync
 	ULONG getCurrentPage(thread_db* tdbb) const;
 	UCHAR getCurrentState(thread_db* tdbb) const;
 	const char* getKeyName() const;
+	Thread::Handle getCryptThreadHandle() const
+	{
+		return cryptThreadHandle;
+	}
 
 private:
 	enum IoResult {SUCCESS_ALL, FAILED_CRYPT, FAILED_IO};
@@ -388,7 +392,7 @@ class CryptoManager FB_FINAL : public Firebird::PermanentStorage, public BarSync
 	AttachmentsRefHolder keyProviders, keyConsumers;
 	Firebird::string hash;
 	Firebird::RefPtr<DbInfo> dbInfo;
-	Thread::Handle cryptThreadId;
+	Thread::Handle cryptThreadHandle;
 	Firebird::IDbCryptPlugin* cryptPlugin;
 	Factory* checkFactory;
 	Database& dbb;
diff --git a/src/jrd/jrd.cpp b/src/jrd/jrd.cpp
@@ -6433,9 +6433,19 @@ static void release_attachment(thread_db* tdbb, Jrd::Attachment* attachment)
 
 	Sync sync(&dbb->dbb_sync, "jrd.cpp: release_attachment");
 
+	// dummy mutex is used to avoid races with crypto thread
+	XThreadMutex dummy_mutex;
+	XThreadEnsureUnlock dummyGuard(dummy_mutex, FB_FUNCTION);
+
 	// avoid races with special threads
 	XThreadEnsureUnlock threadGuard(dbb->dbb_thread_mutex, FB_FUNCTION);
-	threadGuard.enter();
+	XThreadEnsureUnlock* activeThreadGuard = &threadGuard;
+	if (dbb->dbb_crypto_manager
+		&& Thread::isCurrent(Thread::getIdFromHandle(dbb->dbb_crypto_manager->getCryptThreadHandle())))
+	{
+		activeThreadGuard = &dummyGuard;
+	}
+	activeThreadGuard->enter();
 
 	sync.lock(SYNC_EXCLUSIVE);
 

Original file line number	Diff line number	Diff line change
`@@ -219,9 +219,19 @@ ThreadId Thread::getId()`
`219`	`219`	`#endif`
`220`	`220`	`}`
`221`	`221`
	`222`	`+ThreadId Thread::getIdFromHandle(Handle threadHandle)`
	`223`	`+{`
	`224`	`+ return threadHandle;`
	`225`	`+}`
	`226`	`+`
	`227`	`+bool Thread::isCurrent(InternalId iid)`
	`228`	`+{`
	`229`	`+ return pthread_equal(iid, pthread_self());`
	`230`	`+}`
	`231`	`+`
`222`	`232`	`bool Thread::isCurrent()`
`223`	`233`	`{`
`224`		`- return pthread_equal(internalId, pthread_self());`
	`234`	`+ return isCurrent(internalId);`
`225`	`235`	`}`
`226`	`236`
`227`	`237`	`void Thread::sleep(unsigned milliseconds)`
`@@ -363,9 +373,19 @@ ThreadId Thread::getId()`
`363`	`373`	`return GetCurrentThreadId();`
`364`	`374`	`}`
`365`	`375`
	`376`	`+ThreadId Thread::getIdFromHandle(Handle threadHandle)`
	`377`	`+{`
	`378`	`+ return GetThreadId(threadHandle);`
	`379`	`+}`
	`380`	`+`
	`381`	`+bool Thread::isCurrent(InternalId iid)`
	`382`	`+{`
	`383`	`+ return GetCurrentThreadId() == iid;`
	`384`	`+}`
	`385`	`+`
`366`	`386`	`bool Thread::isCurrent()`
`367`	`387`	`{`
`368`		`- return GetCurrentThreadId() == internalId;`
	`388`	`+ return isCurrent(internalId);`
`369`	`389`	`}`
`370`	`390`
`371`	`391`	`void Thread::sleep(unsigned milliseconds)`
`@@ -410,6 +430,10 @@ Thread::Handle Thread::getId()`
`410`	`430`	`{`
`411`	`431`	`}`
`412`	`432`
	`433`	`+Thread::Handle Thread::getIdFromHandle(Handle)`
	`434`	`+{`
	`435`	`+}`
	`436`	`+`
`413`	`437`	`void Thread::sleep(unsigned milliseconds)`
`414`	`438`	`{`
`415`	`439`	`}`
Original file line number	Diff line number	Diff line change
`@@ -328,7 +328,7 @@ namespace Jrd {`
`328`	`328`	`keyConsumers(getPool()),`
`329`	`329`	`hash(getPool()),`
`330`	`330`	`dbInfo(FB_NEW DbInfo(this)),`
`331`		`- cryptThreadId(0),`
	`331`	`+ cryptThreadHandle(0),`
`332`	`332`	`cryptPlugin(NULL),`
`333`	`333`	`checkFactory(NULL),`
`334`	`334`	`dbb(*tdbb->getDatabase()),`
`@@ -346,8 +346,8 @@ namespace Jrd {`
`346`	`346`
`347`	`347`	`CryptoManager::~CryptoManager()`
`348`	`348`	`{`
`349`		`- if (cryptThreadId)`
`350`		`- Thread::waitForCompletion(cryptThreadId);`
	`349`	`+ if (cryptThreadHandle)`
	`350`	`+ Thread::waitForCompletion(cryptThreadHandle);`
`351`	`351`
`352`	`352`	`delete stateLock;`
`353`	`353`	`delete threadLock;`
`@@ -933,10 +933,10 @@ namespace Jrd {`
`933`	`933`	`void CryptoManager::terminateCryptThread(thread_db*, bool wait)`
`934`	`934`	`{`
`935`	`935`	`flDown = true;`
`936`		`- if (wait && cryptThreadId)`
	`936`	`+ if (wait && cryptThreadHandle)`
`937`	`937`	`{`
`938`		`- Thread::waitForCompletion(cryptThreadId);`
`939`		`- cryptThreadId = 0;`
	`938`	`+ Thread::waitForCompletion(cryptThreadHandle);`
	`939`	`+ cryptThreadHandle = 0;`
`940`	`940`	`}`
`941`	`941`	`}`
`942`	`942`
`@@ -995,7 +995,7 @@ namespace Jrd {`
`995`	`995`
`996`	`996`	`// ready to go`
`997`	`997`	`guard.leave(); // release in advance to avoid races with cryptThread()`
`998`		`- Thread::start(cryptThreadStatic, (THREAD_ENTRY_PARAM) this, THREAD_medium, &cryptThreadId);`
	`998`	`+ Thread::start(cryptThreadStatic, (THREAD_ENTRY_PARAM) this, THREAD_medium, &cryptThreadHandle);`
`999`	`999`	`}`
`1000`	`1000`	`catch (const Firebird::Exception&)`
`1001`	`1001`	`{`