Skip to content

Potential Unsound issue in unlock #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
CXWorks opened this issue May 16, 2025 · 0 comments
Open

Potential Unsound issue in unlock #1

CXWorks opened this issue May 16, 2025 · 0 comments

Comments

@CXWorks
Copy link

CXWorks commented May 16, 2025

Hi, thanks for your time to read this issue.

Our static analyzer find a potential unsound issue (data races) in ProcessLock, where the unlock fuction needs to be marked as unsafe explicitly, otherwise safe Rust can have data races when user unlock unexpectedly, you can check lock-api for details.

ProcessLock/src/lib.rs

Lines 51 to 54 in 0c53991

/// 释放进程锁, 通常情况不主动调用, 由LockGuard的生存周期来控制锁的占用周期
pub fn unlock(&self) -> Result<()> {
self.0.unlock()
}

A potentail PoC code is like:

#[deny(unsafe_code)]
use std::sync::Arc;
use process_lock::*;
use std::thread;
use std::time::Duration;


fn main() {
    let mut s1 = Arc::new(ProcessLock::new("test".parse().unwrap(), None).unwrap());
    let mut s2 = s1.clone();
    let h = std::thread::spawn(move || {
        if let Ok(mut guard) = s2.lock() {
            thread::sleep(Duration::from_secs(1));
            // data race 1
        }
    });
    thread::sleep(Duration::from_secs(1));
    if let Ok(_) = s1.unlock(){
      if let Ok(guard2) = s1.lock(){
          println!("data races");
          // data race 2
      }
    }
    h.join().unwrap();
}

Thanks again for your time.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CXWorks