|
5c6180b5
|
2019-11-29T11:06:11
|
|
global: convert to fiber-local storage to fix exit races
On Windows platforms, we automatically clean up the thread-local storage
upon detaching a thread via `DllMain()`. The thing is that this happens
for every thread of applications that link against the libgit2 DLL, even
those that don't have anything to do with libgit2 itself. As a result,
we cannot assume that these unsuspecting threads make use of our
`git_libgit2_init()` and `git_libgit2_shutdow()` reference counting,
which may lead to racy situations:
Thread 1 Thread 2
git_libgit2_shutdown()
DllMain(DETACH_THREAD)
git__free_tls_data()
git_atomic_dec() == 0
git__free_tls_data()
TlsFree(_tls_index)
TlsGetValue(_tls_index)
Due to the second thread never having executed `git_libgit2_init()`, the
first thread will clean up TLS data and as a result also free the
`_tls_index` variable. When detaching the second thread, we
unconditionally access the now-free'd `_tls_index` variable, which is
obviously not going to work out well.
Fix the issue by converting the code to use fiber-local storage instead
of thread-local storage. While FLS will behave the exact same as TLS if
no fibers are in use, it does allow us to specify a destructor similar
to the one that is accepted by pthread_key_create(3P). Like this, we do
not have to manually free indices anymore, but will let the FLS handle
calling the destructor. This allows us to get rid of `DllMain()`
completely, as we only used it to keep track of when threads were
exiting and results in an overall simplification of TLS cleanup.
|
|
22317057
|
2017-03-21T00:36:32
|
|
https: Prevent OpenSSL from namespace-leaking
|
|
0c7f49dd
|
2017-06-30T13:39:01
|
|
Make sure to always include "common.h" first
Next to including several files, our "common.h" header also declares
various macros which are then used throughout the project. As such, we
have to make sure to always include this file first in all
implementation files. Otherwise, we might encounter problems or even
silent behavioural differences due to macros or defines not being
defined as they should be. So in fact, our header and implementation
files should make sure to always include "common.h" first.
This commit does so by establishing a common include pattern. Header
files inside of "src" will now always include "common.h" as its first
other file, separated by a newline from all the other includes to make
it stand out as special. There are two cases for the implementation
files. If they do have a matching header file, they will always include
this one first, leading to "common.h" being transitively included as
first file. If they do not have a matching header file, they instead
include "common.h" as first file themselves.
This fixes the outlined problems and will become our standard practice
for header and source files inside of the "src/" from now on.
|
|
82f15896
|
2016-11-18T07:19:22
|
|
threads: introduce `git_thread_exit`
Introduce `git_thread_exit`, which will allow threads to terminate at an
arbitrary time, returning a `void *`. On Windows, this means that we
need to store the current `git_thread` in TLS, so that we can set its
`return` value when terminating.
We cannot simply use `ExitThread`, since Win32 returns `DWORD`s from
threads; we return `void *`.
|
|
fa72d6da
|
2016-03-14T12:02:00
|
|
Setup better defaults for OpenSSL ciphers
This ensures that when using OpenSSL a safe default set of ciphers
is selected. This is done so that the client communicates securely
and we don't accidentally enable unsafe ciphers like RC4, or even
worse some old export ciphers.
Implements the first part of https://github.com/libgit2/libgit2/issues/3682
|
|
de870533
|
2015-10-02T03:43:11
|
|
settings: add a setter for a custom user-agent
|
|
f85fc367
|
2015-07-26T21:12:00
|
|
error: store the error messages in a reusable buffer
Instead of allocating a brand new buffer for each error string we want
to store, we can use a per-thread buffer to store the error string and
re-use the underlying storage. We already use the buffer to format the
string, so this mostly makes that more direct.
|
|
24e53d2f
|
2015-03-19T09:55:20
|
|
Rename GIT_SSL to GIT_OPENSSL
This is what it's meant all along, but now we actually have multiple
implementations, it's clearer to use the name of the library.
|
|
06c985d8
|
2015-04-18T09:07:48
|
|
Rename routine to free TLS data
|
|
55c5f756
|
2015-04-17T09:30:22
|
|
Attempt to fix Windows TLS memory leak.
|
|
3b2cb2c9
|
2014-09-16T11:49:25
|
|
Factor 40 and 41 constants from source.
|
|
4ca0b566
|
2014-08-18T12:41:06
|
|
oid: Export `git_oid_tostr_s` instead of `_allocfmt`
The old `allocfmt` is of no use to callers, as they are not able to free
the returned buffer. Export a new API that returns a static string that
doesn't need to be freed.
|
|
081e76ba
|
2014-06-12T16:20:52
|
|
ssl: init everything all the time
Bring together all of the OpenSSL initialization to
git_threads_init() so it's together and doesn't need locks.
Moving it here also gives us libssh2 thread safety (when built against
openssl).
|
|
cf15ac8a
|
2014-06-12T03:20:34
|
|
ssl: cargo-cult thread safety
OpenSSL's tests init everything in the main thread, so let's do that.
|
|
1d3364ac
|
2014-06-11T20:52:15
|
|
netops: init OpenSSL once under lock
The OpenSSL init functions are not reentrant, which means that running
multiple fetches in parallel can cause us to crash.
Use a mutex to init OpenSSL, and since we're adding this extra checks,
init it only once.
|
|
a3aa5f4d
|
2013-09-11T12:45:20
|
|
Add simple global shutdown hooks
Increasingly there are a number of components that want to do some
cleanup at global shutdown time (at least if there are not going
to be memory leaks). This creates a very simple system of shutdown
hooks that will be invoked by git_threads_shutdown. Right now, the
maximum number of hooks is hardcoded, but since adding a hook is
not a public API, it should be fine and I thought it was better to
start off with really simple code.
|
|
e976b56d
|
2013-04-15T14:27:53
|
|
Add git__compare_and_swap and use it
This removes the lock from the repository object and changes the
internals to use the new atomic git__compare_and_swap to update
the _odb, _config, _index, and _refdb variables in a threadsafe
manner.
|
|
359fc2d2
|
2013-01-08T17:07:25
|
|
update copyrights
|
|
a8527429
|
2012-11-13T14:48:10
|
|
unload dll / destroy hash ctxs at shutdown
|
|
7ebefd22
|
2012-11-13T10:10:40
|
|
move hash library func ptrs to global global
|
|
d6fb0924
|
2012-11-05T12:37:15
|
|
Win32 CryptoAPI and CNG support for SHA1
|
|
8cef828d
|
2012-08-18T22:11:49
|
|
Make the memory-window conrol structures global
Up to now, the idea was that the user would do all the operations for
one repository in the same thread. Thus we could have the
memory-mapped window information thread-local and avoid any locking.
This is not practical in a few environments, such as Apple's GCD which
allocates threads arbitrarily or the .NET CLR, where the OS-level
thread can change at any moment.
Make the control structure global and protect it with a mutex so we
don't depend on the thread currently executing the code.
|
|
6fc0bdc5
|
2012-07-17T10:52:16
|
|
Remove old error handling code
|
|
1a481123
|
2012-02-17T00:13:34
|
|
error-handling: References
Yes, this is error handling solely for `refs.c`, but some of the
abstractions leak all ofer the code base.
|
|
5e0de328
|
2012-02-13T17:10:24
|
|
Update Copyright header
Signed-off-by: schu <schu-github@schulog.org>
|
|
a15c550d
|
2011-11-16T14:09:44
|
|
threads: Fix the shared global state with TLS
See `global.c` for a description of what we're doing.
When libgit2 is built with GIT_THREADS support, the threading system
must be explicitly initialized with `git_threads_init()`.
|