On Tue, Mar 19, 2019 at 11:12:25AM +0000, Michael Schlenker wrote: > Hi, > > just filed https://bz.apache.org/bugzilla/show_bug.cgi?id=63271 > > (Patch attached) > > It seems to be the reason behind various crashes/restarts seen in Apache > httpd on Windows, especially when mod_cache_disk is in use. > Basically when the mutex is cleaned up twice, it calls CloseHandle() on > uninitialized memory, which causes First Chance Exceptions in the debugger > (if invalid handle) or closes some random Handle behind the back of its real > owner (e.g. internal handles of the userspace leading to access violations > inside CreateProcess, > httpd Events used to signal between parent and child, etc.). > > It would be great if this could make it into 1.7. > > Thanks, > Michael
You're right that acting on a corrupt memory is bad. It looks like your proposed patch detects and then skips a redundant call to DeleteCriticalSection() when a mutex is unlocked twice: if (lock->type == thread_mutex_critical_section) { lock->type = -1; DeleteCriticalSection(&lock->section); + } + else if (lock->type == -1) { + /* do nothing */ } I'd prefer thread_mutex_cleanup() to loudly complain when this happens, and perhaps even abort the program, forcing API users to fix their code.