From 037c5c2e1468b10546cf8e1a2fb8c53252d83de8 Mon Sep 17 00:00:00 2001
From: Wiktor Garbacz <wiktorg@google.com>
Date: Wed, 11 Dec 2024 00:38:49 -0800
Subject: [PATCH] Fix a data race

PiperOrigin-RevId: 705003451
Change-Id: I15dcab987592a1029c57fbcde687932bdea4d417
---
 sandboxed_api/sandbox2/monitor_ptrace.cc | 6 +++++-
 sandboxed_api/sandbox2/monitor_ptrace.h  | 4 +++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/sandboxed_api/sandbox2/monitor_ptrace.cc b/sandboxed_api/sandbox2/monitor_ptrace.cc
index 48068b02..cc8533b2 100644
--- a/sandboxed_api/sandbox2/monitor_ptrace.cc
+++ b/sandboxed_api/sandbox2/monitor_ptrace.cc
@@ -206,6 +206,7 @@ void PtraceMonitor::NotifyMonitor() {
 }
 
 void PtraceMonitor::Join() {
+  absl::MutexLock lock(&thread_mutex_);
   if (thread_.IsJoinable()) {
     thread_.Join();
     CHECK(IsDone()) << "Monitor did not terminate";
@@ -215,7 +216,10 @@ void PtraceMonitor::Join() {
 }
 
 void PtraceMonitor::RunInternal() {
-  thread_ = sapi::Thread(this, &PtraceMonitor::Run, "sandbox2-Monitor");
+  {
+    absl::MutexLock lock(&thread_mutex_);
+    thread_ = sapi::Thread(this, &PtraceMonitor::Run, "sandbox2-Monitor");
+  }
 
   // Wait for the Monitor to set-up the sandboxee correctly (or fail while
   // doing that). From here on, it is safe to use the IPC object for
diff --git a/sandboxed_api/sandbox2/monitor_ptrace.h b/sandboxed_api/sandbox2/monitor_ptrace.h
index d2918134..3e9b263d 100644
--- a/sandboxed_api/sandbox2/monitor_ptrace.h
+++ b/sandboxed_api/sandbox2/monitor_ptrace.h
@@ -158,8 +158,10 @@ class PtraceMonitor : public MonitorBase {
   // PidWaiter for waiting for sandboxee events.
   PidWaiter pid_waiter_;
 
+  // Synchronizes joining the monitor thread.
+  absl::Mutex thread_mutex_;
   // Monitor thread object.
-  sapi::Thread thread_;
+  sapi::Thread ABSL_GUARDED_BY(thread_mutex_) thread_;
 
   // Synchronizes deadline setting and notifying the monitor.
   absl::Mutex notify_mutex_;