From 61afb6a40572adfd7b9f03817ff0e62005110212 Mon Sep 17 00:00:00 2001
From: Qi Wang <interwq@gwu.edu>
Date: Fri, 19 Mar 2021 22:50:22 -0700
Subject: [PATCH] Fix locking on arena_i_destroy_ctl().

The ctl_mtx should be held to protect against concurrent arenas.create.
---
 src/ctl.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/ctl.c b/src/ctl.c
index 663cf866..c713f0e2 100644
--- a/src/ctl.c
+++ b/src/ctl.c
@@ -2650,6 +2650,8 @@ arena_i_destroy_ctl(tsd_t *tsd, const size_t *mib, size_t miblen, void *oldp,
 	arena_t *arena;
 	ctl_arena_t *ctl_darena, *ctl_arena;
 
+	malloc_mutex_lock(tsd_tsdn(tsd), &ctl_mtx);
+
 	ret = arena_i_reset_destroy_helper(tsd, mib, miblen, oldp, oldlenp,
 	    newp, newlen, &arena_ind, &arena);
 	if (ret != 0) {
@@ -2680,6 +2682,8 @@ arena_i_destroy_ctl(tsd_t *tsd, const size_t *mib, size_t miblen, void *oldp,
 
 	assert(ret == 0);
 label_return:
+	malloc_mutex_unlock(tsd_tsdn(tsd), &ctl_mtx);
+
 	return ret;
 }