From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Re: [musl] Pending patches for MT-fork stuff
Date: Mon, 28 Sep 2020 19:37:59 -0400 [thread overview]
Message-ID: <20200928233758.GB17637@brightrain.aerifal.cx> (raw)
In-Reply-To: <20200928232614.GA17637@brightrain.aerifal.cx>
[-- Attachment #1: Type: text/plain, Size: 585 bytes --]
On Mon, Sep 28, 2020 at 07:26:15PM -0400, Rich Felker wrote:
> In investigating the MT-fork deadlock stuff and working on a patch
> that makes it attempt to trap rather than deadlocking, I found a
> problem with interaction of fork and aio. A fix for that, along with
> the patch to trap, and a minimal testcase for the aio bug, are
> attached.
>
> There's also a problematic interaction of abort with fork that was
> just found in glibc that also exists in musl, that I still need to
> fix. I'll follow up later with a proposed solution for that.
And here's the proposed abort fix.
[-- Attachment #2: 0004-move-__abort_lock-to-its-own-file-and-drop-pointless.patch --]
[-- Type: text/plain, Size: 2081 bytes --]
From 000b86dffecf68c1f479e532dcf4e9a403062521 Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Mon, 28 Sep 2020 19:30:19 -0400
Subject: [PATCH 4/5] move __abort_lock to its own file and drop pointless
weak_alias trick
the dummy definition of __abort_lock in sigaction.c was performing
exactly the same role that putting the lock in its own source file
could and should have been used to achieve.
while we're moving it, give it a proper declaration.
---
src/exit/abort.c | 2 --
src/exit/abort_lock.c | 3 +++
src/internal/pthread_impl.h | 2 ++
src/signal/sigaction.c | 6 ------
4 files changed, 5 insertions(+), 8 deletions(-)
create mode 100644 src/exit/abort_lock.c
diff --git a/src/exit/abort.c b/src/exit/abort.c
index e1980f10..f21f458e 100644
--- a/src/exit/abort.c
+++ b/src/exit/abort.c
@@ -6,8 +6,6 @@
#include "lock.h"
#include "ksigaction.h"
-hidden volatile int __abort_lock[1];
-
_Noreturn void abort(void)
{
raise(SIGABRT);
diff --git a/src/exit/abort_lock.c b/src/exit/abort_lock.c
new file mode 100644
index 00000000..3af72c7b
--- /dev/null
+++ b/src/exit/abort_lock.c
@@ -0,0 +1,3 @@
+#include "pthread_impl.h"
+
+volatile int __abort_lock[1];
diff --git a/src/internal/pthread_impl.h b/src/internal/pthread_impl.h
index 23ee566c..21d51be6 100644
--- a/src/internal/pthread_impl.h
+++ b/src/internal/pthread_impl.h
@@ -197,6 +197,8 @@ hidden void __tl_sync(pthread_t);
extern hidden volatile int __thread_list_lock;
+extern hidden volatile int __abort_lock[1];
+
extern hidden unsigned __default_stacksize;
extern hidden unsigned __default_guardsize;
diff --git a/src/signal/sigaction.c b/src/signal/sigaction.c
index c109bea0..a4737404 100644
--- a/src/signal/sigaction.c
+++ b/src/signal/sigaction.c
@@ -7,12 +7,6 @@
#include "lock.h"
#include "ksigaction.h"
-static volatile int dummy_lock[1] = { 0 };
-
-extern hidden volatile int __abort_lock[1];
-
-weak_alias(dummy_lock, __abort_lock);
-
static int unmask_done;
static unsigned long handler_set[_NSIG/(8*sizeof(long))];
--
2.21.0
[-- Attachment #3: 0005-fix-race-deadlock-with-abort-in-forked-child-of-mult.patch --]
[-- Type: text/plain, Size: 1178 bytes --]
From 7e661e4ff9f70b625e496b54729943bf3f7ecfac Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Mon, 28 Sep 2020 19:32:34 -0400
Subject: [PATCH 5/5] fix race deadlock with abort in forked child of
multithreaded parent
if the multithreaded parent forked while another thread was calling
sigaction for SIGABRT or calling abort, the child could inherit a lock
state in which future calls to abort will deadlock. this is
nonconforming since abort is AS-safe and permitted to be called in the
MT-forked child.
since there is no userspace data state protected by the lock (it's
only used to exclude sigaction for SIGABRT while abort is in
progress), just reset the lock word to 0 in the child rather than
holding the lock across the fork.
---
src/process/fork.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/process/fork.c b/src/process/fork.c
index 538a0bcb..b5a5fa11 100644
--- a/src/process/fork.c
+++ b/src/process/fork.c
@@ -33,6 +33,7 @@ pid_t fork(void)
__thread_list_lock = 0;
libc.threads_minus_1 = 0;
if (libc.need_locks > 0) libc.need_locks = -2;
+ *__abort_lock = 0;
}
__aio_atfork(!ret);
__restore_sigs(&set);
--
2.21.0
prev parent reply other threads:[~2020-09-28 23:38 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-28 23:26 Rich Felker
2020-09-28 23:37 ` Rich Felker [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200928233758.GB17637@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).