From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=HTML_MESSAGE,
	MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 16393 invoked from network); 18 Oct 2022 12:49:46 -0000
Received: from second.openwall.net (193.110.157.125)
  by inbox.vuxu.org with ESMTPUTF8; 18 Oct 2022 12:49:46 -0000
Received: (qmail 26229 invoked by uid 550); 18 Oct 2022 12:49:41 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 26196 invoked from network); 18 Oct 2022 12:49:40 -0000
From: "Zhaohaifeng(Clark,IAS-SWP)" <zhaohaifeng4@huawei.com>
To: "musl@lists.openwall.com" <musl@lists.openwall.com>
Thread-Topic: A question about a patch of __vm_wait and thread list lock in
 musl
Thread-Index: Adji7DthR8P4X2g9RhOQBKiajHEqrQ==
Date: Tue, 18 Oct 2022 12:49:27 +0000
Message-ID: <b6315067bb404eb3b7d8defad4481a20@huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.174.59.125]
Content-Type: multipart/alternative;
	boundary="_000_b6315067bb404eb3b7d8defad4481a20huaweicom_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Subject: [musl] A question about a patch of __vm_wait and thread list lock in musl

--_000_b6315067bb404eb3b7d8defad4481a20huaweicom_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi there

I am reading the following patch, https://git.musl-libc.org/cgit/musl/commi=
t/?id=3Dd26e0774a59bb7245b205bc8e7d8b35cc2037095, it says that "the __vm_wa=
it operation can delay forward progress arbitrarily long if a thread holdin=
g the lock is interrupted by a signal. in a worst case this can deadlock." =
So the patch puts the vm wait before the thread list lock.

I am wondering about the deadlock scenario. We guess the deadlock occurs li=
ke that one thread doing the pthread_exit holds the thread list lock and wa=
its for the vm lock, and another thread holding the vm lock is interrupted =
by a signal and tries to hold the thread list lock in the signal handler.
But the thread list lock related functions are all AS-unsafe and shall not =
be called in signal hanlder. Further in musl before holding the thread list=
 lock, the application signals are all blocked. So it seems the deadlock sc=
enario does not exist.

Is my conclusion right?

BR
Clark Zhao

--_000_b6315067bb404eb3b7d8defad4481a20huaweicom_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:x=3D"urn:schemas-microsoft-com:office:excel" xmlns:m=3D"http://schema=
s.microsoft.com/office/2004/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html=
40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:SimSun;
	panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:SimSun;
	panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	text-align:justify;
	text-justify:inter-ideograph;
	font-size:10.5pt;
	font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:#954F72;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri",sans-serif;}
/* Page Definitions */
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"ZH-CN" link=3D"#0563C1" vlink=3D"#954F72" style=3D"text-justi=
fy-trim:punctuation">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span lang=3D"EN-US">Hi there</span><span lang=3D"EN=
-US"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">I am reading the following patc=
h, <a href=3D"https://git.musl-libc.org/cgit/musl/commit/?id=3Dd26e0774a59b=
b7245b205bc8e7d8b35cc2037095">
https://git.musl-libc.org/cgit/musl/commit/?id=3Dd26e0774a59bb7245b205bc8e7=
d8b35cc2037095</a>, it says that &#8220;the __vm_wait operation can delay f=
orward progress arbitrarily long if a thread holding the lock is interrupte=
d by a signal. in a worst case this can
 deadlock.&#8221; So the patch puts the vm wait before the thread list lock=
.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">I am wondering about the deadlo=
ck scenario. We guess the deadlock occurs like that one thread doing the pt=
hread_exit holds the thread list lock and waits for the vm lock, and anothe=
r thread holding the vm lock is interrupted
 by a signal and tries to hold the thread list lock in the signal handler.<=
o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">But the thread list lock relate=
d functions are all AS-unsafe and shall not be called in signal hanlder. Fu=
rther in musl before holding the thread list lock, the application signals =
are all blocked.
<span style=3D"color:black">So it seems the deadlock scenario does not exis=
t.<o:p></o:p></span></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US" style=3D"color:red"><o:p>&nbsp;=
</o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">Is my conclusion right?<o:p></o=
:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">BR<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">Clark Zhao<o:p></o:p></span></p=
>
</div>
</body>
</html>

--_000_b6315067bb404eb3b7d8defad4481a20huaweicom_--

From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 21034 invoked from network); 18 Oct 2022 13:29:06 -0000
Received: from second.openwall.net (193.110.157.125)
  by inbox.vuxu.org with ESMTPUTF8; 18 Oct 2022 13:29:06 -0000
Received: (qmail 11508 invoked by uid 550); 18 Oct 2022 13:29:03 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 11476 invoked from network); 18 Oct 2022 13:29:02 -0000
Date: Tue, 18 Oct 2022 09:28:47 -0400
From: Rich Felker <dalias@libc.org>
To: "Zhaohaifeng(Clark,IAS-SWP)" <zhaohaifeng4@huawei.com>
Cc: "musl@lists.openwall.com" <musl@lists.openwall.com>
Message-ID: <20221018132847.GJ29905@brightrain.aerifal.cx>
References: <b6315067bb404eb3b7d8defad4481a20@huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <b6315067bb404eb3b7d8defad4481a20@huawei.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [musl] A question about a patch of __vm_wait and thread list
 lock in musl

On Tue, Oct 18, 2022 at 12:49:27PM +0000, Zhaohaifeng(Clark,IAS-SWP) wrote:
> Hi there
> 
> I am reading the following patch,
> https://git.musl-libc.org/cgit/musl/commit/?id=d26e0774a59bb7245b205bc8e7d8b35cc2037095,
> it says that "the __vm_wait operation can delay forward progress
> arbitrarily long if a thread holding the lock is interrupted by a
> signal. in a worst case this can deadlock." So the patch puts the vm
> wait before the thread list lock.
> 
> I am wondering about the deadlock scenario. We guess the deadlock
> occurs like that one thread doing the pthread_exit holds the thread
> list lock and waits for the vm lock, and another thread holding the
> vm lock is interrupted by a signal and tries to hold the thread list
> lock in the signal handler.
> But the thread list lock related functions are all AS-unsafe and
> shall not be called in signal hanlder. Further in musl before
> holding the thread list lock, the application signals are all
> blocked. So it seems the deadlock scenario does not exist.
> 
> Is my conclusion right?

No. The whole point of the thread list lock is to be an
async-signal-safe lock so that we can access the thread list from
async signal contexts, particularly setuid() etc., which *are*
required to be AS-safe. See the commit that introduced it,
8f11e6127fe93093f81a52b15bb1537edc3fc8af and the followup commit
e4235d70672d9751d7718ddc2b52d0b426430768 that was the main motivation
for having a global thread list (but not the only one; having it
opened up a lot of other benefits like those in commit
9d44b6460ab603487dab4d916342d9ba4467e6b9).

Rich

From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 26206 invoked from network); 19 Oct 2022 08:15:59 -0000
Received: from second.openwall.net (193.110.157.125)
  by inbox.vuxu.org with ESMTPUTF8; 19 Oct 2022 08:15:59 -0000
Received: (qmail 14129 invoked by uid 550); 19 Oct 2022 08:15:55 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 14086 invoked from network); 19 Oct 2022 08:15:54 -0000
From: "Zhaohaifeng(Clark,IAS-SWP)" <zhaohaifeng4@huawei.com>
To: "musl@lists.openwall.com" <musl@lists.openwall.com>
Thread-Topic: [musl] A question about a patch of __vm_wait and thread list
 lock in musl
Thread-Index: Adji7DthR8P4X2g9RhOQBKiajHEqrf//jIeA//5PPkA=
Date: Wed, 19 Oct 2022 08:15:40 +0000
Message-ID: <b169a87a2f374f34a13bbea041b2f39b@huawei.com>
References: <b6315067bb404eb3b7d8defad4481a20@huawei.com>
 <20221018132847.GJ29905@brightrain.aerifal.cx>
In-Reply-To: <20221018132847.GJ29905@brightrain.aerifal.cx>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.174.59.125]
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Subject: =?gb2312?B?tPC4tDogW211c2xdIEEgcXVlc3Rpb24gYWJvdXQgYSBwYXRjaCBvZiBfX3Zt?=
 =?gb2312?Q?=5Fwait_and_thread_list_lock_in_musl?=

VGhhbmtzIGZvciB0aGUgZXhwbGFuYXRpb24uIEkndmUgZ290IHRoZSBkZXNpZ24gaWRlYSBvZiB0
aGUgdGhlYWQgbGlzdCBsb2NrLg0KDQpCUg0KQ2xhcmsgWmhhbw0KDQotLS0tLdPKvP7Urbz+LS0t
LS0NCreivP7IyzogUmljaCBGZWxrZXIgW21haWx0bzpkYWxpYXNAbGliYy5vcmddIA0Kt6LLzcqx
vOQ6IDIwMjLE6jEw1MIxOMjVIDIxOjI5DQrK1bz+yMs6IFpoYW9oYWlmZW5nKENsYXJrLElBUy1T
V1ApIDx6aGFvaGFpZmVuZzRAaHVhd2VpLmNvbT4NCrOty806IG11c2xAbGlzdHMub3BlbndhbGwu
Y29tDQrW98ziOiBSZTogW211c2xdIEEgcXVlc3Rpb24gYWJvdXQgYSBwYXRjaCBvZiBfX3ZtX3dh
aXQgYW5kIHRocmVhZCBsaXN0IGxvY2sgaW4gbXVzbA0KDQpPbiBUdWUsIE9jdCAxOCwgMjAyMiBh
dCAxMjo0OToyN1BNICswMDAwLCBaaGFvaGFpZmVuZyhDbGFyayxJQVMtU1dQKSB3cm90ZToNCj4g
SGkgdGhlcmUNCj4gDQo+IEkgYW0gcmVhZGluZyB0aGUgZm9sbG93aW5nIHBhdGNoLA0KPiBodHRw
czovL2dpdC5tdXNsLWxpYmMub3JnL2NnaXQvbXVzbC9jb21taXQvP2lkPWQyNmUwNzc0YTU5YmI3
MjQ1YjIwNWJjDQo+IDhlN2Q4YjM1Y2MyMDM3MDk1LCBpdCBzYXlzIHRoYXQgInRoZSBfX3ZtX3dh
aXQgb3BlcmF0aW9uIGNhbiBkZWxheSANCj4gZm9yd2FyZCBwcm9ncmVzcyBhcmJpdHJhcmlseSBs
b25nIGlmIGEgdGhyZWFkIGhvbGRpbmcgdGhlIGxvY2sgaXMgDQo+IGludGVycnVwdGVkIGJ5IGEg
c2lnbmFsLiBpbiBhIHdvcnN0IGNhc2UgdGhpcyBjYW4gZGVhZGxvY2suIiBTbyB0aGUgDQo+IHBh
dGNoIHB1dHMgdGhlIHZtIHdhaXQgYmVmb3JlIHRoZSB0aHJlYWQgbGlzdCBsb2NrLg0KPiANCj4g
SSBhbSB3b25kZXJpbmcgYWJvdXQgdGhlIGRlYWRsb2NrIHNjZW5hcmlvLiBXZSBndWVzcyB0aGUg
ZGVhZGxvY2sgDQo+IG9jY3VycyBsaWtlIHRoYXQgb25lIHRocmVhZCBkb2luZyB0aGUgcHRocmVh
ZF9leGl0IGhvbGRzIHRoZSB0aHJlYWQgDQo+IGxpc3QgbG9jayBhbmQgd2FpdHMgZm9yIHRoZSB2
bSBsb2NrLCBhbmQgYW5vdGhlciB0aHJlYWQgaG9sZGluZyB0aGUgdm0gDQo+IGxvY2sgaXMgaW50
ZXJydXB0ZWQgYnkgYSBzaWduYWwgYW5kIHRyaWVzIHRvIGhvbGQgdGhlIHRocmVhZCBsaXN0IGxv
Y2sgDQo+IGluIHRoZSBzaWduYWwgaGFuZGxlci4NCj4gQnV0IHRoZSB0aHJlYWQgbGlzdCBsb2Nr
IHJlbGF0ZWQgZnVuY3Rpb25zIGFyZSBhbGwgQVMtdW5zYWZlIGFuZCBzaGFsbCANCj4gbm90IGJl
IGNhbGxlZCBpbiBzaWduYWwgaGFubGRlci4gRnVydGhlciBpbiBtdXNsIGJlZm9yZSBob2xkaW5n
IHRoZSANCj4gdGhyZWFkIGxpc3QgbG9jaywgdGhlIGFwcGxpY2F0aW9uIHNpZ25hbHMgYXJlIGFs
bCBibG9ja2VkLiBTbyBpdCBzZWVtcyANCj4gdGhlIGRlYWRsb2NrIHNjZW5hcmlvIGRvZXMgbm90
IGV4aXN0Lg0KPiANCj4gSXMgbXkgY29uY2x1c2lvbiByaWdodD8NCg0KTm8uIFRoZSB3aG9sZSBw
b2ludCBvZiB0aGUgdGhyZWFkIGxpc3QgbG9jayBpcyB0byBiZSBhbiBhc3luYy1zaWduYWwtc2Fm
ZSBsb2NrIHNvIHRoYXQgd2UgY2FuIGFjY2VzcyB0aGUgdGhyZWFkIGxpc3QgZnJvbSBhc3luYyBz
aWduYWwgY29udGV4dHMsIHBhcnRpY3VsYXJseSBzZXR1aWQoKSBldGMuLCB3aGljaCAqYXJlKiBy
ZXF1aXJlZCB0byBiZSBBUy1zYWZlLiBTZWUgdGhlIGNvbW1pdCB0aGF0IGludHJvZHVjZWQgaXQs
IDhmMTFlNjEyN2ZlOTMwOTNmODFhNTJiMTViYjE1MzdlZGMzZmM4YWYgYW5kIHRoZSBmb2xsb3d1
cCBjb21taXQNCmU0MjM1ZDcwNjcyZDk3NTFkNzcxOGRkYzJiNTJkMGI0MjY0MzA3NjggdGhhdCB3
YXMgdGhlIG1haW4gbW90aXZhdGlvbiBmb3IgaGF2aW5nIGEgZ2xvYmFsIHRocmVhZCBsaXN0IChi
dXQgbm90IHRoZSBvbmx5IG9uZTsgaGF2aW5nIGl0IG9wZW5lZCB1cCBhIGxvdCBvZiBvdGhlciBi
ZW5lZml0cyBsaWtlIHRob3NlIGluIGNvbW1pdCA5ZDQ0YjY0NjBhYjYwMzQ4N2RhYjRkOTE2MzQy
ZDliYTQ0NjdlNmI5KS4NCg0KUmljaA0KDQo=