From patchwork Wed Nov 1 22:15:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergio Durigan Junior X-Patchwork-Id: 78894 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 5255E385840F for ; Wed, 1 Nov 2023 22:16:03 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail.sergiodj.net (mail.sergiodj.net [IPv6:2a01:4f8:13a:6e8:160::1]) by sourceware.org (Postfix) with ESMTPS id 1F7753858D32 for ; Wed, 1 Nov 2023 22:15:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 1F7753858D32 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=sergiodj.net Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=sergiodj.net ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 1F7753858D32 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a01:4f8:13a:6e8:160::1 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1698876950; cv=none; b=An5sq70L+Bh5rk9PfaF5fv/hYbo07GRiZ5+xWETb6fRIIMjbwW8HIv3fqlQDc7mQSVx3kKtCEvPAwyKyUoxqLIasu9P6BzYAsWLaN/lOwv8tu3NEz5MhEM+aSjpSVScnoFMxPZCHdfOEQrdH5bGwNbbbkQLR0/Bp6Kczf1SkDxI= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1698876950; c=relaxed/simple; bh=2p4WKx8o+6lyop/kz+aTrUqmSldO8yBu2diNlCzIPFY=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=qLqDOD9hwyrxvQICWzMGkBKhrq70jNudEkkuQMSJwn5tH8pnHm24hCM5FdM4WbhCyJ+jr2cgvhc6OUIOx0pKQU/JLfDpkBMDvzx7xBl14c6FTSpZYnOr+Lk6Ecrr5K8KqNq6vS7XH6F9pGYcZBEXg0ZC4Wtm4KzgB9f9wdVFpY8= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sergiodj.net; s=20160602; t=1698876938; bh=2p4WKx8o+6lyop/kz+aTrUqmSldO8yBu2diNlCzIPFY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=yIXKV+AMcZ+qL5pmxo6YB71s+bumO2QaqPaT0w/j9hPwUKGuIpR5knJoMMTvRIvqf 6Blto+ytMURzWVMq5E/SHQfdTDNhHsu3URqGggIx9z8+AyFZB7WjpEDipQBBhyCkQ0 DDJbcyILCQSvQcgqTKtwYZSmFofnQHC7eRq8+wLc= Received: from localhost (unknown [IPv6:2607:f2c0:ed84:1900:6028:9ea5:567a:882f]) by mail.sergiodj.net (Postfix) with ESMTPSA id 62C4DA602CF; Wed, 1 Nov 2023 18:15:38 -0400 (EDT) From: Sergio Durigan Junior To: libc-alpha@sourceware.org Cc: Sergio Durigan Junior , Simon Chopin , Adhemerval Zanella Netto Subject: [PATCH] sysdeps: sem_open: Clear O_CREAT when semaphore file is expected to exist [BZ #30789] Date: Wed, 1 Nov 2023 18:15:23 -0400 Message-Id: <20231101221523.988640-1-sergiodj@sergiodj.net> X-Mailer: git-send-email 2.40.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-10.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org When invoking sem_open with O_CREAT as one of its flags, we'll end up in the second part of sem_open's "if ((oflag & O_CREAT) == 0 || (oflag & O_EXCL) == 0)", which means that we don't expect the semaphore file to exist. In that part, open_flags is initialized as "O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC" and there's an attempt to open(2) the file, which will likely fail because it won't exist. After that first (expected) failure, some cleanup is done and we go back to the label "try_again", which lives in the first part of the aforementioned "if". The problem is that, in that part of the code, we expect the semaphore file to exist, and as such O_CREAT (this time the flag we pass to open(2)) needs to be cleaned from open_flags, otherwise we'll see another failure (this time unexpected) when trying to open the file, which will lead the call to sem_open to fail as well. This can cause very strange bugs, especially with OpenMPI, which makes extensive use of semaphores. Fix the bug by simplifying the logic when choosing open(2) flags and making sure O_CREAT is not set when the semaphore file is expected to exist. A regression test for this issue would require a complex and cpu time consuming logic, since to trigger the wrong code path is not straightforward due the racy condition. There is a somewhat reliable reproducer in the bug, but it requires using OpenMPI. This resolves BZ #30789. See also: https://bugs.launchpad.net/ubuntu/+source/h5py/+bug/2031912 Signed-off-by: Sergio Durigan Junior Co-Authored-By: Simon Chopin Co-Authored-By: Adhemerval Zanella Netto Fixes: 533deafbdf189f5fbb280c28562dd43ace2f4b0f ("Use O_CLOEXEC in more places (BZ #15722)") --- sysdeps/pthread/sem_open.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/sysdeps/pthread/sem_open.c b/sysdeps/pthread/sem_open.c index e5db929d20..0e331a7445 100644 --- a/sysdeps/pthread/sem_open.c +++ b/sysdeps/pthread/sem_open.c @@ -32,11 +32,12 @@ # define __unlink unlink #endif +#define SEM_OPEN_FLAGS (O_RDWR | O_NOFOLLOW | O_CLOEXEC) + sem_t * __sem_open (const char *name, int oflag, ...) { int fd; - int open_flags; sem_t *result; /* Check that shared futexes are supported. */ @@ -65,10 +66,8 @@ __sem_open (const char *name, int oflag, ...) /* If the semaphore object has to exist simply open it. */ if ((oflag & O_CREAT) == 0 || (oflag & O_EXCL) == 0) { - open_flags = O_RDWR | O_NOFOLLOW | O_CLOEXEC; - open_flags |= (oflag & ~(O_CREAT|O_ACCMODE)); try_again: - fd = __open (dirname.name, open_flags); + fd = __open (dirname.name, (oflag & O_EXCL) | SEM_OPEN_FLAGS); if (fd == -1) { @@ -135,8 +134,7 @@ __sem_open (const char *name, int oflag, ...) } /* Open the file. Make sure we do not overwrite anything. */ - open_flags = O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC; - fd = __open (tmpfname, open_flags, mode); + fd = __open (tmpfname, O_CREAT | O_EXCL | SEM_OPEN_FLAGS, mode); if (fd == -1) { if (errno == EEXIST)