From patchwork Thu Sep 11 09:18:40 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?q?Marc_Poulhi=C3=A8s?= <poulhies@adacore.com>
X-Patchwork-Id: 120030
Return-Path: <gcc-patches-bounces~patchwork=sourceware.org@gcc.gnu.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 52BE63858C2C
	for <patchwork@sourceware.org>; Thu, 11 Sep 2025 09:23:36 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 52BE63858C2C
Authentication-Results: sourceware.org;
	dkim=pass (2048-bit key,
 secure) header.d=adacore.com header.i=@adacore.com header.a=rsa-sha256
 header.s=google header.b=GJMFOnJI
X-Original-To: gcc-patches@gcc.gnu.org
Delivered-To: gcc-patches@gcc.gnu.org
Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com
 [IPv6:2a00:1450:4864:20::435])
 by sourceware.org (Postfix) with ESMTPS id CBC6E3858402
 for <gcc-patches@gcc.gnu.org>; Thu, 11 Sep 2025 09:19:22 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org CBC6E3858402
Authentication-Results: sourceware.org; dmarc=pass (p=quarantine dis=none)
 header.from=adacore.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=adacore.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org CBC6E3858402
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2a00:1450:4864:20::435
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1757582363; cv=none;
 b=CnNZkVLyg1tju122lP7dCT57yy6Vr4XPozaqhyimdRwydK25BYpLYQrk8QA1Wz8t3+6ijsxJrAEOgutuBfOkyWliz/zFBy3jggLyJJaf43uwUo+ttHqzK9xzQdXbua97wexBZxpdlo829K5hAJ8Q+KrSsUzGy9LdxgzUqO8S27I=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1757582363; c=relaxed/simple;
 bh=2OfAnmTfc07vQR4p6+TS6incuRpegeuxff7XXU35rzw=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=FY7Ugl8fB1j8aG3PB+cbFftqAyLxdhDGfGNur1AAqMsfYz9Yc2ZQLUC5ItuBlSnW7H4nUsObTfASS4CHF1bhF/K7xFFQllFSUOUCl40AOC0wMNdAbcyG5diAFe79e4905a9vG0/YhaS7EE4K+4xYiq9RyClVUfn+KRXdxwC1+g4=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org CBC6E3858402
Received: by mail-wr1-x435.google.com with SMTP id
 ffacd0b85a97d-3e4aeaa57b9so533587f8f.1
 for <gcc-patches@gcc.gnu.org>; Thu, 11 Sep 2025 02:19:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=adacore.com; s=google; t=1757582361; x=1758187161; darn=gcc.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=qihdNTUbS0kos4rVJQ5TNeCqa4MGeu8tVsciKfAiYsY=;
 b=GJMFOnJIrLiDTTIXusVLydAssnJ9ePRzrNOHR/SJfVu3XVizLjwAI5SjI7WzeFRLQM
 aA4lePp5K9PJPNmrimAo+4MeljAIEqZ26lpx3muOnH/QGU3ZvmuwVeQtUfaAILttha6j
 k6aYjaVwejRPxBPWBr+SiDNaJ3yLij1xXKjcoS7i/dNOiLg6lc/r+GR35zZzrgvSq3vn
 yFn5MkQKvd0t6sDKZLMXb3HZUorZS55KGVdjbP70VdFTQQqhhfnALtHADujwnugAPzlR
 n8kXQa8jDhFcqLL1oZZO54x2Htx2lYNHRYRl3Wz+w1AnJ7HTfX1XH8j3FZOhX69JQIPj
 PBVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1757582361; x=1758187161;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=qihdNTUbS0kos4rVJQ5TNeCqa4MGeu8tVsciKfAiYsY=;
 b=cVQDGkSnEfVXLMj/EoS1dnDkS3tpIc7D8/ctA9vlSC18kYACgtBvQEsLHHSiTXmRmb
 7gp+bMu2xEI1GDGXzJam+g7xdMoI+BtHXiCZZBz8bezvmPenLVL2xHfnBO6tMriM6hMr
 Qpm9WvQanggGfKzTEOScTZOW4oXMQnpmqeH4pmppM80NtTrpuU+xDZep7SDVTaotKFIE
 EgotplMdCZi7Flv4qMKdIC2mw7FDME9lNjwaRjkL52avuweyLE2gQ3O9ckuB0c8NkaO2
 3nLxiNdkfSYUHiWWx8lBI5QAsHFPV8KHtSkpJQZZ80E3RMeedOyGi/Teor/1jo4ZxAn9
 uwnw==
X-Gm-Message-State: AOJu0YxOL1eFFLeevFPZduTCvu9IylCF+/1ks0Iq+OwCDnkpVS1jsySV
 HbXpg9fRgSC3y7UYtYlkqlNHu6NxajeBu7V1yMdvZn2Q5kZqPbw2AUyJg0VbdhSBfP9c8zzPYmV
 O6Gs=
X-Gm-Gg: ASbGncsn2h4Od8op1KzIWFC2aTiKUQm5oLKF5NzghBzJqyAaLfsMen7YIecfCdcZNEX
 fxIjH/3kVd4gdGmbgNUzfdu68Z+8jai4ISbEU8aCfPsl3/RUtIyO6hhO1uwOvSa94GO+uh6D4B/
 iMHQr3mp6LKxxl+I/us4KQwoIyYW7UwQazcYCJQglIrdhT8C+Yw++6dEfXbZqcwNKONge2/Xoo3
 +6QSuRnyqhpuheXf9vYxn8OqFGNIUWMzELiUVv/2He8fD5uo6cjaCnRDG4VcFfPk+PO2vQ9Na55
 9UjvxMQbiZWdBmVl/7QyFQqVwn1ZvEY9h0NecbtZCUyfmzr1Ar1D/HzawyDx+OSm55OTbkC7dVv
 a3tjkhHEig6H5ZnSEAWMcMLy0+1eYvj5FKn6tuRyWcFlCTguNE9WOL4bc98YLYiFWtBPftGWH5Y
 /LxkbC3nbh90FouHGKGKIPYC/URC8a+WromGok8haJiCoA+i+2
X-Google-Smtp-Source: 
 AGHT+IG2DTu3M875pzskCOTTLYlZIpBvz4tPlhzOk+vlCA5vPltmP+mevMud96Ggin9wZlY82rmt/A==
X-Received: by 2002:a05:6000:310d:b0:3e5:a68:bdc5 with SMTP id
 ffacd0b85a97d-3e63736c735mr16202910f8f.13.1757582361464;
 Thu, 11 Sep 2025 02:19:21 -0700 (PDT)
Received: from poulhies-Precision-5550.telnowedge.local
 (lmontsouris-659-1-24-67.w81-250.abo.wanadoo.fr. [81.250.175.67])
 by smtp.gmail.com with ESMTPSA id
 ffacd0b85a97d-3e7607cd27dsm1649971f8f.41.2025.09.11.02.19.20
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 11 Sep 2025 02:19:21 -0700 (PDT)
From: =?utf-8?q?Marc_Poulhi=C3=A8s?= <poulhies@adacore.com>
To: gcc-patches@gcc.gnu.org
Cc: Johannes Kliemann <kliemann@adacore.com>
Subject: [COMMITTED 08/31] ada: Disable signals when calling pthread_create on
 QNX
Date: Thu, 11 Sep 2025 11:18:40 +0200
Message-ID: <20250911091904.1505690-8-poulhies@adacore.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250911091904.1505690-1-poulhies@adacore.com>
References: <20250911091904.1505690-1-poulhies@adacore.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-13.8 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gcc-patches@gcc.gnu.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe>
Errors-To: gcc-patches-bounces~patchwork=sourceware.org@gcc.gnu.org

From: Johannes Kliemann <kliemann@adacore.com>

The QNX Certified Products Defect Notification from February 2025
mentions a potential memory leak when pthread_create is interrupted by a
signal. It recommends to disable signals for this function call.

gcc/ada/ChangeLog:

	* adaint.c: Add functions to disable and enable signals on QNX.
	* libgnarl/s-taprop__qnx.adb (Create_Task): Disable
	signals when calling pthread_create.

Tested on x86_64-pc-linux-gnu, committed on master.
---
 gcc/ada/adaint.c                   | 63 ++++++++++++++++++++++++++++++
 gcc/ada/libgnarl/s-taprop__qnx.adb | 24 ++++++++++--
 2 files changed, 83 insertions(+), 4 deletions(-)

diff --git a/gcc/ada/adaint.c b/gcc/ada/adaint.c
index adc39517280a..7b78d91e0e72 100644
--- a/gcc/ada/adaint.c
+++ b/gcc/ada/adaint.c
@@ -107,6 +107,7 @@
 #ifdef __QNX__
 #include <sys/syspage.h>
 #include <sys/time.h>
+#include <signal.h>
 #endif
 
 #ifdef IN_RTS
@@ -3719,6 +3720,68 @@ void __gnat_killprocesstree (int pid, int sig_num)
   */
 }
 
+#if defined (__QNX__)
+
+static __thread sigset_t set;
+static __thread sigset_t oset;
+static __thread int signals_disabled = 0;
+
+int __gnat_disable_signals(void)
+{
+    sigemptyset(&set);
+    sigaddset(&set, SIGHUP);
+    sigaddset(&set, SIGINT);
+    sigaddset(&set, SIGQUIT);
+    sigaddset(&set, SIGILL);
+    sigaddset(&set, SIGTRAP);
+    sigaddset(&set, SIGIOT);
+    sigaddset(&set, SIGABRT);
+    sigaddset(&set, SIGEMT);
+    sigaddset(&set, SIGDEADLK);
+    sigaddset(&set, SIGFPE);
+    sigaddset(&set, SIGKILL);
+    sigaddset(&set, SIGBUS);
+    sigaddset(&set, SIGSEGV);
+    sigaddset(&set, SIGSYS);
+    sigaddset(&set, SIGPIPE);
+    sigaddset(&set, SIGALRM);
+    sigaddset(&set, SIGTERM);
+    sigaddset(&set, SIGUSR1);
+    sigaddset(&set, SIGUSR2);
+    sigaddset(&set, SIGCHLD);
+    sigaddset(&set, SIGCLD);
+    sigaddset(&set, SIGPWR);
+    sigaddset(&set, SIGWINCH);
+    sigaddset(&set, SIGURG);
+    sigaddset(&set, SIGPOLL);
+    sigaddset(&set, SIGIO);
+    sigaddset(&set, SIGSTOP);
+    sigaddset(&set, SIGTSTP);
+    sigaddset(&set, SIGCONT);
+    sigaddset(&set, SIGTTIN);
+    sigaddset(&set, SIGTTOU);
+    sigaddset(&set, SIGVTALRM);
+    sigaddset(&set, SIGPROF);
+    sigaddset(&set, SIGXCPU);
+    sigaddset(&set, SIGXFSZ);
+    sigaddset(&set, SIGDOOM);
+
+    int ret = sigprocmask(SIG_BLOCK, &set, &oset);
+    signals_disabled = !ret;
+    return ret;
+}
+
+int __gnat_enable_signals(void)
+{
+    if (!signals_disabled) {
+        return 0;
+    }
+    signals_disabled = 0;
+    return sigprocmask(SIG_SETMASK, &oset, 0);
+}
+
+#endif
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/gcc/ada/libgnarl/s-taprop__qnx.adb b/gcc/ada/libgnarl/s-taprop__qnx.adb
index e7d245fec7de..b51f2b527082 100644
--- a/gcc/ada/libgnarl/s-taprop__qnx.adb
+++ b/gcc/ada/libgnarl/s-taprop__qnx.adb
@@ -766,6 +766,16 @@ package body System.Task_Primitives.Operations is
       function Thread_Body_Access is new
         Ada.Unchecked_Conversion (System.Address, Thread_Body);
 
+      function Disable_Signals return Interfaces.C.int with
+        Import,
+        Convention    => C,
+        External_Name => "__gnat_disable_signals";
+
+      function Enable_Signals return Interfaces.C.int with
+        Import,
+        Convention    => C,
+        External_Name => "__gnat_enable_signals";
+
    begin
       Adjusted_Stack_Size :=
          Interfaces.C.size_t (Stack_Size + Alternate_Stack_Size);
@@ -840,10 +850,11 @@ package body System.Task_Primitives.Operations is
 
       pragma Assert (Result = 0);
 
-      --  Since the initial signal mask of a thread is inherited from the
-      --  creator, and the Environment task has all its signals masked, we
-      --  do not need to manipulate caller's signal mask at this point.
-      --  All tasks in RTS will have All_Tasks_Mask initially.
+      --  (QMS3263) lists PR 2894086. This defect causes a memory leak when
+      --  pthread_create is interrupted by a signal and later resumed. To avoid
+      --  avoid such a leak the document suggests to disable signals while
+      --  calling pthread_create. The signal mask of the calling thread is
+      --  restored after the call to pthread_create.
 
       --  The write to T.Common.LL.Thread is not racy with regard to the
       --  created thread because the created thread will not access it until
@@ -851,6 +862,8 @@ package body System.Task_Primitives.Operations is
       --  Restricted.Stages is used). One can verify that by inspecting the
       --  Task_Wrapper procedures.
 
+      Result := Disable_Signals;
+      pragma Assert (Result = 0);
       Result := pthread_create
         (T.Common.LL.Thread'Access,
          Attributes'Access,
@@ -860,6 +873,9 @@ package body System.Task_Primitives.Operations is
 
       Succeeded := Result = 0;
 
+      Result := Enable_Signals;
+      pragma Assert (Result = 0);
+
       Result := pthread_attr_destroy (Attributes'Access);
       pragma Assert (Result = 0);
    end Create_Task;