nptl: pthread_kill must send signals to a specific thread [BZ #28407]
Checks
| Context |
Check |
Description |
| dj/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
| dj/TryBot-32bit |
success
|
Build for i686
|
Commit Message
The choice between the kill vs tgkill system calls is not just about
the TID reuse race, but also about whether the signal is sent to the
whole process (and any thread in it) or to a specific thread.
This was caught by the openposix test suite:
LTP: openposix test suite - FAIL: SIGUSR1 is member of new thread pendingset.
<https://gitlab.com/cki-project/kernel-tests/-/issues/764>
---
Tested on i686-linux-gnu, x86_64-linux-gnu.
nptl/pthread_kill.c | 4 +-
sysdeps/pthread/Makefile | 1 +
sysdeps/pthread/tst-pthread-raise-blocked-self.c | 92 ++++++++++++++++++++++++
3 files changed, 94 insertions(+), 3 deletions(-)
Comments
On 10/1/21 10:10, Florian Weimer via Libc-alpha wrote:
> The choice between the kill vs tgkill system calls is not just about
> the TID reuse race, but also about whether the signal is sent to the
> whole process (and any thread in it) or to a specific thread.
>
> This was caught by the openposix test suite:
>
> LTP: openposix test suite - FAIL: SIGUSR1 is member of new thread pendingset.
> <https://gitlab.com/cki-project/kernel-tests/-/issues/764>
Passes patchwork CI/CD 2/2. Tested without regression on x86_64 and i686.
LGTM.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
> ---
> Tested on i686-linux-gnu, x86_64-linux-gnu.
>
> nptl/pthread_kill.c | 4 +-
> sysdeps/pthread/Makefile | 1 +
> sysdeps/pthread/tst-pthread-raise-blocked-self.c | 92 ++++++++++++++++++++++++
> 3 files changed, 94 insertions(+), 3 deletions(-)
>
> diff --git a/nptl/pthread_kill.c b/nptl/pthread_kill.c
> index a44dc8f2d9..35bf1f973e 100644
> --- a/nptl/pthread_kill.c
> +++ b/nptl/pthread_kill.c
> @@ -40,7 +40,7 @@ __pthread_kill_implementation (pthread_t threadid, int signo, int no_tid)
> below. POSIX only guarantees delivery of a single signal,
> which may not be the right one.) */
> pid_t tid = INTERNAL_SYSCALL_CALL (gettid);
> - int ret = INTERNAL_SYSCALL_CALL (kill, tid, signo);
> + int ret = INTERNAL_SYSCALL_CALL (tgkill, __getpid (), tid, signo);
OK. Right, we need tgkill here to avoid the reuse issue, and is the right interface for this.
> return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0;
> }
>
> @@ -59,8 +59,6 @@ __pthread_kill_implementation (pthread_t threadid, int signo, int no_tid)
> ret = no_tid;
> else
> {
> - /* Using tgkill is a safety measure. pd->exit_lock ensures that
> - the target thread cannot exit. */
OK. Agreed, this doesn't make any sense here.
> ret = INTERNAL_SYSCALL_CALL (tgkill, __getpid (), pd->tid, signo);
> ret = INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0;
> }
> diff --git a/sysdeps/pthread/Makefile b/sysdeps/pthread/Makefile
> index d4bd2d4e3e..0af9c59b42 100644
> --- a/sysdeps/pthread/Makefile
> +++ b/sysdeps/pthread/Makefile
> @@ -121,6 +121,7 @@ tests += tst-cnd-basic tst-mtx-trylock tst-cnd-broadcast \
> tst-pthread-setuid-loop \
> tst-pthread_cancel-exited \
> tst-pthread_cancel-select-loop \
> + tst-pthread-raise-blocked-self \
OK. New test.
> tst-pthread_kill-exited \
> tst-pthread_kill-exiting \
> # tests
> diff --git a/sysdeps/pthread/tst-pthread-raise-blocked-self.c b/sysdeps/pthread/tst-pthread-raise-blocked-self.c
> new file mode 100644
> index 0000000000..128e1a6071
> --- /dev/null
> +++ b/sysdeps/pthread/tst-pthread-raise-blocked-self.c
> @@ -0,0 +1,92 @@
> +/* Test that raise sends signal to current thread even if blocked.
OK.
> + Copyright (C) 2021 Free Software Foundation, Inc.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <https://www.gnu.org/licenses/>. */
> +
> +#include <signal.h>
> +#include <support/check.h>
> +#include <support/xsignal.h>
> +#include <support/xthread.h>
> +#include <pthread.h>
> +#include <unistd.h>
> +
> +/* Used to create a dummy thread ID distinct from all other thread
> + IDs. */
> +static void *
> +noop (void *ignored)
> +{
> + return NULL;
> +}
> +
> +static volatile pthread_t signal_thread;
> +
> +static void
> +signal_handler (int signo)
> +{
> + signal_thread = pthread_self ();
> +}
> +
> +/* Used to ensure that waiting_thread has launched and can accept
> + signals. */
> +static pthread_barrier_t barrier;
> +
> +static void *
> +waiting_thread (void *ignored)
> +{
> + xpthread_barrier_wait (&barrier);
> + pause ();
> + return NULL;
> +}
> +
> +static int
> +do_test (void)
> +{
> + xsignal (SIGUSR1, signal_handler);
OK. Set handler for SIGUSER1.
> + xpthread_barrier_init (&barrier, NULL, 2);
OK. Barrier for 2 threads.
> +
> + /* Distinct thread ID value to */
> + pthread_t dummy = xpthread_create (NULL, noop, NULL);
> + signal_thread = dummy;
OK. Get a unique thread id.
> +
> + pthread_t helper = xpthread_create (NULL, waiting_thread, NULL);
OK. Run the barrier/pause/return thread.
> +
> + /* Make sure that the thread is running. */
> + xpthread_barrier_wait (&barrier);
OK. Thread and us block on the barrier until we're both there.
> +
> + /* Block signals on this thread. */
> + sigset_t set;
> + sigfillset (&set);
> + xpthread_sigmask (SIG_BLOCK, &set, NULL);
> +
> + /* Send the signal to this thread. It must not be delivered. */
> + raise (SIGUSR1);
OK. Equivalent to __pthread_kill (__pthread_self (), sig);
> + TEST_VERIFY (signal_thread == dummy);
> +
> + /* Wait a bit to give a chance for signal delivery (increases
> + chances of failure with bug 28407). */
> + usleep (50 * 1000);
> +
> + /* Unblocking should cause synchronous delivery of the signal. */
> + xpthread_sigmask (SIG_UNBLOCK, &set, NULL);
> + TEST_VERIFY (signal_thread == pthread_self ());
OK. Signal should have been delivered to the main thread.
> +
> + xpthread_cancel (helper);
> + xpthread_join (helper);
> + xpthread_join (dummy);
> + return 0;
> +}
> +
> +#include <support/test-driver.c>
>
@@ -40,7 +40,7 @@ __pthread_kill_implementation (pthread_t threadid, int signo, int no_tid)
below. POSIX only guarantees delivery of a single signal,
which may not be the right one.) */
pid_t tid = INTERNAL_SYSCALL_CALL (gettid);
- int ret = INTERNAL_SYSCALL_CALL (kill, tid, signo);
+ int ret = INTERNAL_SYSCALL_CALL (tgkill, __getpid (), tid, signo);
return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0;
}
@@ -59,8 +59,6 @@ __pthread_kill_implementation (pthread_t threadid, int signo, int no_tid)
ret = no_tid;
else
{
- /* Using tgkill is a safety measure. pd->exit_lock ensures that
- the target thread cannot exit. */
ret = INTERNAL_SYSCALL_CALL (tgkill, __getpid (), pd->tid, signo);
ret = INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0;
}
@@ -121,6 +121,7 @@ tests += tst-cnd-basic tst-mtx-trylock tst-cnd-broadcast \
tst-pthread-setuid-loop \
tst-pthread_cancel-exited \
tst-pthread_cancel-select-loop \
+ tst-pthread-raise-blocked-self \
tst-pthread_kill-exited \
tst-pthread_kill-exiting \
# tests
new file mode 100644
@@ -0,0 +1,92 @@
+/* Test that raise sends signal to current thread even if blocked.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <signal.h>
+#include <support/check.h>
+#include <support/xsignal.h>
+#include <support/xthread.h>
+#include <pthread.h>
+#include <unistd.h>
+
+/* Used to create a dummy thread ID distinct from all other thread
+ IDs. */
+static void *
+noop (void *ignored)
+{
+ return NULL;
+}
+
+static volatile pthread_t signal_thread;
+
+static void
+signal_handler (int signo)
+{
+ signal_thread = pthread_self ();
+}
+
+/* Used to ensure that waiting_thread has launched and can accept
+ signals. */
+static pthread_barrier_t barrier;
+
+static void *
+waiting_thread (void *ignored)
+{
+ xpthread_barrier_wait (&barrier);
+ pause ();
+ return NULL;
+}
+
+static int
+do_test (void)
+{
+ xsignal (SIGUSR1, signal_handler);
+ xpthread_barrier_init (&barrier, NULL, 2);
+
+ /* Distinct thread ID value to */
+ pthread_t dummy = xpthread_create (NULL, noop, NULL);
+ signal_thread = dummy;
+
+ pthread_t helper = xpthread_create (NULL, waiting_thread, NULL);
+
+ /* Make sure that the thread is running. */
+ xpthread_barrier_wait (&barrier);
+
+ /* Block signals on this thread. */
+ sigset_t set;
+ sigfillset (&set);
+ xpthread_sigmask (SIG_BLOCK, &set, NULL);
+
+ /* Send the signal to this thread. It must not be delivered. */
+ raise (SIGUSR1);
+ TEST_VERIFY (signal_thread == dummy);
+
+ /* Wait a bit to give a chance for signal delivery (increases
+ chances of failure with bug 28407). */
+ usleep (50 * 1000);
+
+ /* Unblocking should cause synchronous delivery of the signal. */
+ xpthread_sigmask (SIG_UNBLOCK, &set, NULL);
+ TEST_VERIFY (signal_thread == pthread_self ());
+
+ xpthread_cancel (helper);
+ xpthread_join (helper);
+ xpthread_join (dummy);
+ return 0;
+}
+
+#include <support/test-driver.c>