diff options
| author | Adhemerval Zanella <adhemerval.zanella@linaro.com> | 2015-10-14 12:15:46 -0300 |
|---|---|---|
| committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2015-12-02 14:45:50 -0200 |
| commit | d0e3ffb7a58854248f1d5e737610d50cd0a60f46 (patch) | |
| tree | 557241d96a55aa279e04078b60756843ba385f97 | |
| parent | 7635a88d320c665defd44085d3b9031d673fe1ee (diff) | |
| download | glibc-d0e3ffb7a58854248f1d5e737610d50cd0a60f46.tar glibc-d0e3ffb7a58854248f1d5e737610d50cd0a60f46.tar.gz glibc-d0e3ffb7a58854248f1d5e737610d50cd0a60f46.tar.bz2 glibc-d0e3ffb7a58854248f1d5e737610d50cd0a60f46.zip | |
nptl: Fix racy pipe closing in tst-cancel{20,21}
The tst-cancel20 open two pipes and creates a thread which blocks
reading the first pipe. It then issues a signal to activate the
signal handler which in turn blocks reading the second pipe end.
Finally the cancellation cleanup-up handlers are tested by first
closing the all the pipes ends and issuing a pthread_cancel.
The tst-cancel21 have a similar behavior, but use an extra fork
after the test itself.
The race condition occurs if the cancellation handling acts after the
pipe close: in this case read will return EOF (indicating side-effects)
and thus the cancellation must not act. However current GLIBC
cancellation behavior acts regardless the syscalls returns with
sid-effects.
This patch adjust the test by moving the pipe closing after the
cancellation handling. This avoid spurious cancellation if the case
of the race described.
Checked on x86_64 and i386.
* nptl/tst-cancel20.c (do_one_test): Move the pipe closing after
pthread_join.
* nptl/tst-cancel21.c (tf): Likewise.
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | nptl/tst-cancel20.c | 15 | ||||
| -rw-r--r-- | nptl/tst-cancel21.c | 15 |
3 files changed, 24 insertions, 12 deletions
@@ -1,3 +1,9 @@ +2015-12-02 Adhemerval Zanella <adhemerval.zanella@linaro.org> + + * nptl/tst-cancel20.c (do_one_test): Move the pipe closing after + pthread_join. + * nptl/tst-cancel21.c (tf): Likewise. + 2015-12-01 H.J. Lu <hongjiu.lu@intel.com> [BZ #19313] diff --git a/nptl/tst-cancel20.c b/nptl/tst-cancel20.c index 51b558e98d..91452fb97a 100644 --- a/nptl/tst-cancel20.c +++ b/nptl/tst-cancel20.c @@ -145,12 +145,6 @@ do_one_test (void) return 1; } - /* This will cause the read in the child to return. */ - close (fd[0]); - close (fd[1]); - close (fd[2]); - close (fd[3]); - void *ret; if (pthread_join (th, &ret) != 0) { @@ -170,6 +164,15 @@ do_one_test (void) return 1; } + /* The pipe closing must be issued after the cancellation handling to avoid + a race condition where the cancellation runs after both pipe ends are + closed. In this case the read syscall returns EOF and the cancellation + must not act. */ + close (fd[0]); + close (fd[1]); + close (fd[2]); + close (fd[3]); + return 0; } diff --git a/nptl/tst-cancel21.c b/nptl/tst-cancel21.c index b54f236b03..d082776059 100644 --- a/nptl/tst-cancel21.c +++ b/nptl/tst-cancel21.c @@ -123,12 +123,6 @@ tf (void *arg) exit (1); } - /* This will cause the read in the initial thread to return. */ - close (fd[0]); - close (fd[1]); - close (fd[2]); - close (fd[3]); - void *ret; if (pthread_join (th, &ret) != 0) { @@ -154,6 +148,15 @@ tf (void *arg) exit (1); } + /* The pipe closing must be issued after the cancellation handling to avoid + a race condition where the cancellation runs after both pipe ends are + closed. In this case the read syscall returns EOF and the cancellation + must not act. */ + close (fd[0]); + close (fd[1]); + close (fd[2]); + close (fd[3]); + exit (0); } |