From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from omta38.uswest2.a.cloudfilter.net (omta38.uswest2.a.cloudfilter.net [35.89.44.37]) by sourceware.org (Postfix) with ESMTPS id F28653858C52 for ; Sun, 24 Mar 2024 21:12:42 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org F28653858C52 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=tromey.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=tromey.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org F28653858C52 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=35.89.44.37 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1711314765; cv=none; b=I8rX6uToHBJJKSTTKMHGbiWQXQAg/JFZgVYEsz5kFAyXxgurksXXaIpo5jzW2BN0X8WFn66q81o57oO6SW4QeEValfW8QqfhXqhx2M6V6pWJiwzJAoI6rjM856HwNohsgGOjzPpQ7f3nsDmGtnrHO1vc3WEO6IxdOIr9UmsAO+s= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1711314765; c=relaxed/simple; bh=U7RcHGljYi7yPipwCZ53XeRgjKQMaoUfXxKaT1sib6c=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=NGYgr+pqeqpo9RA+FrP0dj1nb84+ZENqEBGQtf0a5EvAyrpYBT688G4EiH7WebuZzGuPCzwMG92u6uJsaIskEJvade5XwRMJQ9K650upzEjo/sAGvsgFgs5gwlQvrjdXtDBi4znNczkhxK+bMP98cGPqNYQQJAHyYeoyRoOpvzk= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from eig-obgw-6001a.ext.cloudfilter.net ([10.0.30.140]) by cmsmtp with ESMTPS id oR14rO8BTDI6foV8zreco9; Sun, 24 Mar 2024 21:12:41 +0000 Received: from box5379.bluehost.com ([162.241.216.53]) by cmsmtp with ESMTPS id oV8yrktv69zHMoV8yr2fJs; Sun, 24 Mar 2024 21:12:40 +0000 X-Authority-Analysis: v=2.4 cv=fo4XZ04f c=1 sm=1 tr=0 ts=66009748 a=ApxJNpeYhEAb1aAlGBBbmA==:117 a=ApxJNpeYhEAb1aAlGBBbmA==:17 a=K6JAEmCyrfEA:10 a=Qbun_eYptAEA:10 a=CCpqsmhAAAAA:8 a=-X-rwvkNgfjKfmDDk8AA:9 a=ul9cdbp4aOFLsgKbc677:22 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tromey.com; s=default; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=1OWaLEWkgFXHSTgzt0CTSillA+vgTDGFQIZR+IY3pj0=; b=HMowv+Tv4eH51royhERJANAOa7 P0tPFG8Kb7nWHASA7Cs5kYdpCtTB9geBghXVMRf/AGupyosyBwdvdmBwPWKFDz8YS/Md5PN6Te5pr G863eQGwpildif1qYkHb+VXB4; Received: from 97-122-82-115.hlrn.qwest.net ([97.122.82.115]:33654 helo=localhost.localdomain) by box5379.bluehost.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from ) id 1roV8y-001ww7-0O; Sun, 24 Mar 2024 15:12:40 -0600 From: Tom Tromey To: binutils@sourceware.org Cc: Tom Tromey Subject: [PATCH 2/2] Avoid cache race in bfd_check_format_matches Date: Sun, 24 Mar 2024 15:08:06 -0600 Message-ID: <20240324211229.1444550-3-tom@tromey.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240324211229.1444550-1-tom@tromey.com> References: <20240324211229.1444550-1-tom@tromey.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - box5379.bluehost.com X-AntiAbuse: Original Domain - sourceware.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - tromey.com X-BWhitelist: no X-Source-IP: 97.122.82.115 X-Source-L: No X-Exim-ID: 1roV8y-001ww7-0O X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: 97-122-82-115.hlrn.qwest.net (localhost.localdomain) [97.122.82.115]:33654 X-Source-Auth: tom+tromey.com X-Email-Count: 3 X-Org: HG=bhshared;ORG=bluehost; X-Source-Cap: ZWx5bnJvYmk7ZWx5bnJvYmk7Ym94NTM3OS5ibHVlaG9zdC5jb20= X-Local-Domain: yes X-CMAE-Envelope: MS4xfDne8YtpMErRHpd2jXU3fXoNQ33W61UBn05WNKh6bB8b4of3t7foHTihwVnIN9I8BlGZMt7W867n63+Y21fxGyApWTFzhV3X0NLoVWzF0EchTjY7QIf/ T/G2lmBEa/auHH8siLK2M1c2+BOBqr4PcFGFXw+8VDt7ca9lcw712XBW+bAN/Wz2/Zcr35WLCZCx9cM9Zt/nPL4AIjdcGjPpxyE= X-Spam-Status: No, score=-3021.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,GIT_PATCH_0,JMQ_SPF_NEUTRAL,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Running the gdb test suite with the thread sanitizer enabled shows a race when bfd_check_format_matches and bfd_cache_close_all are called simultaneously on different threads. This patch fixes this race by having bfd_check_format_matches temporarily remove the BFD from the file descriptor cache -- leaving it open while format-checking proceeds. In this setup, the BFD client is responsible for closing the BFD again on the "checking" thread, should that be desired. gdb does this by calling bfd_cache_close in the relevant worker thread. An earlier version of this patch omitted the "possibly_cached" helper function. However, this ran into crashes in the binutils test suite involving the archive-checking abort in bfd_cache_lookup_worker. I do not understand the purpose of this check, so I've simply had the new function work around it. I couldn't find any comments explaining this situation, either. I suspect that there may still be races related to this case, but I don't think I have access to the platforms where gdb deals with archives. Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=31264 --- bfd/bfd-in2.h | 6 ++++ bfd/bfd.c | 6 ++++ bfd/cache.c | 84 ++++++++++++++++++++++++++++++++++++++++++++++++--- bfd/format.c | 16 +++++++++- bfd/libbfd.h | 2 ++ 5 files changed, 109 insertions(+), 5 deletions(-) diff --git a/bfd/bfd-in2.h b/bfd/bfd-in2.h index fa28688837c..ceb53683d21 100644 --- a/bfd/bfd-in2.h +++ b/bfd/bfd-in2.h @@ -2160,6 +2160,12 @@ struct bfd that BFD is not prepared to handle for objcopy/strip. */ unsigned int read_only : 1; + /* Set if this BFD is currently being processed by + bfd_check_format_matches. This is checked by the cache to + avoid closing the BFD in this case. This should only be + examined or modified while the BFD lock is held. */ + unsigned int in_format_matches : 1; + /* Set to dummy BFD created when claimed by a compiler plug-in library. */ bfd *plugin_dummy_bfd; diff --git a/bfd/bfd.c b/bfd/bfd.c index 11ad7f24456..ca4250327d2 100644 --- a/bfd/bfd.c +++ b/bfd/bfd.c @@ -285,6 +285,12 @@ CODE_FRAGMENT . that BFD is not prepared to handle for objcopy/strip. *} . unsigned int read_only : 1; . +. {* Set if this BFD is currently being processed by +. bfd_check_format_matches. This is checked by the cache to +. avoid closing the BFD in this case. This should only be +. examined or modified while the BFD lock is held. *} +. unsigned int in_format_matches : 1; +. . {* Set to dummy BFD created when claimed by a compiler plug-in . library. *} . bfd *plugin_dummy_bfd; diff --git a/bfd/cache.c b/bfd/cache.c index d0e7be293a5..c526dcae09f 100644 --- a/bfd/cache.c +++ b/bfd/cache.c @@ -226,6 +226,20 @@ close_one (void) ? (FILE *) (bfd_last_cache->iostream) \ : bfd_cache_lookup_worker (x, flag)) +/* A helper function that returns true if ABFD can possibly be cached + -- that is, whether bfd_cache_lookup_worker will accept it. */ + +static bool +possibly_cached (bfd *abfd) +{ + if ((abfd->flags & BFD_IN_MEMORY) != 0) + return false; + if (abfd->my_archive != NULL + && !bfd_is_thin_archive (abfd->my_archive)) + return false; + return true; +} + /* Called when the macro <> fails to find a quick answer. Find a file descriptor for @var{abfd}. If necessary, it open it. If there are already more than @@ -236,12 +250,17 @@ close_one (void) static FILE * bfd_cache_lookup_worker (bfd *abfd, enum cache_flag flag) { - if ((abfd->flags & BFD_IN_MEMORY) != 0) + if (!possibly_cached (abfd)) abort (); - if (abfd->my_archive != NULL - && !bfd_is_thin_archive (abfd->my_archive)) - abort (); + /* If the BFD is being processed by bfd_check_format_matches, it + must already be open and won't be on the list. */ + if (abfd->in_format_matches) + { + if (abfd->iostream == NULL) + abort (); + return (FILE *) abfd->iostream; + } if (abfd->iostream != NULL) { @@ -657,6 +676,63 @@ bfd_cache_close_all (void) return ret; } +/* +INTERNAL_FUNCTION + bfd_cache_set_uncloseable + +SYNOPSIS + bool bfd_cache_set_uncloseable (bfd *abfd, bool value, bool *old); + +DESCRIPTION + Internal function to mark ABFD as either closeable or not. + This is used by bfd_check_format_matches to avoid races + where bfd_cache_close_all is called in another thread. + VALUE is true to mark the BFD as temporarily uncloseable + by the cache; false to mark it as closeable once again. + OLD, if non-NULL, is set to the previous value of the flag. + Returns false on error, true on success. +*/ + +bool +bfd_cache_set_uncloseable (bfd *abfd, bool value, bool *old) +{ + bool result = true; + + if (!bfd_lock ()) + return false; + if (old != NULL) + *old = abfd->in_format_matches; + + /* Only perform any action when the state changes,and only when this + BFD is actually using the cache. */ + if (value != abfd->in_format_matches + && abfd->iovec == &cache_iovec + && possibly_cached (abfd)) + { + if (value) + { + /* Marking as uncloseable for the first time. Ensure the + file is open, and remove from the cache list. */ + FILE *f = bfd_cache_lookup (abfd, CACHE_NORMAL); + if (f == NULL) + result = false; + else + snip (abfd); + } + else + { + /* Mark as closeable again. */ + insert (abfd); + } + + abfd->in_format_matches = value; + } + + if (!bfd_unlock ()) + return false; + return result; +} + /* FUNCTION bfd_cache_size diff --git a/bfd/format.c b/bfd/format.c index 5a5b01975ac..238a76f14b9 100644 --- a/bfd/format.c +++ b/bfd/format.c @@ -86,6 +86,13 @@ DESCRIPTION o <> - more than one backend recognised the file format. + + When calling bfd_check_format (or bfd_check_format_matches), + any underlying file descriptor will be kept open for the + duration of the call. This is done to avoid races when + another thread calls bfd_cache_close_all. In this scenario, + the thread calling bfd_check_format must call bfd_cache_close + itself. */ bool @@ -338,6 +345,7 @@ bfd_check_format_matches (bfd *abfd, bfd_format format, char ***matching) bfd_cleanup cleanup = NULL; struct per_xvec_messages messages = { abfd, NULL, NULL, NULL }; struct per_xvec_messages *orig_messages; + bool old_in_format_matches; if (matching != NULL) *matching = NULL; @@ -362,6 +370,11 @@ bfd_check_format_matches (bfd *abfd, bfd_format format, char ***matching) return false; } + /* Avoid clashes with bfd_cache_close_all running in another + thread. */ + if (!bfd_cache_set_uncloseable (abfd, true, &old_in_format_matches)) + return false; + /* Presume the answer is yes. */ abfd->format = format; save_targ = abfd->xvec; @@ -615,7 +628,7 @@ bfd_check_format_matches (bfd *abfd, bfd_format format, char ***matching) print_and_clear_messages (&messages, abfd->xvec); /* File position has moved, BTW. */ - return true; + return bfd_cache_set_uncloseable (abfd, old_in_format_matches, NULL); } if (match_count == 0) @@ -658,6 +671,7 @@ bfd_check_format_matches (bfd *abfd, bfd_format format, char ***matching) bfd_preserve_restore (abfd, &preserve); _bfd_restore_error_handler_caching (orig_messages); print_and_clear_messages (&messages, NULL); + bfd_cache_set_uncloseable (abfd, old_in_format_matches, NULL); return false; } diff --git a/bfd/libbfd.h b/bfd/libbfd.h index 04dbe720edb..5863a658f8a 100644 --- a/bfd/libbfd.h +++ b/bfd/libbfd.h @@ -1017,6 +1017,8 @@ bfd_window_internal; /* Extracted from cache.c. */ bool bfd_cache_init (bfd *abfd) ATTRIBUTE_HIDDEN; +bool bfd_cache_set_uncloseable (bfd *abfd, bool value, bool *old) ATTRIBUTE_HIDDEN; + FILE* bfd_open_file (bfd *abfd) ATTRIBUTE_HIDDEN; /* Extracted from hash.c. */ -- 2.43.0