From: Rich Felker <dalias@libc.org>
To: Alistair Francis <alistair.francis@wdc.com>
Cc: libc-alpha@sourceware.org, arnd@arndb.de,
adhemerval.zanella@linaro.org, fweimer@redhat.com,
palmer@sifive.com, macro@wdc.com, zongbox@gmail.com,
alistair23@gmail.com
Subject: Re: [RFC v3 03/23] sysdeps/wait: Use waitid if avaliable
Date: Sun, 21 Jul 2019 04:20:00 -0000 [thread overview]
Message-ID: <20190721042032.GA3423@brightrain.aerifal.cx> (raw)
In-Reply-To: <20190721040310.GA3283@brightrain.aerifal.cx>
On Sun, Jul 21, 2019 at 12:03:10AM -0400, Rich Felker wrote:
> On Tue, Jul 16, 2019 at 05:08:48PM -0700, Alistair Francis wrote:
> > If the waitid syscall is avaliable let's use that as waitpid
> > and wait4 aren't always avaliable (they aren't avaliable on RV32).
> >
> > Unfortunately waitid is substantially differnt to waitpid and wait4, so
> > the conversion ends up being complex.
> >
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > ---
> > ChangeLog | 3 ++
> > sysdeps/unix/sysv/linux/wait.c | 39 ++++++++++++++++--
> > sysdeps/unix/sysv/linux/waitpid.c | 46 ++++++++++++++++++++++
> > sysdeps/unix/sysv/linux/waitpid_nocancel.c | 45 +++++++++++++++++++++
> > 4 files changed, 130 insertions(+), 3 deletions(-)
> > [...]
> >
> > weak_alias (__libc_wait, __wait)
> > diff --git a/sysdeps/unix/sysv/linux/waitpid.c b/sysdeps/unix/sysv/linux/waitpid.c
> > index f0897574c0..7d4e0bb77d 100644
> > --- a/sysdeps/unix/sysv/linux/waitpid.c
> > +++ b/sysdeps/unix/sysv/linux/waitpid.c
> > @@ -20,12 +20,58 @@
> > #include <sysdep-cancel.h>
> > #include <stdlib.h>
> > #include <sys/wait.h>
> > +#include <unistd.h>
> >
> > __pid_t
> > __waitpid (__pid_t pid, int *stat_loc, int options)
> > {
> > #ifdef __NR_waitpid
> > return SYSCALL_CANCEL (waitpid, pid, stat_loc, options);
> > +#elif defined(__NR_waitid)
> > + __pid_t ret;
> > + idtype_t idtype = P_PID;
> > + siginfo_t infop;
> > +
> > + if (pid < -1) {
> > + idtype = P_PGID;
> > + pid *= -1;
> > + } else if (pid == -1) {
> > + idtype = P_ALL;
> > + } else if (pid == 0) {
> > + idtype = P_PGID;
> > + pid = getpgrp();
> > + }
> > +
> > + options |= WEXITED;
> > +
> > + ret = SYSCALL_CANCEL (waitid, idtype, pid, &infop, options, NULL);
>
> This emulation has a fundamental race condition. Between getpgrp and
> waitid, a signal handler may perform setpgrp, setsid, and/or fork in
> ways that cause the wrong pgid to be passed to the waitid syscall.
> There is no way around this because you cannot block signals for the
> interval, since signals must be able to interrupt the waitid syscall.
>
> Unless there's some trick I'm missing here, the kernel folks' removal
> of the wait4 syscall is just a bug in the kernel that they need to
> fix. It also makes it impossible to implement the wait4 function,
> since there's no way to get rusage for the exited process.
Reportedly (via Stefan O'Rear just now) there was a similar kernel bug
introduced in 161550d74c07303ffa6187ba776f62df5a906a21 that makes
wait4 fail to honor pgrp changes that happen while already in the
syscall (e.g. performed on the caller by another thread or even
another process). But the race condition here in userspace is even
more egregious I think, since it violates the contract in a case where
there is a clear observable order between the pgrp change and the
blocking wait -- for instance, the signal handler could change pgrp
of itself and a child process, and then whether or not the signal
handler had executed before the waitpid, the waitpid should catch the
child's exit. But with the above race, it fails to.
Rich
next prev parent reply other threads:[~2019-07-21 4:20 UTC|newest]
Thread overview: 127+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-17 0:11 [RFC v3 00/23] RISC-V glibc port for the 32-bit Alistair Francis
2019-07-17 0:11 ` [RFC v3 08/23] RISC-V: define __NR_futex as __NR_futex_time64 for 32-bit Alistair Francis
2019-07-17 0:11 ` [RFC v3 03/23] sysdeps/wait: Use waitid if avaliable Alistair Francis
2019-07-17 5:31 ` Florian Weimer
2019-07-19 17:52 ` Alistair Francis
2019-07-22 15:58 ` Florian Weimer
2019-07-22 21:06 ` Alistair Francis
2019-07-21 4:03 ` Rich Felker
2019-07-21 4:20 ` Rich Felker [this message]
2019-07-21 11:59 ` Eric W. Biederman
2019-07-21 23:00 ` Rich Felker
2019-07-21 7:57 ` Arnd Bergmann
2019-07-21 12:15 ` Eric W. Biederman
2019-07-21 12:28 ` Christian Brauner
2019-07-21 14:31 ` Arnd Bergmann
2019-07-21 15:45 ` Eric W. Biederman
2019-07-21 17:06 ` Arnd Bergmann
2019-07-21 17:22 ` Linus Torvalds
2019-07-21 21:40 ` Eric W. Biederman
2019-07-21 23:24 ` Rich Felker
2019-07-23 0:01 ` Eric W. Biederman
2019-07-23 8:12 ` Arnd Bergmann
2019-07-23 8:29 ` Christian Brauner
2019-07-23 8:45 ` Arnd Bergmann
2019-07-25 0:08 ` Alistair Francis
2019-07-25 4:40 ` Rich Felker
2019-07-25 13:23 ` Arnd Bergmann
2019-07-25 16:06 ` Christian Brauner
2019-07-25 17:14 ` Eric W. Biederman
2019-07-25 17:30 ` Christian Brauner
2019-08-13 22:25 ` Alistair Francis
2019-08-13 23:12 ` Rich Felker
2019-08-14 5:07 ` Christian Brauner
2019-08-14 11:40 ` [PATCH v1 0/1] waitid: process group enhancement christian.brauner
2019-08-14 11:40 ` [PATCH v1 1/1] waitid: Add support for waiting for the current process group christian.brauner
2019-08-14 12:29 ` Oleg Nesterov
2019-08-14 12:46 ` Christian Brauner
2019-08-14 12:50 ` Oleg Nesterov
2019-08-14 12:53 ` Christian Brauner
2019-08-14 13:10 ` [PATCH v2 0/1] waitid: process group enhancement Christian Brauner
2019-08-14 13:10 ` [PATCH v2 1/1] waitid: Add support for waiting for the current process group Christian Brauner
2019-08-14 14:20 ` Oleg Nesterov
2019-08-14 14:35 ` Christian Brauner
2019-08-14 15:27 ` Oleg Nesterov
2019-08-14 15:30 ` Christian Brauner
2019-08-14 15:46 ` [PATCH v3 0/1] waitid: process group enhancement Christian Brauner
2019-08-14 15:46 ` [PATCH v3 1/1] waitid: Add support for waiting for the current process group Christian Brauner
2019-08-14 16:09 ` Oleg Nesterov
2019-08-14 16:15 ` Christian Brauner
2019-08-14 16:34 ` Christian Brauner
2019-08-14 16:55 ` Rich Felker
2019-08-14 17:02 ` Christian Brauner
2019-08-14 17:06 ` Linus Torvalds
2019-08-14 18:00 ` Rich Felker
2019-08-14 20:50 ` Christian Brauner
2019-08-14 15:58 ` [PATCH v3 0/1] waitid: process group enhancement Rich Felker
2019-08-14 16:13 ` Christian Brauner
2019-07-26 23:39 ` [RFC v3 03/23] sysdeps/wait: Use waitid if avaliable Alistair Francis
2019-07-17 0:11 ` [RFC v3 04/23] sysdeps/clock_gettime: Use clock_gettime64 " Alistair Francis
2019-07-17 5:39 ` Florian Weimer
2019-07-17 8:04 ` Arnd Bergmann
2019-07-17 8:44 ` Florian Weimer
2019-07-17 9:10 ` Arnd Bergmann
2019-07-17 15:16 ` Florian Weimer
2019-07-18 7:39 ` Arnd Bergmann
2019-07-18 8:19 ` Florian Weimer
2019-07-18 9:15 ` Arnd Bergmann
2019-07-18 18:10 ` Adhemerval Zanella
2019-07-19 21:06 ` Alistair Francis
2019-07-17 7:03 ` Andreas Schwab
2019-07-17 12:37 ` Lukasz Majewski
2019-07-17 0:11 ` [RFC v3 02/23] sysdeps/gettimeofday: " Alistair Francis
2019-07-17 7:09 ` Florian Weimer
2019-07-20 3:21 ` Rich Felker
2019-07-25 20:54 ` Joseph Myers
2019-07-17 12:43 ` Lukasz Majewski
2019-07-17 12:48 ` Lukasz Majewski
2019-07-19 22:29 ` Alistair Francis
2019-07-17 0:11 ` [RFC v3 01/23] sysdeps/nanosleep: Use clock_nanosleep_time64 " Alistair Francis
2019-07-17 5:16 ` Florian Weimer
2019-07-19 17:29 ` Alistair Francis
2019-07-20 14:24 ` Stepan Golosunov
2019-07-22 21:17 ` Alistair Francis
2019-07-17 0:12 ` [RFC v3 18/23] RISC-V: Regenerate ULPs of RISC-V Alistair Francis
2019-07-17 0:12 ` [RFC v3 06/23] Documentation for the RISC-V 32-bit port Alistair Francis
2019-07-17 0:12 ` [RFC v3 16/23] RISC-V: The ABI implementation for the 32-bit Alistair Francis
2019-07-17 0:12 ` [RFC v3 22/23] Add RISC-V 32-bit target to build-many-glibcs.py Alistair Francis
2019-07-17 0:12 ` [RFC v3 05/23] sysdeps/timespec_get: Use clock_gettime64 if avaliable Alistair Francis
2019-07-17 5:08 ` Florian Weimer
2019-07-17 7:59 ` Arnd Bergmann
2019-07-17 8:12 ` Florian Weimer
2019-07-17 8:23 ` Arnd Bergmann
2019-07-17 8:41 ` Florian Weimer
2019-07-17 8:54 ` Arnd Bergmann
2019-07-25 20:14 ` Joseph Myers
2019-07-17 12:23 ` Lukasz Majewski
2019-07-17 0:12 ` [RFC v3 21/23] RISC-V: Fix llrint and llround missing exceptions on RV32 Alistair Francis
2019-07-17 12:22 ` Florian Weimer
2019-07-17 22:35 ` Alistair Francis
2019-07-17 0:12 ` [RFC v3 12/23] RISC-V: define __vdso_clock_gettime as __vdso_clock_gettime64 for 32-bit Alistair Francis
2019-07-17 8:16 ` Arnd Bergmann
2019-07-19 17:19 ` Alistair Francis
2019-07-17 0:12 ` [RFC v3 10/23] RISC-V: define __NR_clock_getres as __NR_*_time64 " Alistair Francis
2019-07-17 0:12 ` [RFC v3 11/23] RISC-V: define __vdso_clock_getres as __vdso_clock_getres_time64 " Alistair Francis
2019-07-17 0:12 ` [RFC v3 15/23] RISC-V: Add path of library directories for the 32-bit Alistair Francis
2019-07-17 12:20 ` Florian Weimer
2019-07-17 0:12 ` [RFC v3 14/23] RISC-V: Support dynamic loader " Alistair Francis
2019-07-17 0:12 ` [RFC v3 13/23] RISC-V: Use 64-bit timespec in clock_gettime vdso calls Alistair Francis
2019-07-17 8:14 ` Arnd Bergmann
2019-07-17 0:12 ` [RFC v3 09/23] RISC-V: define __NR_* as __NR_*_time64/64 for 32-bit Alistair Francis
2019-07-17 0:12 ` [RFC v3 19/23] RISC-V: Add ABI lists Alistair Francis
2019-07-17 0:12 ` [RFC v3 23/23] RISC-V: Use 64-bit vdso syscalls Alistair Francis
2019-07-17 5:33 ` Florian Weimer
2019-07-17 8:02 ` Arnd Bergmann
2019-07-17 22:27 ` Alistair Francis
2019-07-17 23:46 ` Alistair Francis
2019-07-18 0:05 ` Alistair Francis
2019-07-17 0:12 ` [RFC v3 20/23] RISC-V: Build Infastructure for the 32-bit Alistair Francis
2019-07-17 0:12 ` [RFC v3 17/23] RISC-V: Hard float support for the 32 bit Alistair Francis
2019-07-17 0:12 ` [RFC v3 07/23] RISC-V: Use 64-bit time_t and off_t for RV32 and RV64 Alistair Francis
2019-07-17 8:27 ` Arnd Bergmann
2019-07-17 22:43 ` Alistair Francis
2019-07-18 7:41 ` Arnd Bergmann
2019-07-18 17:36 ` Alistair Francis
2019-07-19 6:44 ` Arnd Bergmann
2019-07-19 17:06 ` Alistair Francis
2019-07-19 17:18 ` [RFC v3 00/23] RISC-V glibc port for the 32-bit Alistair Francis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190721042032.GA3423@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=adhemerval.zanella@linaro.org \
--cc=alistair.francis@wdc.com \
--cc=alistair23@gmail.com \
--cc=arnd@arndb.de \
--cc=fweimer@redhat.com \
--cc=libc-alpha@sourceware.org \
--cc=macro@wdc.com \
--cc=palmer@sifive.com \
--cc=zongbox@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).