From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 7406 invoked by alias); 17 Oct 2013 15:41:33 -0000 Mailing-List: contact libc-ports-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: libc-ports-owner@sourceware.org Received: (qmail 7331 invoked by uid 89); 17 Oct 2013 15:41:32 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,SPF_NEUTRAL autolearn=no version=3.3.2 X-Spam-User: qpsmtpd, 2 recipients X-HELO: popelka.ms.mff.cuni.cz Received: from popelka.ms.mff.cuni.cz (HELO popelka.ms.mff.cuni.cz) (195.113.20.131) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 17 Oct 2013 15:41:31 +0000 Received: from domone.kolej.mff.cuni.cz (popelka.ms.mff.cuni.cz [195.113.20.131]) by popelka.ms.mff.cuni.cz (Postfix) with ESMTPS id C3374688DB; Thu, 17 Oct 2013 17:41:26 +0200 (CEST) Received: by domone.kolej.mff.cuni.cz (Postfix, from userid 1000) id A93CA5F96A; Thu, 17 Oct 2013 17:41:26 +0200 (CEST) Date: Thu, 17 Oct 2013 15:41:00 -0000 From: =?utf-8?B?T25kxZllaiBCw61sa2E=?= To: libc-alpha@sourceware.org, libc-ports@sourceware.org Subject: Re: [RFC][BZ #1874] Fix assertion triggered by thread/fork interaction Message-ID: <20131017154126.GF31767@domone.podge> References: <20131009200534.GA4300@domone.podge> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20131009200534.GA4300@domone.podge> User-Agent: Mutt/1.5.20 (2009-06-14) X-IsSubscribed: yes X-SW-Source: 2013-10/txt/msg00016.txt.bz2 On Wed, Oct 09, 2013 at 10:05:34PM +0200, Ondřej Bílka wrote: > Hi, > > This bug had a simple patch for five years without reply. > https://sourceware.org/bugzilla/show_bug.cgi?id=4578 > Could someone comment this? > > It was detected on custom chip, could this be replicated on other > architectures? > Comments? > An analysis from bugzilla and patch are below > > " > Details: > > If a thread happens to hold dl_load_lock and have r_state set to RT_ADD > or RT_DELETE at the time another thread calls fork(), then the child exit > code from fork (in nptl/sysdeps/unix/sysv/linux/fork.c in our case) > re-initializes dl_load_lock but does not restore r_state to RT_CONSISTENT. > If the child subsequently requires ld.so functionality before calling exec(), > then the assertion will fire. > > The patch acquires dl_load_lock on entry to fork() and releases it on exit > from the parent path. The child path is initialized as currently done. > This is essentially pthreads_atfork, but forced to be first because the > acquisition of dl_load_lock must happen before malloc_atfork is active > to avoid a deadlock. > " > > --- glibc-2.5-sources/nptl/sysdeps/unix/sysv/linux/fork.c > 2007-05-29 23:44:33.000000000 -0400 > +++ glibc-2.5-modified/nptl/sysdeps/unix/sysv/linux/fork.c > 2007-05-31 15:07:18.712221827 -0400 > @@ -27,6 +27,7 @@ > #include "fork.h" > #include > #include > +#include > #include > #include > > @@ -59,6 +60,8 @@ > struct used_handler *next; > } *allp = NULL; > > + /* grab ld.so lock BEFORE switching to malloc_atfork */ > + __rtld_lock_lock_recursive (GL(dl_load_lock)); > /* Run all the registered preparation handlers. In reverse order. > While doing this we build up a list of all the entries. */ > struct fork_handler *runp; > @@ -208,6 +211,8 @@ > > allp = allp->next; > } > + /* unlock ld.so last, because we locked it first */ > + __rtld_lock_unlock_recursive (GL(dl_load_lock)); > } > > return pid;