about summary refs log tree commit diff
path: root/posix
diff options
context:
space:
mode:
authorAdhemerval Zanella <adhemerval.zanella@linaro.org>2021-01-19 09:26:31 -0300
committerAdhemerval Zanella <adhemerval.zanella@linaro.org>2021-06-28 15:55:56 -0300
commitc32c868ab8b2b95724550d0130782c0767fc3bab (patch)
tree53b43a7f006fe8f549affb6b6d4d24b808a75465 /posix
parentdd45734e322a03287d34d8af9b7da7b35cfddb8e (diff)
downloadglibc-c32c868ab8b2b95724550d0130782c0767fc3bab.tar.gz
glibc-c32c868ab8b2b95724550d0130782c0767fc3bab.tar.xz
glibc-c32c868ab8b2b95724550d0130782c0767fc3bab.zip
posix: Add _Fork [BZ #4737]
Austin Group issue 62 [1] dropped the async-signal-safe requirement
for fork and provided a async-signal-safe _Fork replacement that
does not run the atfork handlers.  It will be included in the next
POSIX standard.

It allow to close a long standing issue to make fork AS-safe (BZ#4737).
As indicated on the bug, besides the internal lock for the atfork
handlers itself; there is no guarantee that the handlers itself will
not introduce more AS-safe issues.

The idea is synchronize fork with the required internal locks to allow
children in multithread processes to use mostly of standard function
(even though POSIX states only AS-safe function should be used).  On
signal handles, _Fork should be used intead and only AS-safe functions
should be used.

For testing, the new tst-_Fork only check basic usage.  I also added
a new tst-mallocfork3 which uses the same strategy to check for
deadlock of tst-mallocfork2 but using threads instead of subprocesses
(and it does deadlock if it replaces _Fork with fork).

[1] https://austingroupbugs.net/view.php?id=62
Diffstat (limited to 'posix')
-rw-r--r--posix/Makefile3
-rw-r--r--posix/Versions1
-rw-r--r--posix/fork.c5
-rw-r--r--posix/tst-_Fork.c154
-rw-r--r--posix/unistd.h7
5 files changed, 168 insertions, 2 deletions
diff --git a/posix/Makefile b/posix/Makefile
index 3bd7d605df..e91ea25ba1 100644
--- a/posix/Makefile
+++ b/posix/Makefile
@@ -130,7 +130,7 @@ test-srcs	:= globtest
 tests           += wordexp-test tst-exec tst-spawn tst-spawn2 tst-spawn3
 endif
 ifeq (yesyes,$(build-shared)$(have-thread-library))
-tests		+= tst-getopt-cancel
+tests		+= tst-getopt-cancel tst-_Fork
 endif
 tests-static	= tst-exec-static tst-spawn-static
 tests		+= $(tests-static)
@@ -299,6 +299,7 @@ $(objpfx)ptestcases.h: PTESTS PTESTS2C.sed
 $(objpfx)runptests.o: $(objpfx)ptestcases.h
 
 $(objpfx)tst-getopt-cancel: $(shared-thread-library)
+$(objpfx)tst-_Fork: $(shared-thread-library)
 
 test-xfail-annexc = yes
 $(objpfx)annexc.out: $(objpfx)annexc
diff --git a/posix/Versions b/posix/Versions
index 5983144d01..ee1f412185 100644
--- a/posix/Versions
+++ b/posix/Versions
@@ -152,6 +152,7 @@ libc {
   GLIBC_2.30 {
   }
   GLIBC_2.34 {
+    _Fork;
     execveat;
   }
   GLIBC_PRIVATE {
diff --git a/posix/fork.c b/posix/fork.c
index 940d6a0955..c471f7b15f 100644
--- a/posix/fork.c
+++ b/posix/fork.c
@@ -41,7 +41,10 @@ __libc_fork (void)
 {
   /* Determine if we are running multiple threads.  We skip some fork
      handlers in the single-thread case, to make fork safer to use in
-     signal handlers.  */
+     signal handlers.  Although POSIX has dropped async-signal-safe
+     requirement for fork (Austin Group tracker issue #62) this is
+     best effort to make is async-signal-safe at least for single-thread
+     case.  */
   bool multiple_threads = __libc_single_threaded == 0;
 
   __run_fork_handlers (atfork_run_prepare, multiple_threads);
diff --git a/posix/tst-_Fork.c b/posix/tst-_Fork.c
new file mode 100644
index 0000000000..43a65c0fea
--- /dev/null
+++ b/posix/tst-_Fork.c
@@ -0,0 +1,154 @@
+/* Basic tests for _Fork.
+   Copyright (C) 2021 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <array_length.h>
+#include <stdlib.h>
+#include <string.h>
+#include <pthread.h>
+#include <stdbool.h>
+#include <support/check.h>
+#include <support/xsignal.h>
+#include <support/temp_file.h>
+#include <support/xunistd.h>
+#include <support/xthread.h>
+
+/* For single-thread, _Fork behaves like fork.  */
+static int
+singlethread_test (void)
+{
+  const char testdata1[] = "abcdefghijklmnopqrtuvwxz";
+  enum { testdatalen1 = array_length (testdata1) };
+  const char testdata2[] = "01234567890";
+  enum { testdatalen2 = array_length (testdata2) };
+
+  pid_t ppid = getpid ();
+
+  int tempfd = create_temp_file ("tst-_Fork", NULL);
+
+  /* Check if the opened file is shared between process by read and write
+     some data on parent and child processes.  */
+  xwrite (tempfd, testdata1, testdatalen1);
+  off_t off = xlseek (tempfd, 0, SEEK_CUR);
+  TEST_COMPARE (off, testdatalen1);
+
+  pid_t pid = _Fork ();
+  TEST_VERIFY_EXIT (pid != -1);
+  if (pid == 0)
+    {
+      TEST_VERIFY_EXIT (getpid () != ppid);
+      TEST_COMPARE (getppid(), ppid);
+
+      TEST_COMPARE (xlseek (tempfd, 0, SEEK_CUR), testdatalen1);
+
+      xlseek (tempfd, 0, SEEK_SET);
+      char buf[testdatalen1];
+      TEST_COMPARE (read (tempfd, buf, sizeof (buf)), testdatalen1);
+      TEST_COMPARE_BLOB (buf, testdatalen1, testdata1, testdatalen1);
+
+      xlseek (tempfd, 0, SEEK_SET);
+      xwrite (tempfd, testdata2, testdatalen2);
+
+      xclose (tempfd);
+
+      _exit (EXIT_SUCCESS);
+    }
+
+  int status;
+  xwaitpid (pid, &status, 0);
+  TEST_VERIFY (WIFEXITED (status));
+  TEST_COMPARE (WEXITSTATUS (status), EXIT_SUCCESS);
+
+  TEST_COMPARE (xlseek (tempfd, 0, SEEK_CUR), testdatalen2);
+
+  xlseek (tempfd, 0, SEEK_SET);
+  char buf[testdatalen2];
+  TEST_COMPARE (read (tempfd, buf, sizeof (buf)), testdatalen2);
+
+  TEST_COMPARE_BLOB (buf, testdatalen2, testdata2, testdatalen2);
+
+  return 0;
+}
+
+
+static volatile sig_atomic_t sigusr1_handler_ran;
+#define SIG_PID_EXIT_CODE 20
+
+static bool atfork_prepare_var;
+static bool atfork_parent_var;
+static bool atfork_child_var;
+
+static void
+atfork_prepare (void)
+{
+  atfork_prepare_var = true;
+}
+
+static void
+atfork_parent (void)
+{
+  atfork_parent_var = true;
+}
+
+static void
+atfork_child (void)
+{
+  atfork_child_var = true;
+}
+
+/* Different than fork, _Fork does not execute any pthread_atfork
+   handlers.  */
+static int
+singlethread_atfork_test (void)
+{
+  pthread_atfork (atfork_prepare, atfork_parent, atfork_child);
+  singlethread_test ();
+  TEST_VERIFY (!atfork_prepare_var);
+  TEST_VERIFY (!atfork_parent_var);
+  TEST_VERIFY (!atfork_child_var);
+
+  return 0;
+}
+
+static void *
+mt_atfork_test (void *args)
+{
+  singlethread_atfork_test ();
+
+  return NULL;
+}
+
+static int
+multithread_atfork_test (void)
+{
+  pthread_t thr = xpthread_create (NULL, mt_atfork_test, NULL);
+  xpthread_join (thr);
+
+  return 0;
+}
+
+
+static int
+do_test (void)
+{
+  singlethread_atfork_test ();
+  multithread_atfork_test ();
+
+  return 0;
+}
+
+#include <support/test-driver.c>
diff --git a/posix/unistd.h b/posix/unistd.h
index d9d8929f71..217c6c5363 100644
--- a/posix/unistd.h
+++ b/posix/unistd.h
@@ -781,6 +781,13 @@ extern __pid_t fork (void) __THROWNL;
 extern __pid_t vfork (void) __THROW;
 #endif /* Use misc or XPG < 7. */
 
+#ifdef __USE_GNU
+/* This is similar to fork, however it does not run the atfork handlers
+   neither reinitialize any internal locks in multithread case.
+   Different than fork, _Fork is async-signal-safe.  */
+extern __pid_t _Fork (void) __THROW;
+#endif
+
 
 /* Return the pathname of the terminal FD is open on, or NULL on errors.
    The returned storage is good only until the next call to this function.  */