1 /* Test case for async-signal-safe fork (with respect to malloc).
2 Copyright (C) 2016-2023 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public License as
7 published by the Free Software Foundation; either version 2.1 of the
8 License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; see the file COPYING.LIB. If
17 not, see <https://www.gnu.org/licenses/>. */
18
19 /* This test will fail if the process is multi-threaded because we
20 only have an async-signal-safe fork in the single-threaded case
21 (where we skip acquiring the malloc heap locks).
22
23 This test only checks async-signal-safety with regards to malloc;
24 other, more rarely-used glibc subsystems could have locks which
25 still make fork unsafe, even in single-threaded processes. */
26
27 #include <errno.h>
28 #include <sched.h>
29 #include <signal.h>
30 #include <stdbool.h>
31 #include <stdio.h>
32 #include <stdlib.h>
33 #include <string.h>
34 #include <sys/wait.h>
35 #include <time.h>
36 #include <unistd.h>
37 #include <array_length.h>
38 #include <support/check.h>
39 #include <support/support.h>
40 #include <support/xthread.h>
41 #include <support/xunistd.h>
42
43 /* How many malloc objects to keep arond. */
44 enum { malloc_objects = 1009 };
45
46 /* The maximum size of an object. */
47 enum { malloc_maximum_size = 70000 };
48
49 /* How many iterations the test performs before exiting. */
50 enum { iterations = 10000 };
51
52 /* Barrier for synchronization with the processes sending SIGUSR1
53 signals, to make it more likely that the signals arrive during a
54 fork/free/malloc call. */
55 static struct { pthread_barrier_t barrier; } *shared;
56
57 /* Set to 1 if SIGUSR1 is received. Used to detect a signal during
58 fork/free/malloc. */
59 static volatile sig_atomic_t sigusr1_received;
60
61 /* Periodically set to 1, to indicate that the process is making
62 progress. Checked by liveness_signal_handler. */
63 static volatile sig_atomic_t progress_indicator = 1;
64
65 /* Set to 1 if an error occurs in the signal handler. */
66 static volatile sig_atomic_t error_indicator = 0;
67
68 static void
69 sigusr1_handler (int signo)
70 {
71 sigusr1_received = 1;
72
73 /* Perform a fork with a trivial subprocess. */
74 pid_t pid = fork ();
75 if (pid == -1)
76 {
77 write_message ("error: fork\n");
78 error_indicator = 1;
79 return;
80 }
81 if (pid == 0)
82 _exit (0);
83 int status;
84 int ret = TEMP_FAILURE_RETRY (waitpid (pid, &status, 0));
85 if (ret < 0)
86 {
87 write_message ("error: waitpid\n");
88 error_indicator = 1;
89 return;
90 }
91 if (status != 0)
92 {
93 write_message ("error: unexpected exit status from subprocess\n");
94 error_indicator = 1;
95 return;
96 }
97 }
98
99 static void
100 liveness_signal_handler (int signo)
101 {
102 if (progress_indicator)
103 progress_indicator = 0;
104 else
105 write_message ("warning: process seems to be stuck\n");
106 }
107
108 /* Send SIGNO to the parent process. If SLEEP, wait a second between
109 signals, otherwise use barriers to delay sending signals. */
110 static void
111 __attribute__ ((noreturn))
112 signal_sender (int signo, bool sleep)
113 {
114 pid_t target = getppid ();
115 while (true)
116 {
117 if (!sleep)
118 xpthread_barrier_wait (&shared->barrier);
119 if (kill (target, signo) != 0)
120 {
121 dprintf (STDOUT_FILENO, "error: kill: %m\n");
122 abort ();
123 }
124 if (sleep)
125 usleep (1 * 1000 * 1000);
126 else
127 xpthread_barrier_wait (&shared->barrier);
128 }
129 }
130
131 /* Children processes. */
132 static pid_t sigusr1_sender_pids[5] = { 0 };
133 static pid_t sigusr2_sender_pid = 0;
134
135 static void
136 kill_children (void)
137 {
138 for (size_t i = 0; i < array_length (sigusr1_sender_pids); ++i)
139 if (sigusr1_sender_pids[i] > 0)
140 kill (sigusr1_sender_pids[i], SIGKILL);
141 if (sigusr2_sender_pid > 0)
142 kill (sigusr2_sender_pid, SIGKILL);
143 }
144
145 static int
146 do_test (void)
147 {
148 atexit (kill_children);
149
150 /* shared->barrier is initialized along with sigusr1_sender_pids
151 below. */
152 shared = support_shared_allocate (sizeof (*shared));
153
154 struct sigaction action =
155 {
156 .sa_handler = sigusr1_handler,
157 };
158 sigemptyset (&action.sa_mask);
159
160 if (sigaction (SIGUSR1, &action, NULL) != 0)
161 {
162 printf ("error: sigaction: %m");
163 return 1;
164 }
165
166 action.sa_handler = liveness_signal_handler;
167 if (sigaction (SIGUSR2, &action, NULL) != 0)
168 {
169 printf ("error: sigaction: %m");
170 return 1;
171 }
172
173 sigusr2_sender_pid = xfork ();
174 if (sigusr2_sender_pid == 0)
175 signal_sender (SIGUSR2, true);
176
177 /* Send SIGUSR1 signals from several processes. Hopefully, one
178 signal will hit one of the critical functions. Use a barrier to
179 avoid sending signals while not running fork/free/malloc. */
180 {
181 pthread_barrierattr_t attr;
182 xpthread_barrierattr_init (&attr);
183 xpthread_barrierattr_setpshared (&attr, PTHREAD_PROCESS_SHARED);
184 xpthread_barrier_init (&shared->barrier, &attr,
185 array_length (sigusr1_sender_pids) + 1);
186 xpthread_barrierattr_destroy (&attr);
187 }
188 for (size_t i = 0; i < array_length (sigusr1_sender_pids); ++i)
189 {
190 sigusr1_sender_pids[i] = xfork ();
191 if (sigusr1_sender_pids[i] == 0)
192 signal_sender (SIGUSR1, false);
193 }
194
195 void *objects[malloc_objects] = {};
196 unsigned int fork_signals = 0;
197 unsigned int free_signals = 0;
198 unsigned int malloc_signals = 0;
199 unsigned seed = 1;
200 for (int i = 0; i < iterations; ++i)
201 {
202 progress_indicator = 1;
203 int slot = rand_r (&seed) % malloc_objects;
204 size_t size = rand_r (&seed) % malloc_maximum_size;
205
206 /* Occasionally do a fork first, to catch deadlocks there as
207 well (see bug 24161). */
208 bool do_fork = (rand_r (&seed) % 7) == 0;
209
210 xpthread_barrier_wait (&shared->barrier);
211 if (do_fork)
212 {
213 sigusr1_received = 0;
214 pid_t pid = xfork ();
215 if (sigusr1_received)
216 ++fork_signals;
217 if (pid == 0)
218 _exit (0);
219 int status;
220 int ret = TEMP_FAILURE_RETRY (waitpid (pid, &status, 0));
221 if (ret < 0)
222 FAIL_EXIT1 ("waitpid: %m");
223 TEST_COMPARE (status, 0);
224 }
225 sigusr1_received = 0;
226 free (objects[slot]);
227 if (sigusr1_received)
228 ++free_signals;
229 sigusr1_received = 0;
230 objects[slot] = malloc (size);
231 if (sigusr1_received)
232 ++malloc_signals;
233 xpthread_barrier_wait (&shared->barrier);
234
235 if (objects[slot] == NULL || error_indicator != 0)
236 {
237 printf ("error: malloc: %m\n");
238 for (size_t i = 0; i < array_length (sigusr1_sender_pids); ++i)
239 kill (sigusr1_sender_pids[i], SIGKILL);
240 kill (sigusr2_sender_pid, SIGKILL);
241 return 1;
242 }
243 }
244
245 /* Clean up allocations. */
246 for (int slot = 0; slot < malloc_objects; ++slot)
247 free (objects[slot]);
248
249 printf ("info: signals received during fork: %u\n", fork_signals);
250 printf ("info: signals received during free: %u\n", free_signals);
251 printf ("info: signals received during malloc: %u\n", malloc_signals);
252
253 /* Do not destroy the barrier because of the SIGKILL above, which
254 may have left the barrier in an inconsistent state. */
255 support_shared_free (shared);
256
257 return 0;
258 }
259
260 #define TIMEOUT 100
261 #include <support/test-driver.c>