kern/38947: minor race for signals with multithreaded process

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/38947: minor race for signals with multithreaded process
From: ad%netbsd.org@localhost
Date: Thu, 12 Jun 2008 15:15:00 +0000 (UTC)

>Number:         38947
>Category:       kern
>Synopsis:       minor race for signals with multithreaded process
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jun 12 15:15:00 +0000 2008
>Originator:     Andrew Doran
>Release:        4.99.64
>Organization:
The NetBSD Project
>Environment:
n/a
>Description:
Seems like a bad thing to do, but I don't know if it really is a problem:

A process has two threads.

A signal arrives for the process and neither thread has it masked.

Both threads notice the signal pending in sleepq_block(), and return EINTR 
or ERESTART.
 
The two threads then race to get to userret() on the kernel/user boundary,
where the signal will be dispatched.

Only one thread can dequeue and process the signal, but both will return
an error.

>How-To-Repeat:
Code inspection.

>Fix:
Maybe have the issignal() in sleepq_block() dequeue the signal from the 
process pending list and enqueue it to the per-thread pending list if
it's known that the signal can be handled. We would need to handle cases
where the thread doesn't get to the kernel/user boundary which would be
tricky.

Prev by Date: Re: bin/38944: CD digital extraction/transfer mode not working
Next by Date: lib/38948: libpthread, java: thread awakening itself
Previous by Thread: port-sparc/38945: Supported hardware list is unclear re qfe support on sun4c
Next by Thread: lib/38948: libpthread, java: thread awakening itself
Indexes:

Home | Main Index | Thread Index | Old Index