nptl/pthread_cancel.c

   1 /* Copyright (C) 2002-2024 Free Software Foundation, Inc.
   2    This file is part of the GNU C Library.
   3
   4    The GNU C Library is free software; you can redistribute it and/or
   5    modify it under the terms of the GNU Lesser General Public
   6    License as published by the Free Software Foundation; either
   7    version 2.1 of the License, or (at your option) any later version.
   8
   9    The GNU C Library is distributed in the hope that it will be useful,
  10    but WITHOUT ANY WARRANTY; without even the implied warranty of
  11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12    Lesser General Public License for more details.
  13
  14    You should have received a copy of the GNU Lesser General Public
  15    License along with the GNU C Library; if not, see
  16    <https://www.gnu.org/licenses/>.  */
  17
  18 #include <errno.h>
  19 #include <signal.h>
  20 #include <stdlib.h>
  21 #include "pthreadP.h"
  22 #include <atomic.h>
  23 #include <sysdep.h>
  24 #include <unistd.h>
  25 #include <unwind-link.h>
  26 #include <cancellation-pc-check.h>
  27 #include <stdio.h>
  28 #include <gnu/lib-names.h>
  29 #include <sys/single_threaded.h>
  30
  31 /* For asynchronous cancellation we use a signal.  */
  32 static void
  33 sigcancel_handler (int sig, siginfo_t *si, void *ctx)
  34 {
  35   /* Safety check.  It would be possible to call this function for
  36      other signals and send a signal from another process.  This is not
  37      correct and might even be a security problem.  Try to catch as
  38      many incorrect invocations as possible.  */
  39   if (sig != SIGCANCEL
  40       || si->si_pid != __getpid()
  41       || si->si_code != SI_TKILL)
  42     return;
  43
  44   /* Check if asynchronous cancellation mode is set or if interrupted
  45      instruction pointer falls within the cancellable syscall bridge.  For
  46      interruptable syscalls with external side-effects (i.e. partial reads),
  47      the kernel  will set the IP to after __syscall_cancel_arch_end, thus
  48      disabling the cancellation and allowing the process to handle such
  49      conditions.  */
  50   struct pthread *self = THREAD_SELF;
  51   int oldval = atomic_load_relaxed (&self->cancelhandling);
  52   if (cancel_async_enabled (oldval) || cancellation_pc_check (ctx))
  53     __syscall_do_cancel ();
  54 }
  55
  56 int
  57 __pthread_cancel (pthread_t th)
  58 {
  59   volatile struct pthread *pd = (volatile struct pthread *) th;
  60
  61   if (pd->tid == 0)
  62     /* The thread has already exited on the kernel side.  Its outcome
  63        (regular exit, other cancelation) has already been
  64        determined.  */
  65     return 0;
  66
  67   static int init_sigcancel = 0;
  68   if (atomic_load_relaxed (&init_sigcancel) == 0)
  69     {
  70       struct sigaction sa;
  71       sa.sa_sigaction = sigcancel_handler;
  72       /* The signal handle should be non-interruptible to avoid the risk of
  73          spurious EINTR caused by SIGCANCEL sent to process or if
  74          pthread_cancel() is called while cancellation is disabled in the
  75          target thread.  */
  76       sa.sa_flags = SA_SIGINFO | SA_RESTART;
  77       __sigemptyset (&sa.sa_mask);
  78       __libc_sigaction (SIGCANCEL, &sa, NULL);
  79       atomic_store_relaxed (&init_sigcancel, 1);
  80     }
  81
  82 #ifdef SHARED
  83   /* Trigger an error if libgcc_s cannot be loaded.  */
  84   {
  85     struct unwind_link *unwind_link = __libc_unwind_link_get ();
  86     if (unwind_link == NULL)
  87       __libc_fatal (LIBGCC_S_SO
  88                     " must be installed for pthread_cancel to work\n");
  89   }
  90 #endif
  91
  92   /* Some syscalls are never restarted after being interrupted by a signal
  93      handler, regardless of the use of SA_RESTART (they always fail with
  94      EINTR).  So pthread_cancel cannot send SIGCANCEL unless the cancellation
  95      is enabled.
  96      In this case the target thread is set as 'cancelled' (CANCELED_BITMASK)
  97      by atomically setting 'cancelhandling' and the cancelation will be acted
  98      upon on next cancellation entrypoing in the target thread.
  99
 100      It also requires to atomically check if cancellation is enabled, so the
 101      state are also tracked on 'cancelhandling'.  */
 102
 103   int result = 0;
 104   int oldval = atomic_load_relaxed (&pd->cancelhandling);
 105   int newval;
 106   do
 107     {
 108     again:
 109       newval = oldval | CANCELED_BITMASK;
 110       if (oldval == newval)
 111         break;
 112
 113       /* Only send the SIGANCEL signal if cancellation is enabled, since some
 114          syscalls are never restarted even with SA_RESTART.  The signal
 115          will act iff async cancellation is enabled.  */
 116       if (cancel_enabled (newval))
 117         {
 118           if (!atomic_compare_exchange_weak_acquire (&pd->cancelhandling,
 119                                                      &oldval, newval))
 120             goto again;
 121
 122           if (pd == THREAD_SELF)
 123             /* This is not merely an optimization: An application may
 124                call pthread_cancel (pthread_self ()) without calling
 125                pthread_create, so the signal handler may not have been
 126                set up for a self-cancel.  */
 127             {
 128               if (cancel_async_enabled (newval))
 129                 __do_cancel (PTHREAD_CANCELED);
 130             }
 131           else
 132             /* The cancellation handler will take care of marking the
 133                thread as canceled.  */
 134             result = __pthread_kill_internal (th, SIGCANCEL);
 135
 136           break;
 137         }
 138     }
 139   while (!atomic_compare_exchange_weak_acquire (&pd->cancelhandling, &oldval,
 140                                                 newval));
 141
 142   /* A single-threaded process should be able to kill itself, since there is
 143      nothing in the POSIX specification that says that it cannot.  So we set
 144      multiple_threads to true so that cancellation points get executed.  */
 145   THREAD_SETMEM (THREAD_SELF, header.multiple_threads, 1);
 146 #ifndef TLS_MULTIPLE_THREADS_IN_TCB
 147   __libc_single_threaded_internal = 0;
 148 #endif
 149
 150   return result;
 151 }
 152 versioned_symbol (libc, __pthread_cancel, pthread_cancel, GLIBC_2_34);
 153
 154 #if OTHER_SHLIB_COMPAT (libpthread, GLIBC_2_0, GLIBC_2_34)
 155 compat_symbol (libpthread, __pthread_cancel, pthread_cancel, GLIBC_2_0);
 156 #endif
 157
 158 /* Ensure that the unwinder is always linked in (the __pthread_unwind
 159    reference from __do_cancel is weak).  Use ___pthread_unwind_next
 160    (three underscores) to produce a strong reference to the same
 161    file.  */
 162 PTHREAD_STATIC_FN_REQUIRE (___pthread_unwind_next)