if thread id was reused by the kernel between the time pthread_kill
read it from the userspace pthread_t object and the time of the tgkill
syscall, a signal could be sent to the wrong thread. the tgkill
syscall was supposed to prevent this race (versus the old tkill
syscall) but it can't; it can only help in the case where the tid is
reused in a different process, but not when the tid is reused in the
same process.
the only solution i can see is an extra lock to prevent threads from
exiting while another thread is trying to pthread_kill them. it should
be very very cheap in the non-contended case.
int unblock_cancel;
int delete_timer;
locale_t locale;
+ int killlock;
};
struct __timer {
__lock(&self->exitlock);
/* Mark this thread dead before decrementing count */
+ __lock(&self->killlock);
self->dead = 1;
+ a_store(&self->killlock, 0);
do n = libc.threads_minus_1;
while (n && a_cas(&libc.threads_minus_1, n, n-1)!=n);
int pthread_kill(pthread_t t, int sig)
{
- return -__syscall(SYS_tgkill, t->pid, t->tid, sig);
+ int r;
+ __lock(&t->killlock);
+ r = t->dead ? ESRCH : -__syscall(SYS_tgkill, t->pid, t->tid, sig);
+ a_store(&t->killlock, 0);
+ return r;
}
projects / oweals / musl.git / commitdiff