-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fallback to a read lock on fork preparation #356
Conversation
Actually this patch may still not be ok, because the read lock could be nested in the same thread as the code calling the callback and already holding a read lock ... |
I have tested this change with Apache and yes, it does avoid the deadlock. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good
Small typo in commit title: |
@ifranzki does apache fork from the thread where the callback is running, or does it fork from another thread? |
Ok so I verified that holding a read lock multiple times with pthread_rwlock_rdlock() is just fine, therefore the code will work as is. However I think I may still change this patch to attempt to acquire a write lock, and fallback to a mere read lock only if that fails ... |
I added a trywrlock() and also added a much deeper explanation in the commit message of my reasoning why I do what I do now in the code. |
It does fork from the thread where the callback is running. You can see this in the backtrace in the issue: Also, the backtrace shows that its executing in the process's main thread, i.e. the backtrack shows |
Thanks for confirming, I think I am ok with the current code. |
Finally found time to add the test. This test will ensure we do not inadvertently reintroduce a deadlock in the future. |
3f707ed
to
e21e6dd
Compare
I ran diff through the logs for fedora in this run and last working in main https://github.com/latchset/pkcs11-provider/actions/runs/8266635712/job/22615078760 and the only difference in the dependencies is Running the address sanitizer checks locally on master shows no issues, while running it in this branch shows two memory leaks:
Can you try to fix them and rebuild it? |
0b3c4f7
to
a410b57
Compare
A free() was used indtead of the proper OPENSSL_free() While there reformatted the code to better conform to our style. Signed-off-by: Simo Sorce <[email protected]>
Signed-off-by: Simo Sorce <[email protected]>
The reason to acquire a write lock is that there is a corner case where the forking application is going to actually create additional threads in an atfork() handler that runs before ours instead of doing something more sensible like an immediate exec(). If such an application were to create threads then there is a chance one of those threads could cause a call into pkcs11-provider that would end up acquiring a read lock, which we will destroy as part of the post fork atfork() handler. Note that pthread creation or even pthread lock initialization functions are not considered async-signal-safe fucntions, so this is all a shot in the dark anyway ... Given this premise, falling back to a read lock, which will prevent modification of the slots is sufficient in most cases. Although there is a slight chance again that resetting the locks can cause a thread to obtain a write lock while another thread holds a now defunct read lock, such that there is modification of the slots while a separate thread is reading this information, this is so rare it is not worth dealing with (and there is nothing we can do anyway). At least two threads won't be writing at the same time, that could be really problematic. Use of atfork() is also so rare that the chance of this happening in any reasonable application can be considered infinitesimally small. Signed-off-by: Simo Sorce <[email protected]>
@Jakuje I sneaked in a commit to fix a Coverity regression in another PR I merged today. |
Merging as the address sanitizer issue is a problem in the Fedora build not in the code. |
Fixes #355