Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

runtime: signal handling: sighandler crash due to race with signal.Ignore #20748

Open
bcmills opened this issue Jun 21, 2017 · 6 comments
Open

runtime: signal handling: sighandler crash due to race with signal.Ignore #20748

bcmills opened this issue Jun 21, 2017 · 6 comments
Assignees
@bcmills
Labels
NeedsInvestigation
Milestone
Backlog

Comments

@bcmills
Copy link
Member

@bcmills bcmills commented Jun 21, 2017
edited

In reviewing @ianlancetaylor's CL 46003 (addressing #14571), I noticed what I believe to be a rare race-condition that could result in unexpected termination of a Go program.

I attempted to write a reproducer for the race in question, which would cause the program to erroneously exit if a _SigKill or _SigThrow signal arrives in between a call to signal.Notify and signal.Ignore for that signal. The symptom I was looking for is a termination with the same signal number (for _SigKill) or a goroutine dump (for _SigThrow).

Unfortunately, I am unable to reproduce the race in question because the program instead crashes with a SIGSEGV in runtime.sigfwd.

sigrace/sigrace.go:

package main

import (
	"os"
	"os/signal"
	"runtime"
	"syscall"
)

func main() {
	signal.Ignore(syscall.SIGHUP)

	go func() {
		runtime.LockOSThread()
		pid := os.Getpid()
		tid := syscall.Gettid()
		for {
			syscall.Tgkill(pid, tid, syscall.SIGHUP)
		}
	}()

	c := make(chan os.Signal, 1)
	for {
		signal.Notify(c, syscall.SIGHUP)
		signal.Ignore(syscall.SIGHUP)
	}
}
$ go version
go version devel +c4e0e81653 Wed Jun 21 15:54:38 2017 +0000 linux/amd64
$ go build sigrace && ./sigrace
Segmentation fault (core dumped)

Investigation with GDB gives the following stack trace:

#0  0x0000000000000001 in ?? ()
#1  0x0000000000452a6d in runtime.sigfwd ()
    at /home/bcmills/go/src/runtime/sys_linux_amd64.s:245
#2  0x000000c420053b18 in ?? ()
#3  0x000000000043b665 in runtime.sigfwdgo (sig=1, info=0xc420053d70, ctx=0xc420053c40, ~r3=false)
    at /home/bcmills/go/src/runtime/signal_unix.go:606
#4  0x000000000043a83b in runtime.sigtrampgo (sig=1, info=0xc420053d70, ctx=0xc420053c40)
    at /home/bcmills/go/src/runtime/signal_unix.go:272
#5  0x0000000000452ac3 in runtime.sigtramp ()
    at /home/bcmills/go/src/runtime/sys_linux_amd64.s:265
#6  0x0000000000452bb0 in ?? ()
    at /home/bcmills/go/src/runtime/sys_linux_amd64.s:349
#7  0x0000000000000000 in ?? ()

The faulting instruction in runtime.sigfwd is the CALL instruction that invokes fwdSig[sig]

(CC @aclements)
@bcmills
Copy link
Member Author

@bcmills bcmills commented Jun 21, 2017

If we can fix the SIGSEGV, where I'm going with this reproducer is that I think we'll want to either combine the runtime.sig.ignored and runtime.sig.wanted arrays, or remove the ignored array entirely and use a single bit per signal to indicate "handled or ignored".

@ianlancetaylor ianlancetaylor added this to the Go1.10 milestone Jun 21, 2017
@bcmills bcmills mentioned this issue Oct 30, 2017
Closed
@aclements
Copy link
Member

@aclements aclements commented Nov 8, 2017

Ping @bcmills, @ianlancetaylor.

@bcmills
Copy link
Member Author

@bcmills bcmills commented Nov 9, 2017

I don't think I'm going to be able to get to this for 1.10.

@aclements
Copy link
Member

@aclements aclements commented Nov 9, 2017

Thanks for the update. Bumping to 1.11.

@aclements aclements removed this from the Go1.10 milestone Nov 9, 2017
@aclements aclements added this to the Go1.11 milestone Nov 9, 2017
@bcmills bcmills mentioned this issue Apr 26, 2018
Closed
@odeke-em
Copy link
Member

@odeke-em odeke-em commented Jun 11, 2018

How's it going @bcmills? Just a kind ping as we had moved this to Go1.11, perhaps a Go1.12 bump too?

@bcmills
Copy link
Member Author

@bcmills bcmills commented Jun 11, 2018

Sadly, yes. I think at this point in the cycle any attempt to mess with signal handling will introduce more risk than it eliminates.

@bcmills bcmills removed this from the Go1.11 milestone Jun 11, 2018
@bcmills bcmills added this to the Go1.12 milestone Jun 11, 2018
@bcmills bcmills self-assigned this Jun 11, 2018
@bcmills bcmills removed this from the Go1.12 milestone Nov 28, 2018
@bcmills bcmills added this to the Go1.13 milestone Nov 28, 2018
@bcmills bcmills mentioned this issue Apr 5, 2019
Closed
@andybons andybons removed this from the Go1.13 milestone Jul 8, 2019
@andybons andybons added this to the Go1.14 milestone Jul 8, 2019
@rsc rsc removed this from the Go1.14 milestone Oct 9, 2019
@rsc rsc added this to the Backlog milestone Oct 9, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bcmills bcmills

Labels
NeedsInvestigation
Projects
None yet
Milestone
Backlog
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
6 participants
@rsc @andybons @aclements @ianlancetaylor @odeke-em @bcmills