| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_04CCE3CDAE57E7D479575F525D694530DC08@qq.com>
Date: Thu, 11 Dec 2025 16:38:36 +0800
From: Yuwen Chen <ywen.chen@...mail.com>
To: ywen.chen@...mail.com
Cc: akpm@...ux-foundation.org,
andrealmeid@...lia.com,
dave@...olabs.net,
dbueso@...e.de,
dvhart@...radead.org,
edliaw@...gle.com,
hpa@...ux.intel.com,
justinstitt@...gle.com,
kernel-team@...roid.com,
linux-kernel@...r.kernel.org,
linux-kselftest@...r.kernel.org,
llvm@...ts.linux.dev,
luto@....edu,
mingo@...hat.com,
morbo@...gle.com,
nathan@...nel.org,
ndesaulniers@...gle.com,
peterz@...radead.org,
shuah@...nel.org,
tglx@...utronix.de,
usama.anjum@...labora.com
Subject: [PATCH 3/3] selftests/futex: fix the issue of abnormal test results caused by thread timing
Fixes a race between parent and child threads in futex_requeue.
Similar to commit fbf4dec70277 ("selftests/futex: Order calls to
futex_lock_pi"), which fixed a flake in futex_lock_pi due to racing
between the parent and child threads.
The same issue can occur in the futex_requeue test, because it expects
waiterfn to make progress to futex_wait before the parent starts to
requeue. This is mitigated by the parent sleeping for WAKE_WAIT_US, but
it still fails occasionally. This can be reproduced by adding a sleep in
the waiterfn before futex_wait:
TAP version 13
1..2
not ok 1 futex_requeue simple returned: 0
not ok 2 futex_requeue simple returned: 0
not ok 3 futex_requeue many returned: 0
not ok 4 futex_requeue many returned: 0
This issue can be resolved by checking whether the child thread is in a
sleeping state. This is because when the child thread goes to sleep, it
indicates that it is waiting for the futex lock.
Fixes: 7cb5dd8e2c8c ("selftests: futex: Add futex compare requeue test")
Signed-off-by: Yuwen Chen <ywen.chen@...mail.com>
Co-developed-by: Edward Liaw <edliaw@...gle.com>
---
.../selftests/futex/functional/Makefile | 2 +-
.../futex/functional/futex_requeue.c | 58 ++++++++++++++++---
2 files changed, 52 insertions(+), 8 deletions(-)
diff --git a/tools/testing/selftests/futex/functional/Makefile b/tools/testing/selftests/futex/functional/Makefile
index 490ace1f017e8..8589917a4b126 100644
--- a/tools/testing/selftests/futex/functional/Makefile
+++ b/tools/testing/selftests/futex/functional/Makefile
@@ -2,7 +2,7 @@
PKG_CONFIG ?= pkg-config
LIBNUMA_TEST = $(shell sh -c "$(PKG_CONFIG) numa --atleast-version 2.0.16 > /dev/null 2>&1 && echo SUFFICIENT || echo NO")
-INCLUDES := -I../include -I../../ $(KHDR_INCLUDES)
+INCLUDES := -I../include -I../../ $(KHDR_INCLUDES) -I../../../../include
CFLAGS := $(CFLAGS) -g -O2 -Wall -pthread -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 $(INCLUDES) $(KHDR_INCLUDES) -DLIBNUMA_VER_$(LIBNUMA_TEST)=1
LDLIBS := -lpthread -lrt -lnuma
diff --git a/tools/testing/selftests/futex/functional/futex_requeue.c b/tools/testing/selftests/futex/functional/futex_requeue.c
index 7a22458c7fc96..994295fac6972 100644
--- a/tools/testing/selftests/futex/functional/futex_requeue.c
+++ b/tools/testing/selftests/futex/functional/futex_requeue.c
@@ -7,6 +7,7 @@
#include <pthread.h>
#include <limits.h>
+#include <linux/compiler.h>
#include "futextest.h"
#include "../../kselftest_harness.h"
@@ -15,6 +16,7 @@
#define WAKE_WAIT_US 10000
volatile futex_t *f1;
+static pthread_barrier_t barrier;
void *waiterfn(void *arg)
{
@@ -23,28 +25,59 @@ void *waiterfn(void *arg)
to.tv_sec = 0;
to.tv_nsec = timeout_ns;
+ WRITE_ONCE(*((pid_t *)arg), gettid());
+ pthread_barrier_wait(&barrier);
+
if (futex_wait(f1, *f1, &to, 0))
printf("waiter failed errno %d\n", errno);
return NULL;
}
+static int get_thread_state(pid_t pid)
+{
+ FILE *fp;
+ char buf[80], tag[80];
+ char val = 0;
+
+ snprintf(buf, sizeof(buf), "/proc/%d/status", pid);
+ fp = fopen(buf, "r");
+ if (!fp)
+ return -1;
+
+ while (fgets(buf, sizeof(buf), fp))
+ if (fscanf(fp, "%s %c\n", tag, &val) == 2 && !strcmp(tag, "State:"))
+ break;
+
+ fclose(fp);
+ return val;
+}
+
TEST(requeue_single)
{
volatile futex_t _f1 = 0;
volatile futex_t f2 = 0;
pthread_t waiter;
- int res;
+ pid_t tids;
+ int res, state;
f1 = &_f1;
+ pthread_barrier_init(&barrier, NULL, 2);
/*
* Requeue a waiter from f1 to f2, and wake f2.
*/
- if (pthread_create(&waiter, NULL, waiterfn, NULL))
+ if (pthread_create(&waiter, NULL, waiterfn, &tids))
ksft_exit_fail_msg("pthread_create failed\n");
- usleep(WAKE_WAIT_US);
+ pthread_barrier_wait(&barrier);
+ pthread_barrier_destroy(&barrier);
+ while ((state = get_thread_state(READ_ONCE(tids))) != 'S') {
+ usleep(WAKE_WAIT_US);
+
+ if (state < 0)
+ break;
+ }
ksft_print_dbg_msg("Requeuing 1 futex from f1 to f2\n");
res = futex_cmp_requeue(f1, 0, &f2, 0, 1, 0);
@@ -71,7 +104,8 @@ TEST(requeue_multiple)
volatile futex_t _f1 = 0;
volatile futex_t f2 = 0;
pthread_t waiter[10];
- int res, i;
+ pid_t tids[10];
+ int res, i, state;
f1 = &_f1;
@@ -80,11 +114,21 @@ TEST(requeue_multiple)
* At futex_wake, wake INT_MAX (should be exactly 7).
*/
for (i = 0; i < 10; i++) {
- if (pthread_create(&waiter[i], NULL, waiterfn, NULL))
+ pthread_barrier_init(&barrier, NULL, 2);
+
+ if (pthread_create(&waiter[i], NULL, waiterfn, &tids[i]))
ksft_exit_fail_msg("pthread_create failed\n");
- }
- usleep(WAKE_WAIT_US);
+ pthread_barrier_wait(&barrier);
+ pthread_barrier_destroy(&barrier);
+
+ while ((state = get_thread_state(READ_ONCE(tids[i]))) != 'S') {
+ usleep(WAKE_WAIT_US);
+
+ if (state < 0)
+ break;
+ }
+ }
ksft_print_dbg_msg("Waking 3 futexes at f1 and requeuing 7 futexes from f1 to f2\n");
res = futex_cmp_requeue(f1, 0, &f2, 3, 7, 0);
--
2.34.1
Powered by blists - more mailing lists