xref: /netbsd-src/lib/libc/gen/pthread_atfork.c (revision 8ac07aec990b9d2e483062509d0a9fa5b4f57cf2) 
1 /*	$NetBSD: pthread_atfork.c,v 1.7 2008/03/07 17:56:39 ad Exp $	*/
2 
3 /*-
4  * Copyright (c) 2002 The NetBSD Foundation, Inc.
5  * All rights reserved.
6  *
7  * This code is derived from software contributed to The NetBSD Foundation
8  * by Nathan J. Williams.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. All advertising materials mentioning features or use of this software
19  *    must display the following acknowledgement:
20  *        This product includes software developed by the NetBSD
21  *        Foundation, Inc. and its contributors.
22  * 4. Neither the name of The NetBSD Foundation nor the names of its
23  *    contributors may be used to endorse or promote products derived
24  *    from this software without specific prior written permission.
25  *
26  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
27  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
28  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
29  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
30  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36  * POSSIBILITY OF SUCH DAMAGE.
37  */
38 
39 #include <sys/cdefs.h>
40 #if defined(LIBC_SCCS) && !defined(lint)
41 __RCSID("$NetBSD: pthread_atfork.c,v 1.7 2008/03/07 17:56:39 ad Exp $");
42 #endif /* LIBC_SCCS and not lint */
43 
44 #include "namespace.h"
45 
46 #include <errno.h>
47 #include <stdlib.h>
48 #include <unistd.h>
49 #include <sys/queue.h>
50 #include "reentrant.h"
51 
52 #ifdef __weak_alias
53 __weak_alias(pthread_atfork, _pthread_atfork)
54 __weak_alias(fork, _fork)
55 #endif /* __weak_alias */
56 
57 pid_t	__fork __P((void));	/* XXX */
58 
59 struct atfork_callback {
60 	SIMPLEQ_ENTRY(atfork_callback) next;
61 	void (*fn)(void);
62 };
63 
64 /*
65  * Hypothetically, we could protect the queues with a rwlock which is
66  * write-locked by pthread_atfork() and read-locked by fork(), but
67  * since the intended use of the functions is obtaining locks to hold
68  * across the fork, forking is going to be serialized anyway.
69  */
70 static struct atfork_callback atfork_builtin;
71 static mutex_t atfork_lock = MUTEX_INITIALIZER;
72 SIMPLEQ_HEAD(atfork_callback_q, atfork_callback);
73 
74 static struct atfork_callback_q prepareq = SIMPLEQ_HEAD_INITIALIZER(prepareq);
75 static struct atfork_callback_q parentq = SIMPLEQ_HEAD_INITIALIZER(parentq);
76 static struct atfork_callback_q childq = SIMPLEQ_HEAD_INITIALIZER(childq);
77 
78 static struct atfork_callback *
79 af_alloc(void)
80 {
81 
82 	if (atfork_builtin.fn == NULL)
83 		return &atfork_builtin;
84 
85 	return malloc(sizeof(atfork_builtin));
86 }
87 
88 static void
89 af_free(struct atfork_callback *af)
90 {
91 
92 	if (af != &atfork_builtin)
93 		free(af);
94 }
95 
96 int
97 pthread_atfork(void (*prepare)(void), void (*parent)(void),
98     void (*child)(void))
99 {
100 	struct atfork_callback *newprepare, *newparent, *newchild;
101 
102 	newprepare = newparent = newchild = NULL;
103 
104 	mutex_lock(&atfork_lock);
105 	if (prepare != NULL) {
106 		newprepare = af_alloc();
107 		if (newprepare == NULL) {
108 			mutex_unlock(&atfork_lock);
109 			return ENOMEM;
110 		}
111 		newprepare->fn = prepare;
112 	}
113 
114 	if (parent != NULL) {
115 		newparent = af_alloc();
116 		if (newparent == NULL) {
117 			if (newprepare != NULL)
118 				af_free(newprepare);
119 			mutex_unlock(&atfork_lock);
120 			return ENOMEM;
121 		}
122 		newparent->fn = parent;
123 	}
124 
125 	if (child != NULL) {
126 		newchild = af_alloc();
127 		if (newchild == NULL) {
128 			if (newprepare != NULL)
129 				af_free(newprepare);
130 			if (newparent != NULL)
131 				af_free(newparent);
132 			mutex_unlock(&atfork_lock);
133 			return ENOMEM;
134 		}
135 		newchild->fn = child;
136 	}
137 
138 	/*
139 	 * The order in which the functions are called is specified as
140 	 * LIFO for the prepare handler and FIFO for the others; insert
141 	 * at the head and tail as appropriate so that SIMPLEQ_FOREACH()
142 	 * produces the right order.
143 	 */
144 	if (prepare)
145 		SIMPLEQ_INSERT_HEAD(&prepareq, newprepare, next);
146 	if (parent)
147 		SIMPLEQ_INSERT_TAIL(&parentq, newparent, next);
148 	if (child)
149 		SIMPLEQ_INSERT_TAIL(&childq, newchild, next);
150 	mutex_unlock(&atfork_lock);
151 
152 	return 0;
153 }
154 
155 pid_t
156 fork(void)
157 {
158 	struct atfork_callback *iter;
159 	pid_t ret;
160 
161 	mutex_lock(&atfork_lock);
162 	SIMPLEQ_FOREACH(iter, &prepareq, next)
163 		(*iter->fn)();
164 
165 	ret = __fork();
166 
167 	if (ret != 0) {
168 		/*
169 		 * We are the parent. It doesn't matter here whether
170 		 * the fork call succeeded or failed.
171 		 */
172 		SIMPLEQ_FOREACH(iter, &parentq, next)
173 			(*iter->fn)();
174 		mutex_unlock(&atfork_lock);
175 	} else {
176 		/* We are the child */
177 		SIMPLEQ_FOREACH(iter, &childq, next)
178 			(*iter->fn)();
179 		/*
180 		 * Note: We are explicitly *not* unlocking
181 		 * atfork_lock.  Unlocking atfork_lock is problematic,
182 		 * because if any threads in the parent blocked on it
183 		 * between the initial lock and the fork() syscall,
184 		 * unlocking in the child will try to schedule
185 		 * threads, and either the internal mutex interlock or
186 		 * the runqueue spinlock could have been held at the
187 		 * moment of fork(). Since the other threads do not
188 		 * exist in this process, the spinlock will never be
189 		 * unlocked, and we would wedge.
190 		 * Instead, we reinitialize atfork_lock, since we know
191 		 * that the state of the atfork lists is consistent here,
192 		 * and that there are no other threads to be affected by
193 		 * the forcible cleaning of the queue.
194 		 * This permits double-forking to work, although
195 		 * it requires knowing that it's "safe" to initialize
196 		 * a locked mutex in this context.
197 		 *
198 		 * The problem exists for users of this interface,
199 		 * too, since the intented use of pthread_atfork() is
200 		 * to acquire locks across the fork call to ensure
201 		 * that the child sees consistent state. There's not
202 		 * much that can usefully be done in a child handler,
203 		 * and conventional wisdom discourages using them, but
204 		 * they're part of the interface, so here we are...
205 		 */
206 		mutex_init(&atfork_lock, NULL);
207 	}
208 
209 	return ret;
210 }
211