pthread_create.cpp revision 6de60874aa4b2525df6acf93dbd00c048b464799
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in 12 * the documentation and/or other materials provided with the 13 * distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29#include <pthread.h> 30 31#include <errno.h> 32#include <string.h> 33#include <sys/mman.h> 34#include <unistd.h> 35 36#include "pthread_internal.h" 37 38#include <async_safe/log.h> 39 40#include "private/bionic_macros.h" 41#include "private/bionic_prctl.h" 42#include "private/bionic_ssp.h" 43#include "private/bionic_tls.h" 44#include "private/ErrnoRestorer.h" 45 46// x86 uses segment descriptors rather than a direct pointer to TLS. 47#if defined(__i386__) 48#include <asm/ldt.h> 49void __init_user_desc(struct user_desc*, bool, void*); 50#endif 51 52// This code is used both by each new pthread and the code that initializes the main thread. 53void __init_tls(pthread_internal_t* thread) { 54 // Slot 0 must point to itself. The x86 Linux kernel reads the TLS from %fs:0. 55 thread->tls[TLS_SLOT_SELF] = thread->tls; 56 thread->tls[TLS_SLOT_THREAD_ID] = thread; 57 58 // Add a guard page before and after. 59 size_t allocation_size = BIONIC_TLS_SIZE + 2 * PAGE_SIZE; 60 void* allocation = mmap(nullptr, allocation_size, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 61 if (allocation == MAP_FAILED) { 62 async_safe_fatal("failed to allocate TLS"); 63 } 64 prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, allocation, allocation_size, "bionic TLS guard page"); 65 66 thread->bionic_tls = reinterpret_cast<bionic_tls*>(static_cast<char*>(allocation) + PAGE_SIZE); 67 if (mprotect(thread->bionic_tls, BIONIC_TLS_SIZE, PROT_READ | PROT_WRITE) != 0) { 68 async_safe_fatal("failed to mprotect TLS"); 69 } 70 prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, thread->bionic_tls, BIONIC_TLS_SIZE, "bionic TLS"); 71} 72 73void __init_thread_stack_guard(pthread_internal_t* thread) { 74 // GCC looks in the TLS for the stack guard on x86, so copy it there from our global. 75 thread->tls[TLS_SLOT_STACK_GUARD] = reinterpret_cast<void*>(__stack_chk_guard); 76} 77 78void __init_alternate_signal_stack(pthread_internal_t* thread) { 79 // Create and set an alternate signal stack. 80 void* stack_base = mmap(NULL, SIGNAL_STACK_SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); 81 if (stack_base != MAP_FAILED) { 82 83 // Create a guard page to catch stack overflows in signal handlers. 84 if (mprotect(stack_base, PAGE_SIZE, PROT_NONE) == -1) { 85 munmap(stack_base, SIGNAL_STACK_SIZE); 86 return; 87 } 88 stack_t ss; 89 ss.ss_sp = reinterpret_cast<uint8_t*>(stack_base) + PAGE_SIZE; 90 ss.ss_size = SIGNAL_STACK_SIZE - PAGE_SIZE; 91 ss.ss_flags = 0; 92 sigaltstack(&ss, NULL); 93 thread->alternate_signal_stack = stack_base; 94 95 // We can only use const static allocated string for mapped region name, as Android kernel 96 // uses the string pointer directly when dumping /proc/pid/maps. 97 prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, ss.ss_sp, ss.ss_size, "thread signal stack"); 98 prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, stack_base, PAGE_SIZE, "thread signal stack guard page"); 99 } 100} 101 102int __init_thread(pthread_internal_t* thread) { 103 int error = 0; 104 105 if (__predict_true((thread->attr.flags & PTHREAD_ATTR_FLAG_DETACHED) == 0)) { 106 atomic_init(&thread->join_state, THREAD_NOT_JOINED); 107 } else { 108 atomic_init(&thread->join_state, THREAD_DETACHED); 109 } 110 111 // Set the scheduling policy/priority of the thread. 112 if (thread->attr.sched_policy != SCHED_NORMAL) { 113 sched_param param; 114 param.sched_priority = thread->attr.sched_priority; 115 if (sched_setscheduler(thread->tid, thread->attr.sched_policy, ¶m) == -1) { 116#if defined(__LP64__) 117 // For backwards compatibility reasons, we only report failures on 64-bit devices. 118 error = errno; 119#endif 120 async_safe_format_log(ANDROID_LOG_WARN, "libc", 121 "pthread_create sched_setscheduler call failed: %s", strerror(errno)); 122 } 123 } 124 125 thread->cleanup_stack = NULL; 126 127 return error; 128} 129 130static void* __create_thread_mapped_space(size_t mmap_size, size_t stack_guard_size) { 131 // Create a new private anonymous map. 132 int prot = PROT_READ | PROT_WRITE; 133 int flags = MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE; 134 void* space = mmap(NULL, mmap_size, prot, flags, -1, 0); 135 if (space == MAP_FAILED) { 136 async_safe_format_log(ANDROID_LOG_WARN, 137 "libc", 138 "pthread_create failed: couldn't allocate %zu-bytes mapped space: %s", 139 mmap_size, strerror(errno)); 140 return NULL; 141 } 142 143 // Stack is at the lower end of mapped space, stack guard region is at the lower end of stack. 144 // Set the stack guard region to PROT_NONE, so we can detect thread stack overflow. 145 if (mprotect(space, stack_guard_size, PROT_NONE) == -1) { 146 async_safe_format_log(ANDROID_LOG_WARN, "libc", 147 "pthread_create failed: couldn't mprotect PROT_NONE %zu-byte stack guard region: %s", 148 stack_guard_size, strerror(errno)); 149 munmap(space, mmap_size); 150 return NULL; 151 } 152 prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, space, stack_guard_size, "thread stack guard page"); 153 154 return space; 155} 156 157static int __allocate_thread(pthread_attr_t* attr, pthread_internal_t** threadp, void** child_stack) { 158 size_t mmap_size; 159 uint8_t* stack_top; 160 161 if (attr->stack_base == NULL) { 162 // The caller didn't provide a stack, so allocate one. 163 // Make sure the stack size and guard size are multiples of PAGE_SIZE. 164 mmap_size = BIONIC_ALIGN(attr->stack_size + sizeof(pthread_internal_t), PAGE_SIZE); 165 attr->guard_size = BIONIC_ALIGN(attr->guard_size, PAGE_SIZE); 166 attr->stack_base = __create_thread_mapped_space(mmap_size, attr->guard_size); 167 if (attr->stack_base == NULL) { 168 return EAGAIN; 169 } 170 stack_top = reinterpret_cast<uint8_t*>(attr->stack_base) + mmap_size; 171 } else { 172 // Remember the mmap size is zero and we don't need to free it. 173 mmap_size = 0; 174 stack_top = reinterpret_cast<uint8_t*>(attr->stack_base) + attr->stack_size; 175 } 176 177 // Mapped space(or user allocated stack) is used for: 178 // pthread_internal_t 179 // thread stack (including guard page) 180 181 // To safely access the pthread_internal_t and thread stack, we need to find a 16-byte aligned boundary. 182 stack_top = reinterpret_cast<uint8_t*>( 183 (reinterpret_cast<uintptr_t>(stack_top) - sizeof(pthread_internal_t)) & ~0xf); 184 185 pthread_internal_t* thread = reinterpret_cast<pthread_internal_t*>(stack_top); 186 if (mmap_size == 0) { 187 // If thread was not allocated by mmap(), it may not have been cleared to zero. 188 // So assume the worst and zero it. 189 memset(thread, 0, sizeof(pthread_internal_t)); 190 } 191 attr->stack_size = stack_top - reinterpret_cast<uint8_t*>(attr->stack_base); 192 193 thread->mmap_size = mmap_size; 194 thread->attr = *attr; 195 __init_tls(thread); 196 __init_thread_stack_guard(thread); 197 198 *threadp = thread; 199 *child_stack = stack_top; 200 return 0; 201} 202 203static int __pthread_start(void* arg) { 204 pthread_internal_t* thread = reinterpret_cast<pthread_internal_t*>(arg); 205 206 // Wait for our creating thread to release us. This lets it have time to 207 // notify gdb about this thread before we start doing anything. 208 // This also provides the memory barrier needed to ensure that all memory 209 // accesses previously made by the creating thread are visible to us. 210 thread->startup_handshake_lock.lock(); 211 212 __init_alternate_signal_stack(thread); 213 214 void* result = thread->start_routine(thread->start_routine_arg); 215 pthread_exit(result); 216 217 return 0; 218} 219 220// A dummy start routine for pthread_create failures where we've created a thread but aren't 221// going to run user code on it. We swap out the user's start routine for this and take advantage 222// of the regular thread teardown to free up resources. 223static void* __do_nothing(void*) { 224 return NULL; 225} 226 227int pthread_create(pthread_t* thread_out, pthread_attr_t const* attr, 228 void* (*start_routine)(void*), void* arg) { 229 ErrnoRestorer errno_restorer; 230 231 pthread_attr_t thread_attr; 232 if (attr == NULL) { 233 pthread_attr_init(&thread_attr); 234 } else { 235 thread_attr = *attr; 236 attr = NULL; // Prevent misuse below. 237 } 238 239 pthread_internal_t* thread = NULL; 240 void* child_stack = NULL; 241 int result = __allocate_thread(&thread_attr, &thread, &child_stack); 242 if (result != 0) { 243 return result; 244 } 245 246 // Create a lock for the thread to wait on once it starts so we can keep 247 // it from doing anything until after we notify the debugger about it 248 // 249 // This also provides the memory barrier we need to ensure that all 250 // memory accesses previously performed by this thread are visible to 251 // the new thread. 252 thread->startup_handshake_lock.init(false); 253 thread->startup_handshake_lock.lock(); 254 255 thread->start_routine = start_routine; 256 thread->start_routine_arg = arg; 257 258 thread->set_cached_pid(getpid()); 259 260 int flags = CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | CLONE_THREAD | CLONE_SYSVSEM | 261 CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID; 262 void* tls = reinterpret_cast<void*>(thread->tls); 263#if defined(__i386__) 264 // On x86 (but not x86-64), CLONE_SETTLS takes a pointer to a struct user_desc rather than 265 // a pointer to the TLS itself. 266 user_desc tls_descriptor; 267 __init_user_desc(&tls_descriptor, false, tls); 268 tls = &tls_descriptor; 269#endif 270 int rc = clone(__pthread_start, child_stack, flags, thread, &(thread->tid), tls, &(thread->tid)); 271 if (rc == -1) { 272 int clone_errno = errno; 273 // We don't have to unlock the mutex at all because clone(2) failed so there's no child waiting to 274 // be unblocked, but we're about to unmap the memory the mutex is stored in, so this serves as a 275 // reminder that you can't rewrite this function to use a ScopedPthreadMutexLocker. 276 thread->startup_handshake_lock.unlock(); 277 if (thread->mmap_size != 0) { 278 munmap(thread->attr.stack_base, thread->mmap_size); 279 } 280 async_safe_format_log(ANDROID_LOG_WARN, "libc", "pthread_create failed: clone failed: %s", 281 strerror(clone_errno)); 282 return clone_errno; 283 } 284 285 int init_errno = __init_thread(thread); 286 if (init_errno != 0) { 287 // Mark the thread detached and replace its start_routine with a no-op. 288 // Letting the thread run is the easiest way to clean up its resources. 289 atomic_store(&thread->join_state, THREAD_DETACHED); 290 __pthread_internal_add(thread); 291 thread->start_routine = __do_nothing; 292 thread->startup_handshake_lock.unlock(); 293 return init_errno; 294 } 295 296 // Publish the pthread_t and unlock the mutex to let the new thread start running. 297 *thread_out = __pthread_internal_add(thread); 298 thread->startup_handshake_lock.unlock(); 299 300 return 0; 301} 302