1 | /* Tests of signal delivery on an alternate stack (nonlethal). |
2 | Copyright (C) 2019-2022 Free Software Foundation, Inc. |
3 | This file is part of the GNU C Library. |
4 | |
5 | The GNU C Library is free software; you can redistribute it and/or |
6 | modify it under the terms of the GNU Lesser General Public |
7 | License as published by the Free Software Foundation; either |
8 | version 2.1 of the License, or (at your option) any later version. |
9 | |
10 | The GNU C Library is distributed in the hope that it will be useful, |
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Lesser General Public License for more details. |
14 | |
15 | You should have received a copy of the GNU Lesser General Public |
16 | License along with the GNU C Library; if not, see |
17 | <https://www.gnu.org/licenses/>. */ |
18 | |
19 | #include <support/xsignal.h> |
20 | #include <support/support.h> |
21 | #include <support/check.h> |
22 | |
23 | /* C2011 7.4.1.1p5 specifies that only the following operations are |
24 | guaranteed to be well-defined inside an asynchronous signal handler: |
25 | * any operation on a lock-free atomic object |
26 | * assigning a value to an object declared as volatile sig_atomic_t |
27 | * calling abort, _Exit, quick_exit, or signal |
28 | * signal may only be called with its first argument equal to the |
29 | number of the signal that caused the handler to be called |
30 | |
31 | We use this list as a guideline for the set of operations that ought |
32 | also to be safe in a _synchronous_ signal delivered on an alternate |
33 | signal stack with only MINSIGSTKSZ bytes of space. |
34 | |
35 | This test program tests all of the above operations that do not, |
36 | one way or another, cause the program to be terminated. */ |
37 | |
38 | /* We do not try to test atomic operations exhaustively, only a simple |
39 | atomic counter increment. This is only safe if atomic_[u]int is |
40 | unconditionally lock-free. */ |
41 | #ifdef __STDC_NO_ATOMICS__ |
42 | # define TEST_ATOMIC_OPS 0 |
43 | #else |
44 | # include <stdatomic.h> |
45 | # if ATOMIC_INT_LOCK_FREE != 2 |
46 | # define TEST_ATOMIC_OPS 0 |
47 | # else |
48 | # define TEST_ATOMIC_OPS 1 |
49 | # endif |
50 | #endif |
51 | |
52 | static volatile sig_atomic_t signal_flag = 0; |
53 | static volatile sig_atomic_t signal_err = 0; |
54 | static void |
55 | handler_set_flag (int unused) |
56 | { |
57 | signal_flag = 1; |
58 | } |
59 | |
60 | static void |
61 | handler_set_flag_once (int sig) |
62 | { |
63 | signal_flag = 1; |
64 | if (signal (sig: sig, SIG_IGN) == SIG_ERR) |
65 | /* It is not safe to call FAIL_EXIT1 here. Set another flag instead. */ |
66 | signal_err = 1; |
67 | } |
68 | |
69 | #if TEST_ATOMIC_OPS |
70 | static atomic_uint signal_count = 0; |
71 | static void |
72 | handler_count_up_1 (int unused) |
73 | { |
74 | atomic_fetch_add (&signal_count, 1); |
75 | } |
76 | #endif |
77 | |
78 | int |
79 | do_test (void) |
80 | { |
81 | void *sstk = xalloc_sigstack (size: 0); |
82 | struct sigaction sa; |
83 | |
84 | /* Test 1: setting a volatile sig_atomic_t flag. */ |
85 | sa.sa_handler = handler_set_flag; |
86 | sa.sa_flags = SA_RESTART | SA_ONSTACK; |
87 | sigfillset (&sa.sa_mask); |
88 | if (sigaction (SIGUSR1, act: &sa, oact: 0)) |
89 | FAIL_EXIT1 ("sigaction (SIGUSR1, handler_set_flag): %m\n" ); |
90 | |
91 | TEST_VERIFY_EXIT (signal_flag == 0); |
92 | raise (SIGUSR1); |
93 | TEST_VERIFY_EXIT (signal_flag == 1); |
94 | signal_flag = 0; |
95 | raise (SIGUSR1); |
96 | TEST_VERIFY_EXIT (signal_flag == 1); |
97 | signal_flag = 0; |
98 | |
99 | /* Test 1: setting a volatile sig_atomic_t flag and then ignoring |
100 | further delivery of the signal. */ |
101 | sa.sa_handler = handler_set_flag_once; |
102 | if (sigaction (SIGUSR1, act: &sa, oact: 0)) |
103 | FAIL_EXIT1 ("sigaction (SIGUSR1, handler_set_flag_once): %m\n" ); |
104 | |
105 | raise (SIGUSR1); |
106 | TEST_VERIFY_EXIT (signal_flag == 1); |
107 | /* Note: if signal_err is 1, a system call failed, but we can't |
108 | report the error code because errno is indeterminate. */ |
109 | TEST_VERIFY_EXIT (signal_err == 0); |
110 | |
111 | signal_flag = 0; |
112 | raise (SIGUSR1); |
113 | TEST_VERIFY_EXIT (signal_flag == 0); |
114 | TEST_VERIFY_EXIT (signal_err == 0); |
115 | |
116 | #if TEST_ATOMIC_OPS |
117 | sa.sa_handler = handler_count_up_1; |
118 | if (sigaction (SIGUSR1, act: &sa, oact: 0)) |
119 | FAIL_EXIT1 ("sigaction (SIGUSR1, handler_count_up_1): %m\n" ); |
120 | |
121 | raise (SIGUSR1); |
122 | TEST_VERIFY_EXIT (atomic_load (&signal_count) == 1); |
123 | raise (SIGUSR1); |
124 | TEST_VERIFY_EXIT (atomic_load (&signal_count) == 2); |
125 | #endif |
126 | |
127 | xfree_sigstack (stack: sstk); |
128 | return 0; |
129 | } |
130 | |
131 | #include <support/test-driver.c> |
132 | |