Bug 13982 - rsync calls exit() from signal handler
Summary: rsync calls exit() from signal handler
Status: RESOLVED FIXED
Alias: None
Product: rsync
Classification: Unclassified
Component: core (show other bugs)
Version: 3.1.3
Hardware: x64 NetBSD
: P5 major (vote)
Target Milestone: ---
Assignee: Wayne Davison
QA Contact: Rsync QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-01 12:54 UTC by Andreas Gustafsson
Modified: 2020-04-05 17:28 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Gustafsson 2019-06-01 12:54:01 UTC
I discovered a hung rsync process on a NetBSD 8.0 server, with the following
backtrace:

#0  0x00007f7ef040ae3a in ___lwp_park60 () from /usr/libexec/ld.elf_so
#1  0x00007f7ef0402728 in _rtld_exclusive_enter (mask=mask@entry=0x7f7fff9017e0) at /usr/src/libexec/ld.elf_so/rtld.c:1679
#2  0x00007f7ef040339b in _rtld_exit () at /usr/src/libexec/ld.elf_so/rtld.c:375
#3  0x000077ea83cdfdc2 in __cxa_finalize (dso=dso@entry=0x0) at /usr/src/lib/libc/stdlib/atexit.c:215
#4  0x000077ea83cdfab3 in exit (status=19) at /usr/src/lib/libc/stdlib/exit.c:60
#5  0x0000000000414fe1 in ?? ()
#6  0x000000000041bc19 in ?? ()
#7  <signal handler called>
#8  0x00007f7ef0405cd2 in _rtld_find_symdef (flags=1, defobj_out=0x7f7fff901d80, refobj=0x77ea83fef400, symnum=881) at /usr/src/libexec/ld.elf_so/symbol.c:343
#9  _rtld_find_plt_symdef (symnum=881, obj=obj@entry=0x77ea83fef400, defobj=defobj@entry=0x7f7fff901d80, imm=imm@entry=true) at /usr/src/libexec/ld.elf_so/symbol.c:391
#10 0x00007f7ef0400b34 in _rtld_relocate_plt_object (tp=<synthetic pointer>, rela=0x77ea83c32e60, obj=0x77ea83fef400)
    at /usr/src/libexec/ld.elf_so/arch/x86_64/mdreloc.c:310
#11 _rtld_bind (obj=0x77ea83fef400, reloff=<optimized out>) at /usr/src/libexec/ld.elf_so/arch/x86_64/mdreloc.c:346
#12 0x00007f7ef04007cd in _rtld_bind_start () from /usr/libexec/ld.elf_so
#13 0x0000000000000202 in ?? ()
#14 0x00007f7fff901dd0 in ?? ()
#15 0x0000000000000000 in ?? ()

The backtrace suggests, and inspection of the code confirms, that rsync calls exit() from a signal handler, for example sig_int() -> exit_cleanup() -> _exit_cleanup() -> exit().  This is incorrect as exit() is not async-signal-safe.
Comment 1 Wayne Davison 2020-04-05 17:28:27 UTC
Thanks for the report! I've committed a fix to git.