From 91e7cf982d0104f0e71770f5ae8e3faf352dea9f Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Thu, 5 Oct 2017 14:48:16 +0200 Subject: [PATCH] abort: Do not flush stdio streams [BZ #15436] --- ChangeLog | 7 +++++++ NEWS | 5 +++++ stdlib/abort.c | 29 +++++------------------------ 3 files changed, 17 insertions(+), 24 deletions(-) diff --git a/ChangeLog b/ChangeLog index a332bad127..68beae777f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2017-10-05 Florian Weimer + + [BZ #15436] + Do not flush stdio streams on abort. + * stdlib/abort.c (fflush): Remove macro definition. + (abort): Remove stages related to stdio flushing. + 2017-10-05 Florian Weimer * gmon/Makefile (CFLAGS-tst-gmon.c): Add -fno-omit-frame-pointer. diff --git a/NEWS b/NEWS index f5821411ca..a034cd8476 100644 --- a/NEWS +++ b/NEWS @@ -24,6 +24,11 @@ Major new features: leads to lower overall process restart latency, so there is benefit both from a security and performance perspective. +* The abort function terminates the process immediately, without flushing + stdio streams. Previous glibc versions used to flush streams, resulting + in deadlocks and further data corruption. This change also affects + process aborts as the result of assertion failures. + Deprecated and removed features, and other changes affecting compatibility: * On GNU/Linux, the obsolete Linux constant PTRACE_SEIZE_DEVEL is no longer diff --git a/stdlib/abort.c b/stdlib/abort.c index 19882f3e3d..117a507ff8 100644 --- a/stdlib/abort.c +++ b/stdlib/abort.c @@ -31,9 +31,6 @@ # define ABORT_INSTRUCTION #endif -#include -#define fflush(s) _IO_flush_all_lockp (0) - /* Exported variable to locate abort message in core files etc. */ struct abort_msg_s *__abort_msg __attribute__ ((nocommon)); libc_hidden_def (__abort_msg) @@ -67,16 +64,8 @@ abort (void) __sigprocmask (SIG_UNBLOCK, &sigs, 0); } - /* Flush all streams. We cannot close them now because the user - might have registered a handler for SIGABRT. */ - if (stage == 1) - { - ++stage; - fflush (NULL); - } - /* Send signal which possibly calls a user handler. */ - if (stage == 2) + if (stage == 1) { /* This stage is special: we must allow repeated calls of `abort' when a user defined handler for SIGABRT is installed. @@ -94,7 +83,7 @@ abort (void) } /* There was a handler installed. Now remove it. */ - if (stage == 3) + if (stage == 2) { ++stage; memset (&act, '\0', sizeof (struct sigaction)); @@ -104,30 +93,22 @@ abort (void) __sigaction (SIGABRT, &act, NULL); } - /* Now close the streams which also flushes the output the user - defined handler might has produced. */ - if (stage == 4) - { - ++stage; - __fcloseall (); - } - /* Try again. */ - if (stage == 5) + if (stage == 3) { ++stage; raise (SIGABRT); } /* Now try to abort using the system specific command. */ - if (stage == 6) + if (stage == 4) { ++stage; ABORT_INSTRUCTION; } /* If we can't signal ourselves and the abort instruction failed, exit. */ - if (stage == 7) + if (stage == 5) { ++stage; _exit (127);