Jan Kiszka wrote:
Anyway, leaving a native task with rt_task_delete(NULL) raises SIGKILL
to the whole process instead of just the task (pthread). This lets your
program terminate unexpectedly - I would say: a bug. And this doesn't
happen with 2.1?
It's a side-effect of a recent bug fix in ksrc/nucleus/shadow.c; now
Er, "deleting" is the right word here. Sending a thread a termination
signal must kill the entire process as per POSIX, and will continue to
do so. Calling rt_task_delete() to explicitely delete a single thread
from within the containing process is another story. The current issue
is due to the fact that no distinction is made on the caller:
rt_task_delete() targeting a thread from another process should wipe out
the entire target process; otherwise, only the local target thread
should be deleted. It's not clear whether we should still wipe out the
entire process when the target thread is not the current one, regardless
of the fact such thread is a member of the same process or not.
I'm open to suggestions.
Killing other threads within the same process currently only works due
to pthread_cancel. I don't see a portable equivalent for foreign
processes yet as well. :-/
I guess the thread termination signal sent by pthread_cancel depends on
glibc internals, specifically its variant (NTPL or linux-threads),
doesn't it? Didn't we already have this discussion??
Actually, the issue is different, it depends on the underlying kernel
support; it's Xenomai's shadow manager who sends the termination signal
when demoting threads from kernel space, the pthread API is not involved
here. The nucleus happens to kill the thread group over 2.6 because
thread group support is fully implemented on this kernel, and calling
the kill_proc() API with a termination signal would properly kill all
threads belonging to the group the target thread belongs to. This does
not work over 2.4 which puts every new thread in its own group by
default, de facto making it as a group leader, regardless of the
CLONE_THREAD attribute being set or not when the glibc calls the clone()
service. IOW, you actually end up having two different behaviours when
calling rt_task_delete() whether 2.4 or 2.6 is considered, even if both
setups rely on the NPTL on the application side.
For now I would say the best we can do is to avoid the
rt_task_delete(NULL) side effect in userspace (as I suggested) and live
with the limitation of terminating the whole process when using the
(rather unusual) cross-process rt_task_delete.
This would not be a limitation in some cases actually: e.g. continuing
an application that had thread(s) killed from another _process_ would be
most often meaningless.
a thread raises a group signal wiping out the entire process.
Ok, it's a bit drastic, will fix.
I guess the easiest way to solve this is to catch NULL in userspace and
call pthread_exit() in favour of the skin service (the POSIX skin uses
pthread_exit anyway), see attached patch. Someone just has to confirm
that there will be no problem hidden by this approach.
Passing NULL needs to work including from user-space; the kernel-space
is ok with this, and the API must behave the same way regardless of
the execution space. Should fix as needed.
PS: What's the reason for "if (err == -ESRCH) return 0" in
src/skins/native/task.c, rt_task_delete? Why is that error generate in
the first place if it is zeroed out here?
<attention: unanswered question above> ;)
I don't think I've coded this stuff, but reading it, I would say that
since the preceding call to pthread_cancel() might have caused the
target thread to be wiped out before the nucleus syscall is issued,
-ESRCH would not be a real error.
Xenomai-core mailing list