[test] Avoid race in glibc's pthread_detach.

rmacnak-google · Commit Queue · commit 40deed0f1d3b · 2025-04-28T10:41:43.000-07:00
``` if (atomic_compare_and_exchange_bool_acq (&pd->joinid, pd, NULL)) { if (IS_DETACHED (pd)) ``` If the thread exits between these two statements, it will destroy the TCB and the second statement will segfault. TEST=ffi/async_void_function_callbacks_test Change-Id: If4074c89ec2a618b69f1a1ef3300b8aef7527ef7 Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/424380 Reviewed-by: Daco Harkes <dacoharkes@google.com> Commit-Queue: Ryan Macnak <rmacnak@google.com>
diff --git a/runtime/bin/ffi_test/ffi_test_functions.cc b/runtime/bin/ffi_test/ffi_test_functions.cc
@@ -1326,11 +1326,49 @@ DART_EXPORT void CallFunctionOnNewThreadBlocking(int64_t response_id,
   thread.join();
 }
 
+#if defined(__linux__)
+struct Data {
+  void (*fn)(int64_t, int32_t);
+  int64_t a;
+  int32_t b;
+};
+static void* Start(void* data_in) {
+  Data* data = reinterpret_cast<Data*>(data_in);
+  void (*fn)(int64_t, int32_t) = data->fn;
+  int64_t a = data->a;
+  int64_t b = data->b;
+  delete data;
+  fn(a, b);
+  return nullptr;
+}
+#endif
+
 DART_EXPORT void CallFunctionOnNewThreadNonBlocking(int64_t response_id,
                                                     void (*fn)(int64_t,
                                                                int32_t)) {
+#if defined(__linux__)
+  // std::thread::detach is implemented via pthread_detach, which contains a
+  // race. https://sourceware.org/bugzilla/show_bug.cgi?id=19951
+
+  Data* data = new Data;
+  data->fn = fn;
+  data->a = response_id;
+  data->b = 123;
+
+  pthread_attr_t attr;
+  int result = pthread_attr_init(&attr);
+  if (result != 0) perror("pthread_attr_init");
+  result = pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
+  if (result != 0) perror("pthread_attr_setdetachstate");
+  pthread_t tid;
+  result = pthread_create(&tid, &attr, Start, data);
+  if (result != 0) perror("pthread_create");
+  result = pthread_attr_destroy(&attr);
+  if (result != 0) perror("pthread_attr_destroy");
+#else
   std::thread thread(fn, response_id, 123);
   thread.detach();
+#endif
 }
 
 ////////////////////////////////////////////////////////////////////////////////
