Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20180224143946.GK1436@brightrain.aerifal.cx>
Date: Sat, 24 Feb 2018 09:39:46 -0500
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: [PATCH] sigtimedwait: allow failing with EINTR

On Sat, Feb 24, 2018 at 11:45:16AM +0100, Julien Ramseier wrote:
> 
> 
> > Le 23 févr. 2018 à 22:45, Rich Felker <dalias@...c.org> a écrit :
> > 
> > On Fri, Feb 23, 2018 at 01:09:35PM +0100, Julien Ramseier wrote:
> >> According to POSIX, sigtimedwait(2) is allowed to fail
> >> with EINTR, while sigwait(3) is not, so move the retry loop there.
> >> ---
> > 
> > This is a "may fail", not a "shall fail". Generally we prefer not to
> > support EINTR in cases where it's optional, since getting rid of them
> > with retry loops makes it safe to run on old kernels or
> > pseudo-linux-compat systems where SA_RESTART semantics were/are not
> > actually conforming. Is there a reason you want it to fail with EINTR?
> > 
> > Rich
> 
> Some apps seem to rely on this, notably Python where a test case expects
> sigtimedwait to be interrupted when a SIGALRM is fired.
> 
> I cannot find another case in musl where EINTR is inhibited
> (while being allowed by POSIX), are there any?

sem_wait (via sem_timedwait). This is a case where I know the kernel
bug (SYS_futex returning EINTR when it shouldn't) wasn't fixed until
relatively late, and it's particularly dangerous because callers of
sem_wait generally don't expect to return without having obtained the
semaphore, and might not even be checking for errors (since there are
no reasonable errors that could happen unless you installed
interrupting signal handlers).

Note that the timed variant always has a reasonable error you have to
check for (ETIMEDOUT) so it may make sense to move the retry there. In
the case of sem_timedwait there may be other implementation
considerations that make it difficult though; I remember something
came up discussing Alexander Monakov's ideas for new semaphore design.
Analogous behavior might be appropriate here (but see also sigwaitinfo
which is the non-timed version of sigtimedwait; sigwait is just the
legacy version).

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.