Re: [musl] Re: [RFC PATCH] x86/vdso/32: Add AT_SYSINFO cancellation helpers

From: Rich Felker
Date: Sat Mar 12 2016 - 13:10:22 EST


On Sat, Mar 12, 2016 at 06:05:09PM +0100, Ingo Molnar wrote:
>
> * Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> > On Fri, Mar 11, 2016 at 11:39 AM, Linus Torvalds
> > <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> > >
> > > "An implementation may also mark other functions not specified in the
> > > standard as cancellation points"
> >
> > .. but that was from the Linux man-page. The open group has
> >
> > "An implementation shall not introduce cancellation points into any
> > other functions specified in this volume of POSIX.1-2008"
> >
> > So yeah, it looks like there would need to be some way to filter things.
> >
> > Oh well.
>
> Is this really a big problem? Signals are asynchronous anyway, so if a C library
> uses signal delivery for cancellation, it has to be ready to get the signal
> delivered in the 'wrong' moment, for the wrong system call. The system call has to
> be restarted in that case - or the interruption result has to be returned.

The signals used for cancellation are not interrupting; the handler is
installed with SA_RESTART. If cancellation is disabled when the
handler is invoked, it does nothing at all. Otherwise, it first
modifies the saved signal mask to leave itself block after it returns
(the reason why involves complex nested-signal corner cases you
probably don't want to know about). Then, if the signal handler
determines the interrupted context is at a cancellation point, it
rewrites the saved program counter to act on cancellation rather than
restarting the syscall. If not, it does nothing else.

> The _cancellation_ itself will then still be executed during the next suitable
> cancellation point: which will be before doing the next cancellable system call
> (or libc API).
>
> So I think it can still all be made work with SA_SYNCHRONOUS.
>
> It would only be a show stopper if Linux didn't cover all required system calls.
> Covering _more_ system calls is not a problem AFAICS. But I might be missing
> something ...

You're missing a lot.

Rich