Page MenuHomeFreeBSD

Do not read sigfastblock word on syscall entry.
ClosedPublic

Authored by kib on Feb 11 2020, 5:22 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Dec 18, 11:36 PM
Unknown Object (File)
Sat, Nov 30, 11:10 AM
Unknown Object (File)
Wed, Nov 27, 12:00 AM
Unknown Object (File)
Nov 22 2024, 11:36 AM
Unknown Object (File)
Nov 20 2024, 8:21 AM
Unknown Object (File)
Nov 17 2024, 1:48 PM
Unknown Object (File)
Nov 17 2024, 10:19 AM
Unknown Object (File)
Nov 13 2024, 4:26 AM
Subscribers

Details

Summary

Only read it on the attempt to deliver signal in ast(). If the word is set, signal is not delivered and word is kept, preventing interruption of interruptible sleeps by signals until userspace calls sigfastblock(UNBLOCK) which clears the word.

This way, the spurious EINTR that userspace can see while in critical section is on first interruptible sleep, if a signal is pending, and on signal posting. It is believed that it is not important for rtld and lbithr critical sections. It might be visible for the application code e.g. for the callback of dl_iterate_phdr(3), but again the belief is that the non-compliance is acceptable.
Most important is that the retry of the sleeping syscall does not interrupt unless additional signal is posted.

For now I added the knob to enable the word read on syscall entry to be able to diagnose possible issues due to spurious EINTR.

[This is not tested]

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 29433

Event Timeline

Another approach, summary will be updated.

kib retitled this revision from Convert usermode access (fueword) for sigfastblock(2) into a kernel read. to Do not read sigfastblock word on syscall entry..Feb 15 2020, 12:12 AM
kib edited the summary of this revision. (Show Details)
kib edited the summary of this revision. (Show Details)
sys/kern/kern_sig.c
160

bool would be better.

Is this just for debugging?

sys/kern/subr_syscall.c
138–139

predict_false? I'm afraid that this will go unused if we leave it in.

sys/kern/kern_sig.c
160

ok, I will change to bool.

It is for field diagnostic, I want to be able to ask users to flip the switch back without providing the patch, if I suspect an issue with spurious EINTR/ERESTART.

sys/kern/subr_syscall.c
138–139

What do you mean by 'go unused' ?

Apply full pack of nano-optimizations, change sigfastblock_fetch_always to bool.

re-upload with context.

One setpend() was missed after refactoring.

I would like to point out that to see the EINTR race the user would have to register a callback for rtld to call while not blocking signals itself and having registered a handler that then communicates information with the EINTR return case in the callback. I doubt this is even spec defined behavior and if linux is even weaker than we are they are more likely to just crash there.

I do not mind the fallback switch but it would be nice to garbage collect after some time.

This revision is now accepted and ready to land.Feb 16 2020, 8:53 PM

I ran all of the stress2 tests without seeing any problems.

This revision was automatically updated to reflect the committed changes.