In linux-user/signal.c we have two FIXME comments claiming that
parts of the signal-handling code are not threadsafe. These are
very old, as they were first introduced in commit 624f7979058
in 2008. Since then we've radically overhauled the signal-handling
logic, while carefully preserving these FIXME comments.
It's unclear exactly what thread-safety issue the original
author was trying to point out -- the relevant data structures
are in the TaskStruct, which makes them per-thread and only
operated on by that thread. The old code at the time of that
commit did have various races involving signal handlers being
invoked at awkward times; possibly this was what was meant.
Delete these FIXME comments:
* they were written at a time when the way we handled
signals was completely different
* the code today appears to us to not have thread-safety issues
* nobody knows what the problem the comments were trying to
point out was
so they are serving no useful purpose for us today.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
Marked "RFC" because I'm a bit uneasy with deleting FIXMEs
simply because I can't personally figure out why they're
there. This patch is more to start a discussion to see
if anybody does understand the issue -- in which case we
can instead augment the comments to describe it.
---
linux-user/signal.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/linux-user/signal.c b/linux-user/signal.c
index 32854bb3752..e7410776e21 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -1001,7 +1001,6 @@ int do_sigaction(int sig, const struct target_sigaction *act,
oact->sa_mask = k->sa_mask;
}
if (act) {
- /* FIXME: This is not threadsafe. */
__get_user(k->_sa_handler, &act->_sa_handler);
__get_user(k->sa_flags, &act->sa_flags);
#ifdef TARGET_ARCH_HAS_SA_RESTORER
@@ -1151,7 +1150,6 @@ void process_pending_signals(CPUArchState *cpu_env)
sigset_t *blocked_set;
while (qatomic_read(&ts->signal_pending)) {
- /* FIXME: This is not threadsafe. */
sigfillset(&set);
sigprocmask(SIG_SETMASK, &set, 0);
--
2.25.1
Peter Maydell <peter.maydell@linaro.org> writes: > In linux-user/signal.c we have two FIXME comments claiming that > parts of the signal-handling code are not threadsafe. These are > very old, as they were first introduced in commit 624f7979058 > in 2008. Since then we've radically overhauled the signal-handling > logic, while carefully preserving these FIXME comments. > > It's unclear exactly what thread-safety issue the original > author was trying to point out -- the relevant data structures > are in the TaskStruct, which makes them per-thread and only > operated on by that thread. The old code at the time of that > commit did have various races involving signal handlers being > invoked at awkward times; possibly this was what was meant. > > Delete these FIXME comments: > * they were written at a time when the way we handled > signals was completely different > * the code today appears to us to not have thread-safety issues > * nobody knows what the problem the comments were trying to > point out was > so they are serving no useful purpose for us today. > > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> > --- > Marked "RFC" because I'm a bit uneasy with deleting FIXMEs > simply because I can't personally figure out why they're > there. This patch is more to start a discussion to see > if anybody does understand the issue -- in which case we > can instead augment the comments to describe it. > --- > linux-user/signal.c | 2 -- > 1 file changed, 2 deletions(-) > > diff --git a/linux-user/signal.c b/linux-user/signal.c > index 32854bb3752..e7410776e21 100644 > --- a/linux-user/signal.c > +++ b/linux-user/signal.c > @@ -1001,7 +1001,6 @@ int do_sigaction(int sig, const struct target_sigaction *act, > oact->sa_mask = k->sa_mask; > } > if (act) { > - /* FIXME: This is not threadsafe. */ > __get_user(k->_sa_handler, &act->_sa_handler); > __get_user(k->sa_flags, &act->sa_flags); > #ifdef TARGET_ARCH_HAS_SA_RESTORER > @@ -1151,7 +1150,6 @@ void process_pending_signals(CPUArchState *cpu_env) > sigset_t *blocked_set; > > while (qatomic_read(&ts->signal_pending)) { > - /* FIXME: This is not threadsafe. */ > sigfillset(&set); > sigprocmask(SIG_SETMASK, &set, 0); Looking at the history those FIXMEs could have been for code that they where attached to. Could the thread safety be about reading the sigaction stuff? I would have though sigaction updates where atomic by virtue of the syscall to set them... Anyway looks old to me: Reviewed-by: Alex Bennée <alex.bennee@linaro.org> -- Alex Bennée
On Sat, Jan 15, 2022 at 2:49 AM Alex Bennée <alex.bennee@linaro.org> wrote: > > Peter Maydell <peter.maydell@linaro.org> writes: > > > In linux-user/signal.c we have two FIXME comments claiming that > > parts of the signal-handling code are not threadsafe. These are > > very old, as they were first introduced in commit 624f7979058 > > in 2008. Since then we've radically overhauled the signal-handling > > logic, while carefully preserving these FIXME comments. > > > > It's unclear exactly what thread-safety issue the original > > author was trying to point out -- the relevant data structures > > are in the TaskStruct, which makes them per-thread and only > > operated on by that thread. The old code at the time of that > > commit did have various races involving signal handlers being > > invoked at awkward times; possibly this was what was meant. > > > > Delete these FIXME comments: > > * they were written at a time when the way we handled > > signals was completely different > > * the code today appears to us to not have thread-safety issues > > * nobody knows what the problem the comments were trying to > > point out was > > so they are serving no useful purpose for us today. > > > > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> > > --- > > Marked "RFC" because I'm a bit uneasy with deleting FIXMEs > > simply because I can't personally figure out why they're > > there. This patch is more to start a discussion to see > > if anybody does understand the issue -- in which case we > > can instead augment the comments to describe it. > > --- > > linux-user/signal.c | 2 -- > > 1 file changed, 2 deletions(-) > > > diff --git a/linux-user/signal.c b/linux-user/signal.c > > index 32854bb3752..e7410776e21 100644 > > --- a/linux-user/signal.c > > +++ b/linux-user/signal.c > > @@ -1001,7 +1001,6 @@ int do_sigaction(int sig, const struct > target_sigaction *act, > > oact->sa_mask = k->sa_mask; > > } > > if (act) { > > - /* FIXME: This is not threadsafe. */ > > __get_user(k->_sa_handler, &act->_sa_handler); > > __get_user(k->sa_flags, &act->sa_flags); > > #ifdef TARGET_ARCH_HAS_SA_RESTORER > > @@ -1151,7 +1150,6 @@ void process_pending_signals(CPUArchState *cpu_env) > > sigset_t *blocked_set; > > > > while (qatomic_read(&ts->signal_pending)) { > > - /* FIXME: This is not threadsafe. */ > > sigfillset(&set); > > sigprocmask(SIG_SETMASK, &set, 0); > > Looking at the history those FIXMEs could have been for code that they > where attached to. Could the thread safety be about reading the > sigaction stuff? I would have though sigaction updates where atomic by > virtue of the syscall to set them... > > Anyway looks old to me: > > Reviewed-by: Alex Bennée <alex.bennee@linaro.org> > Reviewed-by: Warner Losh <imp@bsdimp.com> I looked in bsd-user, to where this was also copied, and couldn't figure out what it was talking about... Though that's a weak review, imho.. > -- > Alex Bennée > >
Le 14/01/2022 à 16:50, Peter Maydell a écrit : > In linux-user/signal.c we have two FIXME comments claiming that > parts of the signal-handling code are not threadsafe. These are > very old, as they were first introduced in commit 624f7979058 > in 2008. Since then we've radically overhauled the signal-handling > logic, while carefully preserving these FIXME comments. > > It's unclear exactly what thread-safety issue the original > author was trying to point out -- the relevant data structures > are in the TaskStruct, which makes them per-thread and only > operated on by that thread. The old code at the time of that > commit did have various races involving signal handlers being > invoked at awkward times; possibly this was what was meant. > > Delete these FIXME comments: > * they were written at a time when the way we handled > signals was completely different > * the code today appears to us to not have thread-safety issues > * nobody knows what the problem the comments were trying to > point out was > so they are serving no useful purpose for us today. > > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> > --- > Marked "RFC" because I'm a bit uneasy with deleting FIXMEs > simply because I can't personally figure out why they're > there. This patch is more to start a discussion to see > if anybody does understand the issue -- in which case we > can instead augment the comments to describe it. > --- > linux-user/signal.c | 2 -- > 1 file changed, 2 deletions(-) Applied to my linux-user-for-7.0 branch. Thanks, Laurent
© 2016 - 2024 Red Hat, Inc.