On Wed, Mar 9, 2016 at 12:57 PM, Andy Lutomirski <l...@amacapital.net> wrote:
>
> How safe would this be in a multithreaded process? For example, if
> open() gets canceled in the "killable" sense, is it guaranteed that no
> file descriptor will be allocated?
Not all system calls can be killed, we only do the usual cases. A
system call has to have the proper EINTR logic in place, so it's not
like we kill system calls at any random point.
> Let me try to summarize my understanding of the semantics.
>
> Thread A sends thread B a signal. Thread B wants to ignore the signal
> and defer handling unless it's either in a particular syscall and
> returns -EINTR or unless the thread is about to do the syscall.
Note that for the kernel, we don't actually have to use a signal for
this at all. Our existing "cancel system calls" code only works for
fatal signals, but that's just a trivial implementation issue.
We could add a system call that just sets a cancel flag in another
thread, and we'd just use that cancel flag to say "abort the currently
executing system call with EINTR" - in all the same places we
currently dot hat "fatal_signal_pending()" thing.
You'd still have to have all the user-space logic to do the
cancellation cleanup etc. But now you could actually cancel a write()
system call in the *middle*, which is currently just not an option.
Linus
