dash.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Jilles Tjoelker <jilles@stack.nl>
To: Harald van Dijk <harald@gigawatt.nl>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
	steffen@sdaoden.eu, dash@vger.kernel.org,
Subject: Re: [PATCH] jobs: Block signals during tcsetpgrp
Date: Wed, 6 Jan 2021 23:41:02 +0100	[thread overview]
Message-ID: <20210106224102.GB23865@stack.nl> (raw)
In-Reply-To: <cb36ab63-d039-c4ee-c4f3-28bafea56b3a@gigawatt.nl>

On Wed, Jan 06, 2021 at 09:16:58PM +0000, Harald van Dijk wrote:
> On 06/01/2021 04:45, Herbert Xu wrote:
> > This patch implements the blocking of SIGTTOU (and everything else)
> > while we call tcsetpgrp.

> > Reported-by: Steffen Nurpmeso <steffen@sdaoden.eu>
> > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

> > diff --git a/src/jobs.c b/src/jobs.c
> > index 516786f..809f37c 100644
> > --- a/src/jobs.c
> > +++ b/src/jobs.c
> > @@ -1512,7 +1512,13 @@ showpipe(struct job *jp, struct output *out)
> >   STATIC void
> >   xtcsetpgrp(int fd, pid_t pgrp)
> >   {
> > -	if (tcsetpgrp(fd, pgrp))
> > +	int err;
> > +
> > +	sigblockall(NULL);
> > +	err = tcsetpgrp(fd, pgrp);
> > +	sigclearmask();
> > +
> > +	if (err)
> >   		sh_error("Cannot set tty process group (%s)", strerror(errno));
> >   }
> >   #endif

> While this is a step in the right direction, Jilles has already replied with
> an explanation of why this is not enough: if the terminal is in TOSTOP mode,
> it's not just tcsetpgrp() that needs to be handled, it's any write as well
> that may occur while the shell is not in the foreground process group. While
> it may be working according to design for messages written when the shell is
> not supposed to be in the foreground process group, it is another story when
> the shell is both responsible for taking itself out of the foreground
> process group and for writing a message. This is made worse by the fact that
> there is no synchronisation with child processes on errors, so even forcibly
> restoring the foreground process group may not be enough: unfortunate
> scheduling may result in a child process immediately setting the foreground
> process group to the child process after the parent process attempted to
> restore it to itself. I have not yet seen a good solution for this.

Comparing this error situation to the normal case, I think the right
solution is to close any stray pipe ends we have, wait for the remaining
child processes and only then report the error (throwing an exception as
normal). The child processes will probably terminate soon because of a
broken pipe, but even if they stop, they will not change the tty
foreground process group any more. The code in jobs.c will then reset

The same error handling applies to the situation where pipe() fails.
This is a bit easier to test reliably, using ulimit -n.

Adding synchronization with the child processes slows down the normal
case for a rare error case, and the synchronization objects such as
pipe, eventfd, SysV semaphore or MAP_SHARED mapping might cause
unexpected issues in strange use cases.

A related bug: if fork fails for a command substitution, the pipe
created for reading the command output remains open (two descriptors).
This one is also in dash as well as FreeBSD sh. Throwing exceptions from
forkshell() may not be the best idea.

Jilles Tjoelker

  reply	other threads:[~2021-01-06 22:42 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-19 17:28 dash, busybox sh 1.32.0, FreeBSD 12.2 sh: spring TTOU but should not i think Steffen Nurpmeso
2020-12-19 22:21 ` Steffen Nurpmeso
2020-12-19 23:52   ` Harald van Dijk
2020-12-21 16:24     ` Jilles Tjoelker
2020-12-21 19:43       ` Steffen Nurpmeso
2020-12-23 20:18       ` Harald van Dijk
2020-12-24 15:29         ` Jilles Tjoelker
2021-01-10 23:56         ` Harald van Dijk
2021-01-06  4:46       ` Herbert Xu
2021-01-06  4:45     ` [PATCH] jobs: Block signals during tcsetpgrp Herbert Xu
2021-01-06 21:16       ` Harald van Dijk
2021-01-06 22:41         ` Jilles Tjoelker [this message]
2021-01-07  7:36         ` Denys Vlasenko

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210106224102.GB23865@stack.nl \
    --to=jilles@stack.nl \
    --cc=dash@vger.kernel.org \
    --cc=harald@gigawatt.nl \
    --cc=herbert@gondor.apana.org.au \
    --cc=steffen@sdaoden.eu \
    --cc=vda.linux@googlemail.com \
    --subject='Re: [PATCH] jobs: Block signals during tcsetpgrp' \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).