From: "Eric W. Biederman" <ebiederm@xmission.com>
To: Oleg Nesterov <oleg@redhat.com>
Cc: axboe@kernel.dk, brauner@kernel.org, mst@redhat.com,
linux@leemhuis.info, linux-kernel@vger.kernel.org,
stefanha@redhat.com, nicolas.dichtel@6wind.com,
virtualization@lists.linux-foundation.org,
torvalds@linux-foundation.org
Subject: Re: [RFC PATCH 1/8] signal: Dequeue SIGKILL even if SIGNAL_GROUP_EXIT/group_exec_task is set
Date: Thu, 18 May 2023 13:28:40 -0500 [thread overview]
Message-ID: <875y8ph4tj.fsf@email.froward.int.ebiederm.org> (raw)
In-Reply-To: <20230518170359.GC20779@redhat.com> (Oleg Nesterov's message of "Thu, 18 May 2023 19:04:00 +0200")
Oleg Nesterov <oleg@redhat.com> writes:
> On 05/18, Mike Christie wrote:
>>
>> On 5/18/23 11:25 AM, Oleg Nesterov wrote:
>> > I too do not understand the 1st change in this patch ...
>> >
>> > On 05/18, Mike Christie wrote:
>> >>
>> >> In the other patches we do:
>> >>
>> >> if (get_signal(ksig))
>> >> start_exit_cleanup_by_stopping_newIO()
>> >> flush running IO()
>> >> exit()
>> >>
>> >> But to do the flush running IO() part of this I need to wait for it so
>> >> that's why I wanted to be able to dequeue the SIGKILL and clear the
>> >> TIF_SIGPENDING bit.
>> >
>> > But get_signal() will do what you need, dequeue SIGKILL and clear SIGPENDING ?
>> >
>> > if ((signal->flags & SIGNAL_GROUP_EXIT) ||
>> > signal->group_exec_task) {
>> > clear_siginfo(&ksig->info);
>> > ksig->info.si_signo = signr = SIGKILL;
>> > sigdelset(¤t->pending.signal, SIGKILL);
>> >
>> > this "dequeues" SIGKILL,
>
> OOPS. this doesn't remove SIGKILL from current->signal->shared_pending
Neither does calling get_signal the first time.
But the second time get_signal is called it should work.
Leaving SIGKILL in current->signal->shared_pending when it has already
been short circuit delivered appears to be an out and out bug.
>> >
>> > trace_signal_deliver(SIGKILL, SEND_SIG_NOINFO,
>> > &sighand->action[SIGKILL - 1]);
>> > recalc_sigpending();
>> >
>> > this clears TIF_SIGPENDING.
>
> No, I was wrong, recalc_sigpending() won't clear TIF_SIGPENDING if
> SIGKILL is in signal->shared_pending
That feels wrong as well.
>> I see what you guys meant. TIF_SIGPENDING isn't getting cleared.
>> I'll dig into why.
>
> See above, sorry for confusion.
>
>
>
> And again, there is another problem with SIGSTOP. To simplify, suppose
> a PF_IO_WORKER thread does something like
>
> while (signal_pending(current))
> get_signal(...);
>
> this will loop forever if (SIGNAL_GROUP_EXIT || group_exec_task) and
> SIGSTOP is pending.
I think we want to do something like the untested diff below.
That the PF_IO_WORKER test allows get_signal to be called
after get_signal returns a fatal aka SIGKILL seems wrong.
That doesn't happen in the io_uring case, and certainly nowhere
else.
The change to complete_signal appears obviously correct although
a pending siginfo still needs to be handled.
The change to recalc_siginfo also appears mostly right, but I am not
certain that the !freezing test is in the proper place. Nor am I
certain it won't have other surprise effects.
Still the big issue seems to be the way get_signal is connected into
these threads so that it keeps getting called. Calling get_signal after
a fatal signal has been returned happens nowhere else and even if we fix
it today it is likely to lead to bugs in the future because whoever is
testing and updating the code is unlikely they have a vhost test case
the care about.
diff --git a/kernel/signal.c b/kernel/signal.c
index 8f6330f0e9ca..4d54718cad36 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -181,7 +181,9 @@ void recalc_sigpending_and_wake(struct task_struct *t)
void recalc_sigpending(void)
{
- if (!recalc_sigpending_tsk(current) && !freezing(current))
+ if ((!recalc_sigpending_tsk(current) && !freezing(current)) ||
+ ((current->signal->flags & SIGNAL_GROUP_EXIT) &&
+ !__fatal_signal_pending(current)))
clear_thread_flag(TIF_SIGPENDING);
}
@@ -1043,6 +1045,13 @@ static void complete_signal(int sig, struct task_struct *p, enum pid_type type)
* This signal will be fatal to the whole group.
*/
if (!sig_kernel_coredump(sig)) {
+ /*
+ * The signal is being short circuit delivered
+ * don't it pending.
+ */
+ if (type != PIDTYPE_PID) {
+ sigdelset(&t->signal->shared_pending, sig);
+
/*
* Start a group exit and wake everybody up.
* This way we don't have other threads
Eric
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
next prev parent reply other threads:[~2023-05-18 18:31 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-18 0:09 [RFC PATCH 0/8] vhost_tasks: Use CLONE_THREAD/SIGHAND Mike Christie
2023-05-18 0:09 ` [RFC PATCH 1/8] signal: Dequeue SIGKILL even if SIGNAL_GROUP_EXIT/group_exec_task is set Mike Christie
2023-05-18 2:34 ` Eric W. Biederman
2023-05-18 3:49 ` Eric W. Biederman
2023-05-18 15:21 ` Mike Christie
2023-05-18 16:25 ` Oleg Nesterov
2023-05-18 16:42 ` Mike Christie
2023-05-18 17:04 ` Oleg Nesterov
2023-05-18 18:28 ` Eric W. Biederman [this message]
2023-05-18 22:57 ` Mike Christie
2023-05-19 4:16 ` Eric W. Biederman
2023-05-19 23:24 ` Mike Christie
2023-05-22 13:30 ` Oleg Nesterov
[not found] ` <20230518-kontakt-geduckt-25bab595f503@brauner>
2023-05-18 15:27 ` Mike Christie
[not found] ` <20230518-ratgeber-erbeben-843e68b0d6ac@brauner>
2023-05-18 18:08 ` Oleg Nesterov
[not found] ` <20230518-fettgehalt-erdbeben-25587a432815@brauner>
2023-05-18 18:23 ` Oleg Nesterov
2023-05-18 0:09 ` [RFC PATCH 2/8] vhost/vhost_task: Hook vhost layer into signal handler Mike Christie
2023-05-18 0:16 ` Linus Torvalds
2023-05-18 1:01 ` Mike Christie
2023-05-18 0:09 ` [RFC PATCH 3/8] fork/vhost_task: Switch to CLONE_THREAD and CLONE_SIGHAND Mike Christie
2023-05-18 0:09 ` [RFC PATCH 4/8] vhost-net: Move vhost_net_open Mike Christie
2023-05-18 0:09 ` [RFC PATCH 5/8] vhost: Add callback that stops new work and waits on running ones Mike Christie
[not found] ` <20230518-lokomotive-aufziehen-dbc432136b76@brauner>
2023-05-18 15:03 ` Mike Christie
2023-05-18 18:38 ` Eric W. Biederman
2023-05-18 0:09 ` [RFC PATCH 6/8] vhost-scsi: Add callback to stop and wait on works Mike Christie
2023-05-18 0:09 ` [RFC PATCH 7/8] vhost-net: " Mike Christie
2023-05-18 0:09 ` [RFC PATCH 8/8] fork/vhost_task: remove no_files Mike Christie
2023-05-18 1:04 ` Mike Christie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=875y8ph4tj.fsf@email.froward.int.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=axboe@kernel.dk \
--cc=brauner@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@leemhuis.info \
--cc=mst@redhat.com \
--cc=nicolas.dichtel@6wind.com \
--cc=oleg@redhat.com \
--cc=stefanha@redhat.com \
--cc=torvalds@linux-foundation.org \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).