Re: [Qemu-devel] Re: [5578] Increase default IO timeout from 10ms to 5s

[Jamie Lokier]

Daniel P. Berrange wrote:
> > To be exact, it *was* possible for glibc to implement a pselect
> > free of races: that is by using the same trick as your patch,
> > i.e. making a pipe and adding it to select()ed fd's and mangling
> > the sigmask.
> 
> Yes & no. The trouble with glibc using pipes behind your back is that
> then it creates a totally different race in threaded apps, where a FD
> could be leaked to a child process between glibc opening its secret 
> pipe and setting the O_CLOSEXEC flag. Indeed it already suffers from
> this problem with name resolving

That involves wrapping every signal handler too, and because of
threads, handlers would need to be wrapped all the time by a
sigaction() replacement - quite a lot of cruft in libc would be
required!

If you're writing libc, and willing to go to such crazy lengths to
implement pselect() "properly", you can fix the close-on-exec race by
wrapping execve() too.

Or you can avoid close-on-exec by using siglongjmp() from the wrapped
signal handlers to jump out of select(), not requiring an fd at all.

Unsurprisingly no libc that I know goes to these lengths.

-- Jamie