1

So I am trying to understand if I am missing anything about calling futex_wait inside a signal handler for a SIGSEGV access violation. Ostensibly, it is not on the list of async-signal-safe calls, however with the assumption that I do not cause a deadlock by the signal being called on the thread that would have called futex_wake, I do not see how there could be any issues/corruption or deadlocks.

Specifically, For my use case I am trying to pause all process memory accesses in a region via mprotect()/ signal-handler pattern. During the 'paused' period I am snapshotting the segments of process memory for distributed shared memory type system.

FYI, I am trying to avoid userfaultfd, due to not being supported by some container/VM runtimes.

My thought process is that this should be safe:

  1. A handler for SIGSEGV will be synchronous, and run in the thread that caused the segfault.
  2. I can also pretty strongly guarantee that the thread controlling the access permissions, and is expected to call futex wake, will not itself segfault.

Am I missing something about my understanding of the futex_wait/wake logic?

Improve this question

1 Answer 1

Reset to default
1

Generally speaking, all syscalls are async-signal-safe per se. The signal safety problem only arises because of logic implemented in userspace, i.e., library functions, library signal handling routines, and your own code. The manual page about signal safety (man 7 signal-safety) only talks about library functions, not bare system calls. Most of those are only simple wrappers around syscalls (marked with a (2) after the name), and others may involve syscalls as well (e.g., most of the pthread-related functions), so that's where some confusion may arise.

You are technically always free to implement your own functions that may or may not make use of global state variables or syscalls in a way that is async-signal-safe for your particular program. You just have to be extra careful and remember that any thread that has handlers registered for some signals could be interrupted at any time to handle them unless masked. For example, in case of futex-related syscalls, as you correctly point out, you will have to make sure that a deadlock situation cannot happen, with the simplest case being a signal delivered to and handled by a thread that is responsible for waking the same futex that the handler waits on.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks, That's what I was hoping, and seemed to be the case, but I wanted to confirm I was not missing the obvious.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.