On Sun, Jul 25, 2021 at 07:41:47PM -0600, Theo de Raadt wrote: > Scott Cheloha <[email protected]> wrote: > > > Given this, I want to tell the reader, roughly: > > > > "hey! it's plausible there is a SIGALRM-based sleep() implementation > > using still floating around out there in the wild. If you find one, > > you'll want to avoid using it because there are unfixable bugs in > > such an implementation. Maybe use nanosleep() instead. If you *do* > > use it, just know that it will behave differently from OpenBSD's > > sleep() in some corner cases." > > > > But if you really think there is no point in mentioning that, and > > others agree with you, then we won't mention it. > > I don't think the manual pages need to be proscriptive about a concern > which doesn't occur in the wild.
We don't know if it is still in the wild or not. There are lots of libc implementations. We can't account for all of them. > Being proscriptive in OpenBSD manual pages isn't going to stop someone > from creating the precise problem you describe in some other body of > code. Except, you are saying they don't create that problem. Right, we can't prevent it, which is why I wanted to say "beware". > So why foam at the mouth over it? Because up until this very moment we referenced the historical implementation approach in the manpage. -- Anyway, updated patch. No mention of SIGALRM or alarm(3) except in the History section. Still wondering whether we need an Errors section to mention that sleep(3) can set errno. Otherwise I think this is about done. Index: sleep.3 =================================================================== RCS file: /cvs/src/lib/libc/gen/sleep.3,v retrieving revision 1.16 diff -u -p -r1.16 sleep.3 --- sleep.3 8 Feb 2020 01:09:57 -0000 1.16 +++ sleep.3 26 Jul 2021 12:52:23 -0000 @@ -32,7 +32,7 @@ .Os .Sh NAME .Nm sleep -.Nd suspend process execution for interval measured in seconds +.Nd suspend execution for an interval of seconds .Sh SYNOPSIS .In unistd.h .Ft unsigned int @@ -40,41 +40,38 @@ .Sh DESCRIPTION The .Fn sleep -function suspends execution of the calling process until either +function suspends execution until at least the given number of .Fa seconds -seconds have elapsed or a signal is delivered to the process and its -action is to invoke a signal-catching function or to terminate the -process. -The suspension time may be longer than requested due to the -scheduling of other activity by the system. +have elapsed or an unmasked signal is delivered to the calling thread. .Pp -This function is implemented using -.Xr nanosleep 2 -by pausing for -.Fa seconds -seconds or until a signal occurs. -Consequently, in this implementation, -sleeping has no effect on the state of process timers, -and there is no special handling for -.Dv SIGALRM . +This version of +.Fn sleep +is implemented with +.Xr nanosleep 2 , +so delivery of any unmasked signal will terminate the sleep early, +even if +.Dv SA_RESTART +is set with +.Xr sigaction 2 +for the interrupting signal. .Sh RETURN VALUES -If the +If .Fn sleep -function returns because the requested time has elapsed, the value -returned will be zero. -If the +sleeps for the full count of +.Fa seconds +it returns 0. +Otherwise, .Fn sleep -function returns due to the delivery of a signal, the value returned -will be the unslept amount (the request time minus the time actually -slept) in seconds. +returns the number of seconds remaining from the original request. .Sh SEE ALSO .Xr sleep 1 , -.Xr nanosleep 2 +.Xr nanosleep 2 , +.Xr sigaction 2 .Sh STANDARDS The .Fn sleep function conforms to -.St -p1003.1-90 . +.St -p1003.1-2008 . .Sh HISTORY A .Fn sleep
