[sane-devel] Are sane_cancel implementations safe to be called from signal handler?

Thu Aug 26 11:48:48 UTC 2010

sane_cancel should be safe when called from a signal handler. If an
individual backend is not, it is a bug. Generally a variable should be
set, and checked at the start and end of each long-running operation.
Almost certainly no commands should be sent to the scanner.

allan

On Thu, Aug 26, 2010 at 6:35 AM, Johannes Meixner <jsmeix at suse.de> wrote:
>
> Hello,
>
> we (i.e. openSUSE/Novell) got this bug report:
>
> https://bugzilla.novell.com/show_bug.cgi?id=631294
>
> In short:
>
> It seems the sane_cancel implementations in particular backends
> are not safe to be called from signal handler which may lead
> to arbitrary issues.
> E.g. the frontend "scanimage" cannot be killed with SIGKILL
> while it is waiting in futex(...) in certain circumstances.
>
> Details:
>
> The SANE1 API documentation regarding sane_cancel reads that
> it is safe to call this function asynchronously
> (e.g., from within a signal handler).
>
> Calling sane_cancel from within a signal handler is what
> the frontend "scanimage" does in its "sighandler" function
> which is set for SIGHUP, SIGINT, SIGPIPE, and SIGTERM.
>
> Therefore according to my current understanding
> it seems each individual backend would have to be
> checked whether or not its individual implementation
> of the sane_cancel function is really safe to be called
> from within a signal handler.
>
> Just two examples:
>
> The sane_cancel implementation in backend/epson2.c
> looks safe to be called from within a signal handler:
> ---------------------------------------------------------------------
> /* void sane_cancel(SANE_Handle handle)
>  * Set the cancel flag to true. The next time the backend requests
>  * data from the scanner the CAN message will be sent.
>  */
> void
> sane_cancel(SANE_Handle handle)
> {
>  Epson_Scanner *s = (Epson_Scanner *) handle;
>  s->canceling = SANE_TRUE;
> }
> ---------------------------------------------------------------------
>
> In contrast the sane_cancel implementation in backend/plustek.c
> does not look safe to be called from within a signal handler:
> ---------------------------------------------------------------------
> /** cancel the scanning process
>  */
> void
> sane_cancel( SANE_Handle handle )
> {
>  Plustek_Scanner *s = (Plustek_Scanner *)handle;
>  DBG( _DBG_SANE_INIT, "sane_cancel\n" );
>  if (s->scanning || s->calibrating)
>    do_cancel( s, SANE_FALSE );
> }
> ---------------------------------------------------------------------
> because "do_cancel" is a bigger function which does
> all what is needed to stop the current scan process.
>
>
> Kind Regards
> Johannes Meixner
> --
> SUSE LINUX Products GmbH, Maxfeldstrasse 5, 90409 Nuernberg, Germany
> AG Nuernberg, HRB 16746, GF: Markus Rex
>
> --
> sane-devel mailing list: sane-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/sane-devel
> Unsubscribe: Send mail with subject "unsubscribe your_password"
>            to sane-devel-request at lists.alioth.debian.org
>

-- 
"The truth is an offense, but not a sin"