Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

src: add --disable-sigusr1 to prevent signal i/o thread #56441

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

src: add --disable-sigusr1 to prevent signal i/o thread #56441

wants to merge 3 commits into from
+50 −1

Conversation

RafaelGSS
Copy link
Member

This commit adds a new flag --disable-sigusr1 to prevent the SignalIOThread to be up listening the SIGUSR1 events and then starting the debugging session.

This flag is handy when dealing with multiple apps in the same environment. I wouldn't call it a full security guarantee since one would require access to the environment in order to expose the debugger, and with that assumption, one can do anything one wants. However, I do believe this would serve as a seatbelt in some scenarios.

Please note users already do it by require('inspector').close(), but a flag seems more suitable.

@RafaelGSS
src: add --disable-sigusr1 to prevent signal i/o thread
ddb54da 
This commit adds a new flag `--disable-sigusr1` to prevent
the SignalIOThread to be up listening the SIGUSR1 events and
then starting the debugging session.
@RafaelGSS RafaelGSS added the semver-minor PRs that contain new features and should be released in the next minor version. label Jan 2, 2025
@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. labels Jan 2, 2025
@juanarbol
Copy link
Member

Idk if this is the wait to do it. There's also SIGUSR2 among other signals. Wouldn't that be better to have a "blacklist" approach instead? So the logic scales to any signal.

@RafaelGSS
Copy link
Member Author

RafaelGSS commented Jan 2, 2025
edited
Loading

Idk if this is the wait to do it. There's also SIGUSR2 among other signals. Wouldn't that be better to have a "blacklist" approach instead? So the logic scales to any signal.

Initially, I thought about the --disable-signal=SIGUSR1 but then I realized that there's no "damage" in receiving a SIGUSR2. AFAIK only SIGUSR1 would initiate the debugging session.

I could also rename the flag to --disable-sigusr1-debug to make it more explicit but, I don't think there's a need for that.

Also, having a --disable-signal and not implementing other signals might sound confusing to users.

@RafaelGSS RafaelGSS added the review wanted PRs that need reviews. label Jan 2, 2025
@juanarbol
Copy link
Member

I don't disagree w/ this patch. But if this is intended to disable/flip a default behaviour, it may need some update in the documentation side as well.

Useful when activating the inspector by sending the SIGUSR1 signal.

Refs: https://nodejs.org/docs/latest/api/cli.html#--inspect-porthostport

@RafaelGSS
Copy link
Member Author

Ok. I can update the --inspect documentation to explicitly mention when --disable-sigusr1 is passed, the debugging session initialized with SIGUSR1 won't work.

@codecov Codecov
Copy link

codecov bot commented Jan 2, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 75.00000% with 1 line in your changes missing coverage. Please review.

Project coverage is 88.54%. Comparing base (98d4ebc) to head (384dc99).
Report is 6 commits behind head on main.

Files with missing lines Patch % Lines
src/env-inl.h 50.00% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #56441   +/-   ##
=======================================
  Coverage   88.53%   88.54%           
=======================================
  Files         657      657           
  Lines      190741   190768   +27     
  Branches    36607    36609    +2     
=======================================
+ Hits       168881   168918   +37     
- Misses      15036    15040    +4     
+ Partials     6824     6810   -14
Files with missing lines Coverage Δ
src/node_options.cc 87.78% <100.00%> (-0.15%) ⬇️
src/node_options.h 98.31% <100.00%> (+<0.01%) ⬆️
src/env-inl.h 96.99% <50.00%> (-0.21%) ⬇️

... and 36 files with indirect coverage changes

@RafaelGSS
Copy link
Member Author

RafaelGSS commented Jan 3, 2025
edited
Loading

PTAL @juanarbol

I have also changed the flag to be in stability 1.1 so we can re-evaluate if we need to rename or make it more generic in the future.

targos
targos reviewed Jan 3, 2025
View reviewed changes
doc/api/cli.md Outdated Show resolved Hide resolved
@RafaelGSS @targos
Update doc/api/cli.md
384dc99 
Co-authored-by: Michaël Zasso <[email protected]>
@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Jan 3, 2025
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jan 3, 2025
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/64314/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@targos targos targos left review comments

Assignees
No one assigned
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. review wanted PRs that need reviews. semver-minor PRs that contain new features and should be released in the next minor version.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@RafaelGSS @juanarbol @nodejs-github-bot @targos