Обсуждение: Re: pgsql: Use SIGURG rather than SIGUSR1 for latches.
Thomas Munro <tmunro@postgresql.org> writes:
> Use SIGURG rather than SIGUSR1 for latches.
I notice that postmaster.c still does
#ifdef SIGURG
pqsignal_pm(SIGURG, SIG_IGN); /* ignored */
#endif
It appears to me that this should now read
pqsignal_pm(SIGURG, dummy_handler); /* unused, reserve for children */
for the reasons explained in the comment for dummy_handler.
It's possible that that argument doesn't apply to the way SIGURG is used
in this patch, but I don't see a good reason to ignore the convention of
setting up the handler this way.
regards, tom lane
On Thu, Apr 15, 2021 at 2:26 PM Tom Lane <tgl@sss.pgh.pa.us> wrote: > It's possible that that argument doesn't apply to the way SIGURG is used > in this patch, but I don't see a good reason to ignore the convention of > setting up the handler this way. Yeah, will fix. I don't think there is a bug here given the way latches use shared memory flags, but it might as well be consistent.
On Thu, Apr 15, 2021 at 10:50 PM Thomas Munro <thomas.munro@gmail.com> wrote: > On Thu, Apr 15, 2021 at 2:26 PM Tom Lane <tgl@sss.pgh.pa.us> wrote: > > It's possible that that argument doesn't apply to the way SIGURG is used > > in this patch, but I don't see a good reason to ignore the convention of > > setting up the handler this way. > > Yeah, will fix. I don't think there is a bug here given the way > latches use shared memory flags, but it might as well be consistent. Here's a patch to change that. But... on second thoughts, and after coming up with a commit message to explain the change, I'm not 100% convinced it's worth committing. You can't get SIGURG without explicitly asking for it (by setting maybe_sleeping), which makes it a bit more like SIGALRM than SIGUSR2. I don't feel very strongly about this though. What do you think?
Вложения
Thomas Munro <thomas.munro@gmail.com> writes:
> Here's a patch to change that. But... on second thoughts, and after
> coming up with a commit message to explain the change, I'm not 100%
> convinced it's worth committing. You can't get SIGURG without
> explicitly asking for it (by setting maybe_sleeping), which makes it a
> bit more like SIGALRM than SIGUSR2. I don't feel very strongly about
> this though. What do you think?
Hmm, yeah, after looking more closely at InitializeLatchSupport I agree.
There's so much platform variability in whether we use the signal handler
at all that it seems best to keep it SIGIGN'd until we reach that code.
It might be good to extend the comment in postmaster.c though, perhaps
along the lines of "Ignore SIGURG for now. Child processes may change
this (see InitializeLatchSupport), but they will not receive any such
signals until they wait on a latch".
Is it really necessary to mess with UnBlockSig?
regards, tom lane
On Sat, Apr 17, 2021 at 12:46 AM Tom Lane <tgl@sss.pgh.pa.us> wrote:
> It might be good to extend the comment in postmaster.c though, perhaps
> along the lines of "Ignore SIGURG for now. Child processes may change
> this (see InitializeLatchSupport), but they will not receive any such
> signals until they wait on a latch".
Ok, will do.
> Is it really necessary to mess with UnBlockSig?
It's necessary to keep it blocked, because, to quote signalfd(2):
Normally, the set of signals to be received via the file descriptor
should be blocked using sigprocmask(2), to prevent the signals being
handled according to their default dispositions.
It does seem a little strange to have a sigset_t called UnBlockSig
that leaves one signal blocked, but it still fits this description
(from which I removed the parenthetical question):
* UnBlockSig is the set of signals to block when we don't want to block
- * signals (is this ever nonzero??)
+ * signals.
There is also clear warning near that:
+ /* Note: InitializeLatchSupport() modifies UnBlockSig. */
I admit that it's a little unpleasant that it does that, but I
couldn't find a better way, considering the dependency on build
options and details known only to latch.c. In earlier versions I
posted of that patch set, I did consider an alternative where
pqsignal.c would ask latch.c if it should be blocked, but it seemed
uglier.
The kqueue designers made a different choice for EVFILT_SIGNAL:
... This coexists with the signal() and
sigaction() facilities, and has a lower precedence.
The filter will record all attempts to deliver a
signal to a process, even if the signal has been
marked as SIG_IGN, ...
So in kqueue builds, it's not necessary to block it, because SIG_IGN
is enough to redirect the signal to the kqueue (and blocking it would
prevent kqueue from receiving it IIRC). All the calls to set the
disposition to SIG_IGN explicitly are probably unnecessary since
that's the default disposition, but I figured that was somehow useful
as documentation, and a place to hang a comment.
Thomas Munro <thomas.munro@gmail.com> writes:
> On Sat, Apr 17, 2021 at 12:46 AM Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Is it really necessary to mess with UnBlockSig?
> It's necessary to keep it blocked, because, to quote signalfd(2):
> Normally, the set of signals to be received via the file descriptor
> should be blocked using sigprocmask(2), to prevent the signals being
> handled according to their default dispositions.
Meh. OK.
(I would've thought that a SIG_IGN'd signal would be dropped
immediately even if blocked; that's the behavior that dummy_handler
is designed to prevent, and I'm pretty sure that that code is there
because we saw it actually behaving that way on some platforms.
But apparently not on Linux?)
> ... All the calls to set the
> disposition to SIG_IGN explicitly are probably unnecessary since
> that's the default disposition, but I figured that was somehow useful
> as documentation, and a place to hang a comment.
Agreed, I would not suggest removing those.
regards, tom lane
On Sat, Apr 17, 2021 at 8:49 AM Tom Lane <tgl@sss.pgh.pa.us> wrote: > (I would've thought that a SIG_IGN'd signal would be dropped > immediately even if blocked; that's the behavior that dummy_handler > is designed to prevent, and I'm pretty sure that that code is there > because we saw it actually behaving that way on some platforms. > But apparently not on Linux?) Yeah, it's a point of variation between platforms. POSIX: "If the action associated with a blocked signal is to ignore the signal and if that signal is generated for the process, it is unspecified whether the signal is discarded immediately upon generation or remains pending." Linux: "Blocked signals are never ignored, since the signal handler may change by the time it is unblocked." BSDs, Darwin: "If the signal is being ignored, then we forget about it immediately."
On Sun, Apr 18, 2021 at 1:28 AM Thomas Munro <thomas.munro@gmail.com> wrote: > Linux: "Blocked signals are never ignored, since the signal handler > may change by the time it is unblocked." I should add, that's what the source says. The man page for sigpending(2) makes the opposite claim in its NOTES section on my Debian system (it helpfully describes the BSD behaviour instead), but the man page is demonstrably wrong.