Skip to content

Commit 5c26ab6

Browse files
tglsfdctglsfdc
committed
Block signals earlier during postmaster startup.
Formerly, we set up the postmaster's signal handling only when we were about to start launching subprocesses. This is a bad idea though, as it means that for example a SIGINT arriving before that will kill the postmaster instantly, perhaps leaving lockfiles, socket files, shared memory, etc laying about. We'd rather that such a signal caused orderly postmaster termination including releasing of those resources. A simple fix is to move the PostmasterMain stanza that initializes signal handling to an earlier point, before we've created any such resources. Then, an early-arriving signal will be blocked until we're ready to deal with it in the usual way. (The only part that really needs to be moved up is blocking of signals, but it seems best to keep the signal handler installation calls together with that; for one thing this ensures the kernel won't drop any signals we wished to get. The handlers won't get invoked in any case until we unblock signals in ServerLoop.) Per a report from MauMau. He proposed changing the way "pg_ctl stop" works to deal with this, but that'd just be masking one symptom not fixing the core issue. It's been like this since forever, so back-patch to all supported branches.
1 parent 9500d8f commit 5c26ab6

File tree

1 file changed

+29
-29
lines changed

1 file changed

+29
-29
lines changed

src/backend/postmaster/postmaster.c

Lines changed: 29 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -512,6 +512,35 @@ PostmasterMain(int argc, char *argv[])
512512
/* Initialize paths to installation files */
513513
getInstallationPaths(argv[0]);
514514

515+
/*
516+
* Set up signal handlers for the postmaster process.
517+
*
518+
* CAUTION: when changing this list, check for side-effects on the signal
519+
* handling setup of child processes. See tcop/postgres.c,
520+
* bootstrap/bootstrap.c, postmaster/bgwriter.c, postmaster/walwriter.c,
521+
* postmaster/autovacuum.c, postmaster/pgarch.c, postmaster/pgstat.c, and
522+
* postmaster/syslogger.c.
523+
*/
524+
pqinitmask();
525+
PG_SETMASK(&BlockSig);
526+
527+
pqsignal(SIGHUP, SIGHUP_handler); /* reread config file and have
528+
* children do same */
529+
pqsignal(SIGINT, pmdie); /* send SIGTERM and shut down */
530+
pqsignal(SIGQUIT, pmdie); /* send SIGQUIT and die */
531+
pqsignal(SIGTERM, pmdie); /* wait for children and shut down */
532+
pqsignal(SIGALRM, SIG_IGN); /* ignored */
533+
pqsignal(SIGPIPE, SIG_IGN); /* ignored */
534+
pqsignal(SIGUSR1, sigusr1_handler); /* message from child process */
535+
pqsignal(SIGUSR2, dummy_handler); /* unused, reserve for children */
536+
pqsignal(SIGCHLD, reaper); /* handle child termination */
537+
pqsignal(SIGTTIN, SIG_IGN); /* ignored */
538+
pqsignal(SIGTTOU, SIG_IGN); /* ignored */
539+
/* ignore SIGXFSZ, so that ulimit violations work like disk full */
540+
#ifdef SIGXFSZ
541+
pqsignal(SIGXFSZ, SIG_IGN); /* ignored */
542+
#endif
543+
515544
/*
516545
* Options setup
517546
*/
@@ -1013,35 +1042,6 @@ PostmasterMain(int argc, char *argv[])
10131042
progname, external_pid_file, strerror(errno));
10141043
}
10151044

1016-
/*
1017-
* Set up signal handlers for the postmaster process.
1018-
*
1019-
* CAUTION: when changing this list, check for side-effects on the signal
1020-
* handling setup of child processes. See tcop/postgres.c,
1021-
* bootstrap/bootstrap.c, postmaster/bgwriter.c, postmaster/walwriter.c,
1022-
* postmaster/autovacuum.c, postmaster/pgarch.c, postmaster/pgstat.c, and
1023-
* postmaster/syslogger.c.
1024-
*/
1025-
pqinitmask();
1026-
PG_SETMASK(&BlockSig);
1027-
1028-
pqsignal(SIGHUP, SIGHUP_handler); /* reread config file and have
1029-
* children do same */
1030-
pqsignal(SIGINT, pmdie); /* send SIGTERM and shut down */
1031-
pqsignal(SIGQUIT, pmdie); /* send SIGQUIT and die */
1032-
pqsignal(SIGTERM, pmdie); /* wait for children and shut down */
1033-
pqsignal(SIGALRM, SIG_IGN); /* ignored */
1034-
pqsignal(SIGPIPE, SIG_IGN); /* ignored */
1035-
pqsignal(SIGUSR1, sigusr1_handler); /* message from child process */
1036-
pqsignal(SIGUSR2, dummy_handler); /* unused, reserve for children */
1037-
pqsignal(SIGCHLD, reaper); /* handle child termination */
1038-
pqsignal(SIGTTIN, SIG_IGN); /* ignored */
1039-
pqsignal(SIGTTOU, SIG_IGN); /* ignored */
1040-
/* ignore SIGXFSZ, so that ulimit violations work like disk full */
1041-
#ifdef SIGXFSZ
1042-
pqsignal(SIGXFSZ, SIG_IGN); /* ignored */
1043-
#endif
1044-
10451045
/*
10461046
* If enabled, start up syslogger collection subprocess
10471047
*/

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy