| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Don't run atexit callbacks during signal exits from ProcessStart |
| Date: | 2020-09-11 16:24:53 |
| Message-ID: | E1kGlr3-0003y6-Rx@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Don't run atexit callbacks during signal exits from ProcessStartupPacket.
Although 58c6feccf fixed the case for SIGQUIT, we were still calling
proc_exit() from signal handlers for SIGTERM and timeout failures in
ProcessStartupPacket. Fortunately, at the point where that code runs,
we haven't yet connected to shared memory in any meaningful way, so
there is nothing we need to undo in shared memory. This means it
should be safe to use _exit(1) here, ie, not run any atexit handlers
but also inform the postmaster that it's not a crash exit.
To make sure nobody breaks the "nothing to undo" expectation, add
a cross-check that no on-shmem-exit or before-shmem-exit handlers
have been registered yet when we finish using these signal handlers.
This change is simple enough that maybe it could be back-patched,
but I won't risk that right now.
Discussion: https://postgr.es/m/1850884.1599601164@sss.pgh.pa.us
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/6693a96b329ec46f1df916f2a28d640cc9a9977d
Modified Files
--------------
src/backend/postmaster/postmaster.c | 72 +++++++++++++++++--------------------
src/backend/storage/ipc/ipc.c | 17 +++++++++
src/include/storage/ipc.h | 1 +
3 files changed, 51 insertions(+), 39 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2020-09-11 19:16:56 | pgsql: psql: Display stats target of extended statistics |
| Previous Message | Alvaro Herrera | 2020-09-11 15:59:33 | pgsql: Update copyright year |