granicus.if.org Git - postgresql/commit

Don't run atexit callbacks in quickdie signal handlers.

exit() is not async-signal safe. Even if the libc implementation is, 3rd
party libraries might have installed unsafe atexit() callbacks. After
receiving SIGQUIT, we really just want to exit as quickly as possible, so
we don't really want to run the atexit() callbacks anyway.

The original report by Jimmy Yih was a self-deadlock in startup_die().
However, this patch doesn't address that scenario; the signal handling
while waiting for the startup packet is more complicated. But at least this
alleviates similar problems in the SIGQUIT handlers, like that reported
by Asim R P later in the same thread.

Backpatch to 9.3 (all supported versions).

Discussion: https://www.postgresql.org/message-id/CAOMx_OAuRUHiAuCg2YgicZLzPVv5d9_H4KrL_OFsFP%3DVPekigA%40mail.gmail.com

author	Heikki Linnakangas <heikki.linnakangas@iki.fi>
	Wed, 8 Aug 2018 16:08:10 +0000 (19:08 +0300)
committer	Heikki Linnakangas <heikki.linnakangas@iki.fi>
	Wed, 8 Aug 2018 16:10:38 +0000 (19:10 +0300)
commit	d5a9b706ea93a95d9359066488c33aee33a695bc
tree	b8b9109a35fc4e8edf52e2ddbf3c19fd385a8b19	tree \| snapshot
parent	33c5d3bf85d7ae01ee66bb3a4d77abde85c0f8bf	commit \| diff

src/backend/postmaster/bgworker.c		diff \| blob \| history
src/backend/postmaster/bgwriter.c		diff \| blob \| history
src/backend/postmaster/checkpointer.c		diff \| blob \| history
src/backend/postmaster/startup.c		diff \| blob \| history
src/backend/postmaster/walwriter.c		diff \| blob \| history
src/backend/replication/walreceiver.c		diff \| blob \| history
src/backend/tcop/postgres.c		diff \| blob \| history