Hello, > > I propose the attached patch. It adds a new flag ImmediateDieOK, which is a > > weaker form of ImmediateInterruptOK that only allows handling a pending > > die-signal in the signal handler. > > > > Robert, others, do you see a problem with this? > > Per se I don't have a problem with it. There does exist the problem that > the user doesn't get a error message in more cases though. On the other > hand it's bad if any user can prevent the database from restarting. > > > Over IM, Robert pointed out that it's not safe to jump out of a signal > > handler with siglongjmp, when we're inside library calls, like in a callback > > called by OpenSSL. But even with current master branch, that's exactly what > > we do. In secure_raw_read(), we set ImmediateInterruptOK = true, which means > > that any incoming signal will be handled directly in the signal handler, > > which can mean elog(ERROR). Should we be worried? OpenSSL might get confused > > if control never returns to the SSL_read() or SSL_write() function that > > called secure_raw_read(). > > But this is imo prohibitive. Yes, we're doing it for a long while. But > no, that's not ok. It actually prompoted me into prototyping the latch > thing (in some other thread). I don't think existing practice justifies > expanding it further.
I see, in that case, this approach seems basically applicable. But if I understand correctly, this patch seems not to return out of the openssl code even when latch was found to be set in secure_raw_write/read. I tried setting errno = ECONNRESET and it went well but seems a bad deed. secure_raw_write(Port *port, const void *ptr, size_t len) { n = send(port->sock, ptr, len, 0); if (!port->noblock && n < 0 && (errno == EWOULDBLOCK || errno == EAGAIN)) { w = WaitLatchOrSocket(&MyProc->procLatch, ... if (w & WL_LATCH_SET) { ResetLatch(&MyProc->procLatch); /* * Force a return, so interrupts can be processed when not * (possibly) underneath a ssl library. */ errno = EINTR; (return n; // n is negative) my_sock_write(BIO *h, const char *buf, int size) { res = secure_raw_write(((Port *) h->ptr), buf, size); BIO_clear_retry_flags(h); if (res <= 0) { if (errno == EINTR || errno == EWOULDBLOCK || errno == EAGAIN) { BIO_set_retry_write(h); -- Kyotaro Horiguchi NTT Open Source Software Center -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers