- Carlo Contavalli:
> On Fri, Mar 31, 2006 at 09:58:46AM -0500, Wietse Venema wrote:It is hard to make everything signal safe. Therefore, Postfix uses
> > Libraries that interrupt applications are is terrible design, and
> > making every Postfix system call safe agains these could be a
> > lifetime effort.
> ok :) .. actually I was looking at myflock from the other side:
> I considered myflock to be a library function, which should not make
> assumptions over how the application handles signals. Are we sure
> that everytime myflock is called there will be no signals disrupting
> its behavior? (I was thinking about single_server_main)
signals in a limited manner:
- Enter code block, set an alarm clock, do work, and stop the alarm
clock before leaving that code block. And this is only when there
is no other solution such as select().
- Delete an incomplete output file and _exit().
The process that differs is master(8). It sets up handlers for
SIGHUP, SIGTERM, and SIGCHLD, and it should have EINTR guards.
> Quite a few timesPerhaps you mean msg_fatal; panic is reserved for interface
> if(myflock(...) < 0)
violations and integrity violations.
> and a few lines below where I added the EINTR check there is:It's probably there because I used cut-and-paste from earlier code.
> while ((status = fcntl(fd, request, &lock)) < 0
> && request == F_SETLKW
> && (errno == EINTR || errno == ENOLCK || errno == EDEADLK))
I'll add your EINTR test for flock(); but I would not be
surprised if there are places that have no EINTR guard.
If you find other calls that can use one just let me know.
- On Fri, Mar 31, 2006 at 11:23:23AM -0500, Wietse Venema wrote:
> > ok :) .. actually I was looking at myflock from the other side:as all the libraries it uses, probably, even if postfix
> > I considered myflock to be a library function, which should not make
> The process that differs is master(8). It sets up handlers for
> SIGHUP, SIGTERM, and SIGCHLD, and it should have EINTR guards.
reliability has proven it shouldn't be an issue at all...
> Perhaps you mean msg_fatal; panic is reserved for interfaceyes, sorry. that was what I meant.
> violations and integrity violations.
> I'll add your EINTR test for flock(); but I would not beok.. that one was just biting me on some code I was working
> surprised if there are places that have no EINTR guard.
on. Probably, the code is based on wrong assumptions,
and will probably change the code, but I thought
it might have been worth reporting it.
> If you find other calls that can use one just let me know.ok, I'll keep that in mind.
GPG Fingerprint: 2383 7B14 4D08 53A4 2C1A CA29 9E98 5431 1A68 6975
The first time, it's a KLUDGE!
The second, a trick.
Later, it's a well-established technique!
-- Mike Broido, Intermetrics