SIGSTKFLT - because it is more similar to SIGFPE, SIGSEGV, SIGBUS,
SIGSYS - because it is more similar to SIGABRT, SIGSEGV,
SIGPWR - because it of too special use,
+ SIGRTMIN...SIGRTMAX - because they are reserved for application use.
plus
SIGXCPU, SIGXFSZ - because they are quite similar to SIGTERM. */
/* ========================================================================= */
-/* The registered cleanup actions. */
typedef void (*action_t) (void);
-static action_t static_actions[32];
-static action_t * volatile actions = static_actions;
-static size_t volatile actions_count = 0;
+
+/* Type of an entry in the actions array.
+ The 'action' field is accessed from within the fatal_signal_handler(),
+ therefore we mark it as 'volatile'. */
+typedef struct
+{
+ volatile action_t action;
+}
+actions_entry_t;
+
+/* The registered cleanup actions. */
+static actions_entry_t static_actions[32];
+static actions_entry_t * volatile actions = static_actions;
+static sig_atomic_t volatile actions_count = 0;
static size_t actions_allocated = SIZEOF (static_actions);
break;
n--;
actions_count = n;
- action = actions[n];
+ action = actions[n].action;
/* Execute the action. */
action ();
}
- /* Now execute the signal's default action. */
+ /* Now execute the signal's default action.
+ If signal() blocks the signal being delivered for the duration of the
+ signal handler's execution, the re-raised signal is delivered when this
+ handler returns; otherwise it is delivered already during raise(). */
uninstall_handlers ();
#if HAVE_RAISE
raise (sig);
/* Extend the actions array. Note that we cannot use xrealloc(),
because then the cleanup() function could access an already
deallocated array. */
- action_t *old_actions = actions;
+ actions_entry_t *old_actions = actions;
size_t new_actions_allocated = 2 * actions_allocated;
- action_t *new_actions =
- xmalloc (new_actions_allocated * sizeof (action_t));
+ actions_entry_t *new_actions =
+ xmalloc (new_actions_allocated * sizeof (actions_entry_t));
- memcpy (new_actions, actions, actions_allocated * sizeof (action_t));
+ memcpy (new_actions, old_actions,
+ actions_allocated * sizeof (actions_entry_t));
actions = new_actions;
actions_allocated = new_actions_allocated;
/* Now we can free the old actions array. */
if (old_actions != static_actions)
free (old_actions);
}
- actions[actions_count] = action;
+ /* The two uses of 'volatile' in the types above (and ISO C 99 section
+ 5.1.2.3.(5)) ensure that we increment the actions_count only after
+ the new action has been written to the memory location
+ actions[actions_count]. */
+ actions[actions_count].action = action;
actions_count++;
}
}
}
+/* Temporarily delay the catchable fatal signals. */
void
block_fatal_signals ()
{
sigprocmask (SIG_BLOCK, &fatal_signal_set, NULL);
}
+/* Stop delaying the catchable fatal signals. */
void
unblock_fatal_signals ()
{
The limitation of this facility is that it cannot work for SIGKILL. */
/* Register a cleanup function to be executed when a catchable fatal signal
- occurs. */
+ occurs.
+
+ Restrictions for the cleanup function:
+ - The cleanup function can do all kinds of system calls.
+ - It can also access application dependent memory locations and data
+ structures provided they are in a consistent state. One way to ensure
+ this is through block_fatal_signals()/unblock_fatal_signals(), see
+ below. Another - more tricky - way to ensure this is the careful use
+ of 'volatile'.
+ However,
+ - malloc() and similarly complex facilities are not safe to be called
+ because they are not guaranteed to be in a consistent state.
+ - Also, the cleanup function must not block the catchable fatal signals
+ and leave them blocked upon return.
+
+ The cleanup function is executed asynchronously. It is unspecified
+ whether during its execution the catchable fatal signals are blocked
+ or not. */
extern void at_fatal_signal (void (*function) (void));
functions create the temporary file or directory _before_ returning its
name to the application. */
-/* Temporarily delay the catchable fatal signals. */
+/* Temporarily delay the catchable fatal signals.
+ The signals will be blocked (= delayed) until the next call to
+ unblock_fatal_signals(). If the signals are already blocked, a further
+ call to block_fatal_signals() has no effect. */
extern void block_fatal_signals (void);
/* Stop delaying the catchable fatal signals. */
projects / gnulib.git / commitdiff