| @node Signal Handling, Program Basics, Non-Local Exits, Top |
| @c %MENU% How to send, block, and handle signals |
| @chapter Signal Handling |
| |
| @cindex signal |
| A @dfn{signal} is a software interrupt delivered to a process. The |
| operating system uses signals to report exceptional situations to an |
| executing program. Some signals report errors such as references to |
| invalid memory addresses; others report asynchronous events, such as |
| disconnection of a phone line. |
| |
| @Theglibc{} defines a variety of signal types, each for a |
| particular kind of event. Some kinds of events make it inadvisable or |
| impossible for the program to proceed as usual, and the corresponding |
| signals normally abort the program. Other kinds of signals that report |
| harmless events are ignored by default. |
| |
| If you anticipate an event that causes signals, you can define a handler |
| function and tell the operating system to run it when that particular |
| type of signal arrives. |
| |
| Finally, one process can send a signal to another process; this allows a |
| parent process to abort a child, or two related processes to communicate |
| and synchronize. |
| |
| @menu |
| * Concepts of Signals:: Introduction to the signal facilities. |
| * Standard Signals:: Particular kinds of signals with |
| standard names and meanings. |
| * Signal Actions:: Specifying what happens when a |
| particular signal is delivered. |
| * Defining Handlers:: How to write a signal handler function. |
| * Interrupted Primitives:: Signal handlers affect use of @code{open}, |
| @code{read}, @code{write} and other functions. |
| * Generating Signals:: How to send a signal to a process. |
| * Blocking Signals:: Making the system hold signals temporarily. |
| * Waiting for a Signal:: Suspending your program until a signal |
| arrives. |
| * Signal Stack:: Using a Separate Signal Stack. |
| * BSD Signal Handling:: Additional functions for backward |
| compatibility with BSD. |
| @end menu |
| |
| @node Concepts of Signals |
| @section Basic Concepts of Signals |
| |
| This section explains basic concepts of how signals are generated, what |
| happens after a signal is delivered, and how programs can handle |
| signals. |
| |
| @menu |
| * Kinds of Signals:: Some examples of what can cause a signal. |
| * Signal Generation:: Concepts of why and how signals occur. |
| * Delivery of Signal:: Concepts of what a signal does to the |
| process. |
| @end menu |
| |
| @node Kinds of Signals |
| @subsection Some Kinds of Signals |
| |
| A signal reports the occurrence of an exceptional event. These are some |
| of the events that can cause (or @dfn{generate}, or @dfn{raise}) a |
| signal: |
| |
| @itemize @bullet |
| @item |
| A program error such as dividing by zero or issuing an address outside |
| the valid range. |
| |
| @item |
| A user request to interrupt or terminate the program. Most environments |
| are set up to let a user suspend the program by typing @kbd{C-z}, or |
| terminate it with @kbd{C-c}. Whatever key sequence is used, the |
| operating system sends the proper signal to interrupt the process. |
| |
| @item |
| The termination of a child process. |
| |
| @item |
| Expiration of a timer or alarm. |
| |
| @item |
| A call to @code{kill} or @code{raise} by the same process. |
| |
| @item |
| A call to @code{kill} from another process. Signals are a limited but |
| useful form of interprocess communication. |
| |
| @item |
| An attempt to perform an I/O operation that cannot be done. Examples |
| are reading from a pipe that has no writer (@pxref{Pipes and FIFOs}), |
| and reading or writing to a terminal in certain situations (@pxref{Job |
| Control}). |
| @end itemize |
| |
| Each of these kinds of events (excepting explicit calls to @code{kill} |
| and @code{raise}) generates its own particular kind of signal. The |
| various kinds of signals are listed and described in detail in |
| @ref{Standard Signals}. |
| |
| @node Signal Generation |
| @subsection Concepts of Signal Generation |
| @cindex generation of signals |
| |
| In general, the events that generate signals fall into three major |
| categories: errors, external events, and explicit requests. |
| |
| An error means that a program has done something invalid and cannot |
| continue execution. But not all kinds of errors generate signals---in |
| fact, most do not. For example, opening a nonexistent file is an error, |
| but it does not raise a signal; instead, @code{open} returns @code{-1}. |
| In general, errors that are necessarily associated with certain library |
| functions are reported by returning a value that indicates an error. |
| The errors which raise signals are those which can happen anywhere in |
| the program, not just in library calls. These include division by zero |
| and invalid memory addresses. |
| |
| An external event generally has to do with I/O or other processes. |
| These include the arrival of input, the expiration of a timer, and the |
| termination of a child process. |
| |
| An explicit request means the use of a library function such as |
| @code{kill} whose purpose is specifically to generate a signal. |
| |
| Signals may be generated @dfn{synchronously} or @dfn{asynchronously}. A |
| synchronous signal pertains to a specific action in the program, and is |
| delivered (unless blocked) during that action. Most errors generate |
| signals synchronously, and so do explicit requests by a process to |
| generate a signal for that same process. On some machines, certain |
| kinds of hardware errors (usually floating-point exceptions) are not |
| reported completely synchronously, but may arrive a few instructions |
| later. |
| |
| Asynchronous signals are generated by events outside the control of the |
| process that receives them. These signals arrive at unpredictable times |
| during execution. External events generate signals asynchronously, and |
| so do explicit requests that apply to some other process. |
| |
| A given type of signal is either typically synchronous or typically |
| asynchronous. For example, signals for errors are typically synchronous |
| because errors generate signals synchronously. But any type of signal |
| can be generated synchronously or asynchronously with an explicit |
| request. |
| |
| @node Delivery of Signal |
| @subsection How Signals Are Delivered |
| @cindex delivery of signals |
| @cindex pending signals |
| @cindex blocked signals |
| |
| When a signal is generated, it becomes @dfn{pending}. Normally it |
| remains pending for just a short period of time and then is |
| @dfn{delivered} to the process that was signaled. However, if that kind |
| of signal is currently @dfn{blocked}, it may remain pending |
| indefinitely---until signals of that kind are @dfn{unblocked}. Once |
| unblocked, it will be delivered immediately. @xref{Blocking Signals}. |
| |
| @cindex specified action (for a signal) |
| @cindex default action (for a signal) |
| @cindex signal action |
| @cindex catching signals |
| When the signal is delivered, whether right away or after a long delay, |
| the @dfn{specified action} for that signal is taken. For certain |
| signals, such as @code{SIGKILL} and @code{SIGSTOP}, the action is fixed, |
| but for most signals, the program has a choice: ignore the signal, |
| specify a @dfn{handler function}, or accept the @dfn{default action} for |
| that kind of signal. The program specifies its choice using functions |
| such as @code{signal} or @code{sigaction} (@pxref{Signal Actions}). We |
| sometimes say that a handler @dfn{catches} the signal. While the |
| handler is running, that particular signal is normally blocked. |
| |
| If the specified action for a kind of signal is to ignore it, then any |
| such signal which is generated is discarded immediately. This happens |
| even if the signal is also blocked at the time. A signal discarded in |
| this way will never be delivered, not even if the program subsequently |
| specifies a different action for that kind of signal and then unblocks |
| it. |
| |
| If a signal arrives which the program has neither handled nor ignored, |
| its @dfn{default action} takes place. Each kind of signal has its own |
| default action, documented below (@pxref{Standard Signals}). For most kinds |
| of signals, the default action is to terminate the process. For certain |
| kinds of signals that represent ``harmless'' events, the default action |
| is to do nothing. |
| |
| When a signal terminates a process, its parent process can determine the |
| cause of termination by examining the termination status code reported |
| by the @code{wait} or @code{waitpid} functions. (This is discussed in |
| more detail in @ref{Process Completion}.) The information it can get |
| includes the fact that termination was due to a signal and the kind of |
| signal involved. If a program you run from a shell is terminated by a |
| signal, the shell typically prints some kind of error message. |
| |
| The signals that normally represent program errors have a special |
| property: when one of these signals terminates the process, it also |
| writes a @dfn{core dump file} which records the state of the process at |
| the time of termination. You can examine the core dump with a debugger |
| to investigate what caused the error. |
| |
| If you raise a ``program error'' signal by explicit request, and this |
| terminates the process, it makes a core dump file just as if the signal |
| had been due directly to an error. |
| |
| @node Standard Signals |
| @section Standard Signals |
| @cindex signal names |
| @cindex names of signals |
| |
| @pindex signal.h |
| @cindex signal number |
| This section lists the names for various standard kinds of signals and |
| describes what kind of event they mean. Each signal name is a macro |
| which stands for a positive integer---the @dfn{signal number} for that |
| kind of signal. Your programs should never make assumptions about the |
| numeric code for a particular kind of signal, but rather refer to them |
| always by the names defined here. This is because the number for a |
| given kind of signal can vary from system to system, but the meanings of |
| the names are standardized and fairly uniform. |
| |
| The signal names are defined in the header file @file{signal.h}. |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int NSIG |
| The value of this symbolic constant is the total number of signals |
| defined. Since the signal numbers are allocated consecutively, |
| @code{NSIG} is also one greater than the largest defined signal number. |
| @end deftypevr |
| |
| @menu |
| * Program Error Signals:: Used to report serious program errors. |
| * Termination Signals:: Used to interrupt and/or terminate the |
| program. |
| * Alarm Signals:: Used to indicate expiration of timers. |
| * Asynchronous I/O Signals:: Used to indicate input is available. |
| * Job Control Signals:: Signals used to support job control. |
| * Operation Error Signals:: Used to report operational system errors. |
| * Miscellaneous Signals:: Miscellaneous Signals. |
| * Signal Messages:: Printing a message describing a signal. |
| @end menu |
| |
| @node Program Error Signals |
| @subsection Program Error Signals |
| @cindex program error signals |
| |
| The following signals are generated when a serious program error is |
| detected by the operating system or the computer itself. In general, |
| all of these signals are indications that your program is seriously |
| broken in some way, and there's usually no way to continue the |
| computation which encountered the error. |
| |
| Some programs handle program error signals in order to tidy up before |
| terminating; for example, programs that turn off echoing of terminal |
| input should handle program error signals in order to turn echoing back |
| on. The handler should end by specifying the default action for the |
| signal that happened and then reraising it; this will cause the program |
| to terminate with that signal, as if it had not had a handler. |
| (@xref{Termination in Handler}.) |
| |
| Termination is the sensible ultimate outcome from a program error in |
| most programs. However, programming systems such as Lisp that can load |
| compiled user programs might need to keep executing even if a user |
| program incurs an error. These programs have handlers which use |
| @code{longjmp} to return control to the command level. |
| |
| The default action for all of these signals is to cause the process to |
| terminate. If you block or ignore these signals or establish handlers |
| for them that return normally, your program will probably break horribly |
| when such signals happen, unless they are generated by @code{raise} or |
| @code{kill} instead of a real error. |
| |
| @vindex COREFILE |
| When one of these program error signals terminates a process, it also |
| writes a @dfn{core dump file} which records the state of the process at |
| the time of termination. The core dump file is named @file{core} and is |
| written in whichever directory is current in the process at the time. |
| (On @gnuhurdsystems{}, you can specify the file name for core dumps with |
| the environment variable @code{COREFILE}.) The purpose of core dump |
| files is so that you can examine them with a debugger to investigate |
| what caused the error. |
| |
| @comment signal.h |
| @comment ISO |
| @deftypevr Macro int SIGFPE |
| The @code{SIGFPE} signal reports a fatal arithmetic error. Although the |
| name is derived from ``floating-point exception'', this signal actually |
| covers all arithmetic errors, including division by zero and overflow. |
| If a program stores integer data in a location which is then used in a |
| floating-point operation, this often causes an ``invalid operation'' |
| exception, because the processor cannot recognize the data as a |
| floating-point number. |
| @cindex exception |
| @cindex floating-point exception |
| |
| Actual floating-point exceptions are a complicated subject because there |
| are many types of exceptions with subtly different meanings, and the |
| @code{SIGFPE} signal doesn't distinguish between them. The @cite{IEEE |
| Standard for Binary Floating-Point Arithmetic (ANSI/IEEE Std 754-1985 |
| and ANSI/IEEE Std 854-1987)} |
| defines various floating-point exceptions and requires conforming |
| computer systems to report their occurrences. However, this standard |
| does not specify how the exceptions are reported, or what kinds of |
| handling and control the operating system can offer to the programmer. |
| @end deftypevr |
| |
| BSD systems provide the @code{SIGFPE} handler with an extra argument |
| that distinguishes various causes of the exception. In order to access |
| this argument, you must define the handler to accept two arguments, |
| which means you must cast it to a one-argument function type in order to |
| establish the handler. @Theglibc{} does provide this extra |
| argument, but the value is meaningful only on operating systems that |
| provide the information (BSD systems and @gnusystems{}). |
| |
| @table @code |
| @comment signal.h |
| @comment BSD |
| @item FPE_INTOVF_TRAP |
| @vindex FPE_INTOVF_TRAP |
| Integer overflow (impossible in a C program unless you enable overflow |
| trapping in a hardware-specific fashion). |
| @comment signal.h |
| @comment BSD |
| @item FPE_INTDIV_TRAP |
| @vindex FPE_INTDIV_TRAP |
| Integer division by zero. |
| @comment signal.h |
| @comment BSD |
| @item FPE_SUBRNG_TRAP |
| @vindex FPE_SUBRNG_TRAP |
| Subscript-range (something that C programs never check for). |
| @comment signal.h |
| @comment BSD |
| @item FPE_FLTOVF_TRAP |
| @vindex FPE_FLTOVF_TRAP |
| Floating overflow trap. |
| @comment signal.h |
| @comment BSD |
| @item FPE_FLTDIV_TRAP |
| @vindex FPE_FLTDIV_TRAP |
| Floating/decimal division by zero. |
| @comment signal.h |
| @comment BSD |
| @item FPE_FLTUND_TRAP |
| @vindex FPE_FLTUND_TRAP |
| Floating underflow trap. (Trapping on floating underflow is not |
| normally enabled.) |
| @comment signal.h |
| @comment BSD |
| @item FPE_DECOVF_TRAP |
| @vindex FPE_DECOVF_TRAP |
| Decimal overflow trap. (Only a few machines have decimal arithmetic and |
| C never uses it.) |
| @ignore @c These seem redundant |
| @comment signal.h |
| @comment BSD |
| @item FPE_FLTOVF_FAULT |
| @vindex FPE_FLTOVF_FAULT |
| Floating overflow fault. |
| @comment signal.h |
| @comment BSD |
| @item FPE_FLTDIV_FAULT |
| @vindex FPE_FLTDIV_FAULT |
| Floating divide by zero fault. |
| @comment signal.h |
| @comment BSD |
| @item FPE_FLTUND_FAULT |
| @vindex FPE_FLTUND_FAULT |
| Floating underflow fault. |
| @end ignore |
| @end table |
| |
| @comment signal.h |
| @comment ISO |
| @deftypevr Macro int SIGILL |
| The name of this signal is derived from ``illegal instruction''; it |
| usually means your program is trying to execute garbage or a privileged |
| instruction. Since the C compiler generates only valid instructions, |
| @code{SIGILL} typically indicates that the executable file is corrupted, |
| or that you are trying to execute data. Some common ways of getting |
| into the latter situation are by passing an invalid object where a |
| pointer to a function was expected, or by writing past the end of an |
| automatic array (or similar problems with pointers to automatic |
| variables) and corrupting other data on the stack such as the return |
| address of a stack frame. |
| |
| @code{SIGILL} can also be generated when the stack overflows, or when |
| the system has trouble running the handler for a signal. |
| @end deftypevr |
| @cindex illegal instruction |
| |
| @comment signal.h |
| @comment ISO |
| @deftypevr Macro int SIGSEGV |
| @cindex segmentation violation |
| This signal is generated when a program tries to read or write outside |
| the memory that is allocated for it, or to write memory that can only be |
| read. (Actually, the signals only occur when the program goes far |
| enough outside to be detected by the system's memory protection |
| mechanism.) The name is an abbreviation for ``segmentation violation''. |
| |
| Common ways of getting a @code{SIGSEGV} condition include dereferencing |
| a null or uninitialized pointer, or when you use a pointer to step |
| through an array, but fail to check for the end of the array. It varies |
| among systems whether dereferencing a null pointer generates |
| @code{SIGSEGV} or @code{SIGBUS}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGBUS |
| This signal is generated when an invalid pointer is dereferenced. Like |
| @code{SIGSEGV}, this signal is typically the result of dereferencing an |
| uninitialized pointer. The difference between the two is that |
| @code{SIGSEGV} indicates an invalid access to valid memory, while |
| @code{SIGBUS} indicates an access to an invalid address. In particular, |
| @code{SIGBUS} signals often result from dereferencing a misaligned |
| pointer, such as referring to a four-word integer at an address not |
| divisible by four. (Each kind of computer has its own requirements for |
| address alignment.) |
| |
| The name of this signal is an abbreviation for ``bus error''. |
| @end deftypevr |
| @cindex bus error |
| |
| @comment signal.h |
| @comment ISO |
| @deftypevr Macro int SIGABRT |
| @cindex abort signal |
| This signal indicates an error detected by the program itself and |
| reported by calling @code{abort}. @xref{Aborting a Program}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment Unix |
| @deftypevr Macro int SIGIOT |
| Generated by the PDP-11 ``iot'' instruction. On most machines, this is |
| just another name for @code{SIGABRT}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGTRAP |
| Generated by the machine's breakpoint instruction, and possibly other |
| trap instructions. This signal is used by debuggers. Your program will |
| probably only see @code{SIGTRAP} if it is somehow executing bad |
| instructions. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGEMT |
| Emulator trap; this results from certain unimplemented instructions |
| which might be emulated in software, or the operating system's |
| failure to properly emulate them. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment Unix |
| @deftypevr Macro int SIGSYS |
| Bad system call; that is to say, the instruction to trap to the |
| operating system was executed, but the code number for the system call |
| to perform was invalid. |
| @end deftypevr |
| |
| @node Termination Signals |
| @subsection Termination Signals |
| @cindex program termination signals |
| |
| These signals are all used to tell a process to terminate, in one way |
| or another. They have different names because they're used for slightly |
| different purposes, and programs might want to handle them differently. |
| |
| The reason for handling these signals is usually so your program can |
| tidy up as appropriate before actually terminating. For example, you |
| might want to save state information, delete temporary files, or restore |
| the previous terminal modes. Such a handler should end by specifying |
| the default action for the signal that happened and then reraising it; |
| this will cause the program to terminate with that signal, as if it had |
| not had a handler. (@xref{Termination in Handler}.) |
| |
| The (obvious) default action for all of these signals is to cause the |
| process to terminate. |
| |
| @comment signal.h |
| @comment ISO |
| @deftypevr Macro int SIGTERM |
| @cindex termination signal |
| The @code{SIGTERM} signal is a generic signal used to cause program |
| termination. Unlike @code{SIGKILL}, this signal can be blocked, |
| handled, and ignored. It is the normal way to politely ask a program to |
| terminate. |
| |
| The shell command @code{kill} generates @code{SIGTERM} by default. |
| @pindex kill |
| @end deftypevr |
| |
| @comment signal.h |
| @comment ISO |
| @deftypevr Macro int SIGINT |
| @cindex interrupt signal |
| The @code{SIGINT} (``program interrupt'') signal is sent when the user |
| types the INTR character (normally @kbd{C-c}). @xref{Special |
| Characters}, for information about terminal driver support for |
| @kbd{C-c}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGQUIT |
| @cindex quit signal |
| @cindex quit signal |
| The @code{SIGQUIT} signal is similar to @code{SIGINT}, except that it's |
| controlled by a different key---the QUIT character, usually |
| @kbd{C-\}---and produces a core dump when it terminates the process, |
| just like a program error signal. You can think of this as a |
| program error condition ``detected'' by the user. |
| |
| @xref{Program Error Signals}, for information about core dumps. |
| @xref{Special Characters}, for information about terminal driver |
| support. |
| |
| Certain kinds of cleanups are best omitted in handling @code{SIGQUIT}. |
| For example, if the program creates temporary files, it should handle |
| the other termination requests by deleting the temporary files. But it |
| is better for @code{SIGQUIT} not to delete them, so that the user can |
| examine them in conjunction with the core dump. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGKILL |
| The @code{SIGKILL} signal is used to cause immediate program termination. |
| It cannot be handled or ignored, and is therefore always fatal. It is |
| also not possible to block this signal. |
| |
| This signal is usually generated only by explicit request. Since it |
| cannot be handled, you should generate it only as a last resort, after |
| first trying a less drastic method such as @kbd{C-c} or @code{SIGTERM}. |
| If a process does not respond to any other termination signals, sending |
| it a @code{SIGKILL} signal will almost always cause it to go away. |
| |
| In fact, if @code{SIGKILL} fails to terminate a process, that by itself |
| constitutes an operating system bug which you should report. |
| |
| The system will generate @code{SIGKILL} for a process itself under some |
| unusual conditions where the program cannot possibly continue to run |
| (even to run a signal handler). |
| @end deftypevr |
| @cindex kill signal |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGHUP |
| @cindex hangup signal |
| The @code{SIGHUP} (``hang-up'') signal is used to report that the user's |
| terminal is disconnected, perhaps because a network or telephone |
| connection was broken. For more information about this, see @ref{Control |
| Modes}. |
| |
| This signal is also used to report the termination of the controlling |
| process on a terminal to jobs associated with that session; this |
| termination effectively disconnects all processes in the session from |
| the controlling terminal. For more information, see @ref{Termination |
| Internals}. |
| @end deftypevr |
| |
| @node Alarm Signals |
| @subsection Alarm Signals |
| |
| These signals are used to indicate the expiration of timers. |
| @xref{Setting an Alarm}, for information about functions that cause |
| these signals to be sent. |
| |
| The default behavior for these signals is to cause program termination. |
| This default is rarely useful, but no other default would be useful; |
| most of the ways of using these signals would require handler functions |
| in any case. |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGALRM |
| This signal typically indicates expiration of a timer that measures real |
| or clock time. It is used by the @code{alarm} function, for example. |
| @end deftypevr |
| @cindex alarm signal |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGVTALRM |
| This signal typically indicates expiration of a timer that measures CPU |
| time used by the current process. The name is an abbreviation for |
| ``virtual time alarm''. |
| @end deftypevr |
| @cindex virtual time alarm signal |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGPROF |
| This signal typically indicates expiration of a timer that measures |
| both CPU time used by the current process, and CPU time expended on |
| behalf of the process by the system. Such a timer is used to implement |
| code profiling facilities, hence the name of this signal. |
| @end deftypevr |
| @cindex profiling alarm signal |
| |
| |
| @node Asynchronous I/O Signals |
| @subsection Asynchronous I/O Signals |
| |
| The signals listed in this section are used in conjunction with |
| asynchronous I/O facilities. You have to take explicit action by |
| calling @code{fcntl} to enable a particular file descriptor to generate |
| these signals (@pxref{Interrupt Input}). The default action for these |
| signals is to ignore them. |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGIO |
| @cindex input available signal |
| @cindex output possible signal |
| This signal is sent when a file descriptor is ready to perform input |
| or output. |
| |
| On most operating systems, terminals and sockets are the only kinds of |
| files that can generate @code{SIGIO}; other kinds, including ordinary |
| files, never generate @code{SIGIO} even if you ask them to. |
| |
| On @gnusystems{} @code{SIGIO} will always be generated properly |
| if you successfully set asynchronous mode with @code{fcntl}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGURG |
| @cindex urgent data signal |
| This signal is sent when ``urgent'' or out-of-band data arrives on a |
| socket. @xref{Out-of-Band Data}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment SVID |
| @deftypevr Macro int SIGPOLL |
| This is a System V signal name, more or less similar to @code{SIGIO}. |
| It is defined only for compatibility. |
| @end deftypevr |
| |
| @node Job Control Signals |
| @subsection Job Control Signals |
| @cindex job control signals |
| |
| These signals are used to support job control. If your system |
| doesn't support job control, then these macros are defined but the |
| signals themselves can't be raised or handled. |
| |
| You should generally leave these signals alone unless you really |
| understand how job control works. @xref{Job Control}. |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGCHLD |
| @cindex child process signal |
| This signal is sent to a parent process whenever one of its child |
| processes terminates or stops. |
| |
| The default action for this signal is to ignore it. If you establish a |
| handler for this signal while there are child processes that have |
| terminated but not reported their status via @code{wait} or |
| @code{waitpid} (@pxref{Process Completion}), whether your new handler |
| applies to those processes or not depends on the particular operating |
| system. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment SVID |
| @deftypevr Macro int SIGCLD |
| This is an obsolete name for @code{SIGCHLD}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGCONT |
| @cindex continue signal |
| You can send a @code{SIGCONT} signal to a process to make it continue. |
| This signal is special---it always makes the process continue if it is |
| stopped, before the signal is delivered. The default behavior is to do |
| nothing else. You cannot block this signal. You can set a handler, but |
| @code{SIGCONT} always makes the process continue regardless. |
| |
| Most programs have no reason to handle @code{SIGCONT}; they simply |
| resume execution without realizing they were ever stopped. You can use |
| a handler for @code{SIGCONT} to make a program do something special when |
| it is stopped and continued---for example, to reprint a prompt when it |
| is suspended while waiting for input. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGSTOP |
| The @code{SIGSTOP} signal stops the process. It cannot be handled, |
| ignored, or blocked. |
| @end deftypevr |
| @cindex stop signal |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGTSTP |
| The @code{SIGTSTP} signal is an interactive stop signal. Unlike |
| @code{SIGSTOP}, this signal can be handled and ignored. |
| |
| Your program should handle this signal if you have a special need to |
| leave files or system tables in a secure state when a process is |
| stopped. For example, programs that turn off echoing should handle |
| @code{SIGTSTP} so they can turn echoing back on before stopping. |
| |
| This signal is generated when the user types the SUSP character |
| (normally @kbd{C-z}). For more information about terminal driver |
| support, see @ref{Special Characters}. |
| @end deftypevr |
| @cindex interactive stop signal |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGTTIN |
| A process cannot read from the user's terminal while it is running |
| as a background job. When any process in a background job tries to |
| read from the terminal, all of the processes in the job are sent a |
| @code{SIGTTIN} signal. The default action for this signal is to |
| stop the process. For more information about how this interacts with |
| the terminal driver, see @ref{Access to the Terminal}. |
| @end deftypevr |
| @cindex terminal input signal |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGTTOU |
| This is similar to @code{SIGTTIN}, but is generated when a process in a |
| background job attempts to write to the terminal or set its modes. |
| Again, the default action is to stop the process. @code{SIGTTOU} is |
| only generated for an attempt to write to the terminal if the |
| @code{TOSTOP} output mode is set; @pxref{Output Modes}. |
| @end deftypevr |
| @cindex terminal output signal |
| |
| While a process is stopped, no more signals can be delivered to it until |
| it is continued, except @code{SIGKILL} signals and (obviously) |
| @code{SIGCONT} signals. The signals are marked as pending, but not |
| delivered until the process is continued. The @code{SIGKILL} signal |
| always causes termination of the process and can't be blocked, handled |
| or ignored. You can ignore @code{SIGCONT}, but it always causes the |
| process to be continued anyway if it is stopped. Sending a |
| @code{SIGCONT} signal to a process causes any pending stop signals for |
| that process to be discarded. Likewise, any pending @code{SIGCONT} |
| signals for a process are discarded when it receives a stop signal. |
| |
| When a process in an orphaned process group (@pxref{Orphaned Process |
| Groups}) receives a @code{SIGTSTP}, @code{SIGTTIN}, or @code{SIGTTOU} |
| signal and does not handle it, the process does not stop. Stopping the |
| process would probably not be very useful, since there is no shell |
| program that will notice it stop and allow the user to continue it. |
| What happens instead depends on the operating system you are using. |
| Some systems may do nothing; others may deliver another signal instead, |
| such as @code{SIGKILL} or @code{SIGHUP}. On @gnuhurdsystems{}, the process |
| dies with @code{SIGKILL}; this avoids the problem of many stopped, |
| orphaned processes lying around the system. |
| |
| @ignore |
| On @gnuhurdsystems{}, it is possible to reattach to the orphaned process |
| group and continue it, so stop signals do stop the process as usual on |
| @gnuhurdsystems{} unless you have requested POSIX compatibility ``till it |
| hurts.'' |
| @end ignore |
| |
| @node Operation Error Signals |
| @subsection Operation Error Signals |
| |
| These signals are used to report various errors generated by an |
| operation done by the program. They do not necessarily indicate a |
| programming error in the program, but an error that prevents an |
| operating system call from completing. The default action for all of |
| them is to cause the process to terminate. |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGPIPE |
| @cindex pipe signal |
| @cindex broken pipe signal |
| Broken pipe. If you use pipes or FIFOs, you have to design your |
| application so that one process opens the pipe for reading before |
| another starts writing. If the reading process never starts, or |
| terminates unexpectedly, writing to the pipe or FIFO raises a |
| @code{SIGPIPE} signal. If @code{SIGPIPE} is blocked, handled or |
| ignored, the offending call fails with @code{EPIPE} instead. |
| |
| Pipes and FIFO special files are discussed in more detail in @ref{Pipes |
| and FIFOs}. |
| |
| Another cause of @code{SIGPIPE} is when you try to output to a socket |
| that isn't connected. @xref{Sending Data}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment GNU |
| @deftypevr Macro int SIGLOST |
| @cindex lost resource signal |
| Resource lost. This signal is generated when you have an advisory lock |
| on an NFS file, and the NFS server reboots and forgets about your lock. |
| |
| On @gnuhurdsystems{}, @code{SIGLOST} is generated when any server program |
| dies unexpectedly. It is usually fine to ignore the signal; whatever |
| call was made to the server that died just returns an error. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGXCPU |
| CPU time limit exceeded. This signal is generated when the process |
| exceeds its soft resource limit on CPU time. @xref{Limits on Resources}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGXFSZ |
| File size limit exceeded. This signal is generated when the process |
| attempts to extend a file so it exceeds the process's soft resource |
| limit on file size. @xref{Limits on Resources}. |
| @end deftypevr |
| |
| @node Miscellaneous Signals |
| @subsection Miscellaneous Signals |
| |
| These signals are used for various other purposes. In general, they |
| will not affect your program unless it explicitly uses them for something. |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SIGUSR1 |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevrx Macro int SIGUSR2 |
| @cindex user signals |
| The @code{SIGUSR1} and @code{SIGUSR2} signals are set aside for you to |
| use any way you want. They're useful for simple interprocess |
| communication, if you write a signal handler for them in the program |
| that receives the signal. |
| |
| There is an example showing the use of @code{SIGUSR1} and @code{SIGUSR2} |
| in @ref{Signaling Another Process}. |
| |
| The default action is to terminate the process. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGWINCH |
| Window size change. This is generated on some systems (including GNU) |
| when the terminal driver's record of the number of rows and columns on |
| the screen is changed. The default action is to ignore it. |
| |
| If a program does full-screen display, it should handle @code{SIGWINCH}. |
| When the signal arrives, it should fetch the new screen size and |
| reformat its display accordingly. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SIGINFO |
| Information request. On 4.4 BSD and @gnuhurdsystems{}, this signal is sent |
| to all the processes in the foreground process group of the controlling |
| terminal when the user types the STATUS character in canonical mode; |
| @pxref{Signal Characters}. |
| |
| If the process is the leader of the process group, the default action is |
| to print some status information about the system and what the process |
| is doing. Otherwise the default is to do nothing. |
| @end deftypevr |
| |
| @node Signal Messages |
| @subsection Signal Messages |
| @cindex signal messages |
| |
| We mentioned above that the shell prints a message describing the signal |
| that terminated a child process. The clean way to print a message |
| describing a signal is to use the functions @code{strsignal} and |
| @code{psignal}. These functions use a signal number to specify which |
| kind of signal to describe. The signal number may come from the |
| termination status of a child process (@pxref{Process Completion}) or it |
| may come from a signal handler in the same process. |
| |
| @comment string.h |
| @comment GNU |
| @deftypefun {char *} strsignal (int @var{signum}) |
| @safety{@prelim{}@mtunsafe{@mtasurace{:strsignal} @mtslocale{}}@asunsafe{@asuinit{} @ascuintl{} @asucorrupt{} @ascuheap{}}@acunsafe{@acuinit{} @acucorrupt{} @acsmem{}}} |
| @c strsignal @mtasurace:strsignal @mtslocale @asuinit @ascuintl @asucorrupt @ascuheap @acucorrupt @acsmem |
| @c uses a static buffer if tsd key creation fails |
| @c [once] init |
| @c libc_key_create ok |
| @c pthread_key_create dup ok |
| @c getbuffer @asucorrupt @ascuheap @acsmem |
| @c libc_getspecific ok |
| @c pthread_getspecific dup ok |
| @c malloc dup @ascuheap @acsmem |
| @c libc_setspecific @asucorrupt @ascuheap @acucorrupt @acsmem |
| @c pthread_setspecific dup @asucorrupt @ascuheap @acucorrupt @acsmem |
| @c snprintf dup @mtslocale @ascuheap @acsmem |
| @c _ @ascuintl |
| This function returns a pointer to a statically-allocated string |
| containing a message describing the signal @var{signum}. You |
| should not modify the contents of this string; and, since it can be |
| rewritten on subsequent calls, you should save a copy of it if you need |
| to reference it later. |
| |
| @pindex string.h |
| This function is a GNU extension, declared in the header file |
| @file{string.h}. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefun void psignal (int @var{signum}, const char *@var{message}) |
| @safety{@prelim{}@mtsafe{@mtslocale{}}@asunsafe{@asucorrupt{} @ascuintl{} @ascuheap{}}@acunsafe{@aculock{} @acucorrupt{} @acsmem{}}} |
| @c psignal @mtslocale @asucorrupt @ascuintl @ascuheap @aculock @acucorrupt @acsmem |
| @c _ @ascuintl |
| @c fxprintf @asucorrupt @aculock @acucorrupt |
| @c asprintf @mtslocale @ascuheap @acsmem |
| @c free dup @ascuheap @acsmem |
| This function prints a message describing the signal @var{signum} to the |
| standard error output stream @code{stderr}; see @ref{Standard Streams}. |
| |
| If you call @code{psignal} with a @var{message} that is either a null |
| pointer or an empty string, @code{psignal} just prints the message |
| corresponding to @var{signum}, adding a trailing newline. |
| |
| If you supply a non-null @var{message} argument, then @code{psignal} |
| prefixes its output with this string. It adds a colon and a space |
| character to separate the @var{message} from the string corresponding |
| to @var{signum}. |
| |
| @pindex stdio.h |
| This function is a BSD feature, declared in the header file @file{signal.h}. |
| @end deftypefun |
| |
| @vindex sys_siglist |
| There is also an array @code{sys_siglist} which contains the messages |
| for the various signal codes. This array exists on BSD systems, unlike |
| @code{strsignal}. |
| |
| @node Signal Actions |
| @section Specifying Signal Actions |
| @cindex signal actions |
| @cindex establishing a handler |
| |
| The simplest way to change the action for a signal is to use the |
| @code{signal} function. You can specify a built-in action (such as to |
| ignore the signal), or you can @dfn{establish a handler}. |
| |
| @Theglibc{} also implements the more versatile @code{sigaction} |
| facility. This section describes both facilities and gives suggestions |
| on which to use when. |
| |
| @menu |
| * Basic Signal Handling:: The simple @code{signal} function. |
| * Advanced Signal Handling:: The more powerful @code{sigaction} function. |
| * Signal and Sigaction:: How those two functions interact. |
| * Sigaction Function Example:: An example of using the sigaction function. |
| * Flags for Sigaction:: Specifying options for signal handling. |
| * Initial Signal Actions:: How programs inherit signal actions. |
| @end menu |
| |
| @node Basic Signal Handling |
| @subsection Basic Signal Handling |
| @cindex @code{signal} function |
| |
| The @code{signal} function provides a simple interface for establishing |
| an action for a particular signal. The function and associated macros |
| are declared in the header file @file{signal.h}. |
| @pindex signal.h |
| |
| @comment signal.h |
| @comment GNU |
| @deftp {Data Type} sighandler_t |
| This is the type of signal handler functions. Signal handlers take one |
| integer argument specifying the signal number, and have return type |
| @code{void}. So, you should define handler functions like this: |
| |
| @smallexample |
| void @var{handler} (int @code{signum}) @{ @dots{} @} |
| @end smallexample |
| |
| The name @code{sighandler_t} for this data type is a GNU extension. |
| @end deftp |
| |
| @comment signal.h |
| @comment ISO |
| @deftypefun sighandler_t signal (int @var{signum}, sighandler_t @var{action}) |
| @safety{@prelim{}@mtsafe{@mtssigintr{}}@assafe{}@acsafe{}} |
| @c signal ok |
| @c sigemptyset dup ok |
| @c sigaddset dup ok |
| @c sigismember dup ok |
| @c sigaction dup ok |
| The @code{signal} function establishes @var{action} as the action for |
| the signal @var{signum}. |
| |
| The first argument, @var{signum}, identifies the signal whose behavior |
| you want to control, and should be a signal number. The proper way to |
| specify a signal number is with one of the symbolic signal names |
| (@pxref{Standard Signals})---don't use an explicit number, because |
| the numerical code for a given kind of signal may vary from operating |
| system to operating system. |
| |
| The second argument, @var{action}, specifies the action to use for the |
| signal @var{signum}. This can be one of the following: |
| |
| @table @code |
| @item SIG_DFL |
| @vindex SIG_DFL |
| @cindex default action for a signal |
| @code{SIG_DFL} specifies the default action for the particular signal. |
| The default actions for various kinds of signals are stated in |
| @ref{Standard Signals}. |
| |
| @item SIG_IGN |
| @vindex SIG_IGN |
| @cindex ignore action for a signal |
| @code{SIG_IGN} specifies that the signal should be ignored. |
| |
| Your program generally should not ignore signals that represent serious |
| events or that are normally used to request termination. You cannot |
| ignore the @code{SIGKILL} or @code{SIGSTOP} signals at all. You can |
| ignore program error signals like @code{SIGSEGV}, but ignoring the error |
| won't enable the program to continue executing meaningfully. Ignoring |
| user requests such as @code{SIGINT}, @code{SIGQUIT}, and @code{SIGTSTP} |
| is unfriendly. |
| |
| When you do not wish signals to be delivered during a certain part of |
| the program, the thing to do is to block them, not ignore them. |
| @xref{Blocking Signals}. |
| |
| @item @var{handler} |
| Supply the address of a handler function in your program, to specify |
| running this handler as the way to deliver the signal. |
| |
| For more information about defining signal handler functions, |
| see @ref{Defining Handlers}. |
| @end table |
| |
| If you set the action for a signal to @code{SIG_IGN}, or if you set it |
| to @code{SIG_DFL} and the default action is to ignore that signal, then |
| any pending signals of that type are discarded (even if they are |
| blocked). Discarding the pending signals means that they will never be |
| delivered, not even if you subsequently specify another action and |
| unblock this kind of signal. |
| |
| The @code{signal} function returns the action that was previously in |
| effect for the specified @var{signum}. You can save this value and |
| restore it later by calling @code{signal} again. |
| |
| If @code{signal} can't honor the request, it returns @code{SIG_ERR} |
| instead. The following @code{errno} error conditions are defined for |
| this function: |
| |
| @table @code |
| @item EINVAL |
| You specified an invalid @var{signum}; or you tried to ignore or provide |
| a handler for @code{SIGKILL} or @code{SIGSTOP}. |
| @end table |
| @end deftypefun |
| |
| @strong{Compatibility Note:} A problem encountered when working with the |
| @code{signal} function is that it has different semantics on BSD and |
| SVID systems. The difference is that on SVID systems the signal handler |
| is deinstalled after signal delivery. On BSD systems the |
| handler must be explicitly deinstalled. In @theglibc{} we use the |
| BSD version by default. To use the SVID version you can either use the |
| function @code{sysv_signal} (see below) or use the @code{_XOPEN_SOURCE} |
| feature select macro (@pxref{Feature Test Macros}). In general, use of these |
| functions should be avoided because of compatibility problems. It |
| is better to use @code{sigaction} if it is available since the results |
| are much more reliable. |
| |
| Here is a simple example of setting up a handler to delete temporary |
| files when certain fatal signals happen: |
| |
| @smallexample |
| #include <signal.h> |
| |
| void |
| termination_handler (int signum) |
| @{ |
| struct temp_file *p; |
| |
| for (p = temp_file_list; p; p = p->next) |
| unlink (p->name); |
| @} |
| |
| int |
| main (void) |
| @{ |
| @dots{} |
| if (signal (SIGINT, termination_handler) == SIG_IGN) |
| signal (SIGINT, SIG_IGN); |
| if (signal (SIGHUP, termination_handler) == SIG_IGN) |
| signal (SIGHUP, SIG_IGN); |
| if (signal (SIGTERM, termination_handler) == SIG_IGN) |
| signal (SIGTERM, SIG_IGN); |
| @dots{} |
| @} |
| @end smallexample |
| |
| @noindent |
| Note that if a given signal was previously set to be ignored, this code |
| avoids altering that setting. This is because non-job-control shells |
| often ignore certain signals when starting children, and it is important |
| for the children to respect this. |
| |
| We do not handle @code{SIGQUIT} or the program error signals in this |
| example because these are designed to provide information for debugging |
| (a core dump), and the temporary files may give useful information. |
| |
| @comment signal.h |
| @comment GNU |
| @deftypefun sighandler_t sysv_signal (int @var{signum}, sighandler_t @var{action}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| @c sysv_signal ok |
| @c sigemptyset dup ok |
| @c sigaction dup ok |
| The @code{sysv_signal} implements the behavior of the standard |
| @code{signal} function as found on SVID systems. The difference to BSD |
| systems is that the handler is deinstalled after a delivery of a signal. |
| |
| @strong{Compatibility Note:} As said above for @code{signal}, this |
| function should be avoided when possible. @code{sigaction} is the |
| preferred method. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment SVID |
| @deftypefun sighandler_t ssignal (int @var{signum}, sighandler_t @var{action}) |
| @safety{@prelim{}@mtsafe{@mtssigintr{}}@assafe{}@acsafe{}} |
| @c Aliases signal and bsd_signal. |
| The @code{ssignal} function does the same thing as @code{signal}; it is |
| provided only for compatibility with SVID. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment ISO |
| @deftypevr Macro sighandler_t SIG_ERR |
| The value of this macro is used as the return value from @code{signal} |
| to indicate an error. |
| @end deftypevr |
| |
| @ignore |
| @comment RMS says that ``we don't do this''. |
| Implementations might define additional macros for built-in signal |
| actions that are suitable as a @var{action} argument to @code{signal}, |
| besides @code{SIG_IGN} and @code{SIG_DFL}. Identifiers whose names |
| begin with @samp{SIG_} followed by an uppercase letter are reserved for |
| this purpose. |
| @end ignore |
| |
| |
| @node Advanced Signal Handling |
| @subsection Advanced Signal Handling |
| @cindex @code{sigaction} function |
| |
| The @code{sigaction} function has the same basic effect as |
| @code{signal}: to specify how a signal should be handled by the process. |
| However, @code{sigaction} offers more control, at the expense of more |
| complexity. In particular, @code{sigaction} allows you to specify |
| additional flags to control when the signal is generated and how the |
| handler is invoked. |
| |
| The @code{sigaction} function is declared in @file{signal.h}. |
| @pindex signal.h |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftp {Data Type} {struct sigaction} |
| Structures of type @code{struct sigaction} are used in the |
| @code{sigaction} function to specify all the information about how to |
| handle a particular signal. This structure contains at least the |
| following members: |
| |
| @table @code |
| @item sighandler_t sa_handler |
| This is used in the same way as the @var{action} argument to the |
| @code{signal} function. The value can be @code{SIG_DFL}, |
| @code{SIG_IGN}, or a function pointer. @xref{Basic Signal Handling}. |
| |
| @item sigset_t sa_mask |
| This specifies a set of signals to be blocked while the handler runs. |
| Blocking is explained in @ref{Blocking for Handler}. Note that the |
| signal that was delivered is automatically blocked by default before its |
| handler is started; this is true regardless of the value in |
| @code{sa_mask}. If you want that signal not to be blocked within its |
| handler, you must write code in the handler to unblock it. |
| |
| @item int sa_flags |
| This specifies various flags which can affect the behavior of |
| the signal. These are described in more detail in @ref{Flags for Sigaction}. |
| @end table |
| @end deftp |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigaction (int @var{signum}, const struct sigaction *restrict @var{action}, struct sigaction *restrict @var{old-action}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| The @var{action} argument is used to set up a new action for the signal |
| @var{signum}, while the @var{old-action} argument is used to return |
| information about the action previously associated with this symbol. |
| (In other words, @var{old-action} has the same purpose as the |
| @code{signal} function's return value---you can check to see what the |
| old action in effect for the signal was, and restore it later if you |
| want.) |
| |
| Either @var{action} or @var{old-action} can be a null pointer. If |
| @var{old-action} is a null pointer, this simply suppresses the return |
| of information about the old action. If @var{action} is a null pointer, |
| the action associated with the signal @var{signum} is unchanged; this |
| allows you to inquire about how a signal is being handled without changing |
| that handling. |
| |
| The return value from @code{sigaction} is zero if it succeeds, and |
| @code{-1} on failure. The following @code{errno} error conditions are |
| defined for this function: |
| |
| @table @code |
| @item EINVAL |
| The @var{signum} argument is not valid, or you are trying to |
| trap or ignore @code{SIGKILL} or @code{SIGSTOP}. |
| @end table |
| @end deftypefun |
| |
| @node Signal and Sigaction |
| @subsection Interaction of @code{signal} and @code{sigaction} |
| |
| It's possible to use both the @code{signal} and @code{sigaction} |
| functions within a single program, but you have to be careful because |
| they can interact in slightly strange ways. |
| |
| The @code{sigaction} function specifies more information than the |
| @code{signal} function, so the return value from @code{signal} cannot |
| express the full range of @code{sigaction} possibilities. Therefore, if |
| you use @code{signal} to save and later reestablish an action, it may |
| not be able to reestablish properly a handler that was established with |
| @code{sigaction}. |
| |
| To avoid having problems as a result, always use @code{sigaction} to |
| save and restore a handler if your program uses @code{sigaction} at all. |
| Since @code{sigaction} is more general, it can properly save and |
| reestablish any action, regardless of whether it was established |
| originally with @code{signal} or @code{sigaction}. |
| |
| On some systems if you establish an action with @code{signal} and then |
| examine it with @code{sigaction}, the handler address that you get may |
| not be the same as what you specified with @code{signal}. It may not |
| even be suitable for use as an action argument with @code{signal}. But |
| you can rely on using it as an argument to @code{sigaction}. This |
| problem never happens on @gnusystems{}. |
| |
| So, you're better off using one or the other of the mechanisms |
| consistently within a single program. |
| |
| @strong{Portability Note:} The basic @code{signal} function is a feature |
| of @w{ISO C}, while @code{sigaction} is part of the POSIX.1 standard. If |
| you are concerned about portability to non-POSIX systems, then you |
| should use the @code{signal} function instead. |
| |
| @node Sigaction Function Example |
| @subsection @code{sigaction} Function Example |
| |
| In @ref{Basic Signal Handling}, we gave an example of establishing a |
| simple handler for termination signals using @code{signal}. Here is an |
| equivalent example using @code{sigaction}: |
| |
| @smallexample |
| #include <signal.h> |
| |
| void |
| termination_handler (int signum) |
| @{ |
| struct temp_file *p; |
| |
| for (p = temp_file_list; p; p = p->next) |
| unlink (p->name); |
| @} |
| |
| int |
| main (void) |
| @{ |
| @dots{} |
| struct sigaction new_action, old_action; |
| |
| /* @r{Set up the structure to specify the new action.} */ |
| new_action.sa_handler = termination_handler; |
| sigemptyset (&new_action.sa_mask); |
| new_action.sa_flags = 0; |
| |
| sigaction (SIGINT, NULL, &old_action); |
| if (old_action.sa_handler != SIG_IGN) |
| sigaction (SIGINT, &new_action, NULL); |
| sigaction (SIGHUP, NULL, &old_action); |
| if (old_action.sa_handler != SIG_IGN) |
| sigaction (SIGHUP, &new_action, NULL); |
| sigaction (SIGTERM, NULL, &old_action); |
| if (old_action.sa_handler != SIG_IGN) |
| sigaction (SIGTERM, &new_action, NULL); |
| @dots{} |
| @} |
| @end smallexample |
| |
| The program just loads the @code{new_action} structure with the desired |
| parameters and passes it in the @code{sigaction} call. The usage of |
| @code{sigemptyset} is described later; see @ref{Blocking Signals}. |
| |
| As in the example using @code{signal}, we avoid handling signals |
| previously set to be ignored. Here we can avoid altering the signal |
| handler even momentarily, by using the feature of @code{sigaction} that |
| lets us examine the current action without specifying a new one. |
| |
| Here is another example. It retrieves information about the current |
| action for @code{SIGINT} without changing that action. |
| |
| @smallexample |
| struct sigaction query_action; |
| |
| if (sigaction (SIGINT, NULL, &query_action) < 0) |
| /* @r{@code{sigaction} returns -1 in case of error.} */ |
| else if (query_action.sa_handler == SIG_DFL) |
| /* @r{@code{SIGINT} is handled in the default, fatal manner.} */ |
| else if (query_action.sa_handler == SIG_IGN) |
| /* @r{@code{SIGINT} is ignored.} */ |
| else |
| /* @r{A programmer-defined signal handler is in effect.} */ |
| @end smallexample |
| |
| @node Flags for Sigaction |
| @subsection Flags for @code{sigaction} |
| @cindex signal flags |
| @cindex flags for @code{sigaction} |
| @cindex @code{sigaction} flags |
| |
| The @code{sa_flags} member of the @code{sigaction} structure is a |
| catch-all for special features. Most of the time, @code{SA_RESTART} is |
| a good value to use for this field. |
| |
| The value of @code{sa_flags} is interpreted as a bit mask. Thus, you |
| should choose the flags you want to set, @sc{or} those flags together, |
| and store the result in the @code{sa_flags} member of your |
| @code{sigaction} structure. |
| |
| Each signal number has its own set of flags. Each call to |
| @code{sigaction} affects one particular signal number, and the flags |
| that you specify apply only to that particular signal. |
| |
| In @theglibc{}, establishing a handler with @code{signal} sets all |
| the flags to zero except for @code{SA_RESTART}, whose value depends on |
| the settings you have made with @code{siginterrupt}. @xref{Interrupted |
| Primitives}, to see what this is about. |
| |
| @pindex signal.h |
| These macros are defined in the header file @file{signal.h}. |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypevr Macro int SA_NOCLDSTOP |
| This flag is meaningful only for the @code{SIGCHLD} signal. When the |
| flag is set, the system delivers the signal for a terminated child |
| process but not for one that is stopped. By default, @code{SIGCHLD} is |
| delivered for both terminated children and stopped children. |
| |
| Setting this flag for a signal other than @code{SIGCHLD} has no effect. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SA_ONSTACK |
| If this flag is set for a particular signal number, the system uses the |
| signal stack when delivering that kind of signal. @xref{Signal Stack}. |
| If a signal with this flag arrives and you have not set a signal stack, |
| the system terminates the program with @code{SIGILL}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SA_RESTART |
| This flag controls what happens when a signal is delivered during |
| certain primitives (such as @code{open}, @code{read} or @code{write}), |
| and the signal handler returns normally. There are two alternatives: |
| the library function can resume, or it can return failure with error |
| code @code{EINTR}. |
| |
| The choice is controlled by the @code{SA_RESTART} flag for the |
| particular kind of signal that was delivered. If the flag is set, |
| returning from a handler resumes the library function. If the flag is |
| clear, returning from a handler makes the function fail. |
| @xref{Interrupted Primitives}. |
| @end deftypevr |
| |
| @node Initial Signal Actions |
| @subsection Initial Signal Actions |
| @cindex initial signal actions |
| |
| When a new process is created (@pxref{Creating a Process}), it inherits |
| handling of signals from its parent process. However, when you load a |
| new process image using the @code{exec} function (@pxref{Executing a |
| File}), any signals that you've defined your own handlers for revert to |
| their @code{SIG_DFL} handling. (If you think about it a little, this |
| makes sense; the handler functions from the old program are specific to |
| that program, and aren't even present in the address space of the new |
| program image.) Of course, the new program can establish its own |
| handlers. |
| |
| When a program is run by a shell, the shell normally sets the initial |
| actions for the child process to @code{SIG_DFL} or @code{SIG_IGN}, as |
| appropriate. It's a good idea to check to make sure that the shell has |
| not set up an initial action of @code{SIG_IGN} before you establish your |
| own signal handlers. |
| |
| Here is an example of how to establish a handler for @code{SIGHUP}, but |
| not if @code{SIGHUP} is currently ignored: |
| |
| @smallexample |
| @group |
| @dots{} |
| struct sigaction temp; |
| |
| sigaction (SIGHUP, NULL, &temp); |
| |
| if (temp.sa_handler != SIG_IGN) |
| @{ |
| temp.sa_handler = handle_sighup; |
| sigemptyset (&temp.sa_mask); |
| sigaction (SIGHUP, &temp, NULL); |
| @} |
| @end group |
| @end smallexample |
| |
| @node Defining Handlers |
| @section Defining Signal Handlers |
| @cindex signal handler function |
| |
| This section describes how to write a signal handler function that can |
| be established with the @code{signal} or @code{sigaction} functions. |
| |
| A signal handler is just a function that you compile together with the |
| rest of the program. Instead of directly invoking the function, you use |
| @code{signal} or @code{sigaction} to tell the operating system to call |
| it when a signal arrives. This is known as @dfn{establishing} the |
| handler. @xref{Signal Actions}. |
| |
| There are two basic strategies you can use in signal handler functions: |
| |
| @itemize @bullet |
| @item |
| You can have the handler function note that the signal arrived by |
| tweaking some global data structures, and then return normally. |
| |
| @item |
| You can have the handler function terminate the program or transfer |
| control to a point where it can recover from the situation that caused |
| the signal. |
| @end itemize |
| |
| You need to take special care in writing handler functions because they |
| can be called asynchronously. That is, a handler might be called at any |
| point in the program, unpredictably. If two signals arrive during a |
| very short interval, one handler can run within another. This section |
| describes what your handler should do, and what you should avoid. |
| |
| @menu |
| * Handler Returns:: Handlers that return normally, and what |
| this means. |
| * Termination in Handler:: How handler functions terminate a program. |
| * Longjmp in Handler:: Nonlocal transfer of control out of a |
| signal handler. |
| * Signals in Handler:: What happens when signals arrive while |
| the handler is already occupied. |
| * Merged Signals:: When a second signal arrives before the |
| first is handled. |
| * Nonreentrancy:: Do not call any functions unless you know they |
| are reentrant with respect to signals. |
| * Atomic Data Access:: A single handler can run in the middle of |
| reading or writing a single object. |
| @end menu |
| |
| @node Handler Returns |
| @subsection Signal Handlers that Return |
| |
| Handlers which return normally are usually used for signals such as |
| @code{SIGALRM} and the I/O and interprocess communication signals. But |
| a handler for @code{SIGINT} might also return normally after setting a |
| flag that tells the program to exit at a convenient time. |
| |
| It is not safe to return normally from the handler for a program error |
| signal, because the behavior of the program when the handler function |
| returns is not defined after a program error. @xref{Program Error |
| Signals}. |
| |
| Handlers that return normally must modify some global variable in order |
| to have any effect. Typically, the variable is one that is examined |
| periodically by the program during normal operation. Its data type |
| should be @code{sig_atomic_t} for reasons described in @ref{Atomic |
| Data Access}. |
| |
| Here is a simple example of such a program. It executes the body of |
| the loop until it has noticed that a @code{SIGALRM} signal has arrived. |
| This technique is useful because it allows the iteration in progress |
| when the signal arrives to complete before the loop exits. |
| |
| @smallexample |
| @include sigh1.c.texi |
| @end smallexample |
| |
| @node Termination in Handler |
| @subsection Handlers That Terminate the Process |
| |
| Handler functions that terminate the program are typically used to cause |
| orderly cleanup or recovery from program error signals and interactive |
| interrupts. |
| |
| The cleanest way for a handler to terminate the process is to raise the |
| same signal that ran the handler in the first place. Here is how to do |
| this: |
| |
| @smallexample |
| volatile sig_atomic_t fatal_error_in_progress = 0; |
| |
| void |
| fatal_error_signal (int sig) |
| @{ |
| @group |
| /* @r{Since this handler is established for more than one kind of signal, } |
| @r{it might still get invoked recursively by delivery of some other kind} |
| @r{of signal. Use a static variable to keep track of that.} */ |
| if (fatal_error_in_progress) |
| raise (sig); |
| fatal_error_in_progress = 1; |
| @end group |
| |
| @group |
| /* @r{Now do the clean up actions:} |
| @r{- reset terminal modes} |
| @r{- kill child processes} |
| @r{- remove lock files} */ |
| @dots{} |
| @end group |
| |
| @group |
| /* @r{Now reraise the signal. We reactivate the signal's} |
| @r{default handling, which is to terminate the process.} |
| @r{We could just call @code{exit} or @code{abort},} |
| @r{but reraising the signal sets the return status} |
| @r{from the process correctly.} */ |
| signal (sig, SIG_DFL); |
| raise (sig); |
| @} |
| @end group |
| @end smallexample |
| |
| @node Longjmp in Handler |
| @subsection Nonlocal Control Transfer in Handlers |
| @cindex non-local exit, from signal handler |
| |
| You can do a nonlocal transfer of control out of a signal handler using |
| the @code{setjmp} and @code{longjmp} facilities (@pxref{Non-Local |
| Exits}). |
| |
| When the handler does a nonlocal control transfer, the part of the |
| program that was running will not continue. If this part of the program |
| was in the middle of updating an important data structure, the data |
| structure will remain inconsistent. Since the program does not |
| terminate, the inconsistency is likely to be noticed later on. |
| |
| There are two ways to avoid this problem. One is to block the signal |
| for the parts of the program that update important data structures. |
| Blocking the signal delays its delivery until it is unblocked, once the |
| critical updating is finished. @xref{Blocking Signals}. |
| |
| The other way is to re-initialize the crucial data structures in the |
| signal handler, or to make their values consistent. |
| |
| Here is a rather schematic example showing the reinitialization of one |
| global variable. |
| |
| @smallexample |
| @group |
| #include <signal.h> |
| #include <setjmp.h> |
| |
| jmp_buf return_to_top_level; |
| |
| volatile sig_atomic_t waiting_for_input; |
| |
| void |
| handle_sigint (int signum) |
| @{ |
| /* @r{We may have been waiting for input when the signal arrived,} |
| @r{but we are no longer waiting once we transfer control.} */ |
| waiting_for_input = 0; |
| longjmp (return_to_top_level, 1); |
| @} |
| @end group |
| |
| @group |
| int |
| main (void) |
| @{ |
| @dots{} |
| signal (SIGINT, sigint_handler); |
| @dots{} |
| while (1) @{ |
| prepare_for_command (); |
| if (setjmp (return_to_top_level) == 0) |
| read_and_execute_command (); |
| @} |
| @} |
| @end group |
| |
| @group |
| /* @r{Imagine this is a subroutine used by various commands.} */ |
| char * |
| read_data () |
| @{ |
| if (input_from_terminal) @{ |
| waiting_for_input = 1; |
| @dots{} |
| waiting_for_input = 0; |
| @} else @{ |
| @dots{} |
| @} |
| @} |
| @end group |
| @end smallexample |
| |
| |
| @node Signals in Handler |
| @subsection Signals Arriving While a Handler Runs |
| @cindex race conditions, relating to signals |
| |
| What happens if another signal arrives while your signal handler |
| function is running? |
| |
| When the handler for a particular signal is invoked, that signal is |
| automatically blocked until the handler returns. That means that if two |
| signals of the same kind arrive close together, the second one will be |
| held until the first has been handled. (The handler can explicitly |
| unblock the signal using @code{sigprocmask}, if you want to allow more |
| signals of this type to arrive; see @ref{Process Signal Mask}.) |
| |
| However, your handler can still be interrupted by delivery of another |
| kind of signal. To avoid this, you can use the @code{sa_mask} member of |
| the action structure passed to @code{sigaction} to explicitly specify |
| which signals should be blocked while the signal handler runs. These |
| signals are in addition to the signal for which the handler was invoked, |
| and any other signals that are normally blocked by the process. |
| @xref{Blocking for Handler}. |
| |
| When the handler returns, the set of blocked signals is restored to the |
| value it had before the handler ran. So using @code{sigprocmask} inside |
| the handler only affects what signals can arrive during the execution of |
| the handler itself, not what signals can arrive once the handler returns. |
| |
| @strong{Portability Note:} Always use @code{sigaction} to establish a |
| handler for a signal that you expect to receive asynchronously, if you |
| want your program to work properly on System V Unix. On this system, |
| the handling of a signal whose handler was established with |
| @code{signal} automatically sets the signal's action back to |
| @code{SIG_DFL}, and the handler must re-establish itself each time it |
| runs. This practice, while inconvenient, does work when signals cannot |
| arrive in succession. However, if another signal can arrive right away, |
| it may arrive before the handler can re-establish itself. Then the |
| second signal would receive the default handling, which could terminate |
| the process. |
| |
| @node Merged Signals |
| @subsection Signals Close Together Merge into One |
| @cindex handling multiple signals |
| @cindex successive signals |
| @cindex merging of signals |
| |
| If multiple signals of the same type are delivered to your process |
| before your signal handler has a chance to be invoked at all, the |
| handler may only be invoked once, as if only a single signal had |
| arrived. In effect, the signals merge into one. This situation can |
| arise when the signal is blocked, or in a multiprocessing environment |
| where the system is busy running some other processes while the signals |
| are delivered. This means, for example, that you cannot reliably use a |
| signal handler to count signals. The only distinction you can reliably |
| make is whether at least one signal has arrived since a given time in |
| the past. |
| |
| Here is an example of a handler for @code{SIGCHLD} that compensates for |
| the fact that the number of signals received may not equal the number of |
| child processes that generate them. It assumes that the program keeps track |
| of all the child processes with a chain of structures as follows: |
| |
| @smallexample |
| struct process |
| @{ |
| struct process *next; |
| /* @r{The process ID of this child.} */ |
| int pid; |
| /* @r{The descriptor of the pipe or pseudo terminal} |
| @r{on which output comes from this child.} */ |
| int input_descriptor; |
| /* @r{Nonzero if this process has stopped or terminated.} */ |
| sig_atomic_t have_status; |
| /* @r{The status of this child; 0 if running,} |
| @r{otherwise a status value from @code{waitpid}.} */ |
| int status; |
| @}; |
| |
| struct process *process_list; |
| @end smallexample |
| |
| This example also uses a flag to indicate whether signals have arrived |
| since some time in the past---whenever the program last cleared it to |
| zero. |
| |
| @smallexample |
| /* @r{Nonzero means some child's status has changed} |
| @r{so look at @code{process_list} for the details.} */ |
| int process_status_change; |
| @end smallexample |
| |
| Here is the handler itself: |
| |
| @smallexample |
| void |
| sigchld_handler (int signo) |
| @{ |
| int old_errno = errno; |
| |
| while (1) @{ |
| register int pid; |
| int w; |
| struct process *p; |
| |
| /* @r{Keep asking for a status until we get a definitive result.} */ |
| do |
| @{ |
| errno = 0; |
| pid = waitpid (WAIT_ANY, &w, WNOHANG | WUNTRACED); |
| @} |
| while (pid <= 0 && errno == EINTR); |
| |
| if (pid <= 0) @{ |
| /* @r{A real failure means there are no more} |
| @r{stopped or terminated child processes, so return.} */ |
| errno = old_errno; |
| return; |
| @} |
| |
| /* @r{Find the process that signaled us, and record its status.} */ |
| |
| for (p = process_list; p; p = p->next) |
| if (p->pid == pid) @{ |
| p->status = w; |
| /* @r{Indicate that the @code{status} field} |
| @r{has data to look at. We do this only after storing it.} */ |
| p->have_status = 1; |
| |
| /* @r{If process has terminated, stop waiting for its output.} */ |
| if (WIFSIGNALED (w) || WIFEXITED (w)) |
| if (p->input_descriptor) |
| FD_CLR (p->input_descriptor, &input_wait_mask); |
| |
| /* @r{The program should check this flag from time to time} |
| @r{to see if there is any news in @code{process_list}.} */ |
| ++process_status_change; |
| @} |
| |
| /* @r{Loop around to handle all the processes} |
| @r{that have something to tell us.} */ |
| @} |
| @} |
| @end smallexample |
| |
| Here is the proper way to check the flag @code{process_status_change}: |
| |
| @smallexample |
| if (process_status_change) @{ |
| struct process *p; |
| process_status_change = 0; |
| for (p = process_list; p; p = p->next) |
| if (p->have_status) @{ |
| @dots{} @r{Examine @code{p->status}} @dots{} |
| @} |
| @} |
| @end smallexample |
| |
| @noindent |
| It is vital to clear the flag before examining the list; otherwise, if a |
| signal were delivered just before the clearing of the flag, and after |
| the appropriate element of the process list had been checked, the status |
| change would go unnoticed until the next signal arrived to set the flag |
| again. You could, of course, avoid this problem by blocking the signal |
| while scanning the list, but it is much more elegant to guarantee |
| correctness by doing things in the right order. |
| |
| The loop which checks process status avoids examining @code{p->status} |
| until it sees that status has been validly stored. This is to make sure |
| that the status cannot change in the middle of accessing it. Once |
| @code{p->have_status} is set, it means that the child process is stopped |
| or terminated, and in either case, it cannot stop or terminate again |
| until the program has taken notice. @xref{Atomic Usage}, for more |
| information about coping with interruptions during accesses of a |
| variable. |
| |
| Here is another way you can test whether the handler has run since the |
| last time you checked. This technique uses a counter which is never |
| changed outside the handler. Instead of clearing the count, the program |
| remembers the previous value and sees whether it has changed since the |
| previous check. The advantage of this method is that different parts of |
| the program can check independently, each part checking whether there |
| has been a signal since that part last checked. |
| |
| @smallexample |
| sig_atomic_t process_status_change; |
| |
| sig_atomic_t last_process_status_change; |
| |
| @dots{} |
| @{ |
| sig_atomic_t prev = last_process_status_change; |
| last_process_status_change = process_status_change; |
| if (last_process_status_change != prev) @{ |
| struct process *p; |
| for (p = process_list; p; p = p->next) |
| if (p->have_status) @{ |
| @dots{} @r{Examine @code{p->status}} @dots{} |
| @} |
| @} |
| @} |
| @end smallexample |
| |
| @node Nonreentrancy |
| @subsection Signal Handling and Nonreentrant Functions |
| @cindex restrictions on signal handler functions |
| |
| Handler functions usually don't do very much. The best practice is to |
| write a handler that does nothing but set an external variable that the |
| program checks regularly, and leave all serious work to the program. |
| This is best because the handler can be called asynchronously, at |
| unpredictable times---perhaps in the middle of a primitive function, or |
| even between the beginning and the end of a C operator that requires |
| multiple instructions. The data structures being manipulated might |
| therefore be in an inconsistent state when the handler function is |
| invoked. Even copying one @code{int} variable into another can take two |
| instructions on most machines. |
| |
| This means you have to be very careful about what you do in a signal |
| handler. |
| |
| @itemize @bullet |
| @item |
| @cindex @code{volatile} declarations |
| If your handler needs to access any global variables from your program, |
| declare those variables @code{volatile}. This tells the compiler that |
| the value of the variable might change asynchronously, and inhibits |
| certain optimizations that would be invalidated by such modifications. |
| |
| @item |
| @cindex reentrant functions |
| If you call a function in the handler, make sure it is @dfn{reentrant} |
| with respect to signals, or else make sure that the signal cannot |
| interrupt a call to a related function. |
| @end itemize |
| |
| A function can be non-reentrant if it uses memory that is not on the |
| stack. |
| |
| @itemize @bullet |
| @item |
| If a function uses a static variable or a global variable, or a |
| dynamically-allocated object that it finds for itself, then it is |
| non-reentrant and any two calls to the function can interfere. |
| |
| For example, suppose that the signal handler uses @code{gethostbyname}. |
| This function returns its value in a static object, reusing the same |
| object each time. If the signal happens to arrive during a call to |
| @code{gethostbyname}, or even after one (while the program is still |
| using the value), it will clobber the value that the program asked for. |
| |
| However, if the program does not use @code{gethostbyname} or any other |
| function that returns information in the same object, or if it always |
| blocks signals around each use, then you are safe. |
| |
| There are a large number of library functions that return values in a |
| fixed object, always reusing the same object in this fashion, and all of |
| them cause the same problem. Function descriptions in this manual |
| always mention this behavior. |
| |
| @item |
| If a function uses and modifies an object that you supply, then it is |
| potentially non-reentrant; two calls can interfere if they use the same |
| object. |
| |
| This case arises when you do I/O using streams. Suppose that the |
| signal handler prints a message with @code{fprintf}. Suppose that the |
| program was in the middle of an @code{fprintf} call using the same |
| stream when the signal was delivered. Both the signal handler's message |
| and the program's data could be corrupted, because both calls operate on |
| the same data structure---the stream itself. |
| |
| However, if you know that the stream that the handler uses cannot |
| possibly be used by the program at a time when signals can arrive, then |
| you are safe. It is no problem if the program uses some other stream. |
| |
| @item |
| On most systems, @code{malloc} and @code{free} are not reentrant, |
| because they use a static data structure which records what memory |
| blocks are free. As a result, no library functions that allocate or |
| free memory are reentrant. This includes functions that allocate space |
| to store a result. |
| |
| The best way to avoid the need to allocate memory in a handler is to |
| allocate in advance space for signal handlers to use. |
| |
| The best way to avoid freeing memory in a handler is to flag or record |
| the objects to be freed, and have the program check from time to time |
| whether anything is waiting to be freed. But this must be done with |
| care, because placing an object on a chain is not atomic, and if it is |
| interrupted by another signal handler that does the same thing, you |
| could ``lose'' one of the objects. |
| |
| @ignore |
| !!! not true |
| In @theglibc{}, @code{malloc} and @code{free} are safe to use in |
| signal handlers because they block signals. As a result, the library |
| functions that allocate space for a result are also safe in signal |
| handlers. The obstack allocation functions are safe as long as you |
| don't use the same obstack both inside and outside of a signal handler. |
| @end ignore |
| |
| @ignore |
| @comment Once we have r_alloc again add this paragraph. |
| The relocating allocation functions (@pxref{Relocating Allocator}) |
| are certainly not safe to use in a signal handler. |
| @end ignore |
| |
| @item |
| Any function that modifies @code{errno} is non-reentrant, but you can |
| correct for this: in the handler, save the original value of |
| @code{errno} and restore it before returning normally. This prevents |
| errors that occur within the signal handler from being confused with |
| errors from system calls at the point the program is interrupted to run |
| the handler. |
| |
| This technique is generally applicable; if you want to call in a handler |
| a function that modifies a particular object in memory, you can make |
| this safe by saving and restoring that object. |
| |
| @item |
| Merely reading from a memory object is safe provided that you can deal |
| with any of the values that might appear in the object at a time when |
| the signal can be delivered. Keep in mind that assignment to some data |
| types requires more than one instruction, which means that the handler |
| could run ``in the middle of'' an assignment to the variable if its type |
| is not atomic. @xref{Atomic Data Access}. |
| |
| @item |
| Merely writing into a memory object is safe as long as a sudden change |
| in the value, at any time when the handler might run, will not disturb |
| anything. |
| @end itemize |
| |
| @node Atomic Data Access |
| @subsection Atomic Data Access and Signal Handling |
| |
| Whether the data in your application concerns atoms, or mere text, you |
| have to be careful about the fact that access to a single datum is not |
| necessarily @dfn{atomic}. This means that it can take more than one |
| instruction to read or write a single object. In such cases, a signal |
| handler might be invoked in the middle of reading or writing the object. |
| |
| There are three ways you can cope with this problem. You can use data |
| types that are always accessed atomically; you can carefully arrange |
| that nothing untoward happens if an access is interrupted, or you can |
| block all signals around any access that had better not be interrupted |
| (@pxref{Blocking Signals}). |
| |
| @menu |
| * Non-atomic Example:: A program illustrating interrupted access. |
| * Types: Atomic Types. Data types that guarantee no interruption. |
| * Usage: Atomic Usage. Proving that interruption is harmless. |
| @end menu |
| |
| @node Non-atomic Example |
| @subsubsection Problems with Non-Atomic Access |
| |
| Here is an example which shows what can happen if a signal handler runs |
| in the middle of modifying a variable. (Interrupting the reading of a |
| variable can also lead to paradoxical results, but here we only show |
| writing.) |
| |
| @smallexample |
| #include <signal.h> |
| #include <stdio.h> |
| |
| volatile struct two_words @{ int a, b; @} memory; |
| |
| void |
| handler(int signum) |
| @{ |
| printf ("%d,%d\n", memory.a, memory.b); |
| alarm (1); |
| @} |
| |
| @group |
| int |
| main (void) |
| @{ |
| static struct two_words zeros = @{ 0, 0 @}, ones = @{ 1, 1 @}; |
| signal (SIGALRM, handler); |
| memory = zeros; |
| alarm (1); |
| while (1) |
| @{ |
| memory = zeros; |
| memory = ones; |
| @} |
| @} |
| @end group |
| @end smallexample |
| |
| This program fills @code{memory} with zeros, ones, zeros, ones, |
| alternating forever; meanwhile, once per second, the alarm signal handler |
| prints the current contents. (Calling @code{printf} in the handler is |
| safe in this program because it is certainly not being called outside |
| the handler when the signal happens.) |
| |
| Clearly, this program can print a pair of zeros or a pair of ones. But |
| that's not all it can do! On most machines, it takes several |
| instructions to store a new value in @code{memory}, and the value is |
| stored one word at a time. If the signal is delivered in between these |
| instructions, the handler might find that @code{memory.a} is zero and |
| @code{memory.b} is one (or vice versa). |
| |
| On some machines it may be possible to store a new value in |
| @code{memory} with just one instruction that cannot be interrupted. On |
| these machines, the handler will always print two zeros or two ones. |
| |
| @node Atomic Types |
| @subsubsection Atomic Types |
| |
| To avoid uncertainty about interrupting access to a variable, you can |
| use a particular data type for which access is always atomic: |
| @code{sig_atomic_t}. Reading and writing this data type is guaranteed |
| to happen in a single instruction, so there's no way for a handler to |
| run ``in the middle'' of an access. |
| |
| The type @code{sig_atomic_t} is always an integer data type, but which |
| one it is, and how many bits it contains, may vary from machine to |
| machine. |
| |
| @comment signal.h |
| @comment ISO |
| @deftp {Data Type} sig_atomic_t |
| This is an integer data type. Objects of this type are always accessed |
| atomically. |
| @end deftp |
| |
| In practice, you can assume that @code{int} is atomic. |
| You can also assume that pointer |
| types are atomic; that is very convenient. Both of these assumptions |
| are true on all of the machines that @theglibc{} supports and on |
| all POSIX systems we know of. |
| @c ??? This might fail on a 386 that uses 64-bit pointers. |
| |
| @node Atomic Usage |
| @subsubsection Atomic Usage Patterns |
| |
| Certain patterns of access avoid any problem even if an access is |
| interrupted. For example, a flag which is set by the handler, and |
| tested and cleared by the main program from time to time, is always safe |
| even if access actually requires two instructions. To show that this is |
| so, we must consider each access that could be interrupted, and show |
| that there is no problem if it is interrupted. |
| |
| An interrupt in the middle of testing the flag is safe because either it's |
| recognized to be nonzero, in which case the precise value doesn't |
| matter, or it will be seen to be nonzero the next time it's tested. |
| |
| An interrupt in the middle of clearing the flag is no problem because |
| either the value ends up zero, which is what happens if a signal comes |
| in just before the flag is cleared, or the value ends up nonzero, and |
| subsequent events occur as if the signal had come in just after the flag |
| was cleared. As long as the code handles both of these cases properly, |
| it can also handle a signal in the middle of clearing the flag. (This |
| is an example of the sort of reasoning you need to do to figure out |
| whether non-atomic usage is safe.) |
| |
| Sometimes you can insure uninterrupted access to one object by |
| protecting its use with another object, perhaps one whose type |
| guarantees atomicity. @xref{Merged Signals}, for an example. |
| |
| @node Interrupted Primitives |
| @section Primitives Interrupted by Signals |
| |
| A signal can arrive and be handled while an I/O primitive such as |
| @code{open} or @code{read} is waiting for an I/O device. If the signal |
| handler returns, the system faces the question: what should happen next? |
| |
| POSIX specifies one approach: make the primitive fail right away. The |
| error code for this kind of failure is @code{EINTR}. This is flexible, |
| but usually inconvenient. Typically, POSIX applications that use signal |
| handlers must check for @code{EINTR} after each library function that |
| can return it, in order to try the call again. Often programmers forget |
| to check, which is a common source of error. |
| |
| @Theglibc{} provides a convenient way to retry a call after a |
| temporary failure, with the macro @code{TEMP_FAILURE_RETRY}: |
| |
| @comment unistd.h |
| @comment GNU |
| @defmac TEMP_FAILURE_RETRY (@var{expression}) |
| This macro evaluates @var{expression} once, and examines its value as |
| type @code{long int}. If the value equals @code{-1}, that indicates a |
| failure and @code{errno} should be set to show what kind of failure. |
| If it fails and reports error code @code{EINTR}, |
| @code{TEMP_FAILURE_RETRY} evaluates it again, and over and over until |
| the result is not a temporary failure. |
| |
| The value returned by @code{TEMP_FAILURE_RETRY} is whatever value |
| @var{expression} produced. |
| @end defmac |
| |
| BSD avoids @code{EINTR} entirely and provides a more convenient |
| approach: to restart the interrupted primitive, instead of making it |
| fail. If you choose this approach, you need not be concerned with |
| @code{EINTR}. |
| |
| You can choose either approach with @theglibc{}. If you use |
| @code{sigaction} to establish a signal handler, you can specify how that |
| handler should behave. If you specify the @code{SA_RESTART} flag, |
| return from that handler will resume a primitive; otherwise, return from |
| that handler will cause @code{EINTR}. @xref{Flags for Sigaction}. |
| |
| Another way to specify the choice is with the @code{siginterrupt} |
| function. @xref{BSD Handler}. |
| |
| @c !!! not true now about _BSD_SOURCE |
| When you don't specify with @code{sigaction} or @code{siginterrupt} what |
| a particular handler should do, it uses a default choice. The default |
| choice in @theglibc{} depends on the feature test macros you have |
| defined. If you define @code{_BSD_SOURCE} or @code{_GNU_SOURCE} before |
| calling @code{signal}, the default is to resume primitives; otherwise, |
| the default is to make them fail with @code{EINTR}. (The library |
| contains alternate versions of the @code{signal} function, and the |
| feature test macros determine which one you really call.) @xref{Feature |
| Test Macros}. |
| @cindex EINTR, and restarting interrupted primitives |
| @cindex restarting interrupted primitives |
| @cindex interrupting primitives |
| @cindex primitives, interrupting |
| @c !!! want to have @cindex system calls @i{see} primitives [no page #] |
| |
| The description of each primitive affected by this issue |
| lists @code{EINTR} among the error codes it can return. |
| |
| There is one situation where resumption never happens no matter which |
| choice you make: when a data-transfer function such as @code{read} or |
| @code{write} is interrupted by a signal after transferring part of the |
| data. In this case, the function returns the number of bytes already |
| transferred, indicating partial success. |
| |
| This might at first appear to cause unreliable behavior on |
| record-oriented devices (including datagram sockets; @pxref{Datagrams}), |
| where splitting one @code{read} or @code{write} into two would read or |
| write two records. Actually, there is no problem, because interruption |
| after a partial transfer cannot happen on such devices; they always |
| transfer an entire record in one burst, with no waiting once data |
| transfer has started. |
| |
| @node Generating Signals |
| @section Generating Signals |
| @cindex sending signals |
| @cindex raising signals |
| @cindex signals, generating |
| |
| Besides signals that are generated as a result of a hardware trap or |
| interrupt, your program can explicitly send signals to itself or to |
| another process. |
| |
| @menu |
| * Signaling Yourself:: A process can send a signal to itself. |
| * Signaling Another Process:: Send a signal to another process. |
| * Permission for kill:: Permission for using @code{kill}. |
| * Kill Example:: Using @code{kill} for Communication. |
| @end menu |
| |
| @node Signaling Yourself |
| @subsection Signaling Yourself |
| |
| A process can send itself a signal with the @code{raise} function. This |
| function is declared in @file{signal.h}. |
| @pindex signal.h |
| |
| @comment signal.h |
| @comment ISO |
| @deftypefun int raise (int @var{signum}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| @c raise ok |
| @c [posix] |
| @c getpid dup ok |
| @c kill dup ok |
| @c [linux] |
| @c syscall(gettid) ok |
| @c syscall(tgkill) ok |
| The @code{raise} function sends the signal @var{signum} to the calling |
| process. It returns zero if successful and a nonzero value if it fails. |
| About the only reason for failure would be if the value of @var{signum} |
| is invalid. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment SVID |
| @deftypefun int gsignal (int @var{signum}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| @c Aliases raise. |
| The @code{gsignal} function does the same thing as @code{raise}; it is |
| provided only for compatibility with SVID. |
| @end deftypefun |
| |
| One convenient use for @code{raise} is to reproduce the default behavior |
| of a signal that you have trapped. For instance, suppose a user of your |
| program types the SUSP character (usually @kbd{C-z}; @pxref{Special |
| Characters}) to send it an interactive stop signal |
| (@code{SIGTSTP}), and you want to clean up some internal data buffers |
| before stopping. You might set this up like this: |
| |
| @comment RMS suggested getting rid of the handler for SIGCONT in this function. |
| @comment But that would require that the handler for SIGTSTP unblock the |
| @comment signal before doing the call to raise. We haven't covered that |
| @comment topic yet, and I don't want to distract from the main point of |
| @comment the example with a digression to explain what is going on. As |
| @comment the example is written, the signal that is raise'd will be delivered |
| @comment as soon as the SIGTSTP handler returns, which is fine. |
| |
| @smallexample |
| #include <signal.h> |
| |
| /* @r{When a stop signal arrives, set the action back to the default |
| and then resend the signal after doing cleanup actions.} */ |
| |
| void |
| tstp_handler (int sig) |
| @{ |
| signal (SIGTSTP, SIG_DFL); |
| /* @r{Do cleanup actions here.} */ |
| @dots{} |
| raise (SIGTSTP); |
| @} |
| |
| /* @r{When the process is continued again, restore the signal handler.} */ |
| |
| void |
| cont_handler (int sig) |
| @{ |
| signal (SIGCONT, cont_handler); |
| signal (SIGTSTP, tstp_handler); |
| @} |
| |
| @group |
| /* @r{Enable both handlers during program initialization.} */ |
| |
| int |
| main (void) |
| @{ |
| signal (SIGCONT, cont_handler); |
| signal (SIGTSTP, tstp_handler); |
| @dots{} |
| @} |
| @end group |
| @end smallexample |
| |
| @strong{Portability note:} @code{raise} was invented by the @w{ISO C} |
| committee. Older systems may not support it, so using @code{kill} may |
| be more portable. @xref{Signaling Another Process}. |
| |
| @node Signaling Another Process |
| @subsection Signaling Another Process |
| |
| @cindex killing a process |
| The @code{kill} function can be used to send a signal to another process. |
| In spite of its name, it can be used for a lot of things other than |
| causing a process to terminate. Some examples of situations where you |
| might want to send signals between processes are: |
| |
| @itemize @bullet |
| @item |
| A parent process starts a child to perform a task---perhaps having the |
| child running an infinite loop---and then terminates the child when the |
| task is no longer needed. |
| |
| @item |
| A process executes as part of a group, and needs to terminate or notify |
| the other processes in the group when an error or other event occurs. |
| |
| @item |
| Two processes need to synchronize while working together. |
| @end itemize |
| |
| This section assumes that you know a little bit about how processes |
| work. For more information on this subject, see @ref{Processes}. |
| |
| The @code{kill} function is declared in @file{signal.h}. |
| @pindex signal.h |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int kill (pid_t @var{pid}, int @var{signum}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| @c The hurd implementation is not a critical section, so it's not |
| @c immediately obvious that, in case of cancellation, it won't leak |
| @c ports or the memory allocated by proc_getpgrppids when pid <= 0. |
| @c Since none of these make it AC-Unsafe, I'm leaving them out. |
| The @code{kill} function sends the signal @var{signum} to the process |
| or process group specified by @var{pid}. Besides the signals listed in |
| @ref{Standard Signals}, @var{signum} can also have a value of zero to |
| check the validity of the @var{pid}. |
| |
| The @var{pid} specifies the process or process group to receive the |
| signal: |
| |
| @table @code |
| @item @var{pid} > 0 |
| The process whose identifier is @var{pid}. |
| |
| @item @var{pid} == 0 |
| All processes in the same process group as the sender. |
| |
| @item @var{pid} < -1 |
| The process group whose identifier is @minus{}@var{pid}. |
| |
| @item @var{pid} == -1 |
| If the process is privileged, send the signal to all processes except |
| for some special system processes. Otherwise, send the signal to all |
| processes with the same effective user ID. |
| @end table |
| |
| A process can send a signal to itself with a call like @w{@code{kill |
| (getpid(), @var{signum})}}. If @code{kill} is used by a process to send |
| a signal to itself, and the signal is not blocked, then @code{kill} |
| delivers at least one signal (which might be some other pending |
| unblocked signal instead of the signal @var{signum}) to that process |
| before it returns. |
| |
| The return value from @code{kill} is zero if the signal can be sent |
| successfully. Otherwise, no signal is sent, and a value of @code{-1} is |
| returned. If @var{pid} specifies sending a signal to several processes, |
| @code{kill} succeeds if it can send the signal to at least one of them. |
| There's no way you can tell which of the processes got the signal |
| or whether all of them did. |
| |
| The following @code{errno} error conditions are defined for this function: |
| |
| @table @code |
| @item EINVAL |
| The @var{signum} argument is an invalid or unsupported number. |
| |
| @item EPERM |
| You do not have the privilege to send a signal to the process or any of |
| the processes in the process group named by @var{pid}. |
| |
| @item ESRCH |
| The @var{pid} argument does not refer to an existing process or group. |
| @end table |
| @end deftypefun |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefun int killpg (int @var{pgid}, int @var{signum}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| @c Calls kill with -pgid. |
| This is similar to @code{kill}, but sends signal @var{signum} to the |
| process group @var{pgid}. This function is provided for compatibility |
| with BSD; using @code{kill} to do this is more portable. |
| @end deftypefun |
| |
| As a simple example of @code{kill}, the call @w{@code{kill (getpid (), |
| @var{sig})}} has the same effect as @w{@code{raise (@var{sig})}}. |
| |
| @node Permission for kill |
| @subsection Permission for using @code{kill} |
| |
| There are restrictions that prevent you from using @code{kill} to send |
| signals to any random process. These are intended to prevent antisocial |
| behavior such as arbitrarily killing off processes belonging to another |
| user. In typical use, @code{kill} is used to pass signals between |
| parent, child, and sibling processes, and in these situations you |
| normally do have permission to send signals. The only common exception |
| is when you run a setuid program in a child process; if the program |
| changes its real UID as well as its effective UID, you may not have |
| permission to send a signal. The @code{su} program does this. |
| |
| Whether a process has permission to send a signal to another process |
| is determined by the user IDs of the two processes. This concept is |
| discussed in detail in @ref{Process Persona}. |
| |
| Generally, for a process to be able to send a signal to another process, |
| either the sending process must belong to a privileged user (like |
| @samp{root}), or the real or effective user ID of the sending process |
| must match the real or effective user ID of the receiving process. If |
| the receiving process has changed its effective user ID from the |
| set-user-ID mode bit on its process image file, then the owner of the |
| process image file is used in place of its current effective user ID. |
| In some implementations, a parent process might be able to send signals |
| to a child process even if the user ID's don't match, and other |
| implementations might enforce other restrictions. |
| |
| The @code{SIGCONT} signal is a special case. It can be sent if the |
| sender is part of the same session as the receiver, regardless of |
| user IDs. |
| |
| @node Kill Example |
| @subsection Using @code{kill} for Communication |
| @cindex interprocess communication, with signals |
| Here is a longer example showing how signals can be used for |
| interprocess communication. This is what the @code{SIGUSR1} and |
| @code{SIGUSR2} signals are provided for. Since these signals are fatal |
| by default, the process that is supposed to receive them must trap them |
| through @code{signal} or @code{sigaction}. |
| |
| In this example, a parent process forks a child process and then waits |
| for the child to complete its initialization. The child process tells |
| the parent when it is ready by sending it a @code{SIGUSR1} signal, using |
| the @code{kill} function. |
| |
| @smallexample |
| @include sigusr.c.texi |
| @end smallexample |
| |
| This example uses a busy wait, which is bad, because it wastes CPU |
| cycles that other programs could otherwise use. It is better to ask the |
| system to wait until the signal arrives. See the example in |
| @ref{Waiting for a Signal}. |
| |
| @node Blocking Signals |
| @section Blocking Signals |
| @cindex blocking signals |
| |
| Blocking a signal means telling the operating system to hold it and |
| deliver it later. Generally, a program does not block signals |
| indefinitely---it might as well ignore them by setting their actions to |
| @code{SIG_IGN}. But it is useful to block signals briefly, to prevent |
| them from interrupting sensitive operations. For instance: |
| |
| @itemize @bullet |
| @item |
| You can use the @code{sigprocmask} function to block signals while you |
| modify global variables that are also modified by the handlers for these |
| signals. |
| |
| @item |
| You can set @code{sa_mask} in your @code{sigaction} call to block |
| certain signals while a particular signal handler runs. This way, the |
| signal handler can run without being interrupted itself by signals. |
| @end itemize |
| |
| @menu |
| * Why Block:: The purpose of blocking signals. |
| * Signal Sets:: How to specify which signals to |
| block. |
| * Process Signal Mask:: Blocking delivery of signals to your |
| process during normal execution. |
| * Testing for Delivery:: Blocking to Test for Delivery of |
| a Signal. |
| * Blocking for Handler:: Blocking additional signals while a |
| handler is being run. |
| * Checking for Pending Signals:: Checking for Pending Signals |
| * Remembering a Signal:: How you can get almost the same |
| effect as blocking a signal, by |
| handling it and setting a flag |
| to be tested later. |
| @end menu |
| |
| @node Why Block |
| @subsection Why Blocking Signals is Useful |
| |
| Temporary blocking of signals with @code{sigprocmask} gives you a way to |
| prevent interrupts during critical parts of your code. If signals |
| arrive in that part of the program, they are delivered later, after you |
| unblock them. |
| |
| One example where this is useful is for sharing data between a signal |
| handler and the rest of the program. If the type of the data is not |
| @code{sig_atomic_t} (@pxref{Atomic Data Access}), then the signal |
| handler could run when the rest of the program has only half finished |
| reading or writing the data. This would lead to confusing consequences. |
| |
| To make the program reliable, you can prevent the signal handler from |
| running while the rest of the program is examining or modifying that |
| data---by blocking the appropriate signal around the parts of the |
| program that touch the data. |
| |
| Blocking signals is also necessary when you want to perform a certain |
| action only if a signal has not arrived. Suppose that the handler for |
| the signal sets a flag of type @code{sig_atomic_t}; you would like to |
| test the flag and perform the action if the flag is not set. This is |
| unreliable. Suppose the signal is delivered immediately after you test |
| the flag, but before the consequent action: then the program will |
| perform the action even though the signal has arrived. |
| |
| The only way to test reliably for whether a signal has yet arrived is to |
| test while the signal is blocked. |
| |
| @node Signal Sets |
| @subsection Signal Sets |
| |
| All of the signal blocking functions use a data structure called a |
| @dfn{signal set} to specify what signals are affected. Thus, every |
| activity involves two stages: creating the signal set, and then passing |
| it as an argument to a library function. |
| @cindex signal set |
| |
| These facilities are declared in the header file @file{signal.h}. |
| @pindex signal.h |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftp {Data Type} sigset_t |
| The @code{sigset_t} data type is used to represent a signal set. |
| Internally, it may be implemented as either an integer or structure |
| type. |
| |
| For portability, use only the functions described in this section to |
| initialize, change, and retrieve information from @code{sigset_t} |
| objects---don't try to manipulate them directly. |
| @end deftp |
| |
| There are two ways to initialize a signal set. You can initially |
| specify it to be empty with @code{sigemptyset} and then add specified |
| signals individually. Or you can specify it to be full with |
| @code{sigfillset} and then delete specified signals individually. |
| |
| You must always initialize the signal set with one of these two |
| functions before using it in any other way. Don't try to set all the |
| signals explicitly because the @code{sigset_t} object might include some |
| other information (like a version field) that needs to be initialized as |
| well. (In addition, it's not wise to put into your program an |
| assumption that the system has no signals aside from the ones you know |
| about.) |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigemptyset (sigset_t *@var{set}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| @c Just memsets all of set to zero. |
| This function initializes the signal set @var{set} to exclude all of the |
| defined signals. It always returns @code{0}. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigfillset (sigset_t *@var{set}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| This function initializes the signal set @var{set} to include |
| all of the defined signals. Again, the return value is @code{0}. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigaddset (sigset_t *@var{set}, int @var{signum}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| This function adds the signal @var{signum} to the signal set @var{set}. |
| All @code{sigaddset} does is modify @var{set}; it does not block or |
| unblock any signals. |
| |
| The return value is @code{0} on success and @code{-1} on failure. |
| The following @code{errno} error condition is defined for this function: |
| |
| @table @code |
| @item EINVAL |
| The @var{signum} argument doesn't specify a valid signal. |
| @end table |
| @end deftypefun |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigdelset (sigset_t *@var{set}, int @var{signum}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| This function removes the signal @var{signum} from the signal set |
| @var{set}. All @code{sigdelset} does is modify @var{set}; it does not |
| block or unblock any signals. The return value and error conditions are |
| the same as for @code{sigaddset}. |
| @end deftypefun |
| |
| Finally, there is a function to test what signals are in a signal set: |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigismember (const sigset_t *@var{set}, int @var{signum}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| The @code{sigismember} function tests whether the signal @var{signum} is |
| a member of the signal set @var{set}. It returns @code{1} if the signal |
| is in the set, @code{0} if not, and @code{-1} if there is an error. |
| |
| The following @code{errno} error condition is defined for this function: |
| |
| @table @code |
| @item EINVAL |
| The @var{signum} argument doesn't specify a valid signal. |
| @end table |
| @end deftypefun |
| |
| @node Process Signal Mask |
| @subsection Process Signal Mask |
| @cindex signal mask |
| @cindex process signal mask |
| |
| The collection of signals that are currently blocked is called the |
| @dfn{signal mask}. Each process has its own signal mask. When you |
| create a new process (@pxref{Creating a Process}), it inherits its |
| parent's mask. You can block or unblock signals with total flexibility |
| by modifying the signal mask. |
| |
| The prototype for the @code{sigprocmask} function is in @file{signal.h}. |
| @pindex signal.h |
| |
| Note that you must not use @code{sigprocmask} in multi-threaded processes, |
| because each thread has its own signal mask and there is no single process |
| signal mask. According to POSIX, the behavior of @code{sigprocmask} in a |
| multi-threaded process is ``unspecified''. |
| Instead, use @code{pthread_sigmask}. |
| @ifset linuxthreads |
| @xref{Threads and Signal Handling}. |
| @end ifset |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigprocmask (int @var{how}, const sigset_t *restrict @var{set}, sigset_t *restrict @var{oldset}) |
| @safety{@prelim{}@mtunsafe{@mtasurace{:sigprocmask/bsd(SIG_UNBLOCK)}}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c This takes the hurd_self_sigstate-returned object's lock on HURD. On |
| @c BSD, SIG_UNBLOCK is emulated with two sigblock calls, which |
| @c introduces a race window. |
| The @code{sigprocmask} function is used to examine or change the calling |
| process's signal mask. The @var{how} argument determines how the signal |
| mask is changed, and must be one of the following values: |
| |
| @table @code |
| @comment signal.h |
| @comment POSIX.1 |
| @vindex SIG_BLOCK |
| @item SIG_BLOCK |
| Block the signals in @code{set}---add them to the existing mask. In |
| other words, the new mask is the union of the existing mask and |
| @var{set}. |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @vindex SIG_UNBLOCK |
| @item SIG_UNBLOCK |
| Unblock the signals in @var{set}---remove them from the existing mask. |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @vindex SIG_SETMASK |
| @item SIG_SETMASK |
| Use @var{set} for the mask; ignore the previous value of the mask. |
| @end table |
| |
| The last argument, @var{oldset}, is used to return information about the |
| old process signal mask. If you just want to change the mask without |
| looking at it, pass a null pointer as the @var{oldset} argument. |
| Similarly, if you want to know what's in the mask without changing it, |
| pass a null pointer for @var{set} (in this case the @var{how} argument |
| is not significant). The @var{oldset} argument is often used to |
| remember the previous signal mask in order to restore it later. (Since |
| the signal mask is inherited over @code{fork} and @code{exec} calls, you |
| can't predict what its contents are when your program starts running.) |
| |
| If invoking @code{sigprocmask} causes any pending signals to be |
| unblocked, at least one of those signals is delivered to the process |
| before @code{sigprocmask} returns. The order in which pending signals |
| are delivered is not specified, but you can control the order explicitly |
| by making multiple @code{sigprocmask} calls to unblock various signals |
| one at a time. |
| |
| The @code{sigprocmask} function returns @code{0} if successful, and @code{-1} |
| to indicate an error. The following @code{errno} error conditions are |
| defined for this function: |
| |
| @table @code |
| @item EINVAL |
| The @var{how} argument is invalid. |
| @end table |
| |
| You can't block the @code{SIGKILL} and @code{SIGSTOP} signals, but |
| if the signal set includes these, @code{sigprocmask} just ignores |
| them instead of returning an error status. |
| |
| Remember, too, that blocking program error signals such as @code{SIGFPE} |
| leads to undesirable results for signals generated by an actual program |
| error (as opposed to signals sent with @code{raise} or @code{kill}). |
| This is because your program may be too broken to be able to continue |
| executing to a point where the signal is unblocked again. |
| @xref{Program Error Signals}. |
| @end deftypefun |
| |
| @node Testing for Delivery |
| @subsection Blocking to Test for Delivery of a Signal |
| |
| Now for a simple example. Suppose you establish a handler for |
| @code{SIGALRM} signals that sets a flag whenever a signal arrives, and |
| your main program checks this flag from time to time and then resets it. |
| You can prevent additional @code{SIGALRM} signals from arriving in the |
| meantime by wrapping the critical part of the code with calls to |
| @code{sigprocmask}, like this: |
| |
| @smallexample |
| /* @r{This variable is set by the SIGALRM signal handler.} */ |
| volatile sig_atomic_t flag = 0; |
| |
| int |
| main (void) |
| @{ |
| sigset_t block_alarm; |
| |
| @dots{} |
| |
| /* @r{Initialize the signal mask.} */ |
| sigemptyset (&block_alarm); |
| sigaddset (&block_alarm, SIGALRM); |
| |
| @group |
| while (1) |
| @{ |
| /* @r{Check if a signal has arrived; if so, reset the flag.} */ |
| sigprocmask (SIG_BLOCK, &block_alarm, NULL); |
| if (flag) |
| @{ |
| @var{actions-if-not-arrived} |
| flag = 0; |
| @} |
| sigprocmask (SIG_UNBLOCK, &block_alarm, NULL); |
| |
| @dots{} |
| @} |
| @} |
| @end group |
| @end smallexample |
| |
| @node Blocking for Handler |
| @subsection Blocking Signals for a Handler |
| @cindex blocking signals, in a handler |
| |
| When a signal handler is invoked, you usually want it to be able to |
| finish without being interrupted by another signal. From the moment the |
| handler starts until the moment it finishes, you must block signals that |
| might confuse it or corrupt its data. |
| |
| When a handler function is invoked on a signal, that signal is |
| automatically blocked (in addition to any other signals that are already |
| in the process's signal mask) during the time the handler is running. |
| If you set up a handler for @code{SIGTSTP}, for instance, then the |
| arrival of that signal forces further @code{SIGTSTP} signals to wait |
| during the execution of the handler. |
| |
| However, by default, other kinds of signals are not blocked; they can |
| arrive during handler execution. |
| |
| The reliable way to block other kinds of signals during the execution of |
| the handler is to use the @code{sa_mask} member of the @code{sigaction} |
| structure. |
| |
| Here is an example: |
| |
| @smallexample |
| #include <signal.h> |
| #include <stddef.h> |
| |
| void catch_stop (); |
| |
| void |
| install_handler (void) |
| @{ |
| struct sigaction setup_action; |
| sigset_t block_mask; |
| |
| sigemptyset (&block_mask); |
| /* @r{Block other terminal-generated signals while handler runs.} */ |
| sigaddset (&block_mask, SIGINT); |
| sigaddset (&block_mask, SIGQUIT); |
| setup_action.sa_handler = catch_stop; |
| setup_action.sa_mask = block_mask; |
| setup_action.sa_flags = 0; |
| sigaction (SIGTSTP, &setup_action, NULL); |
| @} |
| @end smallexample |
| |
| This is more reliable than blocking the other signals explicitly in the |
| code for the handler. If you block signals explicitly in the handler, |
| you can't avoid at least a short interval at the beginning of the |
| handler where they are not yet blocked. |
| |
| You cannot remove signals from the process's current mask using this |
| mechanism. However, you can make calls to @code{sigprocmask} within |
| your handler to block or unblock signals as you wish. |
| |
| In any case, when the handler returns, the system restores the mask that |
| was in place before the handler was entered. If any signals that become |
| unblocked by this restoration are pending, the process will receive |
| those signals immediately, before returning to the code that was |
| interrupted. |
| |
| @node Checking for Pending Signals |
| @subsection Checking for Pending Signals |
| @cindex pending signals, checking for |
| @cindex blocked signals, checking for |
| @cindex checking for pending signals |
| |
| You can find out which signals are pending at any time by calling |
| @code{sigpending}. This function is declared in @file{signal.h}. |
| @pindex signal.h |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigpending (sigset_t *@var{set}) |
| @safety{@prelim{}@mtsafe{}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c Direct rt_sigpending syscall on most systems. On hurd, calls |
| @c hurd_self_sigstate, it copies the sigstate's pending while holding |
| @c its lock. |
| The @code{sigpending} function stores information about pending signals |
| in @var{set}. If there is a pending signal that is blocked from |
| delivery, then that signal is a member of the returned set. (You can |
| test whether a particular signal is a member of this set using |
| @code{sigismember}; see @ref{Signal Sets}.) |
| |
| The return value is @code{0} if successful, and @code{-1} on failure. |
| @end deftypefun |
| |
| Testing whether a signal is pending is not often useful. Testing when |
| that signal is not blocked is almost certainly bad design. |
| |
| Here is an example. |
| |
| @smallexample |
| #include <signal.h> |
| #include <stddef.h> |
| |
| sigset_t base_mask, waiting_mask; |
| |
| sigemptyset (&base_mask); |
| sigaddset (&base_mask, SIGINT); |
| sigaddset (&base_mask, SIGTSTP); |
| |
| /* @r{Block user interrupts while doing other processing.} */ |
| sigprocmask (SIG_SETMASK, &base_mask, NULL); |
| @dots{} |
| |
| /* @r{After a while, check to see whether any signals are pending.} */ |
| sigpending (&waiting_mask); |
| if (sigismember (&waiting_mask, SIGINT)) @{ |
| /* @r{User has tried to kill the process.} */ |
| @} |
| else if (sigismember (&waiting_mask, SIGTSTP)) @{ |
| /* @r{User has tried to stop the process.} */ |
| @} |
| @end smallexample |
| |
| Remember that if there is a particular signal pending for your process, |
| additional signals of that same type that arrive in the meantime might |
| be discarded. For example, if a @code{SIGINT} signal is pending when |
| another @code{SIGINT} signal arrives, your program will probably only |
| see one of them when you unblock this signal. |
| |
| @strong{Portability Note:} The @code{sigpending} function is new in |
| POSIX.1. Older systems have no equivalent facility. |
| |
| @node Remembering a Signal |
| @subsection Remembering a Signal to Act On Later |
| |
| Instead of blocking a signal using the library facilities, you can get |
| almost the same results by making the handler set a flag to be tested |
| later, when you ``unblock''. Here is an example: |
| |
| @smallexample |
| /* @r{If this flag is nonzero, don't handle the signal right away.} */ |
| volatile sig_atomic_t signal_pending; |
| |
| /* @r{This is nonzero if a signal arrived and was not handled.} */ |
| volatile sig_atomic_t defer_signal; |
| |
| void |
| handler (int signum) |
| @{ |
| if (defer_signal) |
| signal_pending = signum; |
| else |
| @dots{} /* @r{``Really'' handle the signal.} */ |
| @} |
| |
| @dots{} |
| |
| void |
| update_mumble (int frob) |
| @{ |
| /* @r{Prevent signals from having immediate effect.} */ |
| defer_signal++; |
| /* @r{Now update @code{mumble}, without worrying about interruption.} */ |
| mumble.a = 1; |
| mumble.b = hack (); |
| mumble.c = frob; |
| /* @r{We have updated @code{mumble}. Handle any signal that came in.} */ |
| defer_signal--; |
| if (defer_signal == 0 && signal_pending != 0) |
| raise (signal_pending); |
| @} |
| @end smallexample |
| |
| Note how the particular signal that arrives is stored in |
| @code{signal_pending}. That way, we can handle several types of |
| inconvenient signals with the same mechanism. |
| |
| We increment and decrement @code{defer_signal} so that nested critical |
| sections will work properly; thus, if @code{update_mumble} were called |
| with @code{signal_pending} already nonzero, signals would be deferred |
| not only within @code{update_mumble}, but also within the caller. This |
| is also why we do not check @code{signal_pending} if @code{defer_signal} |
| is still nonzero. |
| |
| The incrementing and decrementing of @code{defer_signal} each require more |
| than one instruction; it is possible for a signal to happen in the |
| middle. But that does not cause any problem. If the signal happens |
| early enough to see the value from before the increment or decrement, |
| that is equivalent to a signal which came before the beginning of the |
| increment or decrement, which is a case that works properly. |
| |
| It is absolutely vital to decrement @code{defer_signal} before testing |
| @code{signal_pending}, because this avoids a subtle bug. If we did |
| these things in the other order, like this, |
| |
| @smallexample |
| if (defer_signal == 1 && signal_pending != 0) |
| raise (signal_pending); |
| defer_signal--; |
| @end smallexample |
| |
| @noindent |
| then a signal arriving in between the @code{if} statement and the decrement |
| would be effectively ``lost'' for an indefinite amount of time. The |
| handler would merely set @code{defer_signal}, but the program having |
| already tested this variable, it would not test the variable again. |
| |
| @cindex timing error in signal handling |
| Bugs like these are called @dfn{timing errors}. They are especially bad |
| because they happen only rarely and are nearly impossible to reproduce. |
| You can't expect to find them with a debugger as you would find a |
| reproducible bug. So it is worth being especially careful to avoid |
| them. |
| |
| (You would not be tempted to write the code in this order, given the use |
| of @code{defer_signal} as a counter which must be tested along with |
| @code{signal_pending}. After all, testing for zero is cleaner than |
| testing for one. But if you did not use @code{defer_signal} as a |
| counter, and gave it values of zero and one only, then either order |
| might seem equally simple. This is a further advantage of using a |
| counter for @code{defer_signal}: it will reduce the chance you will |
| write the code in the wrong order and create a subtle bug.) |
| |
| @node Waiting for a Signal |
| @section Waiting for a Signal |
| @cindex waiting for a signal |
| @cindex @code{pause} function |
| |
| If your program is driven by external events, or uses signals for |
| synchronization, then when it has nothing to do it should probably wait |
| until a signal arrives. |
| |
| @menu |
| * Using Pause:: The simple way, using @code{pause}. |
| * Pause Problems:: Why the simple way is often not very good. |
| * Sigsuspend:: Reliably waiting for a specific signal. |
| @end menu |
| |
| @node Using Pause |
| @subsection Using @code{pause} |
| |
| The simple way to wait until a signal arrives is to call @code{pause}. |
| Please read about its disadvantages, in the following section, before |
| you use it. |
| |
| @comment unistd.h |
| @comment POSIX.1 |
| @deftypefun int pause (void) |
| @safety{@prelim{}@mtunsafe{@mtasurace{:sigprocmask/!bsd!linux}}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c The signal mask read by sigprocmask may be overridden by another |
| @c thread or by a signal handler before we call sigsuspend. Is this a |
| @c safety issue? Probably not. |
| @c pause @mtasurace:sigprocmask/!bsd!linux @asulock/hurd @aculock/hurd |
| @c [ports/linux/generic] |
| @c syscall_pause ok |
| @c [posix] |
| @c sigemptyset dup ok |
| @c sigprocmask(SIG_BLOCK) dup @asulock/hurd @aculock/hurd [no @mtasurace:sigprocmask/bsd(SIG_UNBLOCK)] |
| @c sigsuspend dup @mtasurace:sigprocmask/!bsd!linux @asulock/hurd @aculock/hurd |
| The @code{pause} function suspends program execution until a signal |
| arrives whose action is either to execute a handler function, or to |
| terminate the process. |
| |
| If the signal causes a handler function to be executed, then |
| @code{pause} returns. This is considered an unsuccessful return (since |
| ``successful'' behavior would be to suspend the program forever), so the |
| return value is @code{-1}. Even if you specify that other primitives |
| should resume when a system handler returns (@pxref{Interrupted |
| Primitives}), this has no effect on @code{pause}; it always fails when a |
| signal is handled. |
| |
| The following @code{errno} error conditions are defined for this function: |
| |
| @table @code |
| @item EINTR |
| The function was interrupted by delivery of a signal. |
| @end table |
| |
| If the signal causes program termination, @code{pause} doesn't return |
| (obviously). |
| |
| This function is a cancellation point in multithreaded programs. This |
| is a problem if the thread allocates some resources (like memory, file |
| descriptors, semaphores or whatever) at the time @code{pause} is |
| called. If the thread gets cancelled these resources stay allocated |
| until the program ends. To avoid this calls to @code{pause} should be |
| protected using cancellation handlers. |
| @c ref pthread_cleanup_push / pthread_cleanup_pop |
| |
| The @code{pause} function is declared in @file{unistd.h}. |
| @end deftypefun |
| |
| @node Pause Problems |
| @subsection Problems with @code{pause} |
| |
| The simplicity of @code{pause} can conceal serious timing errors that |
| can make a program hang mysteriously. |
| |
| It is safe to use @code{pause} if the real work of your program is done |
| by the signal handlers themselves, and the ``main program'' does nothing |
| but call @code{pause}. Each time a signal is delivered, the handler |
| will do the next batch of work that is to be done, and then return, so |
| that the main loop of the program can call @code{pause} again. |
| |
| You can't safely use @code{pause} to wait until one more signal arrives, |
| and then resume real work. Even if you arrange for the signal handler |
| to cooperate by setting a flag, you still can't use @code{pause} |
| reliably. Here is an example of this problem: |
| |
| @smallexample |
| /* @r{@code{usr_interrupt} is set by the signal handler.} */ |
| if (!usr_interrupt) |
| pause (); |
| |
| /* @r{Do work once the signal arrives.} */ |
| @dots{} |
| @end smallexample |
| |
| @noindent |
| This has a bug: the signal could arrive after the variable |
| @code{usr_interrupt} is checked, but before the call to @code{pause}. |
| If no further signals arrive, the process would never wake up again. |
| |
| You can put an upper limit on the excess waiting by using @code{sleep} |
| in a loop, instead of using @code{pause}. (@xref{Sleeping}, for more |
| about @code{sleep}.) Here is what this looks like: |
| |
| @smallexample |
| /* @r{@code{usr_interrupt} is set by the signal handler.} |
| while (!usr_interrupt) |
| sleep (1); |
| |
| /* @r{Do work once the signal arrives.} */ |
| @dots{} |
| @end smallexample |
| |
| For some purposes, that is good enough. But with a little more |
| complexity, you can wait reliably until a particular signal handler is |
| run, using @code{sigsuspend}. |
| @ifinfo |
| @xref{Sigsuspend}. |
| @end ifinfo |
| |
| @node Sigsuspend |
| @subsection Using @code{sigsuspend} |
| |
| The clean and reliable way to wait for a signal to arrive is to block it |
| and then use @code{sigsuspend}. By using @code{sigsuspend} in a loop, |
| you can wait for certain kinds of signals, while letting other kinds of |
| signals be handled by their handlers. |
| |
| @comment signal.h |
| @comment POSIX.1 |
| @deftypefun int sigsuspend (const sigset_t *@var{set}) |
| @safety{@prelim{}@mtunsafe{@mtasurace{:sigprocmask/!bsd!linux}}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c sigsuspend @mtasurace:sigprocmask/!bsd!linux @asulock/hurd @aculock/hurd |
| @c [posix] @mtasurace:sigprocmask/!bsd!linux |
| @c saving and restoring the procmask is racy |
| @c sigprocmask(SIG_SETMASK) dup @asulock/hurd @aculock/hurd [no @mtasurace:sigprocmask/bsd(SIG_UNBLOCK)] |
| @c pause @asulock/hurd @aculock/hurd |
| @c [bsd] |
| @c sigismember dup ok |
| @c sigmask dup ok |
| @c sigpause dup ok [no @mtasurace:sigprocmask/!bsd!linux @asulock/hurd @aculock/hurd] |
| @c [linux] |
| @c do_sigsuspend ok |
| This function replaces the process's signal mask with @var{set} and then |
| suspends the process until a signal is delivered whose action is either |
| to terminate the process or invoke a signal handling function. In other |
| words, the program is effectively suspended until one of the signals that |
| is not a member of @var{set} arrives. |
| |
| If the process is woken up by delivery of a signal that invokes a handler |
| function, and the handler function returns, then @code{sigsuspend} also |
| returns. |
| |
| The mask remains @var{set} only as long as @code{sigsuspend} is waiting. |
| The function @code{sigsuspend} always restores the previous signal mask |
| when it returns. |
| |
| The return value and error conditions are the same as for @code{pause}. |
| @end deftypefun |
| |
| With @code{sigsuspend}, you can replace the @code{pause} or @code{sleep} |
| loop in the previous section with something completely reliable: |
| |
| @smallexample |
| sigset_t mask, oldmask; |
| |
| @dots{} |
| |
| /* @r{Set up the mask of signals to temporarily block.} */ |
| sigemptyset (&mask); |
| sigaddset (&mask, SIGUSR1); |
| |
| @dots{} |
| |
| /* @r{Wait for a signal to arrive.} */ |
| sigprocmask (SIG_BLOCK, &mask, &oldmask); |
| while (!usr_interrupt) |
| sigsuspend (&oldmask); |
| sigprocmask (SIG_UNBLOCK, &mask, NULL); |
| @end smallexample |
| |
| This last piece of code is a little tricky. The key point to remember |
| here is that when @code{sigsuspend} returns, it resets the process's |
| signal mask to the original value, the value from before the call to |
| @code{sigsuspend}---in this case, the @code{SIGUSR1} signal is once |
| again blocked. The second call to @code{sigprocmask} is |
| necessary to explicitly unblock this signal. |
| |
| One other point: you may be wondering why the @code{while} loop is |
| necessary at all, since the program is apparently only waiting for one |
| @code{SIGUSR1} signal. The answer is that the mask passed to |
| @code{sigsuspend} permits the process to be woken up by the delivery of |
| other kinds of signals, as well---for example, job control signals. If |
| the process is woken up by a signal that doesn't set |
| @code{usr_interrupt}, it just suspends itself again until the ``right'' |
| kind of signal eventually arrives. |
| |
| This technique takes a few more lines of preparation, but that is needed |
| just once for each kind of wait criterion you want to use. The code |
| that actually waits is just four lines. |
| |
| @node Signal Stack |
| @section Using a Separate Signal Stack |
| |
| A signal stack is a special area of memory to be used as the execution |
| stack during signal handlers. It should be fairly large, to avoid any |
| danger that it will overflow in turn; the macro @code{SIGSTKSZ} is |
| defined to a canonical size for signal stacks. You can use |
| @code{malloc} to allocate the space for the stack. Then call |
| @code{sigaltstack} or @code{sigstack} to tell the system to use that |
| space for the signal stack. |
| |
| You don't need to write signal handlers differently in order to use a |
| signal stack. Switching from one stack to the other happens |
| automatically. (Some non-GNU debuggers on some machines may get |
| confused if you examine a stack trace while a handler that uses the |
| signal stack is running.) |
| |
| There are two interfaces for telling the system to use a separate signal |
| stack. @code{sigstack} is the older interface, which comes from 4.2 |
| BSD. @code{sigaltstack} is the newer interface, and comes from 4.4 |
| BSD. The @code{sigaltstack} interface has the advantage that it does |
| not require your program to know which direction the stack grows, which |
| depends on the specific machine and operating system. |
| |
| @comment signal.h |
| @comment XPG |
| @deftp {Data Type} stack_t |
| This structure describes a signal stack. It contains the following members: |
| |
| @table @code |
| @item void *ss_sp |
| This points to the base of the signal stack. |
| |
| @item size_t ss_size |
| This is the size (in bytes) of the signal stack which @samp{ss_sp} points to. |
| You should set this to however much space you allocated for the stack. |
| |
| There are two macros defined in @file{signal.h} that you should use in |
| calculating this size: |
| |
| @vtable @code |
| @item SIGSTKSZ |
| This is the canonical size for a signal stack. It is judged to be |
| sufficient for normal uses. |
| |
| @item MINSIGSTKSZ |
| This is the amount of signal stack space the operating system needs just |
| to implement signal delivery. The size of a signal stack @strong{must} |
| be greater than this. |
| |
| For most cases, just using @code{SIGSTKSZ} for @code{ss_size} is |
| sufficient. But if you know how much stack space your program's signal |
| handlers will need, you may want to use a different size. In this case, |
| you should allocate @code{MINSIGSTKSZ} additional bytes for the signal |
| stack and increase @code{ss_size} accordingly. |
| @end vtable |
| |
| @item int ss_flags |
| This field contains the bitwise @sc{or} of these flags: |
| |
| @vtable @code |
| @item SS_DISABLE |
| This tells the system that it should not use the signal stack. |
| |
| @item SS_ONSTACK |
| This is set by the system, and indicates that the signal stack is |
| currently in use. If this bit is not set, then signals will be |
| delivered on the normal user stack. |
| @end vtable |
| @end table |
| @end deftp |
| |
| @comment signal.h |
| @comment XPG |
| @deftypefun int sigaltstack (const stack_t *restrict @var{stack}, stack_t *restrict @var{oldstack}) |
| @safety{@prelim{}@mtsafe{}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c Syscall on Linux and BSD; the HURD implementation takes a lock on |
| @c the hurd_self_sigstate-returned struct. |
| The @code{sigaltstack} function specifies an alternate stack for use |
| during signal handling. When a signal is received by the process and |
| its action indicates that the signal stack is used, the system arranges |
| a switch to the currently installed signal stack while the handler for |
| that signal is executed. |
| |
| If @var{oldstack} is not a null pointer, information about the currently |
| installed signal stack is returned in the location it points to. If |
| @var{stack} is not a null pointer, then this is installed as the new |
| stack for use by signal handlers. |
| |
| The return value is @code{0} on success and @code{-1} on failure. If |
| @code{sigaltstack} fails, it sets @code{errno} to one of these values: |
| |
| @table @code |
| @item EINVAL |
| You tried to disable a stack that was in fact currently in use. |
| |
| @item ENOMEM |
| The size of the alternate stack was too small. |
| It must be greater than @code{MINSIGSTKSZ}. |
| @end table |
| @end deftypefun |
| |
| Here is the older @code{sigstack} interface. You should use |
| @code{sigaltstack} instead on systems that have it. |
| |
| @comment signal.h |
| @comment BSD |
| @deftp {Data Type} {struct sigstack} |
| This structure describes a signal stack. It contains the following members: |
| |
| @table @code |
| @item void *ss_sp |
| This is the stack pointer. If the stack grows downwards on your |
| machine, this should point to the top of the area you allocated. If the |
| stack grows upwards, it should point to the bottom. |
| |
| @item int ss_onstack |
| This field is true if the process is currently using this stack. |
| @end table |
| @end deftp |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefun int sigstack (struct sigstack *@var{stack}, struct sigstack *@var{oldstack}) |
| @safety{@prelim{}@mtsafe{}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c Lossy and dangerous (no size limit) wrapper for sigaltstack. |
| The @code{sigstack} function specifies an alternate stack for use during |
| signal handling. When a signal is received by the process and its |
| action indicates that the signal stack is used, the system arranges a |
| switch to the currently installed signal stack while the handler for |
| that signal is executed. |
| |
| If @var{oldstack} is not a null pointer, information about the currently |
| installed signal stack is returned in the location it points to. If |
| @var{stack} is not a null pointer, then this is installed as the new |
| stack for use by signal handlers. |
| |
| The return value is @code{0} on success and @code{-1} on failure. |
| @end deftypefun |
| |
| @node BSD Signal Handling |
| @section BSD Signal Handling |
| |
| This section describes alternative signal handling functions derived |
| from BSD Unix. These facilities were an advance, in their time; today, |
| they are mostly obsolete, and supported mainly for compatibility with |
| BSD Unix. |
| |
| There are many similarities between the BSD and POSIX signal handling |
| facilities, because the POSIX facilities were inspired by the BSD |
| facilities. Besides having different names for all the functions to |
| avoid conflicts, the main differences between the two are: |
| |
| @itemize @bullet |
| @item |
| BSD Unix represents signal masks as an @code{int} bit mask, rather than |
| as a @code{sigset_t} object. |
| |
| @item |
| The BSD facilities use a different default for whether an interrupted |
| primitive should fail or resume. The POSIX facilities make system |
| calls fail unless you specify that they should resume. With the BSD |
| facility, the default is to make system calls resume unless you say they |
| should fail. @xref{Interrupted Primitives}. |
| @end itemize |
| |
| The BSD facilities are declared in @file{signal.h}. |
| @pindex signal.h |
| |
| @menu |
| * BSD Handler:: BSD Function to Establish a Handler. |
| * Blocking in BSD:: BSD Functions for Blocking Signals. |
| @end menu |
| |
| @node BSD Handler |
| @subsection BSD Function to Establish a Handler |
| |
| @comment signal.h |
| @comment BSD |
| @deftp {Data Type} {struct sigvec} |
| This data type is the BSD equivalent of @code{struct sigaction} |
| (@pxref{Advanced Signal Handling}); it is used to specify signal actions |
| to the @code{sigvec} function. It contains the following members: |
| |
| @table @code |
| @item sighandler_t sv_handler |
| This is the handler function. |
| |
| @item int sv_mask |
| This is the mask of additional signals to be blocked while the handler |
| function is being called. |
| |
| @item int sv_flags |
| This is a bit mask used to specify various flags which affect the |
| behavior of the signal. You can also refer to this field as |
| @code{sv_onstack}. |
| @end table |
| @end deftp |
| |
| These symbolic constants can be used to provide values for the |
| @code{sv_flags} field of a @code{sigvec} structure. This field is a bit |
| mask value, so you bitwise-OR the flags of interest to you together. |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SV_ONSTACK |
| If this bit is set in the @code{sv_flags} field of a @code{sigvec} |
| structure, it means to use the signal stack when delivering the signal. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypevr Macro int SV_INTERRUPT |
| If this bit is set in the @code{sv_flags} field of a @code{sigvec} |
| structure, it means that system calls interrupted by this kind of signal |
| should not be restarted if the handler returns; instead, the system |
| calls should return with a @code{EINTR} error status. @xref{Interrupted |
| Primitives}. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment Sun |
| @deftypevr Macro int SV_RESETHAND |
| If this bit is set in the @code{sv_flags} field of a @code{sigvec} |
| structure, it means to reset the action for the signal back to |
| @code{SIG_DFL} when the signal is received. |
| @end deftypevr |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefun int sigvec (int @var{signum}, const struct sigvec *@var{action}, struct sigvec *@var{old-action}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| @c This is mostly a safe wrapper for sigaction. The exception are |
| @c systems that lack SA_RESETHAND, in which a signal handler wrapper is |
| @c used that calls sigaction to reset the handler before calling the |
| @c user-supplied handler; it's unlikely that this emulation is used |
| @c anywhere, for user-supplied flags and mask don't seem to be used |
| @c the way one would expect. |
| This function is the equivalent of @code{sigaction} (@pxref{Advanced Signal |
| Handling}); it installs the action @var{action} for the signal @var{signum}, |
| returning information about the previous action in effect for that signal |
| in @var{old-action}. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefun int siginterrupt (int @var{signum}, int @var{failflag}) |
| @safety{@prelim{}@mtunsafe{@mtasuconst{:@mtssigintr{}}}@asunsafe{}@acunsafe{@acucorrupt{}}} |
| @c This calls sigaction twice, once to get the current sigaction for the |
| @c specified signal, another to apply the flags change. This could |
| @c override the effects of a concurrent sigaction call. It also |
| @c modifies without any guards the global _sigintr variable, that |
| @c bsd_signal reads from, and it may leave _sigintr modified without |
| @c overriding the active handler if cancelled between the two |
| @c operations. |
| This function specifies which approach to use when certain primitives |
| are interrupted by handling signal @var{signum}. If @var{failflag} is |
| false, signal @var{signum} restarts primitives. If @var{failflag} is |
| true, handling @var{signum} causes these primitives to fail with error |
| code @code{EINTR}. @xref{Interrupted Primitives}. |
| @end deftypefun |
| |
| @node Blocking in BSD |
| @subsection BSD Functions for Blocking Signals |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefn Macro int sigmask (int @var{signum}) |
| @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} |
| @c This just shifts signum. |
| This macro returns a signal mask that has the bit for signal @var{signum} |
| set. You can bitwise-OR the results of several calls to @code{sigmask} |
| together to specify more than one signal. For example, |
| |
| @smallexample |
| (sigmask (SIGTSTP) | sigmask (SIGSTOP) |
| | sigmask (SIGTTIN) | sigmask (SIGTTOU)) |
| @end smallexample |
| |
| @noindent |
| specifies a mask that includes all the job-control stop signals. |
| @end deftypefn |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefun int sigblock (int @var{mask}) |
| @safety{@prelim{}@mtsafe{}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c On most POSIX systems, this is a wrapper for sigprocmask(SIG_BLOCK). |
| @c The exception are BSD systems other than 4.4, where it is a syscall. |
| @c sigblock @asulock/hurd @aculock/hurd |
| @c sigprocmask(SIG_BLOCK) dup @asulock/hurd @aculock/hurd [no @mtasurace:sigprocmask/bsd(SIG_UNBLOCK)] |
| This function is equivalent to @code{sigprocmask} (@pxref{Process Signal |
| Mask}) with a @var{how} argument of @code{SIG_BLOCK}: it adds the |
| signals specified by @var{mask} to the calling process's set of blocked |
| signals. The return value is the previous set of blocked signals. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefun int sigsetmask (int @var{mask}) |
| @safety{@prelim{}@mtsafe{}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c On most POSIX systems, this is a wrapper for sigprocmask(SIG_SETMASK). |
| @c The exception are BSD systems other than 4.4, where it is a syscall. |
| @c sigsetmask @asulock/hurd @aculock/hurd |
| @c sigprocmask(SIG_SETMASK) dup @asulock/hurd @aculock/hurd [no @mtasurace:sigprocmask/bsd(SIG_UNBLOCK)] |
| This function equivalent to @code{sigprocmask} (@pxref{Process |
| Signal Mask}) with a @var{how} argument of @code{SIG_SETMASK}: it sets |
| the calling process's signal mask to @var{mask}. The return value is |
| the previous set of blocked signals. |
| @end deftypefun |
| |
| @comment signal.h |
| @comment BSD |
| @deftypefun int sigpause (int @var{mask}) |
| @safety{@prelim{}@mtunsafe{@mtasurace{:sigprocmask/!bsd!linux}}@asunsafe{@asulock{/hurd}}@acunsafe{@aculock{/hurd}}} |
| @c sigpause @mtasurace:sigprocmask/!bsd!linux @asulock/hurd @aculock/hurd |
| @c [posix] |
| @c __sigpause @mtasurace:sigprocmask/!bsd!linux @asulock/hurd @aculock/hurd |
| @c do_sigpause @mtasurace:sigprocmask/!bsd!linux @asulock/hurd @aculock/hurd |
| @c sigprocmask(0) dup @asulock/hurd @aculock/hurd [no @mtasurace:sigprocmask/bsd(SIG_UNBLOCK)] |
| @c sigdelset dup ok |
| @c sigset_set_old_mask dup ok |
| @c sigsuspend dup @mtasurace:sigprocmask/!bsd!linux @asulock/hurd @aculock/hurd |
| This function is the equivalent of @code{sigsuspend} (@pxref{Waiting |
| for a Signal}): it sets the calling process's signal mask to @var{mask}, |
| and waits for a signal to arrive. On return the previous set of blocked |
| signals is restored. |
| @end deftypefun |