git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Tom Lane <tgl@sss.pgh.pa.us>
	Mon, 17 Jan 2022 18:30:04 +0000 (13:30 -0500)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Mon, 17 Jan 2022 18:30:04 +0000 (13:30 -0500)
commit	6d1a854c157eb4a139e06f19a8cd1b53bdec7e6f
tree	e48b264e59699d302efa2cddd88359e81d7f0d33	tree \| snapshot
parent	38f099ef935b34388af2ae52c1098d2c9773465a	commit \| diff

Avoid calling gettext() in signal handlers.

It seems highly unlikely that gettext() can be relied on to be
async-signal-safe.  psql used to understand that, but someone got
it wrong long ago in the src/bin/scripts/ version of handle_sigint,
and then the bad idea was perpetuated when those two versions were
unified into src/fe_utils/cancel.c.

I'm unsure why there have not been field complaints about this
... maybe gettext() is signal-safe once it's translated at least
one message?  But we have no business assuming any such thing.

In cancel.c (v13 and up), I preserved our ability to localize
"Cancel request sent" messages by invoking gettext() before
the signal handler is set up.  In earlier branches I just made
src/bin/scripts/ not localize those messages, as psql did then.

(Just for extra unsafety, the src/bin/scripts/ version was
invoking fprintf() from a signal handler.  Sigh.)

Noted while fixing signal-safety issues in PQcancel() itself.
Back-patch to all supported branches.

Discussion: https://postgr.es/m/2937814.1641960929@sss.pgh.pa.us