-
Notifications
You must be signed in to change notification settings - Fork 30.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tracing: unsafe Agent::Stop() call in signal handler #14802
Comments
This was added so that traces would be flushed even if the process did not exit cleanly. Is there an alternate place where this kind of shutdown logic can safely live and still run on all types of process exit? |
Not in case of SIGINT or SIGTERM, no, although you are allowed to call |
Does this code ever run on windows or are linux-only operations allowed? |
No, never runs on Windows. (Weirdly, it's not surrounded by an If you mean 'POSIX-only' rather than 'linux-only', yes, that's okay. Signals aren't a thing on Windows. |
I got a chance to look into this a bit. I think the primary issue is that safely flushing the buffer requires locking a mutex which cannot be safely done inside a signal handler (I think). I'm not sure it will be possible to write this safely without ensuring the other thread isn't concurrently flushing the same buffer or swapping buffers mid flush. |
No longer hypothetical: #11052 (comment) cc @nodejs/trace-events |
@addaleax ... with the recent refactoring that you did, does this need to remain open? |
This feature cannot be reasonably implemented this way without inherently being susceptible to race conditions that lead to hangs, crashes, etc. What’s more, implementing this for some signals only (and it can only be implemented for some signals at all) may lead to the impression that it is a guaranteed feature, when really consumers of the tracing output *need* to be able to handle abrupt ends meaningfully. Fixes: nodejs#14802 Fixes: nodejs#22528
This feature cannot be reasonably implemented this way without inherently being susceptible to race conditions that lead to hangs, crashes, etc. What’s more, implementing this for some signals only (and it can only be implemented for some signals at all) may lead to the impression that it is a guaranteed feature, when really consumers of the tracing output *need* to be able to handle abrupt ends meaningfully. Fixes: #14802 Fixes: #22528 PR-URL: #22734 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
This feature cannot be reasonably implemented this way without inherently being susceptible to race conditions that lead to hangs, crashes, etc. What’s more, implementing this for some signals only (and it can only be implemented for some signals at all) may lead to the impression that it is a guaranteed feature, when really consumers of the tracing output *need* to be able to handle abrupt ends meaningfully. Fixes: #14802 Fixes: #22528 PR-URL: #22734 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
This feature cannot be reasonably implemented this way without inherently being susceptible to race conditions that lead to hangs, crashes, etc. What’s more, implementing this for some signals only (and it can only be implemented for some signals at all) may lead to the impression that it is a guaranteed feature, when really consumers of the tracing output *need* to be able to handle abrupt ends meaningfully. Fixes: #14802 Fixes: #22528 PR-URL: #22734 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Refs: nodejs#14802 PR-URL: nodejs#41438 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Adrian Estrada <edsadr@gmail.com> Reviewed-By: Mary Marchini <oss@mmarchini.me> Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Commit ba4847e introduces a call to
tracing::Agent::Stop()
in theSignalExit()
function.Signal handlers are only allowed to call async-signal-safe functions, which the implementation of
tracing::Agent::Stop()
is not. This can cause erratic behavior; crashes, hangs, etc.@jasongin @matthewloring
The text was updated successfully, but these errors were encountered: