Re: add assertion for palloc in signal handlers

On 18/02/2026 01:11, Andres Freund wrote:
> Hi,
>
> On 2026-02-17 16:24:58 -0600, Nathan Bossart wrote:
>> On Tue, Feb 17, 2026 at 03:30:57PM -0600, Nathan Bossart wrote:
>>> On Tue, Feb 17, 2026 at 11:18:00PM +0200, Heikki Linnakangas wrote:
>>>> On 14/02/2026 23:56, Andres Freund wrote:
>>>>> We really need some instrumentation that fails if we do allocations in signal
>>>>> handlers etc.
>>>>
>>>> Yeah, that would be nice..
>>>
>>> In theory we could pretty easily add assertions for that, given the
>>> wrapper_handler business added a couple of years ago. I'll put together a
>>> patch...
>>
>> As promised... Fortunately, check-world didn't uncover any existing
>> issues. I was able to manually verify the assertion by switching a
>> background worker to use bgworker_die() and sending it SIGTERM. Probably
>> could use some additional commentary, which I'll add if the idea seems
>> reasonable to you.
>
> Seems reasonable to me. I guess we could put the various asserts into a
> helper function, but it's ok as-is I think.

+1

> I think the spinlock functions should also assert this.

+1

> I'd advocate for adding an InSpinlock or such at the same time, but admittedly
> there's not really anything forcing that to happen together.

What would you do with the InSpinlock flag? Forbid palloc()'s etc. while
holding a spinlock? I guess, although I'm not too worried about that.
Spinlocks are not held for long.

- Heikki