Signals

A signal is a notification to a process that an event has occurred. Signals are sometimes described as software interrupts.

• One process can (if it has suitable permissions) send a signal to another process. In this use, signals can be employed as a synchronization technique, or even as a primitive form of interprocess communication (IPC).
  
• It is also possible for a process to send a signal to itself.
  
• However, the usual source of many signals sent to a process is the kernel.
  

内核在某个信号出现时，可按下面三种方式之一进行处理：

1. 忽略此信号。 SIGKILL 和 SIGSTOP 两种信号不能被忽略。
   
2. 捕捉信号，信号发生时调用一个用户指定的信号处理函数。 SIGKILL 和 SIGSTOP 两种信号不能被捕捉。
   
3. 执行系统默认动作，每种信号都有系统默认动作。
   

注：进程接收到 SIGSTOP 信号后会暂停执行，可以发送 SIGCONT 信号使其恢复执行。

The kernel handles signals only when a process returns from kernel mode to user mode. Thus, a signal does not have an instant effect on a process running in kernel mode. If a process is running in user mode, and the kernel handles an interrupt that causes a signal to be sent to the process, the kernel will recognize and handle the signal when it returns from the interrupt. Thus, a process never executes in user mode before handling outstanding signals.

参考：UNIX 操作系统设计 7.2 软中断信号

#include <signal.h>
void ( *signal(int sig, void (*func)(int)) ) (int);

/* Returns previous disposition of signal on success, or SIG_ERR on error */

如果使用 typedef，则 signal 的声明可写为更易读的形式：

typedef void (*sighandler_t) (int);
sighandler_t signal(int sig, sighandler_t func);

signal 的第 1 个参数 sig 是信号名。
signal 的第 2 个参数可以是下面三个值：

1. 常量 SIG_IGN。表示忽略这个信号。进程将不会接收到对应的信号，内核会直接把信号丢弃。
   
2. 常量 SIG_DFL。重新设置信号的处理方式为默认行为。
   
3. 接收到此信号后要调用的函数的地址。
   

signal 会返回一个函数地址，当调用 signal 成功后，会返回之前的信号处理函数；当调用 signal 失败后，会返回 SIG_ERR。
如果查看系统的头文件 signal.h，会找到类似下面的声明：

#define SIG_DFL         (void (*)(int))0
#define SIG_IGN         (void (*)(int))1
#define SIG_ERR         ((void (*)(int))-1)

#include <stdio.h>
#include <signal.h>
#include <unistd.h>   /* pause() */

static void sig_usr(int);   /* one handler for both signals */

int
main(void)
{
  if (signal(SIGUSR1, sig_usr) == SIG_ERR)
    fprintf(stderr, "can't catch SIGUSR1");
  if (signal(SIGUSR2, sig_usr) == SIG_ERR)
    fprintf(stderr, "can't catch SIGUSR2");
  for ( ; ; )
    pause();    /* waiting for a signal */
}

static void
sig_usr(int signo)  /* argument is signal number */
{
  if (signo == SIGUSR1)
    printf("received SIGUSR1\n");
  else if (signo == SIGUSR2)
    printf("received SIGUSR2\n");
  else
    fprintf(stderr, "received signal %d\n", signo);
}

运行上面程序，并向其发送 SIGUSR1 和 SIGUSR2 信号。

$ ./a.out &
[1] 1162
$ kill -USR1 1162
received SIGUSR1
$ kill -USR2 1162
received SIGUSR2
$ kill 1162
[1]+  Terminated: 15          ./a.out

系统调用 sigaction() 的功能是检查或修改与指定信号相关联的处理动作（或同时执行这两种操作）。

#include <signal.h>
int sigaction(int signo, const struct sigaction *act, struct sigaction *oldact);

/* Returns 0 on success, or –1 on error */

其中，signo 是要检查或修改其具体动作的信号编号。若 act 指针非空，则要修改其关联的动作。如果 oldact 指针非空，则系统经由 oldact 指针返回该信号的上一个动作。

下面程序收到 SIGTERM 信号时打印消息。

#include<stdio.h>
#include<signal.h>
#include<stdlib.h>

static void myhandler(int signum, siginfo_t *siginfo, void *context) {
    printf("Signal caught: %d, PID: %ld, UID: %ld\n",
           signum, (long)siginfo->si_pid, (long)siginfo->si_uid);
    /* 并不是所有的信号都会设置si_pid，si_uid，参考 man sigaction */
}

int main() {
    struct sigaction act;

    /* The SA_SIGINFO flag tells sigaction() to use the sa_sigaction field, not
       sa_handler filed. See `man sigaction' */
    act.sa_flags = SA_SIGINFO;

    /* myhandler has 3 arguments, use sa_sigaction, rather than sa_handler. */
    act.sa_sigaction = myhandler;
    sigemptyset(&act.sa_mask);

    sigaction(SIGTERM, &act, NULL);

    pause();
    return 0;
}

测试结果：

$ ./a.out &
[1] 26218
$ kill 26218
Signal caught: 15, PID: 12433, UID: 5200

大部分系统调用在收到信号时可以被中断（可能返回 EINTR 错误）。也有一些系统调用（如 mkdir）在收到信号时不会被中断（一般情况下，这些系统调用会很快完成），当程序正在运行该类系统调用时，进程的状态被称为“Uninterruptible Sleep State”，用 ps 命令查看时其 STAT 列会显示字母 D，这类进程是无法立刻被“kill -9”掉的（因为它不会被信号中断）。

注：查看系统调用的 man 文档，如果它不会返回 EINTR 错误，则说明它不会被信号中断。

参考： man 2 mkdir

信号处理函数中不要调用异步信号不安全的函数，可能会带来不可预见的结果。
信号处理函数要尽可能简单。
Signal handlers should be as concise as possible—ideally by unconditionally setting a flag and returning.

在“CERT C Coding Standard”中有个信号处理函数中调用异步信号不安全函数 longjmp()的反例及其对应的解决方法。

有问题的代码如下：

#include <setjmp.h>
#include <signal.h>
#include <stdlib.h>

enum { MAXLINE = 1024 };
static jmp_buf env;

void handler(int signum) {
  longjmp(env, 1);          /* Unsafe! */
}

void log_message(char *info1, char *info2) {
  static char *buf = NULL;
  static size_t bufsize;
  char buf0[MAXLINE];

  if (buf == NULL) {
    buf = buf0;
    bufsize = sizeof(buf0);
  }

  /*
   * Try to fit a message into buf, else reallocate
   * it on the heap and then log the message.
   */

  /* Program is vulnerable if SIGINT is raised here */

  if (buf == buf0) {
    buf = NULL;
  }
}

int main(void) {
  if (signal(SIGINT, handler) == SIG_ERR) {
    /* Handle error */
  }
  char *info1;
  char *info2;

  /* info1 and info2 are set by user input here */

  if (setjmp(env) == 0) {
    while (1) {
      /* Main loop program code */
      log_message(info1, info2);
      /* More program code */
    }
  } else {
    log_message(info1, info2);
  }

  return 0;
}

函数 longjmp()或 siglongjmp()都不是信号安全的函数，不应该在信号处理函数中被调用。
在上面的例子中，如果 SIGINT 信号恰好在运行 log_message()的第 2 个 if 语句前产生，那么 longjmp 执行，程序的执行流程会回到 main()中，log_message()被再次调用。但是这次 log_message()中的第 1 个 if 语句不会被执行（因为前一次调用时，buf 没有被设置为 NULL 就被信号中断了），这样程序会往一个非法的内存地址写东西。

解决的方法是不在信号处理函数中调用 longjmp()，信号处理函数尽可能简单化，比如仅设置一个标记。如下所示：

#include <signal.h>
#include <stdlib.h>

enum { MAXLINE = 1024 };
volatile sig_atomic_t eflag = 0;

void handler(int signum) {
  eflag = 1;
}

void log_message(char *info1, char *info2) {
  static char *buf = NULL;
  static size_t bufsize;
  char buf0[MAXLINE];

  if (buf == NULL) {
    buf = buf0;
    bufsize = sizeof(buf0);
  }

  /*
   * Try to fit a message into buf, else reallocate
   * it on the heap and then log the message.
   */
  if (buf == buf0) {
    buf = NULL;
  }
}

int main(void) {
  if (signal(SIGINT, handler) == SIG_ERR) {
    /* Handle error */
  }
  char *info1;
  char *info2;

  /* info1 and info2 are set by user input here */

  while (!eflag) {
    /* Main loop program code */
    log_message(info1, info2);
    /* More program code */
  }

  log_message(info1, info2);

  return 0;
}

参考：
https://www.securecoding.cert.org/confluence/display/c/SIG30-C.+Call+only+asynchronous-safe+functions+within+signal+handlers

一个信号可能以下面形式加入到 Signal Mask 中：

• 当某个信号处理函数被调用时，触发这个处理函数的信号被自动加入到 Signal Mask 中。这个默认的行为可以通过在建立信号处理函数时指定选项 SA_NODEFER 来改变。
  
• 用 sigaction() 建立信号处理函数时，可以指定当这个信号处理函数被调用时，加入哪些信号到 Signal Mask 中；
  
• 使用函数 sigprocmask() 可以把信号加入 Signal Mask 中。
  

参考：The Linux Programming Interface, 20.10 The Signal Mask (Blocking Signal Delivery)

如果在进程解除对某个信号的阻塞之前，这种信号发生了多次，UNIX 内核只投递这种信号一次（除非使用 POSIX.1 实时扩展）。

One of sigemptyset() or sigfillset() must be used to initialize a signal set.

可以通过 sigprocmask() 来改变一个进程的 Signal Mask。

int sigprocmask(int how, const sigset_t *restrict set, sigset_t *restrict oldset);
                                      /* Returns 0 on success, or –1 on error */

/*
If oldset is not null, it is set to the previous value of the signal mask.
If set is null, the value of how is insignificant and the mask remains unset providing a way to examine the signal mask without modification.
If set is not null, the action of sigprocmask() depends on the value of the parameter how (SIG_BLOCK/SIG_UNBLOCK/SIG_SETMASK).
     SIG_BLOCK    The new mask is the union of the current mask and the specified set.
     SIG_UNBLOCK  The new mask is the intersection of the current mask and the complement of the specified set.
     SIG_SETMASK  The current mask is replaced by the specified set.
*/

sigprocmask()实例：

#include<signal.h>
#include<stdlib.h>
#include <unistd.h>

int main(void)
{
    sigset_t blockSet, prevMask;

    /* Initialize a signal set to contain SIGINT */
    sigemptyset(&blockSet);
    sigaddset(&blockSet, SIGINT);

    /* Block SIGINT, save previous signal mask */
    if (sigprocmask(SIG_BLOCK, &blockSet, &prevMask) == -1) {
        fprintf(stderr, "sigprocmask error1");
        exit(EXIT_FAILURE);
    }

    /* ... Code that should not be interrupted by SIGINT ... */
    sleep(10);
    printf("Hit 1\n");

    /* Restore previous signal mask, unblocking SIGINT */
    if (sigprocmask(SIG_SETMASK, &prevMask, NULL) == -1) {
        fprintf(stderr, "sigprocmask error2");
        exit(EXIT_FAILURE);
    }

    printf("Hit 2\n");
    return 0;
}

运行上面程序，并在 sleep 过程中向其发送 SIGINT 信号。

$ ./a.out &
[1] 1146
$ kill -s INT 1146                       # 在sleep 10秒中，向程序发送SIGINT信号
$ Hit 1                                  # 程序不会马上退出，能输出"Hit 1"，因为SIGINT信号被暂时block
[1]+  Interrupt: 2            ./a.out    # 程序没有输出"Hit 2"，SIGNIT信号被unblock而导致程序前提退出

Calling pause() suspends execution of the process until the call is interrupted by a signal handler (or until an unhandled signal terminates the process).

#include <unistd.h>

int pause(void);
                            /* Always returns -1 with errno set to EINTR */

如果我们想要完成下面的任务：
①. We temporarily block a signal so that the handler for the signal doesn’t interrupt the execution of some critical section of code.
②. We unblock the signal, and then suspend execution until the signal is delivered.

我们可能会这样做：

sigset_t prevMask, intMask;
struct sigaction sa;

sigemptyset(&intMask);
sigaddset(&intMask, SIGINT);

sigemptyset(&sa.sa_mask);
sa.sa_flags = 0;
sa.sa_handler = handler;

if (sigaction(SIGINT, &sa, NULL) == -1)
    errExit("sigaction");

/* Block SIGINT prior to executing critical section. (At this point we assume that SIGINT is not already blocked.) */

if (sigprocmask(SIG_BLOCK, &intMask, &prevMask) == -1)
    errExit("sigprocmask - SIG_BLOCK");

/* Critical section: do some work here that must not be interrupted by the SIGINT handler */

/* End of critical section - restore old mask to unblock SIGINT */
if (sigprocmask(SIG_SETMASK, &prevMask, NULL) == -1)
    errExit("sigprocmask - SIG_SETMASK");

/* BUG: what if SIGINT arrives now... */

pause();                            /* Wait for SIGINT */

上面代码有下面的问题：
如果信号 SIGINT 在其被设置为 blocked 的时间段中发生，则 SIGINT 的投递被推迟直到对其解除阻塞。就好像信号发生在解除对 SIGINT 的阻塞和调用 pause 之间。如果发生了这种情况，或者在解除对 SIGINT 的阻塞和调用 pause 之间确实发生了 SIGINT 信号，那么就产生了问题：pause()将使程序永远阻塞下去，直到第 2 个 SIGINT 信号到来。第 1 个 SIGINT 信号好像丢失了一样，这违背了原程序的本意。

为了解决上面的问题，我们需要一个方法能原子地完成对信号解除阻塞，使进程进入休眠。这就是系统调用 sigsuspend() 的主要功能。

#include <signal.h>
int sigsuspend(const sigset_t *mask);
                             /* (Normally) returns –1 with errno set to EINTR */

sigsuspend() 将进程的信号屏蔽字设置为由 mask 指向的值。在捕捉到一个信号或发生了一个会终止该进程的信号之前，该进程被挂起。如果捕捉到一个信号而且从该信号处理程序返回，则 sigsuspend 返回（总是返回-1），并且将该进程的信号屏蔽字设置为调用 sigsuspend 之前的值。

Calling sigsuspend() is equivalent to atomically performing these operations:

sigprocmask(SIG_SETMASK, &mask, &prevMask); /* Assign new mask */
pause();
sigprocmask(SIG_SETMASK, &prevMask, NULL);  /* Restore old mask */

The following list summarizes the key points:

• Signal actions are process-wide. If any unhandled signal whose default action is stop or terminate is delivered to any thread in a process, then all of the threads in the process are stopped or terminated.
  
• Signal dispositions are process-wide; all threads in a process share the same disposition for each signal. If one thread uses sigaction() to establish a handler for, say, SIGINT, then that handler may be invoked from any thread to which the SIGINT is delivered. Similarly, if one thread sets the disposition of a signal to ignore, then that signal is ignored by all threads.
  
• A signal may be directed to either the process as a whole or to a specific thread. A signal is thread-directed if: ① it is generated as the direct result of the execution of a specific hardware instruction within the context of the thread; ② it is a SIGPIPE signal generated when the thread tried to write to a broken pipe; or ③ it is sent using pthread_kill() or pthread_sigqueue(), which are functions that allow one thread to send a signal to another thread within the same process. All signals generated by other mechanisms are process-directed. Examples are signals sent from another process using kill() or sigqueue(); signals such as SIGINT and SIGTSTP, generated when the user types one of the terminal special characters that generate a signal; and signals generated for software events such as the resizing of a terminal window (SIGWINCH) or the expiration of a timer (e.g., SIGALRM).
  
• When a signal is delivered to a multithreaded process that has established a signal handler, the kernel arbitrarily selects one thread in the process to which to deliver the signal and invokes the handler in that thread. This behavior is consistent with maintaining the traditional signal semantics. It would not make sense for a process to perform the signal handling actions multiple times in response to a single signal.
  
• The signal mask is per-thread. (There is no notion of a process-wide signal mask that governs all threads in a multithreaded process.) Threads can independently block or unblock different signals using pthread_sigmask(), a new function defined by the Pthreads API. By manipulating the per-thread signal masks, an application can control which thread(s) may handle a signal that is directed to the whole process.
  
• The kernel maintains a record of the signals that are pending for the process as a whole, as well as a record of the signals that are pending for each thread. A call to sigpending() returns the union of the set of signals that are pending for the process and those that are pending for the calling thread. In a newly created thread, the per-thread set of pending signals is initially empty. A thread-directed signal can be delivered only to the target thread. If the thread is blocking the signal, it will remain pending until the thread unblocks the signal (or terminates).
  

When multiple unblocked signals are awaiting delivery, if a switch between kernel mode and user mode occurs during the execution of a signal handler, then the execution of that handler will be interrupted by the invocation of a second signal handler (and so on).

参考：
The Linux Programming Interface, 22.6 Timing and Order of Signal Delivery
http://stackoverflow.com/questions/29738969/how-does-linux-prioritize-custom-signal-handlers