-
-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tokio::signals::windows - are windows signals correctly handled? #7039
Comments
I don't think this design would be sufficient: whatever sleep time we choose, there will always be applications for whom the time is either too long or too short (and making it configurable would also be a pain to use).
Perhaps the best approach would be to:
Though the change would be subtle enough (e.g. easy to drop the event "handle" if it doesn't have any obvious use) that I think it warrants a new API rather than trying to change the existing ones and cause confusion |
Well at most Windows grants 5s. Even if you make a 5s sleep on the handler, when you click the X button the console still closes immediately and the process keeps running solely on the background. So for a user perspective I think there wouldn't be much difference. The user expects the console to close right away and that's still what happens, regardless of blocking the handler for 5s or not. But I agree that it is not the most elegant solution, and would likely prevent the developer from choosing to define their own handlers via winapi, which probably is not good policy.
But are you proposing OS-specific methods, or a cross platform one? On one hand it would be nice to have a cross-platform method. On the other, that would require slightly complicating the procedure for Unix users, since they had no handler they had to drop in the first place, due to the different mechanism in Unix. |
OS (Windows) specific methods. As in we should mark the current versions of I would avoid trying to design a cross-platform API since the Windows and Unix designs are just too different. If we ever come up with an elegant cross-platform solution we can always introduce it later, but trying to fit it all up front might not lead to success |
I think I could work with this. (maintainer of |
@Darksonn After reading through this again, I think that a Again, if the thread gets reliably terminated after the main function exited. Not sure if there's still issues where exiting |
Seems like a plausible solution for the existing function. |
Any news on this? I would give it a try, but I'm unsure how to implement his. Theoretically, it should kind of be sufficient to add a 'sleep(forever)' in the
@Darksonn Maybe you can give me some hints, in case I'm missing something trivial. |
@Astlaan What happens if the signal handler calls Will the program then still end after 1s, or does the signal handler itself keep the program alive, and the 5s timeout happens? |
@Finomnis Not sure, I didn't test that, because the tokio signal was not working. Unless you call a process::exit in one of the threads, I think the process keeps running till all threads terminate. But didn't test this to know for sure. |
Version
v1.42.0
Platform
Windows
Description
The issue was been discussed in another tokio-dependent crate.
Full discussion here: Finomnis/tokio-graceful-shutdown#94 (comment)
In tokio, in this section:
tokio/tokio/src/signal/windows/sys.rs
Line 109 in 10e23d1
The HandlerRoutine is will defined. It later gets registered via the SetConsoleCtrlHandler. This gets done in the
tokio
code here.According to:
HandlerRoutine reference
It seems that if the handler returns
1
, then the console understands this as the handler having handled the graceful closure of the program, and windows terminates the program. If 0 is passed, "next handler function in the list of handlers for this process is used". SetConsoleCtrlHandler reference:But in the tokio-defined handler function,
broadcast()
is called, which "Returnstrue
if an event was delivered to at least one listener". But then broadcast() evaluates to true, the handler function returnstrue
, telling windows that the defined handler handled the signal.CtrlC
signal, I guess this should be fine. The handler informs Windows that the signal has been handled, and windows doesn't call the default handler, which would terminate the program.CTRL_CLOSE_EVENT
,CTRL_LOGOFF_EVENT
, orCTRL_SHUTDOWN_EVENT
, according to the HandlerRoutine reference, Windows immediately terminates the process once atrue
return is received (unlikeCTRL_C
eventsIt seems that the way
tokio
implements it doesn't even give a change for the program to do anything with the signal in the case ofCTRL_CLOSE_EVENT
,CTRL_LOGOFF_EVENT
, orCTRL_SHUTDOWN_EVENT
events, since it broadcasts it to the listeners, and if they exist, the handler function returns a true, resulting in Windows terminating the program right away?Or am I misinterpreting something in the Tokio code?
How to fix?
If I interpreted the Tokio mechanism correctly, then I guess the way to fix would be something like making the handler function wait for the program to complete.
One of the limiting factors is that, when the console emits
CTRL_CLOSE_EVENT
,CTRL_LOGOFF_EVENT
, orCTRL_SHUTDOWN_EVENT
, Windows grants a limited time for the program to clean itself: Timeouts.The
CTRL_CLOSE_EVENT
timeout is 5 s, for example. If the program is not done cleaning after these 5 seconds, it will be forcefully terminated.Possible solutions:
false
always, telling the user to register another handler function, with the cleanup he wants to do. Also tell the user that his handler function must be defined BEFORE the Tokio signal is registered, if the signal is to be of any use as well (due to the last-registered, first-called).EDIT: possibly it is a good idea to always return False, regardless of the fix above. This will allow the user to keep defining custom CtrlHandler functions to be long alongside tokio's, if he so wishes (with the ordering warning mentioned in (1). This would invalidate approach (2) however, which won't give time for other handlers to run.
(1) is probably the most hacky. (2) would integrate the most seamlessly, however, preventing the user from running their own ctrl handlers. (3) is probably the most solid, but would imply having a synchronization variable, and some kind of action from the program that it is done cleaning itself. This would however result in code that is not cross-platform in the sense that this synchronization is not needed with Unix signals.
The text was updated successfully, but these errors were encountered: