| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Fix possibility of self-deadlock in ResolveRecoveryConflictWithB |
| Date: | 2022-05-03 01:41:30 |
| Message-ID: | E1nlhXe-002GeU-9D@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix possibility of self-deadlock in ResolveRecoveryConflictWithBufferPin().
The tests added in 9f8a050f68d failed nearly reliably on FreeBSD in CI, and
occasionally on the buildfarm. That turns out to be caused not by a bug in the
test, but by a longstanding bug in recovery conflict handling.
The standby timeout handler, used by ResolveRecoveryConflictWithBufferPin(),
executed SendRecoveryConflictWithBufferPin() inside a signal handler. A bad
idea, because the deadlock timeout handler (or a spurious latch set) could
have interrupted ProcWaitForSignal(). If unlucky that could cause a
self-deadlock on ProcArrayLock, if the deadlock check is in
SendRecoveryConflictWithBufferPin()->CancelDBBackends().
To fix, set a flag in StandbyTimeoutHandler(), and check the flag in
ResolveRecoveryConflictWithBufferPin().
Subsequently the recovery conflict tests will be backpatched.
Discussion: https://postgr.es/m/20220413002626.udl7lll7f3o7nre7@alap3.anarazel.de
Backpatch: 10-
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/8f1537d10e83ad9c23ed2772cc28f74582b237ea
Modified Files
--------------
src/backend/storage/ipc/standby.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2022-05-04 06:03:20 | pgsql: Fix incorrect format placeholders |
| Previous Message | Andres Freund | 2022-05-03 01:11:20 | pgsql: Backpatch addition of wait_for_log(), pump_until(). |