From 44c3d2767ecb21de7e8e2d6f7d7058118b8db6ef Mon Sep 17 00:00:00 2001
From: Antonin Houska <ah@cybertec.at>
Date: Tue, 14 Apr 2026 11:59:42 +0200
Subject: [PATCH] Teach REPACK to upgrade its lock safely.

REPACK (CONCURRENTLY) needs to upgrade its ShareUpdateExclusiveLock (SUEL) to
AccessExclusiveLock at the end of table processing. If another session, which
already has a non-conflicting lock on the table, tried to get SUEL too, it
would end up in a deadlock with REPACK. Such situation does not hurt as long
as the deadlock detector choses to terminate the other session, but it's
possible that it terminates REPACK. A lot of REPACK's work would be wasted
this way.

This patch checks for such situation, and if the other session tries to get
the SUEL, it receives a deadlock report before it actually starts waiting.

Please note that the other session can safely run VACUUM w/o receiving the
deadlock report. The point is that VACUUM cannot run in a transaction block,
so the session cannot have any other lock when trying to get SUEL on the
table. In that case, REPACK gets its AccessExclusiveLock first, even if VACUUM
requested SUEL earlier. VACUUM then just needs wait for REPACK to finish, and
then it can start.
---
 src/backend/commands/repack.c                 | 25 +++++++-
 src/backend/storage/lmgr/deadlock.c           | 10 ++--
 src/backend/storage/lmgr/lock.c               | 30 ++++++++++
 src/backend/storage/lmgr/proc.c               | 55 ++++++++++++++++-
 src/include/storage/lock.h                    |  5 +-
 src/include/storage/proc.h                    |  6 +-
 .../injection_points/expected/repack.out      | 59 ++++++++++++++++++-
 .../injection_points/specs/repack.spec        | 29 +++++++++
 8 files changed, 209 insertions(+), 10 deletions(-)

diff --git a/src/backend/commands/repack.c b/src/backend/commands/repack.c
index 58e3867246f..e9193067666 100644
--- a/src/backend/commands/repack.c
+++ b/src/backend/commands/repack.c
@@ -285,6 +285,18 @@ ExecRepack(ParseState *pstate, RepackStmt *stmt, bool isTopLevel)
 		 * to understand and we don't lose any functionality.
 		 */
 		PreventInTransactionBlock(isTopLevel, "REPACK (CONCURRENTLY)");
+
+		/*
+		 * Also set the PROC_IN_CONCURRENT_REPACK flag.  This makes the lock
+		 * manager cause anyone that would conflict with us to error out.
+		 * It's important to set this flag ahead of actually locking the
+		 * relation; it won't of course affect anyone until we do have a lock
+		 * that others can conflict with.
+		 */
+		LWLockAcquire(ProcArrayLock, LW_EXCLUSIVE);
+		MyProc->statusFlags |= PROC_IN_CONCURRENT_REPACK;
+		ProcGlobal->statusFlags[MyProc->pgxactoff] = MyProc->statusFlags;
+		LWLockRelease(ProcArrayLock);
 	}
 
 	/*
@@ -3086,7 +3098,18 @@ rebuild_relation_finish_concurrent(Relation NewHeap, Relation OldHeap,
 		LockRelationOid(OldHeap->rd_rel->reltoastrelid, AccessExclusiveLock);
 
 	/*
-	 * Tuples and pages of the old heap will be gone, but the heap will stay.
+	 * Now that we have all access-exclusive locks on all relations, we no
+	 * longer want other processes to error out when trying to acquire a
+	 * conflicting lock.  Therefore, unset our flag.
+	 */
+	LWLockAcquire(ProcArrayLock, LW_EXCLUSIVE);
+	MyProc->statusFlags &= ~PROC_IN_CONCURRENT_REPACK;
+	ProcGlobal->statusFlags[MyProc->pgxactoff] = MyProc->statusFlags;
+	LWLockRelease(ProcArrayLock);
+
+	/*
+	 * Tuples and pages of the old heap will be gone, but the heap itself will
+	 * stay.
 	 */
 	TransferPredicateLocksToHeapRelation(OldHeap);
 	foreach_ptr(RelationData, index, indexrels)
diff --git a/src/backend/storage/lmgr/deadlock.c b/src/backend/storage/lmgr/deadlock.c
index b8962d875b6..3772a7aa3df 100644
--- a/src/backend/storage/lmgr/deadlock.c
+++ b/src/backend/storage/lmgr/deadlock.c
@@ -1146,8 +1146,10 @@ DeadLockReport(void)
 void
 RememberSimpleDeadLock(PGPROC *proc1,
 					   LOCKMODE lockmode,
-					   LOCK *lock,
-					   PGPROC *proc2)
+					   LOCK *lock, /* XXX Only lockmode? */
+					   PGPROC *proc2,
+					   LOCKMODE lockmode2,
+					   LOCKTAG *locktag2)
 {
 	DEADLOCK_INFO *info = &deadlockDetails[0];
 
@@ -1155,8 +1157,8 @@ RememberSimpleDeadLock(PGPROC *proc1,
 	info->lockmode = lockmode;
 	info->pid = proc1->pid;
 	info++;
-	info->locktag = proc2->waitLock->tag;
-	info->lockmode = proc2->waitLockMode;
+	info->locktag = *locktag2;
+	info->lockmode = lockmode2;
 	info->pid = proc2->pid;
 	nDeadlockDetails = 2;
 }
diff --git a/src/backend/storage/lmgr/lock.c b/src/backend/storage/lmgr/lock.c
index c221fe96889..44aa2ca26a7 100644
--- a/src/backend/storage/lmgr/lock.c
+++ b/src/backend/storage/lmgr/lock.c
@@ -674,6 +674,36 @@ LockHeldByMe(const LOCKTAG *locktag,
 	return false;
 }
 
+/*
+ * HaveRelLock -- test whether the current backend has a fast path lock on
+ *		the relation in any mode.
+ */
+bool
+HaveFastPathLock(Oid relid)
+{
+	uint32		group = FAST_PATH_REL_GROUP(relid);
+	bool		result = false;
+
+	LWLockAcquire(&MyProc->fpInfoLock, LW_SHARED);
+	for (int i = 0; i < FP_LOCK_SLOTS_PER_GROUP; i++)
+	{
+		uint32		f = FAST_PATH_SLOT(group, i);
+		uint32		lockmask;
+
+		if (relid != MyProc->fpRelId[f])
+			continue;
+		lockmask = FAST_PATH_GET_BITS(MyProc, f);
+		if (lockmask)
+		{
+			result = true;
+			break;
+		}
+	}
+	LWLockRelease(&MyProc->fpInfoLock);
+
+	return result;
+}
+
 #ifdef USE_ASSERT_CHECKING
 /*
  * GetLockMethodLocalHash -- return the hash of local locks, for modules that
diff --git a/src/backend/storage/lmgr/proc.c b/src/backend/storage/lmgr/proc.c
index 1ac25068d62..3d47b1284a3 100644
--- a/src/backend/storage/lmgr/proc.c
+++ b/src/backend/storage/lmgr/proc.c
@@ -1156,6 +1156,7 @@ JoinWaitQueue(LOCALLOCK *locallock, LockMethod lockMethodTable, bool dontWait)
 	LOCKMASK	myHeldLocks;
 	bool		early_deadlock = false;
 	PGPROC	   *leader = MyProc->lockGroupLeader;
+	bool		check_repack = false;
 
 	Assert(LWLockHeldByMeInMode(partitionLock, LW_EXCLUSIVE));
 
@@ -1193,6 +1194,56 @@ JoinWaitQueue(LOCALLOCK *locallock, LockMethod lockMethodTable, bool dontWait)
 		}
 	}
 
+	/*
+	 * If I am already holding this lock (in any mode) and trying to get
+	 * ShareUpdateExclusiveLock (or higher), check if REPACK (CONCURRENTLY) is
+	 * already holding ShareUpdateExclusiveLock. The problem is if that by
+	 * trying to upgrade the lock to AccessExclusiveLock it would get into a
+	 * deadlock with us.
+	 */
+	if (lock->tag.locktag_type == LOCKTAG_RELATION &&
+		lock->tag.locktag_field1 == MyDatabaseId &&
+		lockmode >= ShareUpdateExclusiveLock)
+	{
+		if (myHeldLocks > 0 ||
+			HaveFastPathLock(lock->tag.locktag_field2))
+			check_repack = true;
+	}
+	if (check_repack)
+	{
+		dlist_iter	iter;
+
+		dlist_foreach(iter, &lock->procLocks)
+		{
+			PROCLOCK   *otherproclock;
+			PGPROC		*otherproc;
+
+			otherproclock = dlist_container(PROCLOCK, lockLink, iter.cur);
+			otherproc = otherproclock->tag.myProc;
+			if (otherproc != MyProc &&
+				otherproc->statusFlags & PROC_IN_CONCURRENT_REPACK)
+			{
+				LOCKMASK	repackmask = otherproclock->holdMask;
+
+				/*
+				 * Is REPACK already holding ShareUpdateExclusiveLock?
+				 */
+				if ((repackmask & LOCKBIT_ON(ShareUpdateExclusiveLock)) != 0)
+				{
+					/*
+					 * There should be no more than one REPACK working on
+					 * particular table, so let's error out.
+					 */
+					RememberSimpleDeadLock(MyProc, lockmode, lock,
+										   otherproc,
+										   ShareUpdateExclusiveLock,
+										   &otherproclock->tag.myLock->tag);
+					return PROC_WAIT_STATUS_ERROR;
+				}
+			}
+		}
+	}
+
 	/*
 	 * Determine where to add myself in the wait queue.
 	 *
@@ -1240,7 +1291,9 @@ JoinWaitQueue(LOCALLOCK *locallock, LockMethod lockMethodTable, bool dontWait)
 					 * a flag to check below, and break out of loop.  Also,
 					 * record deadlock info for later message.
 					 */
-					RememberSimpleDeadLock(MyProc, lockmode, lock, proc);
+					RememberSimpleDeadLock(MyProc, lockmode, lock, proc,
+										   proc->waitLockMode,
+										   &proc->waitLock->tag);
 					early_deadlock = true;
 					break;
 				}
diff --git a/src/include/storage/lock.h b/src/include/storage/lock.h
index ee3cb1dc203..85804d61ce9 100644
--- a/src/include/storage/lock.h
+++ b/src/include/storage/lock.h
@@ -401,6 +401,7 @@ extern void LockReleaseCurrentOwner(LOCALLOCK **locallocks, int nlocks);
 extern void LockReassignCurrentOwner(LOCALLOCK **locallocks, int nlocks);
 extern bool LockHeldByMe(const LOCKTAG *locktag,
 						 LOCKMODE lockmode, bool orstronger);
+extern bool HaveFastPathLock(Oid relid);
 #ifdef USE_ASSERT_CHECKING
 extern HTAB *GetLockMethodLocalHash(void);
 #endif
@@ -440,7 +441,9 @@ pg_noreturn extern void DeadLockReport(void);
 extern void RememberSimpleDeadLock(PGPROC *proc1,
 								   LOCKMODE lockmode,
 								   LOCK *lock,
-								   PGPROC *proc2);
+								   PGPROC *proc2,
+								   LOCKMODE lockmode2,
+								   LOCKTAG *locktag2);
 extern void InitDeadLockChecking(void);
 
 extern int	LockWaiterCount(const LOCKTAG *locktag);
diff --git a/src/include/storage/proc.h b/src/include/storage/proc.h
index 3e1d1fad5f9..76c6bb44251 100644
--- a/src/include/storage/proc.h
+++ b/src/include/storage/proc.h
@@ -70,10 +70,12 @@ struct XidCache
 #define		PROC_AFFECTS_ALL_HORIZONS	0x20	/* this proc's xmin must be
 												 * included in vacuum horizons
 												 * in all databases */
+#define		PROC_IN_CONCURRENT_REPACK	0x40	/* REPACK (CONCURRENTLY) */
 
-/* flags reset at EOXact */
+/* flags reset at EOXact.  A bit of a misnomer ... */
 #define		PROC_VACUUM_STATE_MASK \
-	(PROC_IN_VACUUM | PROC_IN_SAFE_IC | PROC_VACUUM_FOR_WRAPAROUND)
+	(PROC_IN_VACUUM | PROC_IN_SAFE_IC | PROC_VACUUM_FOR_WRAPAROUND | \
+	 PROC_IN_CONCURRENT_REPACK)
 
 /*
  * Xmin-related flags. Make sure any flags that affect how the process' Xmin
diff --git a/src/test/modules/injection_points/expected/repack.out b/src/test/modules/injection_points/expected/repack.out
index b575e9052ee..960044776f4 100644
--- a/src/test/modules/injection_points/expected/repack.out
+++ b/src/test/modules/injection_points/expected/repack.out
@@ -1,4 +1,4 @@
-Parsed test spec with 2 sessions
+Parsed test spec with 3 sessions
 
 starting permutation: wait_before_lock change_existing change_new change_subxact1 change_subxact2 check2 wakeup_before_lock check1
 injection_points_attach
@@ -111,3 +111,60 @@ injection_points_detach
                        
 (1 row)
 
+
+starting permutation: check1_relnode_only wait_before_lock lock3 wakeup_before_lock check1_relnode_only
+injection_points_attach
+-----------------------
+                       
+(1 row)
+
+step check1_relnode_only: 
+	INSERT INTO relfilenodes(node)
+	SELECT relfilenode FROM pg_class WHERE relname='repack_test';
+
+	SELECT count(DISTINCT node) FROM relfilenodes;
+
+count
+-----
+    1
+(1 row)
+
+step wait_before_lock: 
+	REPACK (CONCURRENTLY) repack_test USING INDEX repack_test_pkey;
+ <waiting ...>
+step lock3: 
+	BEGIN;
+	SELECT * FROM repack_test ORDER BY i LIMIT 1;
+	LOCK TABLE repack_test IN SHARE UPDATE EXCLUSIVE MODE;
+
+i|j
+-+-
+1|1
+(1 row)
+
+ERROR:  deadlock detected
+step wakeup_before_lock: 
+	SELECT injection_points_wakeup('repack-concurrently-before-lock');
+
+injection_points_wakeup
+-----------------------
+                       
+(1 row)
+
+step wait_before_lock: <... completed>
+step check1_relnode_only: 
+	INSERT INTO relfilenodes(node)
+	SELECT relfilenode FROM pg_class WHERE relname='repack_test';
+
+	SELECT count(DISTINCT node) FROM relfilenodes;
+
+count
+-----
+    2
+(1 row)
+
+injection_points_detach
+-----------------------
+                       
+(1 row)
+
diff --git a/src/test/modules/injection_points/specs/repack.spec b/src/test/modules/injection_points/specs/repack.spec
index d727a9b056b..5ffcb558718 100644
--- a/src/test/modules/injection_points/specs/repack.spec
+++ b/src/test/modules/injection_points/specs/repack.spec
@@ -55,6 +55,13 @@ step check1
 	FROM data_s1 d1 FULL JOIN data_s2 d2 USING (i, j)
 	WHERE d1.i ISNULL OR d2.i ISNULL;
 }
+step check1_relnode_only
+{
+	INSERT INTO relfilenodes(node)
+	SELECT relfilenode FROM pg_class WHERE relname='repack_test';
+
+	SELECT count(DISTINCT node) FROM relfilenodes;
+}
 teardown
 {
 	SELECT injection_points_detach('repack-concurrently-before-lock');
@@ -129,6 +136,20 @@ step wakeup_before_lock
 	SELECT injection_points_wakeup('repack-concurrently-before-lock');
 }
 
+session s3
+# Try to acquire SharedUpdateExclusiveLock on a table while REPACK is already
+# holding it and before it tries to upgrade it to AccessExclusiveLock. Since
+# this session is already holding another lock no the table, REPACK cannot
+# resolve the problem by getting ahead in the wait queue. The solution is that
+# the LOCK TABLE triggers a deadlock report. The deadlock does not actually
+# take place, but it would if this session started to wait.
+step lock3
+{
+	BEGIN;
+	SELECT * FROM repack_test ORDER BY i LIMIT 1;
+	LOCK TABLE repack_test IN SHARE UPDATE EXCLUSIVE MODE;
+}
+
 # Test if data changes introduced while one session is performing REPACK
 # CONCURRENTLY find their way into the table.
 permutation
@@ -140,3 +161,11 @@ permutation
 	check2
 	wakeup_before_lock
 	check1
+
+# See 'lock3' above. We check relnodes to make sure that REPACK finished.
+permutation
+	check1_relnode_only
+	wait_before_lock
+	lock3
+	wakeup_before_lock
+	check1_relnode_only
-- 
2.47.3