diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2008-04-16 23:59:40 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2008-04-16 23:59:40 +0000 |
| commit | d1cbd26ded664bf2d3ace87036b822dedba28077 (patch) | |
| tree | b991c0196d5abe92d4d77e79449b44ced35b7d5f /src/backend/access/nbtree/nbtutils.c | |
| parent | 74be86847c8cdd274a274fc9384988cb81756d87 (diff) | |
| download | postgresql-d1cbd26ded664bf2d3ace87036b822dedba28077.tar.gz | |
Repair two places where SIGTERM exit could leave shared memory state
corrupted. (Neither is very important if SIGTERM is used to shut down the
whole database cluster together, but there's a problem if someone tries to
SIGTERM individual backends.) To do this, introduce new infrastructure
macros PG_ENSURE_ERROR_CLEANUP/PG_END_ENSURE_ERROR_CLEANUP that take care
of transiently pushing an on_shmem_exit cleanup hook. Also use this method
for createdb cleanup --- that wasn't a shared-memory-corruption problem,
but SIGTERM abort of createdb could leave orphaned files lying around.
Backpatch as far as 8.2. The shmem corruption cases don't exist in 8.1,
and the createdb usage doesn't seem important enough to risk backpatching
further.
Diffstat (limited to 'src/backend/access/nbtree/nbtutils.c')
| -rw-r--r-- | src/backend/access/nbtree/nbtutils.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/src/backend/access/nbtree/nbtutils.c b/src/backend/access/nbtree/nbtutils.c index 6f88a34488..6759ce6f2b 100644 --- a/src/backend/access/nbtree/nbtutils.c +++ b/src/backend/access/nbtree/nbtutils.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/access/nbtree/nbtutils.c,v 1.88 2008/01/01 19:45:46 momjian Exp $ + * $PostgreSQL: pgsql/src/backend/access/nbtree/nbtutils.c,v 1.89 2008/04/16 23:59:40 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -1252,8 +1252,11 @@ _bt_vacuum_cycleid(Relation rel) /* * _bt_start_vacuum --- assign a cycle ID to a just-starting VACUUM operation * - * Note: the caller must guarantee (via PG_TRY) that it will eventually call - * _bt_end_vacuum, else we'll permanently leak an array slot. + * Note: the caller must guarantee that it will eventually call + * _bt_end_vacuum, else we'll permanently leak an array slot. To ensure + * that this happens even in elog(FATAL) scenarios, the appropriate coding + * is not just a PG_TRY, but + * PG_ENSURE_ERROR_CLEANUP(_bt_end_vacuum_callback, PointerGetDatum(rel)) */ BTCycleId _bt_start_vacuum(Relation rel) @@ -1338,6 +1341,15 @@ _bt_end_vacuum(Relation rel) } /* + * _bt_end_vacuum wrapped as an on_shmem_exit callback function + */ +void +_bt_end_vacuum_callback(int code, Datum arg) +{ + _bt_end_vacuum((Relation) DatumGetPointer(arg)); +} + +/* * BTreeShmemSize --- report amount of shared memory space needed */ Size |