diff options
| author | Nathan Bossart <nathan@postgresql.org> | 2023-10-16 12:41:55 -0500 |
|---|---|---|
| committer | Nathan Bossart <nathan@postgresql.org> | 2023-10-16 12:41:55 -0500 |
| commit | 8fb13dd6ab5bffdbfafd8894ffcc5deb44d0c0b0 (patch) | |
| tree | 86adff19cfbffe9fdc94658c73d6309a2d1a7da4 /src/backend/access/transam | |
| parent | a70bce43fbceab6bf0b49498a064c4e87cdbf72f (diff) | |
| download | postgresql-8fb13dd6ab5bffdbfafd8894ffcc5deb44d0c0b0.tar.gz postgresql-8fb13dd6ab5bffdbfafd8894ffcc5deb44d0c0b0.zip | |
Move extra code out of the Pre/PostRestoreCommand() section.
If SIGTERM is received within this section, the startup process
will immediately proc_exit() in the signal handler, so it is
inadvisable to include any more code than is required there (as
such code is unlikely to be compatible with doing proc_exit() in a
signal handler). This commit moves the code recently added to this
section (see 1b06d7bac9 and 7fed801135) to outside of the section.
This ensures that the startup process only calls proc_exit() in its
SIGTERM handler for the duration of the system() call, which is how
this code worked from v8.4 to v14.
Reported-by: Michael Paquier, Thomas Munro
Analyzed-by: Andres Freund
Suggested-by: Tom Lane
Reviewed-by: Michael Paquier, Robert Haas, Thomas Munro, Andres Freund
Discussion: https://postgr.es/m/Y9nGDSgIm83FHcad%40paquier.xyz
Discussion: https://postgr.es/m/20230223231503.GA743455%40nathanxps13
Backpatch-through: 15
Diffstat (limited to 'src/backend/access/transam')
| -rw-r--r-- | src/backend/access/transam/xlogarchive.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/backend/access/transam/xlogarchive.c b/src/backend/access/transam/xlogarchive.c index f3fb92c8f96..524e80adb1c 100644 --- a/src/backend/access/transam/xlogarchive.c +++ b/src/backend/access/transam/xlogarchive.c @@ -159,20 +159,27 @@ RestoreArchivedFile(char *path, const char *xlogfname, (errmsg_internal("executing restore command \"%s\"", xlogRestoreCmd))); + fflush(NULL); + pgstat_report_wait_start(WAIT_EVENT_RESTORE_COMMAND); + /* - * Check signals before restore command and reset afterwards. + * PreRestoreCommand() informs the SIGTERM handler for the startup process + * that it should proc_exit() right away. This is done for the duration + * of the system() call because there isn't a good way to break out while + * it is executing. Since we might call proc_exit() in a signal handler, + * it is best to put any additional logic before or after the + * PreRestoreCommand()/PostRestoreCommand() section. */ PreRestoreCommand(); /* * Copy xlog from archival storage to XLOGDIR */ - fflush(NULL); - pgstat_report_wait_start(WAIT_EVENT_RESTORE_COMMAND); rc = system(xlogRestoreCmd); - pgstat_report_wait_end(); PostRestoreCommand(); + + pgstat_report_wait_end(); pfree(xlogRestoreCmd); if (rc == 0) |