[PGPRO-4561] Blocking custom signals while handling one

Daniel Shelepanov · Daniel Shelepanov · commit 3445b4583767 · 2021-12-08T18:29:01.000+03:00
Without HOLD_INTERRUPTS()/RESUME_INTERRUPTS() there is a risk of
accepting a signal while executing another signal handler which leads
to a hcs memory context corruption.

tags: pg_query_state
diff --git a/patches/custom_signals_13.0.patch b/patches/custom_signals_13.0.patch
@@ -1,10 +1,10 @@
 diff --git a/src/backend/storage/ipc/procsignal.c b/src/backend/storage/ipc/procsignal.c
-index 4fa385b0ece..fc1637a2e28 100644
+index 4fa385b0ece..60854eee386 100644
 --- a/src/backend/storage/ipc/procsignal.c
 +++ b/src/backend/storage/ipc/procsignal.c
 @@ -88,12 +88,21 @@ typedef struct
-	(((flags) & (((uint32) 1) << (uint32) (type))) != 0)
-
+ 	(((flags) & (((uint32) 1) << (uint32) (type))) != 0)
+ 
  static ProcSignalHeader *ProcSignal = NULL;
 +#define IsCustomProcSignalReason(reason) \
 +	((reason) >= PROCSIG_CUSTOM_1 && (reason) <= PROCSIG_CUSTOM_N)
@@ -14,20 +14,20 @@ index 4fa385b0ece..fc1637a2e28 100644
 +static ProcSignalHandler_type CustomInterruptHandlers[NUM_CUSTOM_PROCSIGNALS];
 +
  static volatile ProcSignalSlot *MyProcSignalSlot = NULL;
-
+ 
  static bool CheckProcSignal(ProcSignalReason reason);
  static void CleanupProcSignalState(int status, Datum arg);
  static void ProcessBarrierPlaceholder(void);
-
+ 
 +static void CheckAndSetCustomSignalInterrupts(void);
 +
  /*
   * ProcSignalShmemSize
   *		Compute space needed for procsignal's shared memory
 @@ -235,6 +244,36 @@ CleanupProcSignalState(int status, Datum arg)
-	slot->pss_pid = 0;
+ 	slot->pss_pid = 0;
  }
-
+ 
 +/*
 + * RegisterCustomProcSignalHandler
 + *		Assign specific handler of custom process signal with new
@@ -61,17 +61,17 @@ index 4fa385b0ece..fc1637a2e28 100644
  /*
   * SendProcSignal
   *		Send a signal to a Postgres process
-@@ -585,9 +624,64 @@ procsignal_sigusr1_handler(SIGNAL_ARGS)
-	if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_BUFFERPIN))
-		RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_BUFFERPIN);
-
+@@ -585,9 +624,71 @@ procsignal_sigusr1_handler(SIGNAL_ARGS)
+ 	if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_BUFFERPIN))
+ 		RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_BUFFERPIN);
+ 
 +	CheckAndSetCustomSignalInterrupts();
 +
-	SetLatch(MyLatch);
-
-	latch_sigusr1_handler();
-
-	errno = save_errno;
+ 	SetLatch(MyLatch);
+ 
+ 	latch_sigusr1_handler();
+ 
+ 	errno = save_errno;
  }
 +
 +/*
@@ -108,9 +108,15 @@ index 4fa385b0ece..fc1637a2e28 100644
 +{
 +	int i;
 +
-+	/* Check on expiring of custom signals and call its handlers if exist */
++	/*
++	 * This is invoked from ProcessInterrupts(), and since some of the
++	 * functions it calls contain CHECK_FOR_INTERRUPTS(), there is a potential
++	 * for recursive calls if more signals are received while this runs, so
++	 * let's block interrupts until done.
++	 */
++	HOLD_INTERRUPTS();
++
 +	for (i = 0; i < NUM_CUSTOM_PROCSIGNALS; i++)
-+	{
 +		if (!CustomSignalProcessing[i] && CustomSignalPendings[i])
 +		{
 +			ProcSignalHandler_type  handler;
@@ -124,29 +130,66 @@ index 4fa385b0ece..fc1637a2e28 100644
 +				CustomSignalProcessing[i] = false;
 +			}
 +		}
-+	}
++
++	RESUME_INTERRUPTS();
 +}
 diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c
-index 174c72a14bc..0e7366bd58f 100644
+index 7bc03ae4edc..3debd63bd7d 100644
 --- a/src/backend/tcop/postgres.c
 +++ b/src/backend/tcop/postgres.c
-@@ -3221,6 +3221,8 @@ ProcessInterrupts(void)
-
-	if (ParallelMessagePending)
-		HandleParallelMessages();
+@@ -5,6 +5,7 @@
+  *
+  * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
+  * Portions Copyright (c) 1994, Regents of the University of California
++ * Portions Copyright (c) 2020-2021, Postgres Professional
+  *
+  *
+  * IDENTIFICATION
+@@ -74,6 +75,7 @@
+ #include "tcop/pquery.h"
+ #include "tcop/tcopprot.h"
+ #include "tcop/utility.h"
++#include "utils/builtins.h"
+ #include "utils/lsyscache.h"
+ #include "utils/memutils.h"
+ #include "utils/ps_status.h"
+@@ -3231,6 +3233,8 @@ ProcessInterrupts(void)
+ 
+ 	if (ParallelMessagePending)
+ 		HandleParallelMessages();
 +
 +	CheckAndHandleCustomSignals();
  }
-
-
+ 
+ 
+@@ -3576,7 +3580,7 @@ process_postgres_switches(int argc, char *argv[], GucContext ctx,
+ 	 * postmaster/postmaster.c (the option sets should not conflict) and with
+ 	 * the common help() function in main/main.c.
+ 	 */
+-	while ((flag = getopt(argc, argv, "B:bc:C:D:d:EeFf:h:ijk:lN:nOo:Pp:r:S:sTt:v:W:-:")) != -1)
++	while ((flag = getopt(argc, argv, "B:bc:C:D:d:EeFf:h:ijk:lN:nOo:Pp:r:S:sTt:v:W:Z-:")) != -1)
+ 	{
+ 		switch (flag)
+ 		{
+@@ -3712,6 +3716,10 @@ process_postgres_switches(int argc, char *argv[], GucContext ctx,
+ 				SetConfigOption("post_auth_delay", optarg, ctx, gucsource);
+ 				break;
+ 
++			case 'Z':
++				/* ignored for consistency with the postmaster */
++				break;
++
+ 			case 'c':
+ 			case '-':
+ 				{
 diff --git a/src/include/storage/procsignal.h b/src/include/storage/procsignal.h
 index 5cb39697f38..c05f60fa719 100644
 --- a/src/include/storage/procsignal.h
 +++ b/src/include/storage/procsignal.h
 @@ -17,6 +17,8 @@
  #include "storage/backendid.h"
-
-
+ 
+ 
 +#define NUM_CUSTOM_PROCSIGNALS 64
 +
  /*
@@ -158,13 +201,13 @@ index 5cb39697f38..c05f60fa719 100644
  {
 +	INVALID_PROCSIGNAL = -1,	/* Must be first */
 +
-	PROCSIG_CATCHUP_INTERRUPT,	/* sinval catchup interrupt */
-	PROCSIG_NOTIFY_INTERRUPT,	/* listen/notify interrupt */
-	PROCSIG_PARALLEL_MESSAGE,	/* message from cooperating parallel backend */
+ 	PROCSIG_CATCHUP_INTERRUPT,	/* sinval catchup interrupt */
+ 	PROCSIG_NOTIFY_INTERRUPT,	/* listen/notify interrupt */
+ 	PROCSIG_PARALLEL_MESSAGE,	/* message from cooperating parallel backend */
 @@ -43,6 +47,14 @@ typedef enum
-	PROCSIG_RECOVERY_CONFLICT_BUFFERPIN,
-	PROCSIG_RECOVERY_CONFLICT_STARTUP_DEADLOCK,
-
+ 	PROCSIG_RECOVERY_CONFLICT_BUFFERPIN,
+ 	PROCSIG_RECOVERY_CONFLICT_STARTUP_DEADLOCK,
+ 
 +	PROCSIG_CUSTOM_1,
 +	/*
 +	 * PROCSIG_CUSTOM_2,
@@ -173,34 +216,31 @@ index 5cb39697f38..c05f60fa719 100644
 +	 */
 +	PROCSIG_CUSTOM_N = PROCSIG_CUSTOM_1 + NUM_CUSTOM_PROCSIGNALS - 1,
 +
-	NUM_PROCSIGNALS				/* Must be last! */
+ 	NUM_PROCSIGNALS				/* Must be last! */
  } ProcSignalReason;
-
+ 
 @@ -55,6 +67,8 @@ typedef enum
-	 */
-	PROCSIGNAL_BARRIER_PLACEHOLDER = 0
+ 	 */
+ 	PROCSIGNAL_BARRIER_PLACEHOLDER = 0
  } ProcSignalBarrierType;
 +/* Handler of custom process signal */
 +typedef void (*ProcSignalHandler_type) (void);
-
+ 
  /*
   * prototypes for functions in procsignal.c
 @@ -63,12 +77,15 @@ extern Size ProcSignalShmemSize(void);
  extern void ProcSignalShmemInit(void);
-
+ 
  extern void ProcSignalInit(int pss_idx);
 +extern ProcSignalReason
 +	RegisterCustomProcSignalHandler(ProcSignalHandler_type handler);
  extern int	SendProcSignal(pid_t pid, ProcSignalReason reason,
-						   BackendId backendId);
-
+ 						   BackendId backendId);
+ 
  extern uint64 EmitProcSignalBarrier(ProcSignalBarrierType type);
  extern void WaitForProcSignalBarrier(uint64 generation);
  extern void ProcessProcSignalBarrier(void);
 +extern void CheckAndHandleCustomSignals(void);
-
+ 
  extern void procsignal_sigusr1_handler(SIGNAL_ARGS);
-
---
-2.25.1
-
+ 
diff --git a/patches/custom_signals_14.0.patch b/patches/custom_signals_14.0.patch
@@ -1,22 +1,30 @@
 diff --git a/src/backend/storage/ipc/procsignal.c b/src/backend/storage/ipc/procsignal.c
-index defb75a..4245d28 100644
+index defb75aa26a..cd7d44977ca 100644
 --- a/src/backend/storage/ipc/procsignal.c
 +++ b/src/backend/storage/ipc/procsignal.c
-@@ -95,6 +95,13 @@ typedef struct
- #define BARRIER_CLEAR_BIT(flags, type) \
+@@ -6,6 +6,7 @@
+  *
+  * Portions Copyright (c) 1996-2021, PostgreSQL Global Development Group
+  * Portions Copyright (c) 1994, Regents of the University of California
++ * Portions Copyright (c) 2021, Postgres Professional
+  *
+  * IDENTIFICATION
+  *	  src/backend/storage/ipc/procsignal.c
+@@ -96,6 +97,13 @@ typedef struct
  	((flags) &= ~(((uint32) 1) << (uint32) (type)))
  
+ static ProcSignalHeader *ProcSignal = NULL;
 +#define IsCustomProcSignalReason(reason) \
 +	((reason) >= PROCSIG_CUSTOM_1 && (reason) <= PROCSIG_CUSTOM_N)
 +
 +static bool CustomSignalPendings[NUM_CUSTOM_PROCSIGNALS];
 +static bool CustomSignalProcessing[NUM_CUSTOM_PROCSIGNALS];
 +static ProcSignalHandler_type CustomInterruptHandlers[NUM_CUSTOM_PROCSIGNALS];
 +
- static ProcSignalHeader *ProcSignal = NULL;
  static ProcSignalSlot *MyProcSignalSlot = NULL;
  
-@@ -103,6 +110,8 @@ static void CleanupProcSignalState(int status, Datum arg);
+ static bool CheckProcSignal(ProcSignalReason reason);
+@@ -103,6 +111,8 @@ static void CleanupProcSignalState(int status, Datum arg);
  static void ResetProcSignalBarrierBits(uint32 flags);
  static bool ProcessBarrierPlaceholder(void);
  
@@ -25,7 +33,7 @@ index defb75a..4245d28 100644
  /*
   * ProcSignalShmemSize
   *		Compute space needed for procsignal's shared memory
-@@ -246,6 +255,36 @@ CleanupProcSignalState(int status, Datum arg)
+@@ -246,6 +256,36 @@ CleanupProcSignalState(int status, Datum arg)
  	slot->pss_pid = 0;
  }
  
@@ -62,7 +70,7 @@ index defb75a..4245d28 100644
  /*
   * SendProcSignal
   *		Send a signal to a Postgres process
-@@ -679,7 +718,62 @@ procsignal_sigusr1_handler(SIGNAL_ARGS)
+@@ -679,7 +719,72 @@ procsignal_sigusr1_handler(SIGNAL_ARGS)
  	if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_BUFFERPIN))
  		RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_BUFFERPIN);
  
@@ -107,6 +115,14 @@ index defb75a..4245d28 100644
 +{
 +	int i;
 +
++	/*
++	 * This is invoked from ProcessInterrupts(), and since some of the
++	 * functions it calls contain CHECK_FOR_INTERRUPTS(), there is a potential
++	 * for recursive calls if more signals are received while this runs, so
++	 * let's block interrupts until done.
++	 */
++	HOLD_INTERRUPTS();
++
 +	/* Check on expiring of custom signals and call its handlers if exist */
 +	for (i = 0; i < NUM_CUSTOM_PROCSIGNALS; i++)
 +	{
@@ -124,23 +140,60 @@ index defb75a..4245d28 100644
 +			}
 +		}
 +	}
++
++	RESUME_INTERRUPTS();
 +}
-\ No newline at end of file
 diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c
-index 8cea10c..dd77c98 100644
+index 171f3a95006..e6fe26fb19a 100644
 --- a/src/backend/tcop/postgres.c
 +++ b/src/backend/tcop/postgres.c
-@@ -3364,6 +3364,8 @@ ProcessInterrupts(void)
- 	if (ParallelMessagePending)
- 		HandleParallelMessages();
+@@ -5,6 +5,7 @@
+  *
+  * Portions Copyright (c) 1996-2021, PostgreSQL Global Development Group
+  * Portions Copyright (c) 1994, Regents of the University of California
++ * Portions Copyright (c) 2021, Postgres Professional
+  *
+  *
+  * IDENTIFICATION
+@@ -75,6 +76,7 @@
+ #include "tcop/pquery.h"
+ #include "tcop/tcopprot.h"
+ #include "tcop/utility.h"
++#include "utils/builtins.h"
+ #include "utils/lsyscache.h"
+ #include "utils/memutils.h"
+ #include "utils/ps_status.h"
+@@ -3366,6 +3368,8 @@ ProcessInterrupts(void)
  
-+	CheckAndHandleCustomSignals();
-+
  	if (LogMemoryContextPending)
  		ProcessLogMemoryContextInterrupt();
++
++	CheckAndHandleCustomSignals();
  }
+ 
+ 
+@@ -3711,7 +3715,7 @@ process_postgres_switches(int argc, char *argv[], GucContext ctx,
+ 	 * postmaster/postmaster.c (the option sets should not conflict) and with
+ 	 * the common help() function in main/main.c.
+ 	 */
+-	while ((flag = getopt(argc, argv, "B:bc:C:D:d:EeFf:h:ijk:lN:nOPp:r:S:sTt:v:W:-:")) != -1)
++	while ((flag = getopt(argc, argv, "B:bc:C:D:d:EeFf:h:ijk:lN:nOPp:r:S:sTt:v:W:Z-:")) != -1)
+ 	{
+ 		switch (flag)
+ 		{
+@@ -3843,6 +3847,10 @@ process_postgres_switches(int argc, char *argv[], GucContext ctx,
+ 				SetConfigOption("post_auth_delay", optarg, ctx, gucsource);
+ 				break;
+ 
++			case 'Z':
++				/* ignored for consistency with the postmaster */
++				break;
++
+ 			case 'c':
+ 			case '-':
+ 				{
 diff --git a/src/include/storage/procsignal.h b/src/include/storage/procsignal.h
-index eec186b..74af186 100644
+index eec186be2ee..74af186bf53 100644
 --- a/src/include/storage/procsignal.h
 +++ b/src/include/storage/procsignal.h
 @@ -17,6 +17,8 @@
@@ -201,6 +254,3 @@ index eec186b..74af186 100644
  
  extern void procsignal_sigusr1_handler(SIGNAL_ARGS);
  
--- 
-2.25.1
-
diff --git a/patches/custom_signals_15.0.patch b/patches/custom_signals_15.0.patch
@@ -107,6 +107,14 @@ index defb75a..4245d28 100644
 +{
 +	int i;
 +
++	/*
++	 * This is invoked from ProcessInterrupts(), and since some of the
++	 * functions it calls contain CHECK_FOR_INTERRUPTS(), there is a potential
++	 * for recursive calls if more signals are received while this runs, so
++	 * let's block interrupts until done.
++	 */
++	HOLD_INTERRUPTS();
++
 +	/* Check on expiring of custom signals and call its handlers if exist */
 +	for (i = 0; i < NUM_CUSTOM_PROCSIGNALS; i++)
 +	{
@@ -124,6 +132,8 @@ index defb75a..4245d28 100644
 +			}
 +		}
 +	}
++
++	RESUME_INTERRUPTS();
 +}
 \ No newline at end of file
 diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c
