Hello, as in pgsql-bug ML.
Master can go into infinite loop on shutdown. But it is caused by
a broken database like storage rolled-back one. (The steps to
replay this is shown in the above mail.)
I think this can be avoided by rejecting a standby if it reports
that write LSN is smaller than flush LSN after catching up.
Is it worth fixing?
# The patch is slightly different from that I posted to -bugs.
It is enough to chek for the invalid state just once but the
patch continues the check.
NTT Open Source Software Center
diff --git a/src/backend/replication/walsender.c b/src/backend/replication/walsender.c
index e47ddca6bc..1916acf629 100644
@@ -1809,6 +1809,19 @@ ProcessStandbyReplyMessage(void)
+ * Once this stream catches up to WAL, writePtr cannot be smaller than
+ * flushPtr. Otherwise we haven't reached the standby's starting LSN thus
+ * this database cannot be a proper master of the standby. The state
+ * causes infinite loop on shutdown.
+ if (MyWalSnd->state >= WALSNDSTATE_CATCHUP &&
+ writePtr != InvalidXLogRecPtr && writePtr < flushPtr)
+ errmsg("Standby started from the future LSN for this server"),
+ errhint("This means that the standby is not created from this database.")));
* Update shared state for this WalSender process based on reply data from