Hi, On 2023-11-29 11:52:01 -0600, Nathan Bossart wrote: > On Tue, Nov 28, 2023 at 06:48:59PM -0800, Andres Freund wrote: > > On 2023-11-28 20:42:47 -0600, Nathan Bossart wrote: > >> Right. Perhaps we could add a LWLockReleaseAll() to > >> pgstat_shutdown_hook() instead of the autovacuum code, but I'm afraid that > >> is still just a hack. > > > > Yea, we'd need that in just about all before_shmem_exit() callbacks. I > > could > > see an argument for doing it in proc_exit_prepare(). While that'd be a > > fairly > > gross layering violation, we already do reset a number a bunch of stuff in > > there: > > Gross layering violations aside, that at least seems more future-proof > against other sigsetjmp() blocks that proc_exit() without doing any > preliminary cleanup.
It's not just sigsetjmp() blocks not doing cleanup that are problematic - consider what happens if there's either no sigsetjmp() block established (and thus ERROR is promoted to FATAL), or if a FATAL error is raised. Then cleanup in the sigsetjmp() site doesn't matter. So we really need a better answer here. If we don't want to add LWLockReleaseAll() to proc_exit_prepare(), ISTM we should all at least add some assertion infrastructure verifying it's being called in relevant paths, triggering an assertion if there was no LWLockReleaseAll() before reaching important before_shmem_exit() routines, even if we don't actually hold an lwlock at the time of the error. Otherwise problematic paths are way too hard to find. Greetings, Andres Freund
