Re: EXEC_BACKEND vs bgworkers without BGWORKER_SHMEM_ACCESS

On Mon, Aug 2, 2021 at 2:51 AM Andres Freund <andres(at)anarazel(dot)de> wrote:
> which presents a problem: We've initialized all kind of references to shared
> memory, own a PGPROC, but have detached from shared memory.
>
> In practice this will lead pretty quickly to a segfault, because process exit
> will run proc_exit callbacks, which in turn will try to do a ProcKill(). Or
> logging dereferences MyProc, or ...
>
> It seems the above code block would need to at least do shmem_exit() before
> the PGSharedMemoryDetach()?
>
> This code has been introduced in
>
> commit 4d155d8b08fe08c1a1649fdbad61c6dcf4a8671f
> Author: Robert Haas <rhaas(at)postgresql(dot)org>
> Date: 2014-05-07 14:54:43 -0400
>
> Detach shared memory from bgworkers without shmem access.
>
> Since the postmaster won't perform a crash-and-restart sequence
> for background workers which don't request shared memory access,
> we'd better make sure that they can't corrupt shared memory.
>
> Patch by me, review by Tom Lane.
>
> but before that things were just slightly differently broken...

If you're saying that this code has been 100% broken for 7 years and
nobody's noticed until now, then that suggests that nobody actually
uses non-shmem-connected bgworkers. I sort of hate to give up on that
concept but if we've really gone that many years without anyone
noticing obvious breakage then maybe we should.

--
Robert Haas
EDB: http://www.enterprisedb.com