Fix some more bugs in signal handlers and process shutdown logic.

WalSndKill was doing things exactly backwards: it should first clear
MyWalSnd (to stop signal handlers from touching MyWalSnd->latch),
then disown the latch, and only then mark the WalSnd struct unused by
clearing its pid field.

Also, WalRcvSigUsr1Handler and worker_spi_sighup failed to preserve
errno, which is surely a requirement for any signal handler.

Per discussion of recent buildfarm failures.  Back-patch as far
as the relevant code exists.

diff --git a/src/backend/replication/walsender.c b/src/backend/replication/walsender.c
index bbde1c32e73a003183862e25d2bd1e01a7c07b92..7b44f9b0443748f8f215d621b5424c3a92aa7279 100644 (file)
--- a/src/backend/replication/walsender.c
+++ b/src/backend/replication/walsender.c
@@ -920,17 +920,23 @@ InitWalSnd(void)
 static void
 WalSndKill(int code, Datum arg)
 {
-       Assert(MyWalSnd != NULL);
+       WalSnd     *walsnd = MyWalSnd;
+
+       Assert(walsnd != NULL);
+
+       /*
+        * Clear MyWalSnd first; then disown the latch.  This is so that signal
+        * handlers won't try to touch the latch after it's no longer ours.
+        */
+       MyWalSnd = NULL;
+
+       DisownLatch(&walsnd->latch);
 
        /*
         * Mark WalSnd struct no longer in use. Assume that no lock is required
         * for this.
         */
-       MyWalSnd->pid = 0;
-       DisownLatch(&MyWalSnd->latch);
-
-       /* WalSnd struct isn't mine anymore */
-       MyWalSnd = NULL;
+       walsnd->pid = 0;
 }
 
 /*