diff options
| author | Robert Haas <rhaas@postgresql.org> | 2011-03-17 13:10:42 -0400 |
|---|---|---|
| committer | Robert Haas <rhaas@postgresql.org> | 2011-03-17 13:12:21 -0400 |
| commit | 9a56dc3389b9470031e9ef8e45c95a680982e01a (patch) | |
| tree | ec20f12f1a2a01ace8fa595f85179c75699c3dce /src/include/replication | |
| parent | e148443ddd95cd29edf4cc1de6188eb9cee029c5 (diff) | |
| download | postgresql-9a56dc3389b9470031e9ef8e45c95a680982e01a.tar.gz | |
Fix various possible problems with synchronous replication.
1. Don't ignore query cancel interrupts. Instead, if the user asks to
cancel the query after we've already committed it, but before it's on
the standby, just emit a warning and let the COMMIT finish.
2. Don't ignore die interrupts (pg_terminate_backend or fast shutdown).
Instead, emit a warning message and close the connection without
acknowledging the commit. Other backends will still see the effect of
the commit, but there's no getting around that; it's too late to abort
at this point, and ignoring die interrupts altogether doesn't seem like
a good idea.
3. If synchronous_standby_names becomes empty, wake up all backends
waiting for synchronous replication to complete. Without this, someone
attempting to shut synchronous replication off could easily wedge the
entire system instead.
4. Avoid depending on the assumption that if a walsender updates
MyProc->syncRepState, we'll see the change even if we read it without
holding the lock. The window for this appears to be quite narrow (and
probably doesn't exist at all on machines with strong memory ordering)
but protecting against it is practically free, so do that.
5. Remove useless state SYNC_REP_MUST_DISCONNECT, which isn't needed and
doesn't actually do anything.
There's still some further work needed here to make the behavior of fast
shutdown plausible, but that looks complex, so I'm leaving it for a
separate commit. Review by Fujii Masao.
Diffstat (limited to 'src/include/replication')
| -rw-r--r-- | src/include/replication/syncrep.h | 4 | ||||
| -rw-r--r-- | src/include/replication/walsender.h | 7 |
2 files changed, 10 insertions, 1 deletions
diff --git a/src/include/replication/syncrep.h b/src/include/replication/syncrep.h index 9171eb6176..188ec65745 100644 --- a/src/include/replication/syncrep.h +++ b/src/include/replication/syncrep.h @@ -26,7 +26,6 @@ #define SYNC_REP_NOT_WAITING 0 #define SYNC_REP_WAITING 1 #define SYNC_REP_WAIT_COMPLETE 2 -#define SYNC_REP_MUST_DISCONNECT 3 /* user-settable parameters for synchronous replication */ extern bool synchronous_replication; @@ -42,6 +41,9 @@ extern void SyncRepCleanupAtProcExit(int code, Datum arg); extern void SyncRepInitConfig(void); extern void SyncRepReleaseWaiters(void); +/* called by wal writer */ +extern void SyncRepUpdateSyncStandbysDefined(void); + /* called by various procs */ extern int SyncRepWakeQueue(bool all); extern const char *assign_synchronous_standby_names(const char *newval, bool doit, GucSource source); diff --git a/src/include/replication/walsender.h b/src/include/replication/walsender.h index 2e5b2096ea..150a71fddd 100644 --- a/src/include/replication/walsender.h +++ b/src/include/replication/walsender.h @@ -78,6 +78,13 @@ typedef struct */ XLogRecPtr lsn; + /* + * Are any sync standbys defined? Waiting backends can't reload the + * config file safely, so WAL writer updates this value as needed. + * Protected by SyncRepLock. + */ + bool sync_standbys_defined; + WalSnd walsnds[1]; /* VARIABLE LENGTH ARRAY */ } WalSndCtlData; |