[pgpool-committers: 5413] pgpool: Fix Pgpool child segfault in a race condition.
ishii at sraoss.co.jp
Thu Jan 10 13:50:21 JST 2019
Fix Pgpool child segfault in a race condition.
1) frontend tries to connect to Pgpool-II
2) there's no existing connection cache
3) try to create new backend connections by calling connect_backend()
4) inside connect_backend(), pool_create_cp() gets called
5) pool_create_cp() calls new_connection()
6) failover occurs and the global backend status is set to down, but
the pgpool main does not send kill signal to the child process yet
7) inside new_connection() after checking VALID_BACKEND, it checks the
global backend status and finds it is set to down status, so that
it returns without creating new connection slot
8) connect_backend() continues and accesses the down connection slot
because local status says it's alive, which results in a segfault.
Since there's already checking for the global status in
new_connection(), a fix could be syncing the local status with the
global status there.
See [pgpool-hackers: 3214] for discussion.
src/protocol/pool_connection_pool.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
More information about the pgpool-committers