[pgpool-hackers: 3215] Re: Segfault in a race condition

Tatsuo Ishii ishii at sraoss.co.jp
Thu Jan 10 13:51:29 JST 2019


> I found a segfault could happen in a race condition:
> 
> 1) frontend tries to connect to Pgpool-II
> 
> 2) there's no existing connection cache
> 
> 3) try to create new backend connections by calling connect_backend()
> 
> 4) inside connect_backend(), pool_create_cp() gets called
> 
> 5) pool_create_cp() calls new_connection()
> 
> 6) failover occurs and the global backend status is set to down, but
>    the pgpool main does not send kill signal to the child process yet
> 
> 7) inside new_connection() after checking VALID_BACKEND, it checks the
>    global backend status and finds it is set to down status, so that
>    it returns without creating new connection slot
> 
> 8) connect_backend() continues and accesses the downed connection slot
>    because local status says it's alive, which results in a segfault.
> 
> Since there's already checking for the global status in
> new_connection(), I think a fix could be syncing the local status with
> the global status there. Patch attached.

Fix committed.

Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp


More information about the pgpool-hackers mailing list