Detach shared memory from bgworkers without shmem access.

Since the postmaster won't perform a crash-and-restart sequence
for background workers which don't request shared memory access,
we'd better make sure that they can't corrupt shared memory.

Patch by me, review by Tom Lane.

diff --git a/src/backend/postmaster/bgworker.c b/src/backend/postmaster/bgworker.c
index a6b25d8494ab1d6df901d50da733809cb0715daa..8078a38ed725f8d8ec12c5aa7c1d9cc37f7eee86 100644 (file)
--- a/src/backend/postmaster/bgworker.c
+++ b/src/backend/postmaster/bgworker.c
@@ -20,9 +20,11 @@
 #include "postmaster/bgworker_internals.h"
 #include "postmaster/postmaster.h"
 #include "storage/barrier.h"
+#include "storage/dsm.h"
 #include "storage/ipc.h"
 #include "storage/latch.h"
 #include "storage/lwlock.h"
+#include "storage/pg_shmem.h"
 #include "storage/pmsignal.h"
 #include "storage/proc.h"
 #include "storage/procsignal.h"
@@ -400,12 +402,16 @@ BackgroundWorkerStopNotifications(pid_t pid)
 BackgroundWorker *
 BackgroundWorkerEntry(int slotno)
 {
+   static BackgroundWorker myEntry;
    BackgroundWorkerSlot *slot;
 
    Assert(slotno < BackgroundWorkerData->total_slots);
    slot = &BackgroundWorkerData->slot[slotno];
    Assert(slot->in_use);
-   return &slot->worker;       /* can't become free while we're still here */
+
+   /* must copy this in case we don't intend to retain shmem access */
+   memcpy(&myEntry, &slot->worker, sizeof myEntry);
+   return &myEntry;
 }
 #endif
 
@@ -542,6 +548,20 @@ StartBackgroundWorker(void)
    snprintf(buf, MAXPGPATH, "bgworker: %s", worker->bgw_name);
    init_ps_display(buf, "", "", "");
 
+   /*
+    * If we're not supposed to have shared memory access, then detach from
+    * shared memory.  If we didn't request shared memory access, the
+    * postmaster won't force a cluster-wide restart if we exit unexpectedly,
+    * so we'd better make sure that we don't mess anything up that would
+    * require that sort of cleanup.
+    */
+   if ((worker->bgw_flags & BGWORKER_SHMEM_ACCESS) == 0)
+   {
+       on_exit_reset();
+       dsm_detach_all();
+       PGSharedMemoryDetach();
+   }
+
    SetProcessingMode(InitProcessing);
 
    /* Apply PostAuthDelay */
@@ -616,19 +636,29 @@ StartBackgroundWorker(void)
    /* We can now handle ereport(ERROR) */
    PG_exception_stack = &local_sigjmp_buf;
 
-   /* Early initialization */
-   BaseInit();
-
    /*
-    * If necessary, create a per-backend PGPROC struct in shared memory,
-    * except in the EXEC_BACKEND case where this was done in
-    * SubPostmasterMain. We must do this before we can use LWLocks (and in
-    * the EXEC_BACKEND case we already had to do some stuff with LWLocks).
+    * If the background worker request shared memory access, set that up now;
+    * else, detach all shared memory segments.
     */
-#ifndef EXEC_BACKEND
    if (worker->bgw_flags & BGWORKER_SHMEM_ACCESS)
+   {
+       /*
+        * Early initialization.  Some of this could be useful even for
+        * background workers that aren't using shared memory, but they can
+        * call the individual startup routines for those subsystems if needed.
+        */
+       BaseInit();
+
+       /*
+        * Create a per-backend PGPROC struct in shared memory, except in the
+        * EXEC_BACKEND case where this was done in SubPostmasterMain. We must
+        * do this before we can use LWLocks (and in the EXEC_BACKEND case we
+        * already had to do some stuff with LWLocks).
+        */
+#ifndef EXEC_BACKEND
        InitProcess();
 #endif
+   }
 
    /*
     * If bgw_main is set, we use that value as the initial entrypoint.