diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2010-03-20 00:58:09 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2010-03-20 00:58:09 +0000 |
| commit | f784f05e95c14bc4234e27db54a220818161c3ac (patch) | |
| tree | 536c5a49ecd5ad4cf7dd76a03746787f9f446099 | |
| parent | acdd6ea5ab887fd18912578f110c55dab0f5ec97 (diff) | |
Clear error_context_stack and debug_query_string at the beginning of proc_exit,
so that we won't try to attach any context printouts to messages that get
emitted while exiting. Per report from Dennis Koegel, the context functions
won't necessarily work after we've started shutting down the backend, and it
seems possible that debug_query_string could be pointing at freed storage
as well. The context information doesn't seem particularly relevant to
such messages anyway, so there's little lost by suppressing it.
Back-patch to all supported branches. I can only demonstrate a crash with
log_disconnections messages back to 8.1, but the risk seems real in 8.0 and
before anyway.
| -rw-r--r-- | src/backend/storage/ipc/ipc.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/src/backend/storage/ipc/ipc.c b/src/backend/storage/ipc/ipc.c index 1c9bff810ae..da6dc083060 100644 --- a/src/backend/storage/ipc/ipc.c +++ b/src/backend/storage/ipc/ipc.c @@ -13,7 +13,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/storage/ipc/ipc.c,v 1.106 2010/01/02 16:57:51 momjian Exp $ + * $PostgreSQL: pgsql/src/backend/storage/ipc/ipc.c,v 1.107 2010/03/20 00:58:09 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -28,6 +28,7 @@ #include "postmaster/autovacuum.h" #endif #include "storage/ipc.h" +#include "tcop/tcopprot.h" /* @@ -163,6 +164,19 @@ proc_exit_prepare(int code) InterruptHoldoffCount = 1; CritSectionCount = 0; + /* + * Also clear the error context stack, to prevent error callbacks + * from being invoked by any elog/ereport calls made during proc_exit. + * Whatever context they might want to offer is probably not relevant, + * and in any case they are likely to fail outright after we've done + * things like aborting any open transaction. (In normal exit scenarios + * the context stack should be empty anyway, but it might not be in the + * case of elog(FATAL) for example.) + */ + error_context_stack = NULL; + /* For the same reason, reset debug_query_string before it's clobbered */ + debug_query_string = NULL; + /* do our shared memory exits first */ shmem_exit(code); |