Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1waY5x-001smr-1k
	for pgsql-hackers@arkaria.postgresql.org;
	Fri, 19 Jun 2026 12:13:13 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1waY1n-00FuH4-0v
	for pgsql-hackers@arkaria.postgresql.org;
	Fri, 19 Jun 2026 12:08:55 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <amit.kapila16@gmail.com>)
	id 1waY1m-00FuGt-38
	for pgsql-hackers@lists.postgresql.org;
	Fri, 19 Jun 2026 12:08:55 +0000
Received: from mail-pf1-x432.google.com ([2607:f8b0:4864:20::432])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.98.2)
	(envelope-from <amit.kapila16@gmail.com>)
	id 1waY1k-00000001GOa-48nN
	for pgsql-hackers@lists.postgresql.org;
	Fri, 19 Jun 2026 12:08:54 +0000
Received: by mail-pf1-x432.google.com with SMTP id
 d2e1a72fcca58-8453427d3f4so1227766b3a.3
        for <pgsql-hackers@lists.postgresql.org>;
 Fri, 19 Jun 2026 05:08:52 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1781870930; cv=none;
        d=google.com; s=arc-20240605;
        b=GZ/L2vKKJ8LKcb7jcBL1OnM29vRKBImP+/B5IC6946ChhRnnD8J9/5zH0QCJbskNaS
         i73EknvcJ4fCtQWPQc1nWrZI2rIOyqLeqPLTzK5v2ylfwhTnqikz0dfqHtfvSb8BBFrG
         u+2gWD1AA8+TkWJAHqdrsz8eTFqd8pnOZmk3X781xDqXH2S/4trAXfLlMedst29w0uN6
         YhoAQMK5acDke9JSYJBGxC0K4j4cWPLBPLA/vVrph/tyc+scMou8tc7GHYHwFYdNmZM/
         fP7mbO02fkfBKwoqBCQbFHjxjXfsibeRJMN4hswkIWL1mw/mCt4J2Q0gXA+ZLJuUnlB4
         V7LQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=+XTZ76VQkPfmtNx5QHR+PPmqoylOBlELYtC+3EcYqn0=;
        fh=lr7JGZdCQHkHj32/sVrAbOE7CP/pjqfAzgZM+ElnqJs=;
        b=anq3xGUQF+aJAc9/junjqiA1Omr/go1/ULg7btZjTMgBG1PkmXbvTFtPgWWJN/0TIP
         H9A6AoDzR1yFobRsMG2JWjV+HjvF5XW0Ey4ATroQLNmfLnJZTMUWKrcQNdgQjpZD4HRK
         o6Ta3xm5DBMw5ADBQZUFUOqNpL3N0vR63IXSN6ukBinjglrQPDFFax0/AXl5gOd7TZSk
         6RmH1SEi4znF85tz0F/a1Lj8+asxJFJ5lWF02/STzwFtReu9RI5ipnLXNJRCqTUFrI0f
         GyeksR+MibT1/06clyuTYxRbtp4TM5tZhUNn7lsld9wjuuF2kuNYjUrT24eZH0ioPT30
         Gotw==;
        darn=lists.postgresql.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1781870930; x=1782475730;
 darn=lists.postgresql.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=+XTZ76VQkPfmtNx5QHR+PPmqoylOBlELYtC+3EcYqn0=;
        b=kOOdMB7XSVrpMiBx6YAUjUgWb0Ksh9Nc34hxs94Kbzk1WxhKWpvU3hDNXkMsDZh9xG
         VCjx2G7gtJjVhYcctvK54l4ytpXkzeZ6XyMXLPw35ygGbxvZxSK3DXve2hPe4m60r17M
         K1YF32dNHiJWl5cheuSLkkbp0qkdkN8cXSCqyiQCXI1YP3I4ksJF4sXCpOpKNpKqPiYc
         TagsrjJ10cHFmF6icmlF8y0NY/YwEkAPYDJdCJaGPkrEZREMEzjlfHpvz5B8g06IUP9I
         YfzkVpM2CrzMhGe8J3aCuSiOAK/aDf2gUIpvjNTB9aTHhFr4O6VSfPIv/+4/kDI2fP1v
         1f+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1781870930; x=1782475730;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=+XTZ76VQkPfmtNx5QHR+PPmqoylOBlELYtC+3EcYqn0=;
        b=Mi/v4rJrCEn9rapDQzcGuXDOCvyi9HzlE8Skhp4OqOPJUCR992Ceb5hQoeMhlpzCeV
         MMyKwJLbPutXQSgI9riW+0m4hXCW5wuR7ZrLDu21KedRlvmpsIB2fVXMfRpjHW3TzH9I
         K8zdiY1CIR/NwAwalmW7oxivoLcxpG972daH3RqUlYNYdgkOebKc4ZoZi9s/FnI6/VA6
         n2vA382gWwdZ9XCu6JKTuMbxL1udz0/GKcZvtqqSRv0BFCi/EFjXhBpGnvGZfJypyDyJ
         o1vhGpxiUTIR32nSP40ZsZHpKffRzn8z0KduP15QFKfVxGtMQmSJcvQ1rRe4VlDbIS2l
         4uaQ==
X-Forwarded-Encrypted: i=1;
 AFNElJ+YRP8zIxteusdxFt2zlYFxxXCY+4a93FFmji6OwlGE+/LDMzbpb0WTwgefGn8KbD1yWkPs0tk2vgRD0uIg@lists.postgresql.org
X-Gm-Message-State: AOJu0YzJjLCSm1vZnoG8UdHqAo9QJmemLEUVYLBSyZZvVg21ZXqoVTpZ
	WMQNBpg9UOlpw/KzWBzIc6hUdbKCq9XZT4YLMJx2niPMOoAepQqgLXyFDi9cqoh+GulzmHBkmgF
	EMuaAMIQmgZMXgjKyu1VRZOHgHwHSKuA=
X-Gm-Gg: AfdE7cmSRx8IugNETqGf21xN26rpgzo566PRqjunTQuP8I9b26vlIIZdbLVSIyroiNH
	bpp6MAMseWM3/7WI5sNo4HPIKA9o8Zb48KRypRjX4aFHa/jn+6/fkSGxR9jU7i41TMOkIAScyCX
	qxU6Y3Bx6oYF6k5O6OSZ/Iq1cThA+5yL4maYnXQIIHeB9+wCRKszYp5jT0GyDsIju9aKWtBK88M
	EAFt+kgd8x8vCirfMw0t/684INc3iGHNOIJkRKwIaPutQnkkTZ7rcoUEerOEC9pkExDCzVkJ4eE
	rkmI18L9TfXs6KPucFBZI5t/haUAjUwdbUJC5nvKaLYk9pRxZWD2iM+r2viR1tWooFiPVpIr5a0
	wz77RgwLRECJFEsnGAWGMzl6Ox+1eLA==
X-Received: by 2002:a05:6a00:451a:b0:842:3ea1:5dd1 with SMTP id
 d2e1a72fcca58-845507d4dafmr3848085b3a.14.1781870930023; Fri, 19 Jun 2026
 05:08:50 -0700 (PDT)
MIME-Version: 1.0
References: 
 <TY4PR01MB177184FF9EE916F577E1F554194082@TY4PR01MB17718.jpnprd01.prod.outlook.com>
 <CAFC+b6o-hD5VxVLZQovmHSYykF8Qzq3eiuBU-U1F_yR9-y6P_w@mail.gmail.com>
 <TY4PR01MB177180A7CE60BCDF286B1C6F594172@TY4PR01MB17718.jpnprd01.prod.outlook.com>
 <CABPTF7VyH1-W2xnDspECDEzFGQj=WTFpZBCqKfM11OAZa6gQHQ@mail.gmail.com>
 <CAHGQGwE+2WSqiAYgNJRkf_twdB+uRGozjjGhUn76vUKZ8dzbSA@mail.gmail.com>
 <CABPTF7VeA8szPv7LYDVY9_7LftV-HM8NFVQR2natPKmr73JW+A@mail.gmail.com>
 <TY4PR01MB1771887D33612C5A45F7E9CDF941E2@TY4PR01MB17718.jpnprd01.prod.outlook.com>
 <CAA4eK1LqFBKCkX2eoX3iQPxJJnzWTaCpdh9zNotxuoG8BgjdtA@mail.gmail.com>
 <CAA4eK1LkRdbm5XA=qa82Rp_y4rnyJh8pypMWVqOezOZpzy=Oaw@mail.gmail.com>
 <CAHGQGwG_3ff4HciHtTZ_uMvbJgSDWsz4Yawj_zQpDG6Yj=Mjng@mail.gmail.com>
 <CABPTF7WBh_mKi60EYLiueaZ_cdJvnrOrpSt3hQkuZ_uY4w5duA@mail.gmail.com>
 <CAA4eK1LJ9=BJU2oK5aFCfvW=w2muSXNHOPM18wHXHLkRzYxhTQ@mail.gmail.com>
 <CAHGQGwGGyEDL3dh7uJ6qPsGvnq4QK_R8+U=12CaprnzwrwaLGA@mail.gmail.com>
 <CABPTF7UCqndPh8jucFtWBpFMoA2oQkSObQGXVVQNVGMZ1q-DCg@mail.gmail.com>
 <CAA4eK1KT-FMjXfFdg98qq_04PNnW6T1G-SUNU9dUtn4AC5g86A@mail.gmail.com>
 <CABPTF7VxwhYAAFg+71jOg_MQLcJaPfPu40ADC8imyXwr-H967w@mail.gmail.com>
In-Reply-To: 
 <CABPTF7VxwhYAAFg+71jOg_MQLcJaPfPu40ADC8imyXwr-H967w@mail.gmail.com>
From: Amit Kapila <amit.kapila16@gmail.com>
Date: Fri, 19 Jun 2026 17:38:37 +0530
X-Gm-Features: AVVi8CclNStRTrNCl-UbYOHFVmzRRlrsS1TWB3BsU5UdMl55yGvfdX2O2ZYlM58
Message-ID: 
 <CAA4eK1JBBcS9R3m8nR93E5P-WxRwRx=AM+STZrp9g1Ma13kfag@mail.gmail.com>
Subject: Re: Fix race in ReplicationSlotRelease for ephemeral slots
To: Xuneng Zhou <xunengzhou@gmail.com>
Cc: Fujii Masao <masao.fujii@gmail.com>,
 "Zhijie Hou (Fujitsu)" <houzj.fnst@fujitsu.com>,
	Srinath Reddy Sadipiralla <srinath2133@gmail.com>,
	PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/CAA4eK1JBBcS9R3m8nR93E5P-WxRwRx%3DAM%2BSTZrp9g1Ma13kfag%40mail.gmail.com>
Precedence: bulk

On Thu, Jun 18, 2026 at 2:06=E2=80=AFPM Xuneng Zhou <xunengzhou@gmail.com> =
wrote:
>
> OK, how about elaborate it a bit like this:
>
> /*
>  * In the small window between getting the slot to drop and
>  * locking the database, there is a possibility of a parallel
>  * database drop by the startup process and the creation of a new
>  * slot by the user. This new user-created slot may end up using
>  * the same shared memory as that of 'local_slot'.
>  *
>  * If that happens, local_slot now describes the replacement slot:
>  * local_sync_slot_required() may have made its drop decision using
>  * the replacement slot's name or invalidation state, and slot_database
>  * may refer to the replacement slot's database. Thus check if
>  * local_slot is still a synced slot before performing the actual drop.
>  * This does not prove it is the original slot, but it prevents dropping
>  * an ordinary user-created replacement slot, and the copied database OID
>  * keeps lock/unlock symmetric. The remaining risk is limited to this
>  * cleanup cycle, such as briefly holding an unrelated database lock, and
>  * is acceptable here because this race is rare.
>  */
>

Okay inspired from your and Fujii-san's version, here is a third version:
/*
 * In the small window between getting the slot to drop and
 * locking the database, there is a possibility of a parallel
 * database drop by the startup process and the creation of a new
 * slot by the user. This new user-created slot may end up using
 * the same shared memory as that of 'local_slot'.
 *
 * Because local_slot still points to a reusable slot-array entry,
 * its fields (name, database OID, invalidation state) may already
 * describe such a replacement slot by the time we reach here. That
 * means the drop decision made by local_sync_slot_required() above
 * could have been based on the replacement slot's data, and
 * slot_database could refer to an unrelated database. The recheck
 * below keeps us from actually dropping a user-created replacement
 * slot; the residual risk is confined to this cycle (for example,
 * briefly locking an unrelated database) and is acceptable because
 * the race is rare and non-fatal.
 */

Thoughts?

--=20
With Regards,
Amit Kapila.