Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wapOu-0025Xa-2k
	for pgsql-hackers@arkaria.postgresql.org;
	Sat, 20 Jun 2026 06:41:57 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wapOs-000iV3-1Q
	for pgsql-hackers@arkaria.postgresql.org;
	Sat, 20 Jun 2026 06:41:54 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <xunengzhou@gmail.com>)
	id 1wapOr-000iUv-2Y
	for pgsql-hackers@lists.postgresql.org;
	Sat, 20 Jun 2026 06:41:53 +0000
Received: from mail-ej1-x630.google.com ([2a00:1450:4864:20::630])
	by makus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.98.2)
	(envelope-from <xunengzhou@gmail.com>)
	id 1wapOq-00000001Ffb-1XeS
	for pgsql-hackers@lists.postgresql.org;
	Sat, 20 Jun 2026 06:41:52 +0000
Received: by mail-ej1-x630.google.com with SMTP id
 a640c23a62f3a-bed19623d6eso400479866b.1
        for <pgsql-hackers@lists.postgresql.org>;
 Fri, 19 Jun 2026 23:41:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1781937709; cv=none;
        d=google.com; s=arc-20240605;
        b=TyfWgxGEKZcV7W5wuo48IQ/vcCMJjTyZb6QKko9Kh1NhXh6WzB++EU4u0N988jCfD4
         bqkKwkTXX3AP+fpoFWMaHeqINsgqeBFR6EAmUAasOYCRwtSZLQmtnD1uW6cqOv5alZp2
         lAoV0M0PsPK4RWeUGYAV0YR0VI1E2FNvS5xOZKdgUsO/BxbHgrvVqzdxKIyCGqtGbUVv
         ej1sKPlYT5dEcoJvX8jStZN5kJvrREq50iDEv2bNPRkI9B901l1cfnp4QP+oMVECbJSQ
         gpwPywQbST7Haz9uprj7clCrV9JHShGrPhp8d+RBmItJGgEpnI1hmj2JZh66AKpVgtxD
         PEng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=aM5jXBzeVEfOvfsh16j1xfh5QEbYKvR5dZUxIINjIP0=;
        fh=/OlZLgr4TVy5XmyaxCxIa2jvoWwQQkhrhCtcvbVJ5sg=;
        b=k5/YpOTfC4/9gss2Pkdab7JyTevwOSfviHH5qWs9n6iP12m06pllUJPE5fcA4sjuJK
         6MEoiDmOHY9MYU6fo2Ucrt0skuJ7XjJ4BVl/ToPNenX8VTCP78TA0HOwhajy8bByrrkm
         1TVipD3iVeuGnOA/j+UMiqa/YGTGP91kNe7qFtWdvEoklwnm2BUxD72FqpmJgBEWMhql
         jZvhrlnMocWE2eeAo4806rTekbIUHF0qXDtFoNJaadIUoSaq0iHdtAJa/Drz81VC+CvW
         V7SXSehSMNYEes31axA/G65Je2mHFnBj/yyfIB09jLZSsO9/wFYQB8CfK4y1FQbHG0jF
         zdeg==;
        darn=lists.postgresql.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1781937709; x=1782542509;
 darn=lists.postgresql.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=aM5jXBzeVEfOvfsh16j1xfh5QEbYKvR5dZUxIINjIP0=;
        b=CRfqu3cc1as5pHVpU4QkX6mNon2KiG0DXT7k6srOFn33/n6iScYhzXbs1/X2QDCABb
         DQ6XSFbdQG56UL1ADkyYdVSx9RxrYcHh3eJMYVcdVdewvP8FUQ8iKvZHl0zLHDbYmy9A
         XUrt2fc4wPhxcavTYE/sC+vWan9Gik6MJ5DqAtW8gGjg1Ht9NjKmW3U9GxGrzNrHYZr4
         gSVguk5yIUQwYi9ilr2+joweyyMIQ9DJ5pRRLLmXXeczqyiNwkTIBAFn4dLFInhj93Uh
         mAsrY7SYCG7WWXDge/FK0K0U/nVhQid7RkX9u8oTU+VYUpXEG7563/w2Llw5AxSHJ1sp
         P/Aw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1781937709; x=1782542509;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=aM5jXBzeVEfOvfsh16j1xfh5QEbYKvR5dZUxIINjIP0=;
        b=MQlHo5c1mD0lqYft4GQznxhaZAYRuU5djHQc+Kunc9PnhEOa1Krew9Srxhjqd3d3uU
         TFAv7fSSX2AgJ/rvqd3qh6MtEifCJIZDt62LV6TH01aiKQAcVstebZeY/D/qQ307fDEk
         4tG+oI3oR59ov1hjzYDbLWvTU1JwzZNlG5mjMa7yKQ0ouI5/dZWv7b34OPx42LXDYhG7
         KMQMJR9K7krzAwck8L03X2H6vkO1eshS3rfEgzUD2e/J+KxaWODLnZBf6/AyxXJvFVDg
         4oHOY2h5Z8ZnIXN8Wtor+dKFSWxxZht/Movjy4EM1BuusQiOFuFHSxjqkENf/rBMRJoU
         bl6Q==
X-Forwarded-Encrypted: i=1;
 AFNElJ9HQ8/1M4O8902NHER/RV2Al+juhqG7VpdPPQtu1Kg/GLXc2us4T2RnU2A+kIMxRWCjOUbTiGms51pslWEL@lists.postgresql.org
X-Gm-Message-State: AOJu0YyrjNpMn9v4Ra35jUnO5jXSeJacE8cKUjd/4q4lz3sEUYAeXPCh
	Vwl8FohW2bsM4LGLJl2pADXBViQyy8EuUAH5IkOI0dYoUvLRnJkHdvvX/ZSlTQFEHCyjiTjxHI9
	5gWFEucPMyWZOXcRwQeXFC+U/iPFa00E=
X-Gm-Gg: AfdE7clHOnSpv2mlRr9Sw2BhmkIEDdRuD9+TuTguqsyn7Yb0qrOl+E5dBRRoE8keCJX
	YNsHHyHe1ItiEjnc02NIrkdWoObjRetAhbjfmY9UDyo/km2onm8M9pDVu8EaWdYwyGtMO5h28+z
	b2BV5KvGXfihK3FXMVomGYJ6RmskeLWsjlup9pOOiYb9YcasQ8OatOG2go0BKoGUjtSf++ikiFG
	4eQU9y96LLZoFi1UM5cGghCcrssVy4UieVowXG7C7KJTC/Cag1bMVDR9tb5puEsUvokv7zyMgkD
	PAte09Ge37mpxNVpwIInKaHGRB1mEb5Iz9bBAWLCfZET5szJc3h3+Yugcb9wWLJspvkRNVFqBeW
	jlLurbYGum2RLvIkHCMv4pe5uy/I=
X-Received: by 2002:a17:907:7290:b0:c03:ee1f:9d3b with SMTP id
 a640c23a62f3a-c0b6aed7775mr282539466b.43.1781937707968; Fri, 19 Jun 2026
 23:41:47 -0700 (PDT)
MIME-Version: 1.0
References: 
 <TY4PR01MB177184FF9EE916F577E1F554194082@TY4PR01MB17718.jpnprd01.prod.outlook.com>
 <CAFC+b6o-hD5VxVLZQovmHSYykF8Qzq3eiuBU-U1F_yR9-y6P_w@mail.gmail.com>
 <TY4PR01MB177180A7CE60BCDF286B1C6F594172@TY4PR01MB17718.jpnprd01.prod.outlook.com>
 <CABPTF7VyH1-W2xnDspECDEzFGQj=WTFpZBCqKfM11OAZa6gQHQ@mail.gmail.com>
 <CAHGQGwE+2WSqiAYgNJRkf_twdB+uRGozjjGhUn76vUKZ8dzbSA@mail.gmail.com>
 <CABPTF7VeA8szPv7LYDVY9_7LftV-HM8NFVQR2natPKmr73JW+A@mail.gmail.com>
 <TY4PR01MB1771887D33612C5A45F7E9CDF941E2@TY4PR01MB17718.jpnprd01.prod.outlook.com>
 <CAA4eK1LqFBKCkX2eoX3iQPxJJnzWTaCpdh9zNotxuoG8BgjdtA@mail.gmail.com>
 <CAA4eK1LkRdbm5XA=qa82Rp_y4rnyJh8pypMWVqOezOZpzy=Oaw@mail.gmail.com>
 <CAHGQGwG_3ff4HciHtTZ_uMvbJgSDWsz4Yawj_zQpDG6Yj=Mjng@mail.gmail.com>
 <CABPTF7WBh_mKi60EYLiueaZ_cdJvnrOrpSt3hQkuZ_uY4w5duA@mail.gmail.com>
 <CAA4eK1LJ9=BJU2oK5aFCfvW=w2muSXNHOPM18wHXHLkRzYxhTQ@mail.gmail.com>
 <CAHGQGwGGyEDL3dh7uJ6qPsGvnq4QK_R8+U=12CaprnzwrwaLGA@mail.gmail.com>
 <CABPTF7UCqndPh8jucFtWBpFMoA2oQkSObQGXVVQNVGMZ1q-DCg@mail.gmail.com>
 <CAA4eK1KT-FMjXfFdg98qq_04PNnW6T1G-SUNU9dUtn4AC5g86A@mail.gmail.com>
 <CABPTF7VxwhYAAFg+71jOg_MQLcJaPfPu40ADC8imyXwr-H967w@mail.gmail.com>
 <CAA4eK1JBBcS9R3m8nR93E5P-WxRwRx=AM+STZrp9g1Ma13kfag@mail.gmail.com>
In-Reply-To: 
 <CAA4eK1JBBcS9R3m8nR93E5P-WxRwRx=AM+STZrp9g1Ma13kfag@mail.gmail.com>
From: Xuneng Zhou <xunengzhou@gmail.com>
Date: Sat, 20 Jun 2026 14:41:35 +0800
X-Gm-Features: AVVi8Cf9uRNILMzF9_EfyzURSdin0UaTHrajSUSb927KBW00HBTPOQgiwtJZYiA
Message-ID: 
 <CABPTF7Um6sB-7WLg5OeBMD5DvWNkj3ZwACp5A69hgL3GUD2Ezg@mail.gmail.com>
Subject: Re: Fix race in ReplicationSlotRelease for ephemeral slots
To: Amit Kapila <amit.kapila16@gmail.com>
Cc: Fujii Masao <masao.fujii@gmail.com>,
 "Zhijie Hou (Fujitsu)" <houzj.fnst@fujitsu.com>,
	Srinath Reddy Sadipiralla <srinath2133@gmail.com>,
	PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/CABPTF7Um6sB-7WLg5OeBMD5DvWNkj3ZwACp5A69hgL3GUD2Ezg%40mail.gmail.com>
Precedence: bulk

On Fri, Jun 19, 2026 at 8:08=E2=80=AFPM Amit Kapila <amit.kapila16@gmail.co=
m> wrote:
>
> On Thu, Jun 18, 2026 at 2:06=E2=80=AFPM Xuneng Zhou <xunengzhou@gmail.com=
> wrote:
> >
> > OK, how about elaborate it a bit like this:
> >
> > /*
> >  * In the small window between getting the slot to drop and
> >  * locking the database, there is a possibility of a parallel
> >  * database drop by the startup process and the creation of a new
> >  * slot by the user. This new user-created slot may end up using
> >  * the same shared memory as that of 'local_slot'.
> >  *
> >  * If that happens, local_slot now describes the replacement slot:
> >  * local_sync_slot_required() may have made its drop decision using
> >  * the replacement slot's name or invalidation state, and slot_database
> >  * may refer to the replacement slot's database. Thus check if
> >  * local_slot is still a synced slot before performing the actual drop.
> >  * This does not prove it is the original slot, but it prevents droppin=
g
> >  * an ordinary user-created replacement slot, and the copied database O=
ID
> >  * keeps lock/unlock symmetric. The remaining risk is limited to this
> >  * cleanup cycle, such as briefly holding an unrelated database lock, a=
nd
> >  * is acceptable here because this race is rare.
> >  */
> >
>
> Okay inspired from your and Fujii-san's version, here is a third version:
> /*
>  * In the small window between getting the slot to drop and
>  * locking the database, there is a possibility of a parallel
>  * database drop by the startup process and the creation of a new
>  * slot by the user. This new user-created slot may end up using
>  * the same shared memory as that of 'local_slot'.
>  *
>  * Because local_slot still points to a reusable slot-array entry,
>  * its fields (name, database OID, invalidation state) may already
>  * describe such a replacement slot by the time we reach here. That
>  * means the drop decision made by local_sync_slot_required() above
>  * could have been based on the replacement slot's data, and
>  * slot_database could refer to an unrelated database. The recheck
>  * below keeps us from actually dropping a user-created replacement
>  * slot; the residual risk is confined to this cycle (for example,
>  * briefly locking an unrelated database) and is acceptable because
>  * the race is rare and non-fatal.
>  */
>
> Thoughts?

LGTM. It looks well-articulated.

--=20
Regards,
Xuneng Zhou
HighGo Software Co., Ltd.