Fix Windows implementation of PGSemaphoreLock.

The original coding failed to reset ImmediateInterruptOK before returning,
which would potentially allow a subsequent query-cancel interrupt to be
accepted at an unsafe point.  This is a really nasty bug since it's so hard
to predict the consequences, but they could be unpleasant.

Also, ensure that signal handlers are serviced before this function
returns, even if the semaphore is already set.  This should make the
behavior more like Unix.

Back-patch to all supported versions.

diff --git a/src/backend/port/win32_sema.c b/src/backend/port/win32_sema.c
index 3c2248b0788e3de489ed28f8a9a23a9626be3059..1af3fb7734e43b34f6ec807b1783c6ff25e43dcc 100644 (file)
--- a/src/backend/port/win32_sema.c
+++ b/src/backend/port/win32_sema.c
@@ -121,8 +121,13 @@ PGSemaphoreLock(PGSemaphore sema, bool interruptOK)
        DWORD           ret;
        HANDLE          wh[2];
 
-       wh[0] = *sema;
-       wh[1] = pgwin32_signal_event;
+       /*
+        * Note: pgwin32_signal_event should be first to ensure that it will be
+        * reported when multiple events are set.  We want to guarantee that
+        * pending signals are serviced.
+        */
+       wh[0] = pgwin32_signal_event;
+       wh[1] = *sema;
 
        /*
         * As in other implementations of PGSemaphoreLock, we need to check
@@ -135,20 +140,19 @@ PGSemaphoreLock(PGSemaphore sema, bool interruptOK)
                ImmediateInterruptOK = interruptOK;
                CHECK_FOR_INTERRUPTS();
 
-               errno = 0;
                ret = WaitForMultipleObjectsEx(2, wh, FALSE, INFINITE, TRUE);
 
                if (ret == WAIT_OBJECT_0)
-               {
-                       /* We got it! */
-                       return;
-               }
-               else if (ret == WAIT_OBJECT_0 + 1)
                {
                        /* Signal event is set - we have a signal to deliver */
                        pgwin32_dispatch_queued_signals();
                        errno = EINTR;
                }
+               else if (ret == WAIT_OBJECT_0 + 1)
+               {
+                       /* We got it! */
+                       errno = 0;
+               }
                else
                        /* Otherwise we are in trouble */
                        errno = EIDRM;