Use barrier semantics when reading/writing writtenUpto

The walreceiver publishes its write position lock-free via writtenUpto.
On weakly-ordered architectures (ARM, PowerPC), both sides of this
handshake need explicit barriers so that the lock-less reader sees a
consistent state.

Use pg_atomic_write_membarrier_u64() at both write sites and
pg_atomic_read_membarrier_u64() in GetWalRcvWriteRecPtr().  This matches
the barrier semantics that GetWalRcvFlushRecPtr() and other LSN-position
functions get implicitly from their spinlock acquire/release, and
protects from bugs caused by expectations of similar barrier guarantees
from different LSN-position functions.

Reported-by: Andres Freund <andres@anarazel.de>
Discussion: https://postgr.es/m/zqbppucpmkeqecfy4s5kscnru4tbk6khp3ozqz6ad2zijz354k%40w4bdf4z3wqoz
Author: Xuneng Zhou <xunengzhou@gmail.com>
Reviewed-by: Andres Freund <andres@anarazel.de>
Reviewed-by: Alexander Korotkov <aekorotkov@gmail.com>

diff --git a/src/backend/replication/walreceiver.c b/src/backend/replication/walreceiver.c
index df03dae5836423f96fc1c389f93c34fcd69f1167..9e40f066c978d39b04268ea1fba6e6d61558e439 100644 (file)
--- a/src/backend/replication/walreceiver.c
+++ b/src/backend/replication/walreceiver.c
@@ -978,7 +978,7 @@ XLogWalRcvWrite(char *buf, Size nbytes, XLogRecPtr recptr, TimeLineID tli)
        }
 
        /* Update shared-memory status */
-       pg_atomic_write_u64(&WalRcv->writtenUpto, LogstreamResult.Write);
+       pg_atomic_write_membarrier_u64(&WalRcv->writtenUpto, LogstreamResult.Write);
 
        /*
         * If we wrote an LSN that someone was waiting for, notify the waiters.

diff --git a/src/backend/replication/walreceiverfuncs.c b/src/backend/replication/walreceiverfuncs.c
index bd5d47be964cdae163112da77b6f4d244a62eecd..a0ed853e2f60ff6406ffd8946e428b782804eb29 100644 (file)
--- a/src/backend/replication/walreceiverfuncs.c
+++ b/src/backend/replication/walreceiverfuncs.c
@@ -321,7 +321,12 @@ RequestXLogStreaming(TimeLineID tli, XLogRecPtr recptr, const char *conninfo,
                walrcv->flushedUpto = recptr;
                walrcv->receivedTLI = tli;
                walrcv->latestChunkStart = recptr;
-               pg_atomic_write_u64(&walrcv->writtenUpto, recptr);
+
+               /*
+                * Pairs with pg_atomic_read_membarrier_u64() in
+                * GetWalRcvWriteRecPtr().
+                */
+               pg_atomic_write_membarrier_u64(&walrcv->writtenUpto, recptr);
        }
        walrcv->receiveStart = recptr;
        walrcv->receiveStartTLI = tli;
@@ -363,14 +368,17 @@ GetWalRcvFlushRecPtr(XLogRecPtr *latestChunkStart, TimeLineID *receiveTLI)
 
 /*
  * Returns the last+1 byte position that walreceiver has written.
- * This returns a recently written value without taking a lock.
+ *
+ * Use pg_atomic_read_membarrier_u64() to ensure that callers see up-to-date
+ * shared memory state, matching the barrier semantics provided by the
+ * spinlock in GetWalRcvFlushRecPtr() and other LSN-position functions.
  */
 XLogRecPtr
 GetWalRcvWriteRecPtr(void)
 {
        WalRcvData *walrcv = WalRcv;
 
-       return pg_atomic_read_u64(&walrcv->writtenUpto);
+       return pg_atomic_read_membarrier_u64(&walrcv->writtenUpto);
 }
 
 /*