aws / pg_tle

Framework for building trusted language extensions for PostgreSQL
Apache License 2.0
337 stars 30 forks source link

clientauth can hang indefinitely if pgtle.clientauth_num_parallel_workers > max_worker_processes #252

Closed adamguo0 closed 11 months ago

adamguo0 commented 1 year ago

Description

On startup, pg_tle tries to create background workers for the clientauth feature. The number of workers is determined by pgtle.clientauth_num_parallel_workers, but if max_worker_processes is not sufficiently high the creation will fail. When this happens, the database still starts up and clientauth is still usable, but the workers are not all present.

Since workers are assigned based on the client backend's PID, this causes some clients to not have a clientauth worker assigned, causing them to hang indefinitely.

Steps to reproduce

Set pgtle.clientauth_num_parallel_workers to a large number and max_worker_processes to a smaller number (bigger difference makes it easier to reproduce) and restart database. Create and register any clientauth function. Try connecting to the database (may take several tries to land on an unassigned PID).

Expected outcome

Clientauth function should be executed.

Actual outcome

Clientauth function is never executed, connection hangs indefinitely.

Analysis

On startup, clientauth should check whether all workers have initialized. If not, all clientauth calls should throw an error. We can even block database startup if there were issues initializing workers, since a database restart is necessary to adjust either parameter.