From 553e021a7916fa15f4cd67036ba5d73c5172f54a Mon Sep 17 00:00:00 2001
From: reshke <reshke@double.cloud>
Date: Mon, 18 Aug 2025 09:35:55 +0000
Subject: [PATCH v2] Do not exit on postmaster death even inside CRIT sections.

One of critical sections essential invariats is not to allow
any other process to observe half-way made changes.
This inludes requrement of holding locks to modified buffer
until xlog records describing changes are properly created.
PostgreSQL already disallows to process any signal cancellation
inside CRIT section, guaratees process does not release lock
on its buffers too early. This patch does the same inside proc_exit(),
disallowing to exit on Postmaster death event inside CRIT
section.
---
 src/backend/storage/ipc/ipc.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/backend/storage/ipc/ipc.c b/src/backend/storage/ipc/ipc.c
index 2704e80b3a7..796d5df7e81 100644
--- a/src/backend/storage/ipc/ipc.c
+++ b/src/backend/storage/ipc/ipc.c
@@ -107,6 +107,9 @@ proc_exit(int code)
 	if (MyProcPid != (int) getpid())
 		elog(PANIC, "proc_exit() called in child process");
 
+	if (CritSectionCount != 0)
+		_exit(2);
+
 	/* Clean up everything that must be cleaned up */
 	proc_exit_prepare(code);
 
-- 
2.43.0