Hi, Commit 2a5225b99d7 fixed a race in ReplicationSlotsComputeRequiredXmin() where ReplicationSlotControlLock was released before the global xmin update, allowing a concurrent backend to overwrite a correct value with a stale one.
ReplicationSlotsComputeRequiredLSN() has the same problem, it releases the lock before calling XLogSetReplicationSlotMinimumLSN(), so a stale minimum LSN can overwrite a correct (lower) one, potentially leading to premature WAL removal. The attached patch moves LWLockRelease() to after the LSN update, matching the xmin fix. Since 2a5225b99d7 was backpatched to all supported versions, I believe this should be as well.
0001-Fix-TOCTOU-race-in-ReplicationSlotsComputeRequiredLS.patch
Description: Binary data
