Fix failure to guarantee that a checkpoint will write out pg_clog updates

for transaction commits that occurred just before the checkpoint. This is an EXTREMELY serious bug --- kudos to Satoshi Okada for creating a reproducible test case to prove its existence.
2025-06-29 10:41:53 +03:00 · 2004-08-11 04:07:16 +00:00
parent bc8a1fc282
commit 3fdf649f4f
3 changed files with 45 additions and 8 deletions
--- a/src/backend/access/transam/xlog.c
+++ b/src/backend/access/transam/xlog.c
@ -7,7 +7,7 @@
 * Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group
 * Portions Copyright (c) 1994, Regents of the University of California
 *
- * $PostgreSQL: pgsql/src/backend/access/transam/xlog.c,v 1.158 2004/08/09 16:26:01 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/access/transam/xlog.c,v 1.159 2004/08/11 04:07:15 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -4699,6 +4699,15 @@ CreateCheckPoint(bool shutdown, bool force)
 	checkPoint.ThisTimeLineID = ThisTimeLineID;
 	checkPoint.time = time(NULL);

+	/*
+	 * We must hold CheckpointStartLock while determining the checkpoint
+	 * REDO pointer.  This ensures that any concurrent transaction commits
+	 * will be either not yet logged, or logged and recorded in pg_clog.
+	 * See notes in RecordTransactionCommit().
+	 */
+	LWLockAcquire(CheckpointStartLock, LW_EXCLUSIVE);
+
+	/* And we need WALInsertLock too */
 	LWLockAcquire(WALInsertLock, LW_EXCLUSIVE);

 	/*
@ -4731,6 +4740,7 @@ CreateCheckPoint(bool shutdown, bool force)
 			ControlFile->checkPointCopy.redo.xrecoff)
 		{
 			LWLockRelease(WALInsertLock);
+			LWLockRelease(CheckpointStartLock);
 			LWLockRelease(CheckpointLock);
 			END_CRIT_SECTION();
 			return;
@ -4789,6 +4799,9 @@ CreateCheckPoint(bool shutdown, bool force)
 	 * GetSnapshotData needs to get XidGenLock while holding SInvalLock,
 	 * so there's a risk of deadlock. Need to find a better solution.  See
 	 * pgsql-hackers discussion of 17-Dec-01.
+	 *
+	 * XXX actually, the whole UNDO code is dead code and unlikely to ever
+	 * be revived, so the lack of a good solution here is not troubling.
 	 */
 #ifdef NOT_USED
 	checkPoint.undo = GetUndoRecPtr();
@ -4798,11 +4811,13 @@ CreateCheckPoint(bool shutdown, bool force)
 #endif

 	/*
-	 * Now we can release insert lock, allowing other xacts to proceed
-	 * even while we are flushing disk buffers.
+	 * Now we can release insert lock and checkpoint start lock, allowing
+	 * other xacts to proceed even while we are flushing disk buffers.
 	 */
 	LWLockRelease(WALInsertLock);

+	LWLockRelease(CheckpointStartLock);
+
 	/*
 	 * Get the other info we need for the checkpoint record.
 	 */