Add more critical-section calls: all code sections that hold spinlocks

are now critical sections, so as to ensure die() won't interrupt us while
we are munging shared-memory data structures.  Avoid insecure intermediate
states in some code that proc_exit will call, like palloc/pfree.  Rename
START/END_CRIT_CODE to START/END_CRIT_SECTION, since that seems to be
what people tend to call them anyway, and make them be called with () like
a function call, in hopes of not confusing pg_indent.
I doubt that this is sufficient to make SIGTERM safe anywhere; there's
just too much code that could get invoked during proc_exit().

src/include/utils/elog.h

@@ -7,7 +7,7 @@
  * Portions Copyright (c) 1996-2000, PostgreSQL, Inc
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $Id: elog.h,v 1.22 2001/01/07 04:17:28 tgl Exp $
+ * $Id: elog.h,v 1.23 2001/01/12 21:54:01 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -34,16 +34,15 @@ extern int Use_syslog;
  * ProcDiePending will be honored at critical section exit,
  * but QueryCancel is only checked at specified points.
  */
-extern uint32 CritSectionCount;	/* duplicates access/xlog.h */
+extern volatile uint32 CritSectionCount;	/* duplicates access/xlog.h */
 extern volatile bool ProcDiePending;
 extern void ForceProcDie(void);	/* in postgres.c */
 
-#define	START_CRIT_CODE		(CritSectionCount++)
+#define	START_CRIT_SECTION()  (CritSectionCount++)
 
-#define END_CRIT_CODE	\
+#define END_CRIT_SECTION() \
 	do { \
-		if (CritSectionCount == 0) \
-			elog(STOP, "Not in critical section"); \
+		Assert(CritSectionCount > 0); \
 		CritSectionCount--; \
 		if (CritSectionCount == 0 && ProcDiePending) \
 			ForceProcDie(); \