mirror of
https://github.com/postgres/postgres.git
synced 2025-08-09 17:03:00 +03:00
Fix failure to guarantee that a checkpoint will write out pg_clog updates
for transaction commits that occurred just before the checkpoint. This is an EXTREMELY serious bug --- kudos to Satoshi Okada for creating a reproducible test case to prove its existence.
This commit is contained in:
Tom Lane
@@ -8,7 +8,7 @@
|
|||||||
*
|
*
|
||||||
*
|
*
|
||||||
* IDENTIFICATION
|
* IDENTIFICATION
|
||||||
* $Header: /cvsroot/pgsql/src/backend/access/transam/xact.c,v 1.115.2.1 2002/03/15 19:20:43 tgl Exp $
|
* $Header: /cvsroot/pgsql/src/backend/access/transam/xact.c,v 1.115.2.2 2004/08/11 04:09:12 tgl Exp $
|
||||||
*
|
*
|
||||||
* NOTES
|
* NOTES
|
||||||
* Transaction aborts can now occur two ways:
|
* Transaction aborts can now occur two ways:
|
||||||
@@ -557,13 +557,27 @@ RecordTransactionCommit(void)
|
|||||||
*/
|
*/
|
||||||
if (MyXactMadeXLogEntry)
|
if (MyXactMadeXLogEntry)
|
||||||
{
|
{
|
||||||
|
bool madeTCentries;
|
||||||
XLogRecPtr recptr;
|
XLogRecPtr recptr;
|
||||||
|
|
||||||
BufmgrCommit();
|
BufmgrCommit();
|
||||||
|
|
||||||
START_CRIT_SECTION();
|
START_CRIT_SECTION();
|
||||||
|
|
||||||
if (MyLastRecPtr.xrecoff != 0)
|
madeTCentries = (MyLastRecPtr.xrecoff != 0);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We need to lock out checkpoint start between writing our XLOG
|
||||||
|
* record and updating pg_clog. Otherwise it is possible for the
|
||||||
|
* checkpoint to set REDO after the XLOG record but fail to flush the
|
||||||
|
* pg_clog update to disk, leading to loss of the transaction commit
|
||||||
|
* if we crash a little later. Slightly klugy fix for problem
|
||||||
|
* discovered 2004-08-10.
|
||||||
|
*/
|
||||||
|
if (madeTCentries)
|
||||||
|
LWLockAcquire(CheckpointStartLock, LW_SHARED);
|
||||||
|
|
||||||
|
if (madeTCentries)
|
||||||
{
|
{
|
||||||
/* Need to emit a commit record */
|
/* Need to emit a commit record */
|
||||||
XLogRecData rdata;
|
XLogRecData rdata;
|
||||||
@@ -610,9 +624,13 @@ RecordTransactionCommit(void)
|
|||||||
XLogFlush(recptr);
|
XLogFlush(recptr);
|
||||||
|
|
||||||
/* Mark the transaction committed in clog, if needed */
|
/* Mark the transaction committed in clog, if needed */
|
||||||
if (MyLastRecPtr.xrecoff != 0)
|
if (madeTCentries)
|
||||||
TransactionIdCommit(xid);
|
TransactionIdCommit(xid);
|
||||||
|
|
||||||
|
/* Unlock checkpoint lock if we acquired it */
|
||||||
|
if (madeTCentries)
|
||||||
|
LWLockRelease(CheckpointStartLock);
|
||||||
|
|
||||||
END_CRIT_SECTION();
|
END_CRIT_SECTION();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -712,6 +730,8 @@ RecordTransactionAbort(void)
|
|||||||
* nowhere in permanent storage, so no one will ever care if it
|
* nowhere in permanent storage, so no one will ever care if it
|
||||||
* committed.) We do not flush XLOG to disk in any case, since the
|
* committed.) We do not flush XLOG to disk in any case, since the
|
||||||
* default assumption after a crash would be that we aborted, anyway.
|
* default assumption after a crash would be that we aborted, anyway.
|
||||||
|
* For the same reason, we don't need to worry about interlocking
|
||||||
|
* against checkpoint start.
|
||||||
*
|
*
|
||||||
* Extra check here is to catch case that we aborted partway through
|
* Extra check here is to catch case that we aborted partway through
|
||||||
* RecordTransactionCommit ...
|
* RecordTransactionCommit ...
|
||||||
|
|||||||
@@ -7,7 +7,7 @@
|
|||||||
* Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
|
* Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
|
||||||
* Portions Copyright (c) 1994, Regents of the University of California
|
* Portions Copyright (c) 1994, Regents of the University of California
|
||||||
*
|
*
|
||||||
* $Header: /cvsroot/pgsql/src/backend/access/transam/xlog.c,v 1.86.2.3 2003/01/21 19:51:42 tgl Exp $
|
* $Header: /cvsroot/pgsql/src/backend/access/transam/xlog.c,v 1.86.2.4 2004/08/11 04:09:12 tgl Exp $
|
||||||
*
|
*
|
||||||
*-------------------------------------------------------------------------
|
*-------------------------------------------------------------------------
|
||||||
*/
|
*/
|
||||||
@@ -2945,6 +2945,15 @@ CreateCheckPoint(bool shutdown, bool force)
|
|||||||
checkPoint.ThisStartUpID = ThisStartUpID;
|
checkPoint.ThisStartUpID = ThisStartUpID;
|
||||||
checkPoint.time = time(NULL);
|
checkPoint.time = time(NULL);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We must hold CheckpointStartLock while determining the checkpoint
|
||||||
|
* REDO pointer. This ensures that any concurrent transaction commits
|
||||||
|
* will be either not yet logged, or logged and recorded in pg_clog.
|
||||||
|
* See notes in RecordTransactionCommit().
|
||||||
|
*/
|
||||||
|
LWLockAcquire(CheckpointStartLock, LW_EXCLUSIVE);
|
||||||
|
|
||||||
|
/* And we need WALInsertLock too */
|
||||||
LWLockAcquire(WALInsertLock, LW_EXCLUSIVE);
|
LWLockAcquire(WALInsertLock, LW_EXCLUSIVE);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -2976,6 +2985,7 @@ CreateCheckPoint(bool shutdown, bool force)
|
|||||||
ControlFile->checkPointCopy.redo.xrecoff)
|
ControlFile->checkPointCopy.redo.xrecoff)
|
||||||
{
|
{
|
||||||
LWLockRelease(WALInsertLock);
|
LWLockRelease(WALInsertLock);
|
||||||
|
LWLockRelease(CheckpointStartLock);
|
||||||
LWLockRelease(CheckpointLock);
|
LWLockRelease(CheckpointLock);
|
||||||
END_CRIT_SECTION();
|
END_CRIT_SECTION();
|
||||||
return;
|
return;
|
||||||
@@ -3035,11 +3045,13 @@ CreateCheckPoint(bool shutdown, bool force)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Now we can release insert lock, allowing other xacts to proceed
|
* Now we can release insert lock and checkpoint start lock, allowing
|
||||||
* even while we are flushing disk buffers.
|
* other xacts to proceed even while we are flushing disk buffers.
|
||||||
*/
|
*/
|
||||||
LWLockRelease(WALInsertLock);
|
LWLockRelease(WALInsertLock);
|
||||||
|
|
||||||
|
LWLockRelease(CheckpointStartLock);
|
||||||
|
|
||||||
LWLockAcquire(XidGenLock, LW_SHARED);
|
LWLockAcquire(XidGenLock, LW_SHARED);
|
||||||
checkPoint.nextXid = ShmemVariableCache->nextXid;
|
checkPoint.nextXid = ShmemVariableCache->nextXid;
|
||||||
LWLockRelease(XidGenLock);
|
LWLockRelease(XidGenLock);
|
||||||
|
|||||||
@@ -7,7 +7,7 @@
|
|||||||
* Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
|
* Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
|
||||||
* Portions Copyright (c) 1994, Regents of the University of California
|
* Portions Copyright (c) 1994, Regents of the University of California
|
||||||
*
|
*
|
||||||
* $Id: lwlock.h,v 1.4 2001/11/05 17:46:35 momjian Exp $
|
* $Id: lwlock.h,v 1.4.2.1 2004/08/11 04:09:14 tgl Exp $
|
||||||
*
|
*
|
||||||
*-------------------------------------------------------------------------
|
*-------------------------------------------------------------------------
|
||||||
*/
|
*/
|
||||||
@@ -37,6 +37,7 @@ typedef enum LWLockId
|
|||||||
WALWriteLock,
|
WALWriteLock,
|
||||||
ControlFileLock,
|
ControlFileLock,
|
||||||
CheckpointLock,
|
CheckpointLock,
|
||||||
|
CheckpointStartLock,
|
||||||
CLogControlLock,
|
CLogControlLock,
|
||||||
|
|
||||||
NumFixedLWLocks, /* must be last except for
|
NumFixedLWLocks, /* must be last except for
|
||||||
|
|||||||
Reference in New Issue
Block a user