NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit3fdf649

committed

Fix failure to guarantee that a checkpoint will write out pg_clog updates

for transaction commits that occurred just before the checkpoint. This isan EXTREMELY serious bug --- kudos to Satoshi Okada for creating areproducible test case to prove its existence.

1 parentbc8a1fc commit3fdf649Copy full SHA for 3fdf649

File tree

3 files changed

+45

-8

lines changed

src
- backend/access/transam
  - xact.c
  - xlog.c
- include/storage
  - lwlock.h

3 files changed

+45

-8

lines changed

`‎src/backend/access/transam/xact.c`

Lines changed: 25 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@`
`10`	`10`	`*`
`11`	`11`	`*`
`12`	`12`	`* IDENTIFICATION`
`13`		`- * $PostgreSQL: pgsql/src/backend/access/transam/xact.c,v 1.177 2004/08/03 15:57:26 tgl Exp $`
	`13`	`+ * $PostgreSQL: pgsql/src/backend/access/transam/xact.c,v 1.178 2004/08/11 04:07:15 tgl Exp $`
`14`	`14`	`*`
`15`	`15`	`*-------------------------------------------------------------------------`
`16`	`16`	`*/`
`@@ -574,13 +574,28 @@ RecordTransactionCommit(void)`
`574`	`574`	`START_CRIT_SECTION();`
`575`	`575`
`576`	`576`	`/*`
`577`		`- * We only need to log the commit in XLOG if the transaction made`
`578`		`- * any transaction-controlled XLOG entries or will delete files.`
	`577`	`+ * If our transaction made any transaction-controlled XLOG entries,`
	`578`	`+ * we need to lock out checkpoint start between writing our XLOG`
	`579`	`+ * record and updating pg_clog. Otherwise it is possible for the`
	`580`	`+ * checkpoint to set REDO after the XLOG record but fail to flush the`
	`581`	`+ * pg_clog update to disk, leading to loss of the transaction commit`
	`582`	`+ * if we crash a little later. Slightly klugy fix for problem`
	`583`	`+ * discovered 2004-08-10.`
	`584`	`+ *`
`579`	`585`	`* (If it made no transaction-controlled XLOG entries, its XID`
`580`	`586`	`* appears nowhere in permanent storage, so no one else will ever care`
`581`		`- * if it committed.)`
	`587`	`+ * if it committed; so it doesn't matter if we lose the commit flag.)`
	`588`	`+ *`
	`589`	`+ * Note we only need a shared lock.`
`582`	`590`	`*/`
`583`	`591`	`madeTCentries= (MyLastRecPtr.xrecoff!=0);`
	`592`	`+if (madeTCentries)`
	`593`	`+LWLockAcquire(CheckpointStartLock,LW_SHARED);`
	`594`	`+`
	`595`	`+/*`
	`596`	`+ * We only need to log the commit in XLOG if the transaction made`
	`597`	`+ * any transaction-controlled XLOG entries or will delete files.`
	`598`	`+ */`
`584`	`599`	`if (madeTCentries\|\|nrels>0)`
`585`	`600`	`{`
`586`	`601`	`XLogRecDatardata[3];`
`@@ -668,6 +683,10 @@ RecordTransactionCommit(void)`
`668`	`683`	`TransactionIdCommitTree(nchildren,children);`
`669`	`684`	`}`
`670`	`685`
	`686`	`+/* Unlock checkpoint lock if we acquired it */`
	`687`	`+if (madeTCentries)`
	`688`	`+LWLockRelease(CheckpointStartLock);`
	`689`	`+`
`671`	`690`	`END_CRIT_SECTION();`
`672`	`691`	`}`
`673`	`692`
`@@ -850,6 +869,8 @@ RecordTransactionAbort(void)`
`850`	`869`	`*`
`851`	`870`	`* We do not flush XLOG to disk unless deleting files, since the`
`852`	`871`	`* default assumption after a crash would be that we aborted, anyway.`
	`872`	`+ * For the same reason, we don't need to worry about interlocking`
	`873`	`+ * against checkpoint start.`
`853`	`874`	`*/`
`854`	`875`	`if (MyLastRecPtr.xrecoff!=0\|\|nrels>0)`
`855`	`876`	`{`

`‎src/backend/access/transam/xlog.c`

Lines changed: 18 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@`
`7`	`7`	`* Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group`
`8`	`8`	`* Portions Copyright (c) 1994, Regents of the University of California`
`9`	`9`	`*`
`10`		`- * $PostgreSQL: pgsql/src/backend/access/transam/xlog.c,v 1.158 2004/08/09 16:26:01 tgl Exp $`
	`10`	`+ * $PostgreSQL: pgsql/src/backend/access/transam/xlog.c,v 1.159 2004/08/11 04:07:15 tgl Exp $`
`11`	`11`	`*`
`12`	`12`	`*-------------------------------------------------------------------------`
`13`	`13`	`*/`
`@@ -4699,6 +4699,15 @@ CreateCheckPoint(bool shutdown, bool force)`
`4699`	`4699`	`checkPoint.ThisTimeLineID=ThisTimeLineID;`
`4700`	`4700`	`checkPoint.time=time(NULL);`
`4701`	`4701`
	`4702`	`+/*`
	`4703`	`+ * We must hold CheckpointStartLock while determining the checkpoint`
	`4704`	`+ * REDO pointer. This ensures that any concurrent transaction commits`
	`4705`	`+ * will be either not yet logged, or logged and recorded in pg_clog.`
	`4706`	`+ * See notes in RecordTransactionCommit().`
	`4707`	`+ */`
	`4708`	`+LWLockAcquire(CheckpointStartLock,LW_EXCLUSIVE);`
	`4709`	`+`
	`4710`	`+/* And we need WALInsertLock too */`
`4702`	`4711`	`LWLockAcquire(WALInsertLock,LW_EXCLUSIVE);`
`4703`	`4712`
`4704`	`4713`	`/*`
`@@ -4731,6 +4740,7 @@ CreateCheckPoint(bool shutdown, bool force)`
`4731`	`4740`	`ControlFile->checkPointCopy.redo.xrecoff)`
`4732`	`4741`	`{`
`4733`	`4742`	`LWLockRelease(WALInsertLock);`
	`4743`	`+LWLockRelease(CheckpointStartLock);`
`4734`	`4744`	`LWLockRelease(CheckpointLock);`
`4735`	`4745`	`END_CRIT_SECTION();`
`4736`	`4746`	`return;`
`@@ -4789,6 +4799,9 @@ CreateCheckPoint(bool shutdown, bool force)`
`4789`	`4799`	`* GetSnapshotData needs to get XidGenLock while holding SInvalLock,`
`4790`	`4800`	`* so there's a risk of deadlock. Need to find a better solution. See`
`4791`	`4801`	`* pgsql-hackers discussion of 17-Dec-01.`
	`4802`	`+ *`
	`4803`	`+ * XXX actually, the whole UNDO code is dead code and unlikely to ever`
	`4804`	`+ * be revived, so the lack of a good solution here is not troubling.`
`4792`	`4805`	`*/`
`4793`	`4806`	`#ifdefNOT_USED`
`4794`	`4807`	`checkPoint.undo=GetUndoRecPtr();`
`@@ -4798,11 +4811,13 @@ CreateCheckPoint(bool shutdown, bool force)`
`4798`	`4811`	`#endif`
`4799`	`4812`
`4800`	`4813`	`/*`
`4801`		`- * Now we can release insert lock, allowing other xacts to proceed`
`4802`		`- * even while we are flushing disk buffers.`
	`4814`	`+ * Now we can release insert lock and checkpoint start lock, allowing`
	`4815`	`+ *other xacts to proceedeven while we are flushing disk buffers.`
`4803`	`4816`	`*/`
`4804`	`4817`	`LWLockRelease(WALInsertLock);`
`4805`	`4818`
	`4819`	`+LWLockRelease(CheckpointStartLock);`
	`4820`	`+`
`4806`	`4821`	`/*`
`4807`	`4822`	`* Get the other info we need for the checkpoint record.`
`4808`	`4823`	`*/`

`‎src/include/storage/lwlock.h`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@`
`7`	`7`	`* Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group`
`8`	`8`	`* Portions Copyright (c) 1994, Regents of the University of California`
`9`	`9`	`*`
`10`		`- * $PostgreSQL: pgsql/src/include/storage/lwlock.h,v 1.12 2004/06/1116:43:24 tgl Exp $`
	`10`	`+ * $PostgreSQL: pgsql/src/include/storage/lwlock.h,v 1.13 2004/08/1104:07:16 tgl Exp $`
`11`	`11`	`*`
`12`	`12`	`*-------------------------------------------------------------------------`
`13`	`13`	`*/`
`@@ -36,6 +36,7 @@ typedef enum LWLockId`
`36`	`36`	`WALWriteLock,`
`37`	`37`	`ControlFileLock,`
`38`	`38`	`CheckpointLock,`
	`39`	`+CheckpointStartLock,`
`39`	`40`	`RelCacheInitLock,`
`40`	`41`	`BgWriterCommLock,`
`41`	`42`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit3fdf649

File tree

3 files changed

3 files changed

`‎src/backend/access/transam/xact.c`

`‎src/backend/access/transam/xlog.c`

`‎src/include/storage/lwlock.h`

0 commit comments