Thread: pgsql: Fix race condition in preparing a transaction for two-phase comm
pgsql: Fix race condition in preparing a transaction for two-phase comm
From
Heikki Linnakangas
Date:
Fix race condition in preparing a transaction for two-phase commit. To lock a prepared transaction's shared memory entry, we used to mark it with the XID of the backend. When the XID was no longer active according to the proc array, the entry was implicitly considered as not locked anymore. However, when preparing a transaction, the backend's proc array entry was cleared before transfering the locks (and some other state) to the prepared transaction's dummy PGPROC entry, so there was a window where another backend could finish the transaction before it was in fact fully prepared. To fix, rewrite the locking mechanism of global transaction entries. Instead of an XID, just have simple locked-or-not flag in each entry (we store the locking backend's backend id rather than a simple boolean, but that's just for debugging purposes). The backend is responsible for explicitly unlocking the entry, and to make sure that that happens, install a callback to unlock it on abort or process exit. Backpatch to all supported versions. Branch ------ REL9_3_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/48fc8962f9f1ec456735500795ba894c5da9e89a Modified Files -------------- src/backend/access/transam/twophase.c | 169 ++++++++++++++++++++++++--------- src/backend/access/transam/xact.c | 19 +++- src/include/access/twophase.h | 3 + 3 files changed, 144 insertions(+), 47 deletions(-)