Prevent very-low-probability PANIC during PREPARE TRANSACTION.
The code in PostPrepare_Locks supposed that it could reassign locks to
the prepared transaction's dummy PGPROC by deleting the PROCLOCK table
entries and immediately creating new ones. This was safe when that code
was written, but since we invented partitioning of the shared lock table,
it's not safe --- another process could steal away the PROCLOCK entry in
the short interval when it's on the freelist. Then, if we were otherwise
out of shared memory, PostPrepare_Locks would have to PANIC, since it's
too late to back out of the PREPARE at that point.
Fix by inventing a dynahash.c function to atomically update a hashtable
entry's key. (This might possibly have other uses in future.)
This is an ancient bug that in principle we ought to back-patch, but the
odds of someone hitting it in the field seem really tiny, because (a) the
risk window is small, and (b) nobody runs servers with maxed-out lock
tables for long, because they'll be getting non-PANIC out-of-memory errors
anyway. So fixing it in HEAD seems sufficient, at least until the new
code has gotten some testing.
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/2065dd2834e832eb820f1fbcd16746d6af1f6037
Modified Files
--------------
src/backend/storage/lmgr/lock.c | 71 ++++++------------
src/backend/utils/hash/dynahash.c | 144 +++++++++++++++++++++++++++++++++++++
src/include/utils/hsearch.h | 2 +
3 files changed, 169 insertions(+), 48 deletions(-)