diff options
| author | Thomas Munro <tmunro@postgresql.org> | 2023-03-09 16:33:24 +1300 |
|---|---|---|
| committer | Thomas Munro <tmunro@postgresql.org> | 2023-03-09 16:33:24 +1300 |
| commit | 65e388d4182ae4eba5afe880471453d33a4097d8 (patch) | |
| tree | 4ec2e8ed722c288c00b8287371eb09cb8304bb9a /src/backend/commands/dbcommands.c | |
| parent | 8bf826528ae9ff7a543a49c0dce665fa9ec542cb (diff) | |
| download | postgresql-65e388d4182ae4eba5afe880471453d33a4097d8.tar.gz postgresql-65e388d4182ae4eba5afe880471453d33a4097d8.zip | |
Fix race in SERIALIZABLE READ ONLY.
Commit bdaabb9b started skipping doomed transactions when building the
list of possible conflicts for SERIALIZABLE READ ONLY. That makes
sense, because doomed transactions won't commit, but a couple of subtle
things broke:
1. If all uncommitted r/w transactions are doomed, a READ ONLY
transaction would arbitrarily not benefit from the safe snapshot
optimization. It would not be taken immediately, and yet no other
transaction would set SXACT_FLAG_RO_SAFE later.
2. In the same circumstances but with DEFERRABLE, GetSafeSnapshot()
would correctly exit its wait loop without sleeping and then take the
optimization in non-assert builds, but assert builds would fail a sanity
check that SXACT_FLAG_RO_SAFE had been set by another transaction.
This is similar to the case for PredXact->WritableSxactCount == 0. We
should opt out immediately if our possibleUnsafeConflicts list is empty
after filtering.
The code to maintain the serializable global xmin is moved down below
the new opt out site, because otherwise we'd have to reverse its effects
before returning.
Back-patch to all supported releases. Bug #17368.
Reported-by: Alexander Lakhin <exclusion@gmail.com>
Discussion: https://postgr.es/m/17116-d6ca217acc180e30%40postgresql.org
Discussion: https://postgr.es/m/20110707212159.GF76634%40csail.mit.edu
Diffstat (limited to 'src/backend/commands/dbcommands.c')
0 files changed, 0 insertions, 0 deletions