| From: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Andres Freund <andres(at)2ndquadrant(dot)com>, Jan Wieck <jan(at)wi3ck(dot)info>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Race condition between PREPARE TRANSACTION and COMMIT PREPARED (was Re: Problem with txid_snapshot_in/out() functionality) |
| Date: | 2014-04-14 18:48:18 |
| Message-ID: | 534C2D72.4030806@vmware.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 04/14/2014 07:51 PM, Tom Lane wrote:
> I'd prefer to leave the prepare sequence alone and instead find a way
> to reject COMMIT PREPARED until after the source transaction is safely
> clear of the race conditions. The upthread idea of looking at vxid
> instead of xid might help, except that I see we clear both of them
> in ProcArrayClearTransaction. We'd need some state in PGPROC that
> isn't cleared till later than that.
Hmm. What if one of the post-cleanup action fails? We can't bail out of
the prepare sequence until we have transfered the locks to the new
PGPROC. Otherwise the locks are lost. In essence, there should be a
critical section from the EndPrepare call until all the critical cleanup
actions like PostPrepare_Locks have been done, and I don't think we want
that. We might be able to guarantee that the built-in post-cleanup
operations are safe enough for that, but there's also CallXactCallbacks
in there.
Given the lack of reports of that happening, though, perhaps that's not
an issue.
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2014-04-14 19:28:25 | Re: Create function prototype as part of PG_FUNCTION_INFO_V1 |
| Previous Message | Robert Haas | 2014-04-14 18:18:27 | Re: Signaling of waiting for a cleanup lock? |