From 93519b0c620123301142ac49b79796be20c2dce8 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Tue, 16 Aug 2011 13:12:10 -0400 Subject: Fix race condition in relcache init file invalidation. The previous code tried to synchronize by unlinking the init file twice, but that doesn't actually work: it leaves a window wherein a third process could read the already-stale init file but miss the SI messages that would tell it the data is stale. The result would be bizarre failures in catalog accesses, typically "could not read block 0 in file ..." later during startup. Instead, hold RelCacheInitLock across both the unlink and the sending of the SI messages. This is more straightforward, and might even be a bit faster since only one unlink call is needed. This has been wrong since it was put in (in 2002!), so back-patch to all supported releases. --- src/backend/access/transam/twophase.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/backend/access/transam/twophase.c') diff --git a/src/backend/access/transam/twophase.c b/src/backend/access/transam/twophase.c index d6dca97bce8..4691c7e14ab 100644 --- a/src/backend/access/transam/twophase.c +++ b/src/backend/access/transam/twophase.c @@ -1338,10 +1338,10 @@ FinishPreparedTransaction(const char *gid, bool isCommit) * after we send the SI messages. See AtEOXact_Inval() */ if (hdr->initfileinval) - RelationCacheInitFileInvalidate(true); + RelationCacheInitFilePreInvalidate(); SendSharedInvalidMessages(invalmsgs, hdr->ninvalmsgs); if (hdr->initfileinval) - RelationCacheInitFileInvalidate(false); + RelationCacheInitFilePostInvalidate(); /* And now do the callbacks */ if (isCommit) -- cgit v1.2.3