Fix bug in SetOffsetVacuumLimit() triggered by find_multixact_start() failure.

Previously, if find_multixact_start() failed, SetOffsetVacuumLimit() would
install 0 into MultiXactState->offsetStopLimit if it previously succeeded.
Luckily, there are no known cases where find_multixact_start() will return
an error in 9.5 and above. But if it were to happen, for example due to
filesystem permission issues, it'd be somewhat bad: GetNewMultiXactId()
could continue allocating mxids even if close to a wraparound, or it could
erroneously stop allocating mxids, even if no wraparound is looming.  The
wrong value would be corrected the next time SetOffsetVacuumLimit() is
called, or by a restart.

Reported-By: Noah Misch, although this is not his preferred fix
Discussion: 20151210140450.GA22278@alap3.anarazel.de
Backpatch: 9.5, where the bug was introduced as part of 4f627f

diff --git a/src/backend/access/transam/multixact.c b/src/backend/access/transam/multixact.c
index b66a2b60c8b017e43c062d61e54081e907fe4178..d2619bd8fd08fee73be6e29d9b1ed4b6a57e1cfe 100644 (file)
--- a/src/backend/access/transam/multixact.c
+++ b/src/backend/access/transam/multixact.c
@@ -2552,6 +2552,7 @@ SetOffsetVacuumLimit(void)
        bool            oldestOffsetKnown = false;
        bool            prevOldestOffsetKnown;
        MultiXactOffset offsetStopLimit = 0;
+       MultiXactOffset prevOffsetStopLimit;
 
        /*
         * NB: Have to prevent concurrent truncation, we might otherwise try to
@@ -2566,6 +2567,7 @@ SetOffsetVacuumLimit(void)
        nextOffset = MultiXactState->nextOffset;
        prevOldestOffsetKnown = MultiXactState->oldestOffsetKnown;
        prevOldestOffset = MultiXactState->oldestOffset;
+       prevOffsetStopLimit = MultiXactState->offsetStopLimit;
        Assert(MultiXactState->finishedStartup);
        LWLockRelease(MultiXactGenLock);
 
@@ -2633,11 +2635,13 @@ SetOffsetVacuumLimit(void)
        {
                /*
                 * If we failed to get the oldest offset this time, but we have a
-                * value from a previous pass through this function, use the old value
-                * rather than automatically forcing it.
+                * value from a previous pass through this function, use the old
+                * values rather than automatically forcing an emergency autovacuum
+                * cycle again.
                 */
                oldestOffset = prevOldestOffset;
                oldestOffsetKnown = true;
+               offsetStopLimit = prevOffsetStopLimit;
        }
 
        /* Install the computed values */