Promote the assertion that XLogBeginInsert() is not called twice into ERROR.

Seems like cheap insurance for WAL bugs. A spurious call to
XLogBeginInsert() in itself would be fairly harmless, but if there is any
data registered and the insertion is not completed/cancelled properly, there
is a risk that the data ends up in a wrong WAL record.

Per Jeff Janes's suggestion.

diff --git a/src/backend/access/transam/xloginsert.c b/src/backend/access/transam/xloginsert.c
index b96c39ac657dd92649254b8d2501e080c0c3a543..0b89c0a7a2c3fe9a0e7ba41d914947f375e2a8d9 100644 (file)
--- a/src/backend/access/transam/xloginsert.c
+++ b/src/backend/access/transam/xloginsert.c
@@ -122,12 +122,14 @@ XLogBeginInsert(void)
        Assert(max_registered_block_id == 0);
        Assert(mainrdata_last == (XLogRecData *) &mainrdata_head);
        Assert(mainrdata_len == 0);
-       Assert(!begininsert_called);
 
        /* cross-check on whether we should be here or not */
        if (!XLogInsertAllowed())
                elog(ERROR, "cannot make new WAL entries during recovery");
 
+       if (begininsert_called)
+               elog(ERROR, "XLogBeginInsert was already called");
+
        begininsert_called = true;
 }