| blob | 36610a1c7e7f51faed76dca908e9e1f721eb5dac |
1 /*-------------------------------------------------------------------------
2 *
3 * procarray.c
4 * POSTGRES process array code.
5 *
6 *
7 * This module maintains arrays of PGPROC substructures, as well as associated
8 * arrays in ProcGlobal, for all active backends. Although there are several
9 * uses for this, the principal one is as a means of determining the set of
10 * currently running transactions.
11 *
12 * Because of various subtle race conditions it is critical that a backend
13 * hold the correct locks while setting or clearing its xid (in
14 * ProcGlobal->xids[]/MyProc->xid). See notes in
15 * src/backend/access/transam/README.
16 *
17 * The process arrays now also include structures representing prepared
18 * transactions. The xid and subxids fields of these are valid, as are the
19 * myProcLocks lists. They can be distinguished from regular backend PGPROCs
20 * at need by checking for pid == 0.
21 *
22 * During hot standby, we also keep a list of XIDs representing transactions
23 * that are known to be running on the primary (or more precisely, were running
24 * as of the current point in the WAL stream). This list is kept in the
25 * KnownAssignedXids array, and is updated by watching the sequence of
26 * arriving XIDs. This is necessary because if we leave those XIDs out of
27 * snapshots taken for standby queries, then they will appear to be already
28 * complete, leading to MVCC failures. Note that in hot standby, the PGPROC
29 * array represents standby processes, which by definition are not running
30 * transactions that have XIDs.
31 *
32 * It is perhaps possible for a backend on the primary to terminate without
33 * writing an abort record for its transaction. While that shouldn't really
34 * happen, it would tie up KnownAssignedXids indefinitely, so we protect
35 * ourselves by pruning the array when a valid list of running XIDs arrives.
36 *
37 * Portions Copyright (c) 1996-2024, PostgreSQL Global Development Group
38 * Portions Copyright (c) 1994, Regents of the University of California
39 *
40 *
41 * IDENTIFICATION
42 * src/backend/storage/ipc/procarray.c
43 *
44 *-------------------------------------------------------------------------
45 */
48 #include <signal.h>
68 #define UINT32_ACCESS_ONCE(var) ((uint32)(*((volatile uint32 *)&(var))))
70 /* Our shared memory area */
72 {
76 /*
77 * Known assigned XIDs handling
78 */
84 /*
85 * Highest subxid that has been removed from KnownAssignedXids array to
86 * prevent overflow; or InvalidTransactionId if none. We track this for
87 * similar reasons to tracking overflowing cached subxids in PGPROC
88 * entries. Must hold exclusive ProcArrayLock to change this, and shared
89 * lock to read it.
90 */
91 TransactionId lastOverflowedXid;
93 /* oldest xmin of any replication slot */
94 TransactionId replication_slot_xmin;
95 /* oldest catalog xmin of any replication slot */
96 TransactionId replication_slot_catalog_xmin;
98 /* indexes into allProcs[], has PROCARRAY_MAXPROCS entries */
102 /*
103 * State for the GlobalVisTest* family of functions. Those functions can
104 * e.g. be used to decide if a deleted row can be removed without violating
105 * MVCC semantics: If the deleted row's xmax is not considered to be running
106 * by anyone, the row can be removed.
107 *
108 * To avoid slowing down GetSnapshotData(), we don't calculate a precise
109 * cutoff XID while building a snapshot (looking at the frequently changing
110 * xmins scales badly). Instead we compute two boundaries while building the
111 * snapshot:
112 *
113 * 1) definitely_needed, indicating that rows deleted by XIDs >=
114 * definitely_needed are definitely still visible.
115 *
116 * 2) maybe_needed, indicating that rows deleted by XIDs < maybe_needed can
117 * definitely be removed
118 *
119 * When testing an XID that falls in between the two (i.e. XID >= maybe_needed
120 * && XID < definitely_needed), the boundaries can be recomputed (using
121 * ComputeXidHorizons()) to get a more accurate answer. This is cheaper than
122 * maintaining an accurate value all the time.
123 *
124 * As it is not cheap to compute accurate boundaries, we limit the number of
125 * times that happens in short succession. See GlobalVisTestShouldUpdate().
126 *
127 *
128 * There are three backend lifetime instances of this struct, optimized for
129 * different types of relations. As e.g. a normal user defined table in one
130 * database is inaccessible to backends connected to another database, a test
131 * specific to a relation can be more aggressive than a test for a shared
132 * relation. Currently we track four different states:
133 *
134 * 1) GlobalVisSharedRels, which only considers an XID's
135 * effects visible-to-everyone if neither snapshots in any database, nor a
136 * replication slot's xmin, nor a replication slot's catalog_xmin might
137 * still consider XID as running.
138 *
139 * 2) GlobalVisCatalogRels, which only considers an XID's
140 * effects visible-to-everyone if neither snapshots in the current
141 * database, nor a replication slot's xmin, nor a replication slot's
142 * catalog_xmin might still consider XID as running.
143 *
144 * I.e. the difference to GlobalVisSharedRels is that
145 * snapshot in other databases are ignored.
146 *
147 * 3) GlobalVisDataRels, which only considers an XID's
148 * effects visible-to-everyone if neither snapshots in the current
149 * database, nor a replication slot's xmin consider XID as running.
150 *
151 * I.e. the difference to GlobalVisCatalogRels is that
152 * replication slot's catalog_xmin is not taken into account.
153 *
154 * 4) GlobalVisTempRels, which only considers the current session, as temp
155 * tables are not visible to other sessions.
156 *
157 * GlobalVisTestFor(relation) returns the appropriate state
158 * for the relation.
159 *
160 * The boundaries are FullTransactionIds instead of TransactionIds to avoid
161 * wraparound dangers. There e.g. would otherwise exist no procarray state to
162 * prevent maybe_needed to become old enough after the GetSnapshotData()
163 * call.
164 *
165 * The typedef is in the header.
166 */
167 struct GlobalVisState
168 {
169 /* XIDs >= are considered running by some backend */
170 FullTransactionId definitely_needed;
172 /* XIDs < are not considered to be running by any backend */
173 FullTransactionId maybe_needed;
174 };
176 /*
177 * Result of ComputeXidHorizons().
178 */
180 {
181 /*
182 * The value of TransamVariables->latestCompletedXid when
183 * ComputeXidHorizons() held ProcArrayLock.
184 */
185 FullTransactionId latest_completed;
187 /*
188 * The same for procArray->replication_slot_xmin and
189 * procArray->replication_slot_catalog_xmin.
190 */
191 TransactionId slot_xmin;
192 TransactionId slot_catalog_xmin;
194 /*
195 * Oldest xid that any backend might still consider running. This needs to
196 * include processes running VACUUM, in contrast to the normal visibility
197 * cutoffs, as vacuum needs to be able to perform pg_subtrans lookups when
198 * determining visibility, but doesn't care about rows above its xmin to
199 * be removed.
200 *
201 * This likely should only be needed to determine whether pg_subtrans can
202 * be truncated. It currently includes the effects of replication slots,
203 * for historical reasons. But that could likely be changed.
204 */
205 TransactionId oldest_considered_running;
207 /*
208 * Oldest xid for which deleted tuples need to be retained in shared
209 * tables.
210 *
211 * This includes the effects of replication slots. If that's not desired,
212 * look at shared_oldest_nonremovable_raw;
213 */
214 TransactionId shared_oldest_nonremovable;
216 /*
217 * Oldest xid that may be necessary to retain in shared tables. This is
218 * the same as shared_oldest_nonremovable, except that is not affected by
219 * replication slot's catalog_xmin.
220 *
221 * This is mainly useful to be able to send the catalog_xmin to upstream
222 * streaming replication servers via hot_standby_feedback, so they can
223 * apply the limit only when accessing catalog tables.
224 */
225 TransactionId shared_oldest_nonremovable_raw;
227 /*
228 * Oldest xid for which deleted tuples need to be retained in non-shared
229 * catalog tables.
230 */
231 TransactionId catalog_oldest_nonremovable;
233 /*
234 * Oldest xid for which deleted tuples need to be retained in normal user
235 * defined tables.
236 */
237 TransactionId data_oldest_nonremovable;
239 /*
240 * Oldest xid for which deleted tuples need to be retained in this
241 * session's temporary tables.
242 */
243 TransactionId temp_oldest_nonremovable;
246 /*
247 * Return value for GlobalVisHorizonKindForRel().
248 */
250 {
251 VISHORIZON_SHARED,
252 VISHORIZON_CATALOG,
253 VISHORIZON_DATA,
254 VISHORIZON_TEMP,
257 /*
258 * Reason codes for KnownAssignedXidsCompress().
259 */
261 {
273 /*
274 * Cache to reduce overhead of repeated calls to TransactionIdIsInProgress()
275 */
278 /*
279 * Bookkeeping for tracking emulated transactions in recovery
280 */
285 /*
286 * If we're in STANDBY_SNAPSHOT_PENDING state, standbySnapshotPendingXmin is
287 * the highest xid that might still be running that we don't have in
288 * KnownAssignedXids.
289 */
292 /*
293 * State for visibility checks on different types of relations. See struct
294 * GlobalVisState for details. As shared, catalog, normal and temporary
295 * relations can have different horizons, one such state exists for each.
296 */
302 /*
303 * This backend's RecentXmin at the last time the accurate xmin horizon was
304 * recomputed, or InvalidTransactionId if it has not. Used to limit how many
305 * times accurate horizons are recomputed. See GlobalVisTestShouldUpdate().
306 */
309 #ifdef XIDCACHE_DEBUG
311 /* counters for XidCache measurement */
322 #define xc_by_recent_xmin_inc() (xc_by_recent_xmin++)
323 #define xc_by_known_xact_inc() (xc_by_known_xact++)
324 #define xc_by_my_xact_inc() (xc_by_my_xact++)
325 #define xc_by_latest_xid_inc() (xc_by_latest_xid++)
326 #define xc_by_main_xid_inc() (xc_by_main_xid++)
327 #define xc_by_child_xid_inc() (xc_by_child_xid++)
328 #define xc_by_known_assigned_inc() (xc_by_known_assigned++)
329 #define xc_no_overflow_inc() (xc_no_overflow++)
330 #define xc_slow_answer_inc() (xc_slow_answer++)
335 #define xc_by_recent_xmin_inc() ((void) 0)
336 #define xc_by_known_xact_inc() ((void) 0)
337 #define xc_by_my_xact_inc() ((void) 0)
338 #define xc_by_latest_xid_inc() ((void) 0)
339 #define xc_by_main_xid_inc() ((void) 0)
340 #define xc_by_child_xid_inc() ((void) 0)
341 #define xc_by_known_assigned_inc() ((void) 0)
342 #define xc_no_overflow_inc() ((void) 0)
343 #define xc_slow_answer_inc() ((void) 0)
346 /* Primitives for KnownAssignedXids array handling for standby */
359 TransactionId xmax);
369 TransactionId xid);
372 /*
373 * Report shared-memory space needed by ProcArrayShmemInit
374 */
375 Size
377 {
378 Size size;
380 /* Size of the ProcArray structure itself */
381 #define PROCARRAY_MAXPROCS (MaxBackends + max_prepared_xacts)
386 /*
387 * During Hot Standby processing we have a data structure called
388 * KnownAssignedXids, created in shared memory. Local data structures are
389 * also created in various backends during GetSnapshotData(),
390 * TransactionIdIsInProgress() and GetRunningTransactionData(). All of the
391 * main structures created in those functions must be identically sized,
392 * since we may at times copy the whole of the data structures around. We
393 * refer to this size as TOTAL_MAX_CACHED_SUBXIDS.
394 *
395 * Ideally we'd only create this structure if we were actually doing hot
396 * standby in the current run, but we don't know that yet at the time
397 * shared memory is being set up.
398 */
399 #define TOTAL_MAX_CACHED_SUBXIDS \
400 ((PGPROC_MAX_CACHED_SUBXIDS + 1) * PROCARRAY_MAXPROCS)
403 {
406 TOTAL_MAX_CACHED_SUBXIDS));
409 }
412 }
414 /*
415 * Initialize the shared PGPROC array during postmaster startup.
416 */
417 void
419 {
422 /* Create or attach to the ProcArray shared structure */
427 PROCARRAY_MAXPROCS)),
431 {
432 /*
433 * We're the first - initialize.
434 */
445 }
449 /* Create or attach to the KnownAssignedXids arrays too, if needed */
451 {
455 TOTAL_MAX_CACHED_SUBXIDS),
461 }
462 }
464 /*
465 * Add the specified PGPROC to the shared array.
466 */
467 void
469 {
475 /* See ProcGlobal comment explaining why both locks are held */
480 {
481 /*
482 * Oops, no room. (This really shouldn't happen, since there is a
483 * fixed supply of PGPROC structs too, and so we should have failed
484 * earlier.)
485 */
489 }
491 /*
492 * Keep the procs array sorted by (PGPROC *) so that we can utilize
493 * locality of references much better. This is useful while traversing the
494 * ProcArray because there is an increased likelihood of finding the next
495 * PGPROC structure in the cache.
496 *
497 * Since the occurrence of adding/removing a proc is much lower than the
498 * access to the ProcArray itself, the overhead should be marginal
499 */
501 {
507 /* If we have found our right position in the array, break */
510 }
534 /* adjust pgxactoff for all following PGPROCs */
535 index++;
537 {
544 }
546 /*
547 * Release in reversed acquisition order, to reduce frequency of having to
548 * wait for XidGenLock while holding ProcArrayLock.
549 */
552 }
554 /*
555 * Remove the specified PGPROC from the shared array.
556 *
557 * When latestXid is a valid XID, we are removing a live 2PC gxact from the
558 * array, and thus causing it to appear as "not running" anymore. In this
559 * case we must advance latestCompletedXid. (This is essentially the same
560 * as ProcArrayEndTransaction followed by removal of the PGPROC, but we take
561 * the ProcArrayLock only once, and don't damage the content of the PGPROC;
562 * twophase.c depends on the latter.)
563 */
564 void
566 {
571 #ifdef XIDCACHE_DEBUG
572 /* dump stats at backend shutdown, but not prepared-xact end */
575 #endif
577 /* See ProcGlobal comment explaining why both locks are held */
587 {
590 /* Advance global latestCompletedXid while holding the lock */
593 /* Same with xactCompletionCount */
599 }
600 else
601 {
602 /* Shouldn't be trying to remove a live transaction here */
604 }
612 /* Keep the PGPROC array sorted. See notes above */
630 /*
631 * Adjust pgxactoff of following procs for removed PGPROC (note that
632 * numProcs already has been decremented).
633 */
635 {
642 }
644 /*
645 * Release in reversed acquisition order, to reduce frequency of having to
646 * wait for XidGenLock while holding ProcArrayLock.
647 */
650 }
653 /*
654 * ProcArrayEndTransaction -- mark a transaction as no longer running
655 *
656 * This is used interchangeably for commit and abort cases. The transaction
657 * commit/abort must already be reported to WAL and pg_xact.
658 *
659 * proc is currently always MyProc, but we pass it explicitly for flexibility.
660 * latestXid is the latest Xid among the transaction's main XID and
661 * subtransactions, or InvalidTransactionId if it has no XID. (We must ask
662 * the caller to pass latestXid, instead of computing it from the PGPROC's
663 * contents, because the subxid information in the PGPROC might be
664 * incomplete.)
665 */
666 void
668 {
670 {
671 /*
672 * We must lock ProcArrayLock while clearing our advertised XID, so
673 * that we do not exit the set of "running" transactions while someone
674 * else is taking a snapshot. See discussion in
675 * src/backend/access/transam/README.
676 */
679 /*
680 * If we can immediately acquire ProcArrayLock, we clear our own XID
681 * and release the lock. If not, use group XID clearing to improve
682 * efficiency.
683 */
685 {
688 }
689 else
691 }
692 else
693 {
694 /*
695 * If we have no XID, we don't need to lock, since we won't affect
696 * anyone else's calculation of a snapshot. We might change their
697 * estimate of global xmin, but that's OK.
698 */
706 /* be sure this is cleared in abort */
711 /* must be cleared with xid/xmin: */
712 /* avoid unnecessarily dirtying shared cachelines */
714 {
721 }
722 }
723 }
725 /*
726 * Mark a write transaction as no longer running.
727 *
728 * We don't do any locking here; caller must handle that.
729 */
732 {
735 /*
736 * Note: we need exclusive lock here because we're going to change other
737 * processes' PGPROC entries.
738 */
748 /* be sure this is cleared in abort */
753 /* must be cleared with xid/xmin: */
754 /* avoid unnecessarily dirtying shared cachelines */
756 {
759 }
761 /* Clear the subtransaction-XID cache too while holding the lock */
765 {
770 }
772 /* Also advance global latestCompletedXid while holding the lock */
775 /* Same with xactCompletionCount */
777 }
779 /*
780 * ProcArrayGroupClearXid -- group XID clearing
781 *
782 * When we cannot immediately acquire ProcArrayLock in exclusive mode at
783 * commit time, add ourselves to a list of processes that need their XIDs
784 * cleared. The first process to add itself to the list will acquire
785 * ProcArrayLock in exclusive mode and perform ProcArrayEndTransactionInternal
786 * on behalf of all group members. This avoids a great deal of contention
787 * around ProcArrayLock when many processes are trying to commit at once,
788 * since the lock need not be repeatedly handed off from one committing
789 * process to the next.
790 */
791 static void
793 {
796 uint32 nextidx;
797 uint32 wakeidx;
799 /* We should definitely have an XID to clear. */
802 /* Add ourselves to the list of processes needing a group XID clear. */
807 {
814 }
816 /*
817 * If the list was not empty, the leader will clear our XID. It is
818 * impossible to have followers without a leader because the first process
819 * that has added itself to the list will always have nextidx as
820 * INVALID_PROC_NUMBER.
821 */
823 {
826 /* Sleep until the leader clears our XID. */
829 {
830 /* acts as a read barrier */
834 extraWaits++;
835 }
840 /* Fix semaphore count for any absorbed wakeups */
844 }
846 /* We are the leader. Acquire the lock on behalf of everyone. */
849 /*
850 * Now that we've got the lock, clear the list of processes waiting for
851 * group XID clearing, saving a pointer to the head of the list. Trying
852 * to pop elements one at a time could lead to an ABA problem.
853 */
855 INVALID_PROC_NUMBER);
857 /* Remember head of list so we can perform wakeups after dropping lock. */
860 /* Walk the list and clear all XIDs. */
862 {
867 /* Move to next proc in list. */
869 }
871 /* We're done with the lock now. */
874 /*
875 * Now that we've released the lock, go back and wake everybody up. We
876 * don't do this under the lock so as to keep lock hold times to a
877 * minimum. The system calls we need to perform to wake other processes
878 * up are probably much slower than the simple memory writes we did while
879 * holding the lock.
880 */
882 {
888 /* ensure all previous writes are visible before follower continues. */
895 }
896 }
898 /*
899 * ProcArrayClearTransaction -- clear the transaction fields
900 *
901 * This is used after successfully preparing a 2-phase transaction. We are
902 * not actually reporting the transaction's XID as no longer running --- it
903 * will still appear as running because the 2PC's gxact is in the ProcArray
904 * too. We just have to clear out our own PGPROC.
905 */
906 void
908 {
911 /*
912 * Currently we need to lock ProcArrayLock exclusively here, as we
913 * increment xactCompletionCount below. We also need it at least in shared
914 * mode for pgproc->pgxactoff to stay the same below.
915 *
916 * We could however, as this action does not actually change anyone's view
917 * of the set of running XIDs (our entry is duplicate with the gxact that
918 * has already been inserted into the ProcArray), lower the lock level to
919 * shared if we were to make xactCompletionCount an atomic variable. But
920 * that doesn't seem worth it currently, as a 2PC commit is heavyweight
921 * enough for this not to be the bottleneck. If it ever becomes a
922 * bottleneck it may also be worth considering to combine this with the
923 * subsequent ProcArrayRemove()
924 */
939 /*
940 * Need to increment completion count even though transaction hasn't
941 * really committed yet. The reason for that is that GetSnapshotData()
942 * omits the xid of the current transaction, thus without the increment we
943 * otherwise could end up reusing the snapshot later. Which would be bad,
944 * because it might not count the prepared transaction as running.
945 */
948 /* Clear the subtransaction-XID cache too */
952 {
957 }
960 }
962 /*
963 * Update TransamVariables->latestCompletedXid to point to latestXid if
964 * currently older.
965 */
966 static void
968 {
976 {
979 }
983 }
985 /*
986 * Same as MaintainLatestCompletedXid, except for use during WAL replay.
987 */
988 static void
990 {
992 FullTransactionId rel;
997 /*
998 * Need a FullTransactionId to compare latestXid with. Can't rely on
999 * latestCompletedXid to be initialized in recovery. But in recovery it's
1000 * safe to access nextXid without a lock for the startup process.
1001 */
1007 {
1010 }
1013 }
1015 /*
1016 * ProcArrayInitRecovery -- initialize recovery xid mgmt environment
1017 *
1018 * Remember up to where the startup process initialized the CLOG and subtrans
1019 * so we can ensure it's initialized gaplessly up to the point where necessary
1020 * while in recovery.
1021 */
1022 void
1024 {
1028 /*
1029 * we set latestObservedXid to the xid SUBTRANS has been initialized up
1030 * to, so we can extend it from that point onwards in
1031 * RecordKnownAssignedTransactionIds, and when we get consistent in
1032 * ProcArrayApplyRecoveryInfo().
1033 */
1036 }
1038 /*
1039 * ProcArrayApplyRecoveryInfo -- apply recovery info about xids
1040 *
1041 * Takes us through 3 states: Initialized, Pending and Ready.
1042 * Normal case is to go all the way to Ready straight away, though there
1043 * are atypical cases where we need to take it in steps.
1044 *
1045 * Use the data about running transactions on the primary to create the initial
1046 * state of KnownAssignedXids. We also use these records to regularly prune
1047 * KnownAssignedXids because we know it is possible that some transactions
1048 * with FATAL errors fail to write abort records, which could cause eventual
1049 * overflow.
1050 *
1051 * See comments for LogStandbySnapshot().
1052 */
1053 void
1055 {
1057 TransactionId advanceNextXid;
1066 /*
1067 * Remove stale transactions, if any.
1068 */
1071 /*
1072 * Adjust TransamVariables->nextXid before StandbyReleaseOldLocks(),
1073 * because we will need it up to date for accessing two-phase transactions
1074 * in StandbyReleaseOldLocks().
1075 */
1081 /*
1082 * Remove stale locks, if any.
1083 */
1086 /*
1087 * If our snapshot is already valid, nothing else to do...
1088 */
1092 /*
1093 * If our initial RunningTransactionsData had an overflowed snapshot then
1094 * we knew we were missing some subxids from our snapshot. If we continue
1095 * to see overflowed snapshots then we might never be able to start up, so
1096 * we make another test to see if our snapshot is now valid. We know that
1097 * the missing subxids are equal to or earlier than nextXid. After we
1098 * initialise we continue to apply changes during recovery, so once the
1099 * oldestRunningXid is later than the nextXid from the initial snapshot we
1100 * know that we no longer have missing information and can mark the
1101 * snapshot as valid.
1102 */
1104 {
1105 /*
1106 * If the snapshot isn't overflowed or if its empty we can reset our
1107 * pending state and use this snapshot instead.
1108 */
1110 {
1111 /*
1112 * If we have already collected known assigned xids, we need to
1113 * throw them away before we apply the recovery snapshot.
1114 */
1117 }
1118 else
1119 {
1122 {
1126 }
1127 else
1129 "recovery snapshot waiting for non-overflowed snapshot or "
1131 standbySnapshotPendingXmin,
1134 }
1135 }
1139 /*
1140 * NB: this can be reached at least twice, so make sure new code can deal
1141 * with that.
1142 */
1144 /*
1145 * Nobody else is running yet, but take locks anyhow
1146 */
1149 /*
1150 * KnownAssignedXids is sorted so we cannot just add the xids, we have to
1151 * sort them first.
1152 *
1153 * Some of the new xids are top-level xids and some are subtransactions.
1154 * We don't call SubTransSetParent because it doesn't matter yet. If we
1155 * aren't overflowed then all xids will fit in snapshot and so we don't
1156 * need subtrans. If we later overflow, an xid assignment record will add
1157 * xids to subtrans. If RunningTransactionsData is overflowed then we
1158 * don't have enough information to correctly update subtrans anyway.
1159 */
1161 /*
1162 * Allocate a temporary array to avoid modifying the array passed as
1163 * argument.
1164 */
1167 /*
1168 * Add to the temp array any xids which have not already completed.
1169 */
1172 {
1175 /*
1176 * The running-xacts snapshot can contain xids that were still visible
1177 * in the procarray when the snapshot was taken, but were already
1178 * WAL-logged as completed. They're not running anymore, so ignore
1179 * them.
1180 */
1185 }
1188 {
1190 {
1193 }
1195 /*
1196 * Sort the array so that we can add them safely into
1197 * KnownAssignedXids.
1198 *
1199 * We have to sort them logically, because in KnownAssignedXidsAdd we
1200 * call TransactionIdFollowsOrEquals and so on. But we know these XIDs
1201 * come from RUNNING_XACTS, which means there are only normal XIDs
1202 * from the same epoch, so this is safe.
1203 */
1206 /*
1207 * Add the sorted snapshot into KnownAssignedXids. The running-xacts
1208 * snapshot may include duplicated xids because of prepared
1209 * transactions, so ignore them.
1210 */
1212 {
1214 {
1219 }
1221 }
1224 }
1228 /*
1229 * latestObservedXid is at least set to the point where SUBTRANS was
1230 * started up to (cf. ProcArrayInitRecovery()) or to the biggest xid
1231 * RecordKnownAssignedTransactionIds() was called for. Initialize
1232 * subtrans from thereon, up to nextXid - 1.
1233 *
1234 * We need to duplicate parts of RecordKnownAssignedTransactionId() here,
1235 * because we've just added xids to the known assigned xids machinery that
1236 * haven't gone through RecordKnownAssignedTransactionId().
1237 */
1241 {
1244 }
1247 /* ----------
1248 * Now we've got the running xids we need to set the global values that
1249 * are used to track snapshots as they evolve further.
1250 *
1251 * - latestCompletedXid which will be the xmax for snapshots
1252 * - lastOverflowedXid which shows whether snapshots overflow
1253 * - nextXid
1254 *
1255 * If the snapshot overflowed, then we still initialise with what we know,
1256 * but the recovery snapshot isn't fully valid yet because we know there
1257 * are some subxids missing. We don't know the specific subxids that are
1258 * missing, so conservatively assume the last one is latestObservedXid.
1259 * ----------
1260 */
1262 {
1267 }
1268 else
1269 {
1274 /*
1275 * If the 'xids' array didn't include all subtransactions, we have to
1276 * mark any snapshots taken as overflowed.
1277 */
1280 else
1281 {
1284 }
1285 }
1287 /*
1288 * If a transaction wrote a commit record in the gap between taking and
1289 * logging the snapshot then latestCompletedXid may already be higher than
1290 * the value from the snapshot, so check before we use the incoming value.
1291 * It also might not yet be set at all.
1292 */
1295 /*
1296 * NB: No need to increment TransamVariables->xactCompletionCount here,
1297 * nobody can see it yet.
1298 */
1305 else
1307 "recovery snapshot waiting for non-overflowed snapshot or "
1309 standbySnapshotPendingXmin,
1311 }
1313 /*
1314 * ProcArrayApplyXidAssignment
1315 * Process an XLOG_XACT_ASSIGNMENT WAL record
1316 */
1317 void
1320 {
1321 TransactionId max_xid;
1328 /*
1329 * Mark all the subtransactions as observed.
1330 *
1331 * NOTE: This will fail if the subxid contains too many previously
1332 * unobserved xids to fit into known-assigned-xids. That shouldn't happen
1333 * as the code stands, because xid-assignment records should never contain
1334 * more than PGPROC_MAX_CACHED_SUBXIDS entries.
1335 */
1338 /*
1339 * Notice that we update pg_subtrans with the top-level xid, rather than
1340 * the parent xid. This is a difference between normal processing and
1341 * recovery, yet is still correct in all cases. The reason is that
1342 * subtransaction commit is not marked in clog until commit processing, so
1343 * all aborted subtransactions have already been clearly marked in clog.
1344 * As a result we are able to refer directly to the top-level
1345 * transaction's state rather than skipping through all the intermediate
1346 * states in the subtransaction tree. This should be the first time we
1347 * have attempted to SubTransSetParent().
1348 */
1352 /* KnownAssignedXids isn't maintained yet, so we're done for now */
1356 /*
1357 * Uses same locking as transaction commit
1358 */
1361 /*
1362 * Remove subxids from known-assigned-xacts.
1363 */
1366 /*
1367 * Advance lastOverflowedXid to be at least the last of these subxids.
1368 */
1373 }
1375 /*
1376 * TransactionIdIsInProgress -- is given transaction running in some backend
1377 *
1378 * Aside from some shortcuts such as checking RecentXmin and our own Xid,
1379 * there are four possibilities for finding a running transaction:
1380 *
1381 * 1. The given Xid is a main transaction Id. We will find this out cheaply
1382 * by looking at ProcGlobal->xids.
1383 *
1384 * 2. The given Xid is one of the cached subxact Xids in the PGPROC array.
1385 * We can find this out cheaply too.
1386 *
1387 * 3. In Hot Standby mode, we must search the KnownAssignedXids list to see
1388 * if the Xid is running on the primary.
1389 *
1390 * 4. Search the SubTrans tree to find the Xid's topmost parent, and then see
1391 * if that is running according to ProcGlobal->xids[] or KnownAssignedXids.
1392 * This is the slowest way, but sadly it has to be done always if the others
1393 * failed, unless we see that the cached subxact sets are complete (none have
1394 * overflowed).
1395 *
1396 * ProcArrayLock has to be held while we do 1, 2, 3. If we save the top Xids
1397 * while doing 1 and 3, we can release the ProcArrayLock while we do 4.
1398 * This buys back some concurrency (and we can't retrieve the main Xids from
1399 * ProcGlobal->xids[] again anyway; see GetNewTransactionId).
1400 */
1401 bool
1403 {
1409 TransactionId topxid;
1410 TransactionId latestCompletedXid;
1415 /*
1416 * Don't bother checking a transaction older than RecentXmin; it could not
1417 * possibly still be running. (Note: in particular, this guarantees that
1418 * we reject InvalidTransactionId, FrozenTransactionId, etc as not
1419 * running.)
1420 */
1422 {
1425 }
1427 /*
1428 * We may have just checked the status of this transaction, so if it is
1429 * already known to be completed, we can fall out without any access to
1430 * shared memory.
1431 */
1433 {
1436 }
1438 /*
1439 * Also, we can handle our own transaction (and subtransactions) without
1440 * any access to shared memory.
1441 */
1443 {
1446 }
1448 /*
1449 * If first time through, get workspace to remember main XIDs in. We
1450 * malloc it permanently to avoid repeated palloc/pfree overhead.
1451 */
1453 {
1454 /*
1455 * In hot standby mode, reserve enough space to hold all xids in the
1456 * known-assigned list. If we later finish recovery, we no longer need
1457 * the bigger array, but we don't bother to shrink it.
1458 */
1466 }
1473 /*
1474 * Now that we have the lock, we can check latestCompletedXid; if the
1475 * target Xid is after that, it's surely still running.
1476 */
1477 latestCompletedXid =
1480 {
1484 }
1486 /* No shortcuts, gotta grovel through the array */
1490 {
1493 TransactionId pxid;
1496 /* Ignore ourselves --- dealt with it above */
1500 /* Fetch xid just once - see GetNewTransactionId */
1506 /*
1507 * Step 1: check the main Xid
1508 */
1510 {
1514 }
1516 /*
1517 * We can ignore main Xids that are younger than the target Xid, since
1518 * the target could not possibly be their child.
1519 */
1523 /*
1524 * Step 2: check the cached child-Xids arrays
1525 */
1531 {
1532 /* Fetch xid just once - see GetNewTransactionId */
1536 {
1540 }
1541 }
1543 /*
1544 * Save the main Xid for step 4. We only need to remember main Xids
1545 * that have uncached children. (Note: there is no race condition
1546 * here because the overflowed flag cannot be cleared, only set, while
1547 * we hold ProcArrayLock. So we can't miss an Xid that we need to
1548 * worry about.)
1549 */
1552 }
1554 /*
1555 * Step 3: in hot standby mode, check the known-assigned-xids list. XIDs
1556 * in the list must be treated as running.
1557 */
1559 {
1560 /* none of the PGPROC entries should have XIDs in hot standby mode */
1564 {
1568 }
1570 /*
1571 * If the KnownAssignedXids overflowed, we have to check pg_subtrans
1572 * too. Fetch all xids from KnownAssignedXids that are lower than
1573 * xid, since if xid is a subtransaction its parent will always have a
1574 * lower value. Note we will collect both main and subXIDs here, but
1575 * there's no help for it.
1576 */
1579 }
1583 /*
1584 * If none of the relevant caches overflowed, we know the Xid is not
1585 * running without even looking at pg_subtrans.
1586 */
1588 {
1592 }
1594 /*
1595 * Step 4: have to check pg_subtrans.
1596 *
1597 * At this point, we know it's either a subtransaction of one of the Xids
1598 * in xids[], or it's not running. If it's an already-failed
1599 * subtransaction, we want to say "not running" even though its parent may
1600 * still be running. So first, check pg_xact to see if it's been aborted.
1601 */
1605 {
1608 }
1610 /*
1611 * It isn't aborted, so check whether the transaction tree it belongs to
1612 * is still running (or, more precisely, whether it was running when we
1613 * held ProcArrayLock).
1614 */
1623 }
1625 /*
1626 * TransactionIdIsActive -- is xid the top-level XID of an active backend?
1627 *
1628 * This differs from TransactionIdIsInProgress in that it ignores prepared
1629 * transactions, as well as transactions running on the primary if we're in
1630 * hot standby. Also, we ignore subtransactions since that's not needed
1631 * for current uses.
1632 */
1633 bool
1635 {
1641 /*
1642 * Don't bother checking a transaction older than RecentXmin; it could not
1643 * possibly still be running.
1644 */
1651 {
1654 TransactionId pxid;
1656 /* Fetch xid just once - see GetNewTransactionId */
1666 {
1669 }
1670 }
1675 }
1678 /*
1679 * Determine XID horizons.
1680 *
1681 * This is used by wrapper functions like GetOldestNonRemovableTransactionId()
1682 * (for VACUUM), GetReplicationHorizons() (for hot_standby_feedback), etc as
1683 * well as "internally" by GlobalVisUpdate() (see comment above struct
1684 * GlobalVisState).
1685 *
1686 * See the definition of ComputeXidHorizonsResult for the various computed
1687 * horizons.
1688 *
1689 * For VACUUM separate horizons (used to decide which deleted tuples must
1690 * be preserved), for shared and non-shared tables are computed. For shared
1691 * relations backends in all databases must be considered, but for non-shared
1692 * relations that's not required, since only backends in my own database could
1693 * ever see the tuples in them. Also, we can ignore concurrently running lazy
1694 * VACUUMs because (a) they must be working on other tables, and (b) they
1695 * don't need to do snapshot-based lookups.
1696 *
1697 * This also computes a horizon used to truncate pg_subtrans. For that
1698 * backends in all databases have to be considered, and concurrently running
1699 * lazy VACUUMs cannot be ignored, as they still may perform pg_subtrans
1700 * accesses.
1701 *
1702 * Note: we include all currently running xids in the set of considered xids.
1703 * This ensures that if a just-started xact has not yet set its snapshot,
1704 * when it does set the snapshot it cannot set xmin less than what we compute.
1705 * See notes in src/backend/access/transam/README.
1706 *
1707 * Note: despite the above, it's possible for the calculated values to move
1708 * backwards on repeated calls. The calculated values are conservative, so
1709 * that anything older is definitely not considered as running by anyone
1710 * anymore, but the exact values calculated depend on a number of things. For
1711 * example, if there are no transactions running in the current database, the
1712 * horizon for normal tables will be latestCompletedXid. If a transaction
1713 * begins after that, its xmin will include in-progress transactions in other
1714 * databases that started earlier, so another call will return a lower value.
1715 * Nonetheless it is safe to vacuum a table in the current database with the
1716 * first result. There are also replication-related effects: a walsender
1717 * process can set its xmin based on transactions that are no longer running
1718 * on the primary but are still being replayed on the standby, thus possibly
1719 * making the values go backwards. In this case there is a possibility that
1720 * we lose data that the standby would like to have, but unless the standby
1721 * uses a replication slot to make its xmin persistent there is little we can
1722 * do about that --- data is only protected if the walsender runs continuously
1723 * while queries are executed on the standby. (The Hot Standby code deals
1724 * with such cases by failing standby queries that needed to access
1725 * already-removed data, so there's no integrity bug.)
1726 *
1727 * Note: the approximate horizons (see definition of GlobalVisState) are
1728 * updated by the computations done here. That's currently required for
1729 * correctness and a small optimization. Without doing so it's possible that
1730 * heap vacuum's call to heap_page_prune_and_freeze() uses a more conservative
1731 * horizon than later when deciding which tuples can be removed - which the
1732 * code doesn't expect (breaking HOT).
1733 */
1734 static void
1736 {
1738 TransactionId kaxmin;
1742 /* inferred after ProcArrayLock is released */
1749 /*
1750 * We initialize the MIN() calculation with latestCompletedXid + 1. This
1751 * is a lower bound for the XIDs that might appear in the ProcArray later,
1752 * and so protects us against overestimating the result due to future
1753 * additions.
1754 */
1755 {
1756 TransactionId initial;
1766 /*
1767 * Only modifications made by this backend affect the horizon for
1768 * temporary relations. Instead of a check in each iteration of the
1769 * loop over all PGPROCs it is cheaper to just initialize to the
1770 * current top-level xid any.
1771 *
1772 * Without an assigned xid we could use a horizon as aggressive as
1773 * GetNewTransactionId(), but we can get away with the much cheaper
1774 * latestCompletedXid + 1: If this backend has no xid there, by
1775 * definition, can't be any newer changes in the temp table than
1776 * latestCompletedXid.
1777 */
1780 else
1782 }
1784 /*
1785 * Fetch slot horizons while ProcArrayLock is held - the
1786 * LWLockAcquire/LWLockRelease are a barrier, ensuring this happens inside
1787 * the lock.
1788 */
1793 {
1797 TransactionId xid;
1798 TransactionId xmin;
1800 /* Fetch xid just once - see GetNewTransactionId */
1804 /*
1805 * Consider both the transaction's Xmin, and its Xid.
1806 *
1807 * We must check both because a transaction might have an Xmin but not
1808 * (yet) an Xid; conversely, if it has an Xid, that could determine
1809 * some not-yet-set Xmin.
1810 */
1813 /* if neither is set, this proc doesn't influence the horizon */
1817 /*
1818 * Don't ignore any procs when determining which transactions might be
1819 * considered running. While slots should ensure logical decoding
1820 * backends are protected even without this check, it can't hurt to
1821 * include them here as well..
1822 */
1826 /*
1827 * Skip over backends either vacuuming (which is ok with rows being
1828 * removed, as long as pg_subtrans is not truncated) or doing logical
1829 * decoding (which manages xmin separately, check below).
1830 */
1834 /* shared tables need to take backends in all databases into account */
1838 /*
1839 * Normally sessions in other databases are ignored for anything but
1840 * the shared horizon.
1841 *
1842 * However, include them when MyDatabaseId is not (yet) set. A
1843 * backend in the process of starting up must not compute a "too
1844 * aggressive" horizon, otherwise we could end up using it to prune
1845 * still-needed data away. If the current backend never connects to a
1846 * database this is harmless, because data_oldest_nonremovable will
1847 * never be utilized.
1848 *
1849 * Also, sessions marked with PROC_AFFECTS_ALL_HORIZONS should always
1850 * be included. (This flag is used for hot standby feedback, which
1851 * can't be tied to a specific database.)
1852 *
1853 * Also, while in recovery we cannot compute an accurate per-database
1854 * horizon, as all xids are managed via the KnownAssignedXids
1855 * machinery.
1856 */
1860 in_recovery)
1861 {
1864 }
1865 }
1867 /*
1868 * If in recovery fetch oldest xid in KnownAssignedXids, will be applied
1869 * after lock is released.
1870 */
1874 /*
1875 * No other information from shared state is needed, release the lock
1876 * immediately. The rest of the computations can be done without a lock.
1877 */
1881 {
1888 /* temp relations cannot be accessed in recovery */
1889 }
1896 /*
1897 * Check whether there are replication slots requiring an older xmin.
1898 */
1904 /*
1905 * The only difference between catalog / data horizons is that the slot's
1906 * catalog xmin is applied to the catalog one (so catalogs can be accessed
1907 * for logical decoding). Initialize with data horizon, and then back up
1908 * further if necessary. Have to back up the shared horizon as well, since
1909 * that also can contain catalogs.
1910 */
1920 /*
1921 * It's possible that slots backed up the horizons further than
1922 * oldest_considered_running. Fix.
1923 */
1934 /*
1935 * shared horizons have to be at least as old as the oldest visible in
1936 * current db
1937 */
1943 /*
1944 * Horizons need to ensure that pg_subtrans access is still possible for
1945 * the relevant backends.
1946 */
1962 /* update approximate horizons with the computed horizons */
1964 }
1966 /*
1967 * Determine what kind of visibility horizon needs to be used for a
1968 * relation. If rel is NULL, the most conservative horizon is used.
1969 */
1972 {
1973 /*
1974 * Other relkinds currently don't contain xids, nor always the necessary
1975 * logical decoding markers.
1976 */
1989 else
1991 }
1993 /*
1994 * Return the oldest XID for which deleted tuples must be preserved in the
1995 * passed table.
1996 *
1997 * If rel is not NULL the horizon may be considerably more recent than
1998 * otherwise (i.e. fewer tuples will be removable). In the NULL case a horizon
1999 * that is correct (but not optimal) for all relations will be returned.
2000 *
2001 * This is used by VACUUM to decide which deleted tuples must be preserved in
2002 * the passed in table.
2003 */
2004 TransactionId
2006 {
2007 ComputeXidHorizonsResult horizons;
2012 {
2021 }
2023 /* just to prevent compiler warnings */
2025 }
2027 /*
2028 * Return the oldest transaction id any currently running backend might still
2029 * consider running. This should not be used for visibility / pruning
2030 * determinations (see GetOldestNonRemovableTransactionId()), but for
2031 * decisions like up to where pg_subtrans can be truncated.
2032 */
2033 TransactionId
2035 {
2036 ComputeXidHorizonsResult horizons;
2041 }
2043 /*
2044 * Return the visibility horizons for a hot standby feedback message.
2045 */
2046 void
2048 {
2049 ComputeXidHorizonsResult horizons;
2053 /*
2054 * Don't want to use shared_oldest_nonremovable here, as that contains the
2055 * effect of replication slot's catalog_xmin. We want to send a separate
2056 * feedback for the catalog horizon, so the primary can remove data table
2057 * contents more aggressively.
2058 */
2061 }
2063 /*
2064 * GetMaxSnapshotXidCount -- get max size for snapshot XID array
2065 *
2066 * We have to export this for use by snapmgr.c.
2067 */
2068 int
2070 {
2072 }
2074 /*
2075 * GetMaxSnapshotSubxidCount -- get max size for snapshot sub-XID array
2076 *
2077 * We have to export this for use by snapmgr.c.
2078 */
2079 int
2081 {
2083 }
2085 /*
2086 * Helper function for GetSnapshotData() that checks if the bulk of the
2087 * visibility information in the snapshot is still valid. If so, it updates
2088 * the fields that need to change and returns true. Otherwise it returns
2089 * false.
2090 *
2091 * This very likely can be evolved to not need ProcArrayLock held (at very
2092 * least in the case we already hold a snapshot), but that's for another day.
2093 */
2094 static bool
2096 {
2097 uint64 curXactCompletionCount;
2108 /*
2109 * If the current xactCompletionCount is still the same as it was at the
2110 * time the snapshot was built, we can be sure that rebuilding the
2111 * contents of the snapshot the hard way would result in the same snapshot
2112 * contents:
2113 *
2114 * As explained in transam/README, the set of xids considered running by
2115 * GetSnapshotData() cannot change while ProcArrayLock is held. Snapshot
2116 * contents only depend on transactions with xids and xactCompletionCount
2117 * is incremented whenever a transaction with an xid finishes (while
2118 * holding ProcArrayLock exclusively). Thus the xactCompletionCount check
2119 * ensures we would detect if the snapshot would have changed.
2120 *
2121 * As the snapshot contents are the same as it was before, it is safe to
2122 * re-enter the snapshot's xmin into the PGPROC array. None of the rows
2123 * visible under the snapshot could already have been removed (that'd
2124 * require the set of running transactions to change) and it fulfills the
2125 * requirement that concurrent GetSnapshotData() calls yield the same
2126 * xmin.
2127 */
2142 }
2144 /*
2145 * GetSnapshotData -- returns information about running transactions.
2146 *
2147 * The returned snapshot includes xmin (lowest still-running xact ID),
2148 * xmax (highest completed xact ID + 1), and a list of running xact IDs
2149 * in the range xmin <= xid < xmax. It is used as follows:
2150 * All xact IDs < xmin are considered finished.
2151 * All xact IDs >= xmax are considered still running.
2152 * For an xact ID xmin <= xid < xmax, consult list to see whether
2153 * it is considered running or not.
2154 * This ensures that the set of transactions seen as "running" by the
2155 * current xact will not change after it takes the snapshot.
2156 *
2157 * All running top-level XIDs are included in the snapshot, except for lazy
2158 * VACUUM processes. We also try to include running subtransaction XIDs,
2159 * but since PGPROC has only a limited cache area for subxact XIDs, full
2160 * information may not be available. If we find any overflowed subxid arrays,
2161 * we have to mark the snapshot's subxid data as overflowed, and extra work
2162 * *may* need to be done to determine what's running (see XidInMVCCSnapshot()).
2163 *
2164 * We also update the following backend-global variables:
2165 * TransactionXmin: the oldest xmin of any snapshot in use in the
2166 * current transaction (this is the same as MyProc->xmin).
2167 * RecentXmin: the xmin computed for the most recent snapshot. XIDs
2168 * older than this are known not running any more.
2169 *
2170 * And try to advance the bounds of GlobalVis{Shared,Catalog,Data,Temp}Rels
2171 * for the benefit of the GlobalVisTest* family of functions.
2172 *
2173 * Note: this function should probably not be called with an argument that's
2174 * not statically allocated (see xip allocation below).
2175 */
2176 Snapshot
2178 {
2181 TransactionId xmin;
2182 TransactionId xmax;
2186 FullTransactionId latest_completed;
2187 TransactionId oldestxid;
2189 TransactionId myxid;
2190 uint64 curXactCompletionCount;
2197 /*
2198 * Allocating space for maxProcs xids is usually overkill; numProcs would
2199 * be sufficient. But it seems better to do the malloc while not holding
2200 * the lock, so we can't look at numProcs. Likewise, we allocate much
2201 * more subxip storage than is probably needed.
2202 *
2203 * This does open a possibility for avoiding repeated malloc/free: since
2204 * maxProcs does not change at runtime, we can simply reuse the previous
2205 * xip arrays if any. (This relies on the fact that all callers pass
2206 * static SnapshotData structs.)
2207 */
2209 {
2210 /*
2211 * First call for this snapshot. Snapshot is same size whether or not
2212 * we are in recovery, see later comments.
2213 */
2227 }
2229 /*
2230 * It is sufficient to get shared lock on ProcArrayLock, even if we are
2231 * going to set MyProc->xmin.
2232 */
2236 {
2239 }
2249 /* xmax is always latestCompletedXid + 1 */
2254 /* initialize xmin calculation with xmax */
2257 /* take own xid into account, saves a check inside the loop */
2264 {
2271 /*
2272 * First collect set of pgxactoff/xids that need to be included in the
2273 * snapshot.
2274 */
2276 {
2277 /* Fetch xid just once - see GetNewTransactionId */
2279 uint8 statusFlags;
2283 /*
2284 * If the transaction has no XID assigned, we can skip it; it
2285 * won't have sub-XIDs either.
2286 */
2290 /*
2291 * We don't include our own XIDs (if any) in the snapshot. It
2292 * needs to be included in the xmin computation, but we did so
2293 * outside the loop.
2294 */
2298 /*
2299 * The only way we are able to get here with a non-normal xid is
2300 * during bootstrap - with this backend using
2301 * BootstrapTransactionId. But the above test should filter that
2302 * out.
2303 */
2306 /*
2307 * If the XID is >= xmax, we can skip it; such transactions will
2308 * be treated as running anyway (and any sub-XIDs will also be >=
2309 * xmax).
2310 */
2314 /*
2315 * Skip over backends doing logical decoding which manages xmin
2316 * separately (check below) and ones running LAZY VACUUM.
2317 */
2325 /* Add XID to snapshot. */
2328 /*
2329 * Save subtransaction XIDs if possible (if we've already
2330 * overflowed, there's no point). Note that the subxact XIDs must
2331 * be later than their parent, so no need to check them against
2332 * xmin. We could filter against xmax, but it seems better not to
2333 * do that much work while holding the ProcArrayLock.
2334 *
2335 * The other backend can add more subxids concurrently, but cannot
2336 * remove any. Hence it's important to fetch nxids just once.
2337 * Should be safe to use memcpy, though. (We needn't worry about
2338 * missing any xids added concurrently, because they must postdate
2339 * xmax.)
2340 *
2341 * Again, our own XIDs are not included in the snapshot.
2342 */
2344 {
2348 else
2349 {
2353 {
2363 }
2364 }
2365 }
2366 }
2367 }
2368 else
2369 {
2370 /*
2371 * We're in hot standby, so get XIDs from KnownAssignedXids.
2372 *
2373 * We store all xids directly into subxip[]. Here's why:
2374 *
2375 * In recovery we don't know which xids are top-level and which are
2376 * subxacts, a design choice that greatly simplifies xid processing.
2377 *
2378 * It seems like we would want to try to put xids into xip[] only, but
2379 * that is fairly small. We would either need to make that bigger or
2380 * to increase the rate at which we WAL-log xid assignment; neither is
2381 * an appealing choice.
2382 *
2383 * We could try to store xids into xip[] first and then into subxip[]
2384 * if there are too many xids. That only works if the snapshot doesn't
2385 * overflow because we do not search subxip[] in that case. A simpler
2386 * way is to just store all xids in the subxip array because this is
2387 * by far the bigger array. We just leave the xip array empty.
2388 *
2389 * Either way we need to change the way XidInMVCCSnapshot() works
2390 * depending upon when the snapshot was taken, or change normal
2391 * snapshot processing so it matches.
2392 *
2393 * Note: It is possible for recovery to end before we finish taking
2394 * the snapshot, and for newly assigned transaction ids to be added to
2395 * the ProcArray. xmax cannot change while we hold ProcArrayLock, so
2396 * those newly added transaction ids would be filtered away, so we
2397 * need not be concerned about them.
2398 */
2400 xmax);
2404 }
2407 /*
2408 * Fetch into local variable while ProcArrayLock is held - the
2409 * LWLockRelease below is a barrier, ensuring this happens inside the
2410 * lock.
2411 */
2420 /* maintain state for GlobalVis* */
2421 {
2422 TransactionId def_vis_xid;
2423 TransactionId def_vis_xid_data;
2424 FullTransactionId def_vis_fxid;
2425 FullTransactionId def_vis_fxid_data;
2426 FullTransactionId oldestfxid;
2428 /*
2429 * Converting oldestXid is only safe when xid horizon cannot advance,
2430 * i.e. holding locks. While we don't hold the lock anymore, all the
2431 * necessary data has been gathered with lock held.
2432 */
2435 /* Check whether there's a replication slot requiring an older xmin. */
2436 def_vis_xid_data =
2439 /*
2440 * Rows in non-shared, non-catalog tables possibly could be vacuumed
2441 * if older than this xid.
2442 */
2445 /*
2446 * Check whether there's a replication slot requiring an older catalog
2447 * xmin.
2448 */
2449 def_vis_xid =
2455 /*
2456 * Check if we can increase upper bound. As a previous
2457 * GlobalVisUpdate() might have computed more aggressive values, don't
2458 * overwrite them if so.
2459 */
2469 /* See temp_oldest_nonremovable computation in ComputeXidHorizons() */
2473 else
2474 {
2477 }
2479 /*
2480 * Check if we know that we can initialize or increase the lower
2481 * bound. Currently the only cheap way to do so is to use
2482 * TransamVariables->oldestXid as input.
2483 *
2484 * We should definitely be able to do better. We could e.g. put a
2485 * global lower bound value into TransamVariables.
2486 */
2489 oldestfxid);
2492 oldestfxid);
2495 oldestfxid);
2496 /* accurate value known */
2498 }
2512 /*
2513 * This is a new snapshot, so set both refcounts are zero, and mark it as
2514 * not copied in persistent memory.
2515 */
2523 }
2525 /*
2526 * ProcArrayInstallImportedXmin -- install imported xmin into MyProc->xmin
2527 *
2528 * This is called when installing a snapshot imported from another
2529 * transaction. To ensure that OldestXmin doesn't go backwards, we must
2530 * check that the source transaction is still running, and we'd better do
2531 * that atomically with installing the new xmin.
2532 *
2533 * Returns true if successful, false if source xact is no longer running.
2534 */
2535 bool
2538 {
2547 /* Get lock so source xact can't end while we're doing this */
2550 /*
2551 * Find the PGPROC entry of the source transaction. (This could use
2552 * GetPGProcByNumber(), unless it's a prepared xact. But this isn't
2553 * performance critical.)
2554 */
2556 {
2560 TransactionId xid;
2562 /* Ignore procs running LAZY VACUUM */
2566 /* We are only interested in the specific virtual transaction. */
2572 /*
2573 * We check the transaction's database ID for paranoia's sake: if it's
2574 * in another DB then its xmin does not cover us. Caller should have
2575 * detected this already, so we just treat any funny cases as
2576 * "transaction not found".
2577 */
2581 /*
2582 * Likewise, let's just make real sure its xmin does cover us.
2583 */
2589 /*
2590 * We're good. Install the new xmin. As in GetSnapshotData, set
2591 * TransactionXmin too. (Note that because snapmgr.c called
2592 * GetSnapshotData first, we'll be overwriting a valid xmin here, so
2593 * we don't check that.)
2594 */
2599 }
2604 }
2606 /*
2607 * ProcArrayInstallRestoredXmin -- install restored xmin into MyProc->xmin
2608 *
2609 * This is like ProcArrayInstallImportedXmin, but we have a pointer to the
2610 * PGPROC of the transaction from which we imported the snapshot, rather than
2611 * an XID.
2612 *
2613 * Note that this function also copies statusFlags from the source `proc` in
2614 * order to avoid the case where MyProc's xmin needs to be skipped for
2615 * computing xid horizon.
2616 *
2617 * Returns true if successful, false if source xact is no longer running.
2618 */
2619 bool
2621 {
2623 TransactionId xid;
2628 /*
2629 * Get an exclusive lock so that we can copy statusFlags from source proc.
2630 */
2633 /*
2634 * Be certain that the referenced PGPROC has an advertised xmin which is
2635 * no later than the one we're installing, so that the system-wide xmin
2636 * can't go backwards. Also, make sure it's running in the same database,
2637 * so that the per-database xmin cannot go backwards.
2638 */
2643 {
2644 /*
2645 * Install xmin and propagate the statusFlags that affect how the
2646 * value is interpreted by vacuum.
2647 */
2654 }
2659 }
2661 /*
2662 * GetRunningTransactionData -- returns information about running transactions.
2663 *
2664 * Similar to GetSnapshotData but returns more information. We include
2665 * all PGPROCs with an assigned TransactionId, even VACUUM processes and
2666 * prepared transactions.
2667 *
2668 * We acquire XidGenLock and ProcArrayLock, but the caller is responsible for
2669 * releasing them. Acquiring XidGenLock ensures that no new XIDs enter the proc
2670 * array until the caller has WAL-logged this snapshot, and releases the
2671 * lock. Acquiring ProcArrayLock ensures that no transactions commit until the
2672 * lock is released.
2673 *
2674 * The returned data structure is statically allocated; caller should not
2675 * modify it, and must not assume it is valid past the next call.
2676 *
2677 * This is never executed during recovery so there is no need to look at
2678 * KnownAssignedXids.
2679 *
2680 * Dummy PGPROCs from prepared transaction are included, meaning that this
2681 * may return entries with duplicated TransactionId values coming from
2682 * transaction finishing to prepare. Nothing is done about duplicated
2683 * entries here to not hold on ProcArrayLock more than necessary.
2684 *
2685 * We don't worry about updating other counters, we want to keep this as
2686 * simple as possible and leave GetSnapshotData() as the primary code for
2687 * that bookkeeping.
2688 *
2689 * Note that if any transaction has overflowed its cached subtransactions
2690 * then there is no real need include any subtransactions.
2691 */
2692 RunningTransactions
2694 {
2695 /* result workspace */
2701 TransactionId latestCompletedXid;
2702 TransactionId oldestRunningXid;
2703 TransactionId oldestDatabaseRunningXid;
2712 /*
2713 * Allocating space for maxProcs xids is usually overkill; numProcs would
2714 * be sufficient. But it seems better to do the malloc while not holding
2715 * the lock, so we can't look at numProcs. Likewise, we allocate much
2716 * more subxip storage than is probably needed.
2717 *
2718 * Should only be allocated in bgwriter, since only ever executed during
2719 * checkpoints.
2720 */
2722 {
2723 /*
2724 * First call
2725 */
2732 }
2739 /*
2740 * Ensure that no xids enter or leave the procarray while we obtain
2741 * snapshot.
2742 */
2746 latestCompletedXid =
2751 /*
2752 * Spin over procArray collecting all xids
2753 */
2755 {
2756 TransactionId xid;
2758 /* Fetch xid just once - see GetNewTransactionId */
2761 /*
2762 * We don't need to store transactions that don't have a TransactionId
2763 * yet because they will not show as running on a standby server.
2764 */
2768 /*
2769 * Be careful not to exclude any xids before calculating the values of
2770 * oldestRunningXid and suboverflowed, since these are used to clean
2771 * up transaction information held on standbys.
2772 */
2776 /*
2777 * Also, update the oldest running xid within the current database. As
2778 * fetching pgprocno and PGPROC could cause cache misses, we do cheap
2779 * TransactionId comparison first.
2780 */
2782 {
2788 }
2793 /*
2794 * If we wished to exclude xids this would be the right place for it.
2795 * Procs with the PROC_IN_VACUUM flag set don't usually assign xids,
2796 * but they do during truncation at the end when they get the lock and
2797 * truncate, so it is not much of a problem to include them if they
2798 * are seen and it is cleaner to include them.
2799 */
2802 }
2804 /*
2805 * Spin over procArray collecting all subxids, but only if there hasn't
2806 * been a suboverflow.
2807 */
2809 {
2813 {
2818 /*
2819 * Save subtransaction XIDs. Other backends can't add or remove
2820 * entries while we're holding XidGenLock.
2821 */
2824 {
2825 /* barrier not really required, as XidGenLock is held, but ... */
2833 /*
2834 * Top-level XID of a transaction is always less than any of
2835 * its subxids, so we don't need to check if any of the
2836 * subxids are smaller than oldestRunningXid
2837 */
2838 }
2839 }
2840 }
2842 /*
2843 * It's important *not* to include the limits set by slots here because
2844 * snapbuild.c uses oldestRunningXid to manage its xmin horizon. If those
2845 * were to be included here the initial value could never increase because
2846 * of a circular dependency where slots only increase their limits when
2847 * running xacts increases oldestRunningXid and running xacts only
2848 * increases if slots do.
2849 */
2863 /* We don't release the locks here, the caller is responsible for that */
2866 }
2868 /*
2869 * GetOldestActiveTransactionId()
2870 *
2871 * Similar to GetSnapshotData but returns just oldestActiveXid. We include
2872 * all PGPROCs with an assigned TransactionId, even VACUUM processes.
2873 * We look at all databases, though there is no need to include WALSender
2874 * since this has no effect on hot standby conflicts.
2875 *
2876 * This is never executed during recovery so there is no need to look at
2877 * KnownAssignedXids.
2878 *
2879 * We don't worry about updating other counters, we want to keep this as
2880 * simple as possible and leave GetSnapshotData() as the primary code for
2881 * that bookkeeping.
2882 */
2883 TransactionId
2885 {
2888 TransactionId oldestRunningXid;
2893 /*
2894 * Read nextXid, as the upper bound of what's still active.
2895 *
2896 * Reading a TransactionId is atomic, but we must grab the lock to make
2897 * sure that all XIDs < nextXid are already present in the proc array (or
2898 * have already completed), when we spin over it.
2899 */
2904 /*
2905 * Spin over procArray collecting all xids and subxids.
2906 */
2909 {
2910 TransactionId xid;
2912 /* Fetch xid just once - see GetNewTransactionId */
2921 /*
2922 * Top-level XID of a transaction is always less than any of its
2923 * subxids, so we don't need to check if any of the subxids are
2924 * smaller than oldestRunningXid
2925 */
2926 }
2930 }
2932 /*
2933 * GetOldestSafeDecodingTransactionId -- lowest xid not affected by vacuum
2934 *
2935 * Returns the oldest xid that we can guarantee not to have been affected by
2936 * vacuum, i.e. no rows >= that xid have been vacuumed away unless the
2937 * transaction aborted. Note that the value can (and most of the time will) be
2938 * much more conservative than what really has been affected by vacuum, but we
2939 * currently don't have better data available.
2940 *
2941 * This is useful to initialize the cutoff xid after which a new changeset
2942 * extraction replication slot can start decoding changes.
2943 *
2944 * Must be called with ProcArrayLock held either shared or exclusively,
2945 * although most callers will want to use exclusive mode since it is expected
2946 * that the caller will immediately use the xid to peg the xmin horizon.
2947 */
2948 TransactionId
2950 {
2952 TransactionId oldestSafeXid;
2958 /*
2959 * Acquire XidGenLock, so no transactions can acquire an xid while we're
2960 * running. If no transaction with xid were running concurrently a new xid
2961 * could influence the RecentXmin et al.
2962 *
2963 * We initialize the computation to nextXid since that's guaranteed to be
2964 * a safe, albeit pessimal, value.
2965 */
2969 /*
2970 * If there's already a slot pegging the xmin horizon, we can start with
2971 * that value, it's guaranteed to be safe since it's computed by this
2972 * routine initially and has been enforced since. We can always use the
2973 * slot's general xmin horizon, but the catalog horizon is only usable
2974 * when only catalog data is going to be looked at.
2975 */
2978 oldestSafeXid))
2984 oldestSafeXid))
2987 /*
2988 * If we're not in recovery, we walk over the procarray and collect the
2989 * lowest xid. Since we're called with ProcArrayLock held and have
2990 * acquired XidGenLock, no entries can vanish concurrently, since
2991 * ProcGlobal->xids[i] is only set with XidGenLock held and only cleared
2992 * with ProcArrayLock held.
2993 *
2994 * In recovery we can't lower the safe value besides what we've computed
2995 * above, so we'll have to wait a bit longer there. We unfortunately can
2996 * *not* use KnownAssignedXidsGetOldestXmin() since the KnownAssignedXids
2997 * machinery can miss values and return an older value than is safe.
2998 */
3000 {
3003 /*
3004 * Spin over procArray collecting min(ProcGlobal->xids[i])
3005 */
3007 {
3008 TransactionId xid;
3010 /* Fetch xid just once - see GetNewTransactionId */
3018 }
3019 }
3024 }
3026 /*
3027 * GetVirtualXIDsDelayingChkpt -- Get the VXIDs of transactions that are
3028 * delaying checkpoint because they have critical actions in progress.
3029 *
3030 * Constructs an array of VXIDs of transactions that are currently in commit
3031 * critical sections, as shown by having specified delayChkptFlags bits set
3032 * in their PGPROC.
3033 *
3034 * Returns a palloc'd array that should be freed by the caller.
3035 * *nvxids is the number of valid entries.
3036 *
3037 * Note that because backends set or clear delayChkptFlags without holding any
3038 * lock, the result is somewhat indeterminate, but we don't really care. Even
3039 * in a multiprocessor with delayed writes to shared memory, it should be
3040 * certain that setting of delayChkptFlags will propagate to shared memory
3041 * when the backend takes a lock, so we cannot fail to see a virtual xact as
3042 * delayChkptFlags if it's already inserted its commit record. Whether it
3043 * takes a little while for clearing of delayChkptFlags to propagate is
3044 * unimportant for correctness.
3045 */
3046 VirtualTransactionId *
3048 {
3056 /* allocate what's certainly enough result space */
3063 {
3068 {
3069 VirtualTransactionId vxid;
3074 }
3075 }
3081 }
3083 /*
3084 * HaveVirtualXIDsDelayingChkpt -- Are any of the specified VXIDs delaying?
3085 *
3086 * This is used with the results of GetVirtualXIDsDelayingChkpt to see if any
3087 * of the specified VXIDs are still in critical sections of code.
3088 *
3089 * Note: this is O(N^2) in the number of vxacts that are/were delaying, but
3090 * those numbers should be small enough for it not to be a problem.
3091 */
3092 bool
3094 {
3104 {
3107 VirtualTransactionId vxid;
3113 {
3117 {
3119 {
3122 }
3123 }
3126 }
3127 }
3132 }
3134 /*
3135 * ProcNumberGetProc -- get a backend's PGPROC given its proc number
3136 *
3137 * The result may be out of date arbitrarily quickly, so the caller
3138 * must be careful about how this information is used. NULL is
3139 * returned if the backend is not active.
3140 */
3141 PGPROC *
3143 {
3154 }
3156 /*
3157 * ProcNumberGetTransactionIds -- get a backend's transaction status
3158 *
3159 * Get the xid, xmin, nsubxid and overflow status of the backend. The
3160 * result may be out of date arbitrarily quickly, so the caller must be
3161 * careful about how this information is used.
3162 */
3163 void
3166 {
3178 /* Need to lock out additions/removals of backends */
3182 {
3187 }
3190 }
3192 /*
3193 * BackendPidGetProc -- get a backend's PGPROC given its PID
3194 *
3195 * Returns NULL if not found. Note that it is up to the caller to be
3196 * sure that the question remains meaningful for long enough for the
3197 * answer to be used ...
3198 */
3199 PGPROC *
3201 {
3214 }
3216 /*
3217 * BackendPidGetProcWithLock -- get a backend's PGPROC given its PID
3218 *
3219 * Same as above, except caller must be holding ProcArrayLock. The found
3220 * entry, if any, can be assumed to be valid as long as the lock remains held.
3221 */
3222 PGPROC *
3224 {
3233 {
3237 {
3240 }
3241 }
3244 }
3246 /*
3247 * BackendXidGetPid -- get a backend's pid given its XID
3248 *
3249 * Returns 0 if not found or it's a prepared transaction. Note that
3250 * it is up to the caller to be sure that the question remains
3251 * meaningful for long enough for the answer to be used ...
3252 *
3253 * Only main transaction Ids are considered. This function is mainly
3254 * useful for determining what backend owns a lock.
3255 *
3256 * Beware that not every xact has an XID assigned. However, as long as you
3257 * only call this using an XID found on disk, you're safe.
3258 */
3259 int
3261 {
3273 {
3275 {
3281 }
3282 }
3287 }
3289 /*
3290 * IsBackendPid -- is a given pid a running backend
3291 *
3292 * This is not called by the backend, but is called by external modules.
3293 */
3294 bool
3296 {
3298 }
3301 /*
3302 * GetCurrentVirtualXIDs -- returns an array of currently active VXIDs.
3303 *
3304 * The array is palloc'd. The number of valid entries is returned into *nvxids.
3305 *
3306 * The arguments allow filtering the set of VXIDs returned. Our own process
3307 * is always skipped. In addition:
3308 * If limitXmin is not InvalidTransactionId, skip processes with
3309 * xmin > limitXmin.
3310 * If excludeXmin0 is true, skip processes with xmin = 0.
3311 * If allDbs is false, skip processes attached to other databases.
3312 * If excludeVacuum isn't zero, skip processes for which
3313 * (statusFlags & excludeVacuum) is not zero.
3314 *
3315 * Note: the purpose of the limitXmin and excludeXmin0 parameters is to
3316 * allow skipping backends whose oldest live snapshot is no older than
3317 * some snapshot we have. Since we examine the procarray with only shared
3318 * lock, there are race conditions: a backend could set its xmin just after
3319 * we look. Indeed, on multiprocessors with weak memory ordering, the
3320 * other backend could have set its xmin *before* we look. We know however
3321 * that such a backend must have held shared ProcArrayLock overlapping our
3322 * own hold of ProcArrayLock, else we would see its xmin update. Therefore,
3323 * any snapshot the other backend is taking concurrently with our scan cannot
3324 * consider any transactions as still running that we think are committed
3325 * (since backends must hold ProcArrayLock exclusive to commit).
3326 */
3327 VirtualTransactionId *
3331 {
3337 /* allocate what's certainly enough result space */
3344 {
3356 {
3357 /* Fetch xmin just once - might change on us */
3363 /*
3364 * InvalidTransactionId precedes all other XIDs, so a proc that
3365 * hasn't set xmin yet will not be rejected by this test.
3366 */
3369 {
3370 VirtualTransactionId vxid;
3375 }
3376 }
3377 }
3383 }
3385 /*
3386 * GetConflictingVirtualXIDs -- returns an array of currently active VXIDs.
3387 *
3388 * Usage is limited to conflict resolution during recovery on standby servers.
3389 * limitXmin is supplied as either a cutoff with snapshotConflictHorizon
3390 * semantics, or InvalidTransactionId in cases where caller cannot accurately
3391 * determine a safe snapshotConflictHorizon value.
3392 *
3393 * If limitXmin is InvalidTransactionId then we want to kill everybody,
3394 * so we're not worried if they have a snapshot or not, nor does it really
3395 * matter what type of lock we hold. Caller must avoid calling here with
3396 * snapshotConflictHorizon style cutoffs that were set to InvalidTransactionId
3397 * during original execution, since that actually indicates that there is
3398 * definitely no need for a recovery conflict (the snapshotConflictHorizon
3399 * convention for InvalidTransactionId values is the opposite of our own!).
3400 *
3401 * All callers that are checking xmins always now supply a valid and useful
3402 * value for limitXmin. The limitXmin is always lower than the lowest
3403 * numbered KnownAssignedXid that is not already a FATAL error. This is
3404 * because we only care about cleanup records that are cleaning up tuple
3405 * versions from committed transactions. In that case they will only occur
3406 * at the point where the record is less than the lowest running xid. That
3407 * allows us to say that if any backend takes a snapshot concurrently with
3408 * us then the conflict assessment made here would never include the snapshot
3409 * that is being derived. So we take LW_SHARED on the ProcArray and allow
3410 * concurrent snapshots when limitXmin is valid. We might think about adding
3411 * Assert(limitXmin < lowest(KnownAssignedXids))
3412 * but that would not be true in the case of FATAL errors lagging in array,
3413 * but we already know those are bogus anyway, so we skip that test.
3414 *
3415 * If dbOid is valid we skip backends attached to other databases.
3416 *
3417 * Be careful to *not* pfree the result from this function. We reuse
3418 * this array sufficiently often that we use malloc for the result.
3419 */
3420 VirtualTransactionId *
3422 {
3428 /*
3429 * If first time through, get workspace to remember main XIDs in. We
3430 * malloc it permanently to avoid repeated palloc/pfree overhead. Allow
3431 * result space, remembering room for a terminator.
3432 */
3434 {
3441 }
3446 {
3450 /* Exclude prepared transactions */
3456 {
3457 /* Fetch xmin just once - can't change on us, but good coding */
3460 /*
3461 * We ignore an invalid pxmin because this means that backend has
3462 * no snapshot currently. We hold a Share lock to avoid contention
3463 * with users taking snapshots. That is not a problem because the
3464 * current xmin is always at least one higher than the latest
3465 * removed xid, so any new snapshot would never conflict with the
3466 * test here.
3467 */
3470 {
3471 VirtualTransactionId vxid;
3476 }
3477 }
3478 }
3482 /* add the terminator */
3487 }
3489 /*
3490 * CancelVirtualTransaction - used in recovery conflict processing
3491 *
3492 * Returns pid of the process signaled, or 0 if not found.
3493 */
3494 pid_t
3496 {
3498 }
3500 pid_t
3503 {
3511 {
3514 VirtualTransactionId procvxid;
3520 {
3524 {
3525 /*
3526 * Kill the pid if it's still here. If not, that's what we
3527 * wanted so ignore any errors.
3528 */
3530 }
3532 }
3533 }
3538 }
3540 /*
3541 * MinimumActiveBackends --- count backends (other than myself) that are
3542 * in active transactions. Return true if the count exceeds the
3543 * minimum threshold passed. This is used as a heuristic to decide if
3544 * a pre-XLOG-flush delay is worthwhile during commit.
3545 *
3546 * Do not count backends that are blocked waiting for locks, since they are
3547 * not going to get to run until someone else commits.
3548 */
3549 bool
3551 {
3556 /* Quick short-circuit if no minimum is specified */
3560 /*
3561 * Note: for speed, we don't acquire ProcArrayLock. This is a little bit
3562 * bogus, but since we are only testing fields for zero or nonzero, it
3563 * should be OK. The result is only used for heuristic purposes anyway...
3564 */
3566 {
3570 /*
3571 * Since we're not holding a lock, need to be prepared to deal with
3572 * garbage, as someone could have incremented numProcs but not yet
3573 * filled the structure.
3574 *
3575 * If someone just decremented numProcs, 'proc' could also point to a
3576 * PGPROC entry that's no longer in the array. It still points to a
3577 * PGPROC struct, though, because freed PGPROC entries just go to the
3578 * free list and are recycled. Its contents are nonsense in that case,
3579 * but that's acceptable for this function.
3580 */
3591 count++;
3594 }
3597 }
3599 /*
3600 * CountDBBackends --- count backends that are using specified database
3601 */
3602 int
3604 {
3612 {
3620 count++;
3621 }
3626 }
3628 /*
3629 * CountDBConnections --- counts database backends ignoring any background
3630 * worker processes
3631 */
3632 int
3634 {
3642 {
3652 count++;
3653 }
3658 }
3660 /*
3661 * CancelDBBackends --- cancel backends that are using specified database
3662 */
3663 void
3665 {
3669 /* tell all backends to die */
3673 {
3678 {
3679 VirtualTransactionId procvxid;
3680 pid_t pid;
3687 {
3688 /*
3689 * Kill the pid if it's still here. If not, that's what we
3690 * wanted so ignore any errors.
3691 */
3693 }
3694 }
3695 }
3698 }
3700 /*
3701 * CountUserBackends --- count backends that are used by specified user
3702 */
3703 int
3705 {
3713 {
3722 count++;
3723 }
3728 }
3730 /*
3731 * CountOtherDBBackends -- check for other backends running in the given DB
3732 *
3733 * If there are other backends in the DB, we will wait a maximum of 5 seconds
3734 * for them to exit. Autovacuum backends are encouraged to exit early by
3735 * sending them SIGTERM, but normal user backends are just waited for.
3736 *
3737 * The current backend is always ignored; it is caller's responsibility to
3738 * check whether the current backend uses the given DB, if it's important.
3739 *
3740 * Returns true if there are (still) other backends in the DB, false if not.
3741 * Also, *nbackends and *nprepared are set to the number of other backends
3742 * and prepared transactions in the DB, respectively.
3743 *
3744 * This function is used to interlock DROP DATABASE and related commands
3745 * against there being any active backends in the target DB --- dropping the
3746 * DB while active backends remain would be a Bad Thing. Note that we cannot
3747 * detect here the possibility of a newly-started backend that is trying to
3748 * connect to the doomed database, so additional interlocking is needed during
3749 * backend startup. The caller should normally hold an exclusive lock on the
3750 * target DB before calling this, which is one reason we mustn't wait
3751 * indefinitely.
3752 */
3753 bool
3755 {
3762 /* 50 tries with 100ms sleep between tries makes 5 sec total wait */
3764 {
3776 {
3790 else
3791 {
3796 }
3797 }
3804 /*
3805 * Send SIGTERM to any conflicting autovacuums before sleeping. We
3806 * postpone this step until after the loop because we don't want to
3807 * hold ProcArrayLock while issuing kill(). We have no idea what might
3808 * block kill() inside the kernel...
3809 */
3813 /* sleep, then try again */
3815 }
3818 }
3820 /*
3821 * Terminate existing connections to the specified database. This routine
3822 * is used by the DROP DATABASE command when user has asked to forcefully
3823 * drop the database.
3824 *
3825 * The current backend is always ignored; it is caller's responsibility to
3826 * check whether the current backend uses the given DB, if it's important.
3827 *
3828 * If the target database has a prepared transaction or permissions checks
3829 * fail for a connection, this fails without terminating anything.
3830 */
3831 void
3833 {
3842 {
3853 else
3854 nprepared++;
3855 }
3866 nprepared,
3867 nprepared)));
3870 {
3873 /*
3874 * Permissions checks relax the pg_terminate_backend checks in two
3875 * ways, both by omitting the !OidIsValid(proc->roleId) check:
3876 *
3877 * - Accept terminating autovacuum workers, since DROP DATABASE
3878 * without FORCE terminates them.
3879 *
3880 * - Accept terminating bgworkers. For bgworker authors, it's
3881 * convenient to be able to recommend FORCE if a worker is blocking
3882 * DROP DATABASE unexpectedly.
3883 *
3884 * Unlike pg_terminate_backend, we don't raise some warnings - like
3885 * "PID %d is not a PostgreSQL server process", because for us already
3886 * finished session is not a problem.
3887 */
3889 {
3894 {
3899 errdetail("Only roles with the %s attribute may terminate processes of roles with the %s attribute.",
3907 errdetail("Only roles with privileges of the role whose process is being terminated or with privileges of the \"%s\" role may terminate this process.",
3909 }
3910 }
3912 /*
3913 * There's a race condition here: once we release the ProcArrayLock,
3914 * it's possible for the session to exit before we issue kill. That
3915 * race condition possibility seems too unlikely to worry about. See
3916 * pg_signal_backend.
3917 */
3919 {
3924 {
3925 /*
3926 * If we have setsid(), signal the backend's whole process
3927 * group
3928 */
3929 #ifdef HAVE_SETSID
3931 #else
3933 #endif
3934 }
3935 }
3936 }
3937 }
3939 /*
3940 * ProcArraySetReplicationSlotXmin
3941 *
3942 * Install limits to future computations of the xmin horizon to prevent vacuum
3943 * and HOT pruning from removing affected rows still needed by clients with
3944 * replication slots.
3945 */
3946 void
3949 {
3963 }
3965 /*
3966 * ProcArrayGetReplicationSlotXmin
3967 *
3968 * Return the current slot xmin limits. That's useful to be able to remove
3969 * data that's older than those limits.
3970 */
3971 void
3974 {
3984 }
3986 /*
3987 * XidCacheRemoveRunningXids
3988 *
3989 * Remove a bunch of TransactionIds from the list of known-running
3990 * subtransactions for my backend. Both the specified xid and those in
3991 * the xids[] array (of length nxids) are removed from the subxids cache.
3992 * latestXid must be the latest XID among the group.
3993 */
3994 void
3997 TransactionId latestXid)
3998 {
4000 j;
4005 /*
4006 * We must hold ProcArrayLock exclusively in order to remove transactions
4007 * from the PGPROC array. (See src/backend/access/transam/README.) It's
4008 * possible this could be relaxed since we know this routine is only used
4009 * to abort subtransactions, but pending closer analysis we'd best be
4010 * conservative.
4011 *
4012 * Note that we do not have to be careful about memory ordering of our own
4013 * reads wrt. GetNewTransactionId() here - only this process can modify
4014 * relevant fields of MyProc/ProcGlobal->xids[]. But we do have to be
4015 * careful about our own writes being well ordered.
4016 */
4021 /*
4022 * Under normal circumstances xid and xids[] will be in increasing order,
4023 * as will be the entries in subxids. Scan backwards to avoid O(N^2)
4024 * behavior when removing a lot of xids.
4025 */
4027 {
4031 {
4033 {
4039 }
4040 }
4042 /*
4043 * Ordinarily we should have found it, unless the cache has
4044 * overflowed. However it's also possible for this routine to be
4045 * invoked multiple times for the same subtransaction, in case of an
4046 * error during AbortSubTransaction. So instead of Assert, emit a
4047 * debug warning.
4048 */
4051 }
4054 {
4056 {
4062 }
4063 }
4064 /* Ordinarily we should have found it, unless the cache has overflowed */
4068 /* Also advance global latestCompletedXid while holding the lock */
4071 /* ... and xactCompletionCount */
4075 }
4077 #ifdef XIDCACHE_DEBUG
4079 /*
4080 * Print stats about effectiveness of XID cache
4081 */
4082 static void
4084 {
4086 "XidCache: xmin: %ld, known: %ld, myxact: %ld, latest: %ld, mainxid: %ld, childxid: %ld, knownassigned: %ld, nooflo: %ld, slow: %ld\n",
4087 xc_by_recent_xmin,
4088 xc_by_known_xact,
4089 xc_by_my_xact,
4090 xc_by_latest_xid,
4091 xc_by_main_xid,
4092 xc_by_child_xid,
4093 xc_by_known_assigned,
4094 xc_no_overflow,
4095 xc_slow_answer);
4096 }
4099 /*
4100 * If rel != NULL, return test state appropriate for relation, otherwise
4101 * return state usable for all relations. The latter may consider XIDs as
4102 * not-yet-visible-to-everyone that a state for a specific relation would
4103 * already consider visible-to-everyone.
4104 *
4105 * This needs to be called while a snapshot is active or registered, otherwise
4106 * there are wraparound and other dangers.
4107 *
4108 * See comment for GlobalVisState for details.
4109 */
4110 GlobalVisState *
4112 {
4115 /* XXX: we should assert that a snapshot is pushed or registered */
4119 {
4132 }
4138 }
4140 /*
4141 * Return true if it's worth updating the accurate maybe_needed boundary.
4142 *
4143 * As it is somewhat expensive to determine xmin horizons, we don't want to
4144 * repeatedly do so when there is a low likelihood of it being beneficial.
4145 *
4146 * The current heuristic is that we update only if RecentXmin has changed
4147 * since the last update. If the oldest currently running transaction has not
4148 * finished, it is unlikely that recomputing the horizon would be useful.
4149 */
4150 static bool
4152 {
4153 /* hasn't been updated yet */
4157 /*
4158 * If the maybe_needed/definitely_needed boundaries are the same, it's
4159 * unlikely to be beneficial to refresh boundaries.
4160 */
4165 /* does the last snapshot built have a different xmin? */
4167 }
4169 static void
4171 {
4185 /*
4186 * In longer running transactions it's possible that transactions we
4187 * previously needed to treat as running aren't around anymore. So update
4188 * definitely_needed to not be earlier than maybe_needed.
4189 */
4202 }
4204 /*
4205 * Update boundaries in GlobalVis{Shared,Catalog, Data}Rels
4206 * using ComputeXidHorizons().
4207 */
4208 static void
4210 {
4211 ComputeXidHorizonsResult horizons;
4213 /* updates the horizons as a side-effect */
4215 }
4217 /*
4218 * Return true if no snapshot still considers fxid to be running.
4219 *
4220 * The state passed needs to have been initialized for the relation fxid is
4221 * from (NULL is also OK), otherwise the result may not be correct.
4222 *
4223 * See comment for GlobalVisState for details.
4224 */
4225 bool
4227 FullTransactionId fxid)
4228 {
4229 /*
4230 * If fxid is older than maybe_needed bound, it definitely is visible to
4231 * everyone.
4232 */
4236 /*
4237 * If fxid is >= definitely_needed bound, it is very likely to still be
4238 * considered running.
4239 */
4243 /*
4244 * fxid is between maybe_needed and definitely_needed, i.e. there might or
4245 * might not exist a snapshot considering fxid running. If it makes sense,
4246 * update boundaries and recheck.
4247 */
4249 {
4255 }
4256 else
4258 }
4260 /*
4261 * Wrapper around GlobalVisTestIsRemovableFullXid() for 32bit xids.
4262 *
4263 * It is crucial that this only gets called for xids from a source that
4264 * protects against xid wraparounds (e.g. from a table and thus protected by
4265 * relfrozenxid).
4266 */
4267 bool
4269 {
4270 FullTransactionId fxid;
4272 /*
4273 * Convert 32 bit argument to FullTransactionId. We can do so safely
4274 * because we know the xid has to, at the very least, be between
4275 * [oldestXid, nextXid), i.e. within 2 billion of xid. To avoid taking a
4276 * lock to determine either, we can just compare with
4277 * state->definitely_needed, which was based on those value at the time
4278 * the current snapshot was built.
4279 */
4283 }
4285 /*
4286 * Convenience wrapper around GlobalVisTestFor() and
4287 * GlobalVisTestIsRemovableFullXid(), see their comments.
4288 */
4289 bool
4291 {
4297 }
4299 /*
4300 * Convenience wrapper around GlobalVisTestFor() and
4301 * GlobalVisTestIsRemovableXid(), see their comments.
4302 */
4303 bool
4305 {
4311 }
4313 /*
4314 * Convert a 32 bit transaction id into 64 bit transaction id, by assuming it
4315 * is within MaxTransactionId / 2 of XidFromFullTransactionId(rel).
4316 *
4317 * Be very careful about when to use this function. It can only safely be used
4318 * when there is a guarantee that xid is within MaxTransactionId / 2 xids of
4319 * rel. That e.g. can be guaranteed if the caller assures a snapshot is
4320 * held by the backend and xid is from a table (where vacuum/freezing ensures
4321 * the xid has to be within that range), or if xid is from the procarray and
4322 * prevents xid wraparound that way.
4323 */
4326 {
4332 /* not guaranteed to find issues, but likely to catch mistakes */
4337 }
4340 /* ----------------------------------------------
4341 * KnownAssignedTransactionIds sub-module
4342 * ----------------------------------------------
4343 */
4345 /*
4346 * In Hot Standby mode, we maintain a list of transactions that are (or were)
4347 * running on the primary at the current point in WAL. These XIDs must be
4348 * treated as running by standby transactions, even though they are not in
4349 * the standby server's PGPROC array.
4350 *
4351 * We record all XIDs that we know have been assigned. That includes all the
4352 * XIDs seen in WAL records, plus all unobserved XIDs that we can deduce have
4353 * been assigned. We can deduce the existence of unobserved XIDs because we
4354 * know XIDs are assigned in sequence, with no gaps. The KnownAssignedXids
4355 * list expands as new XIDs are observed or inferred, and contracts when
4356 * transaction completion records arrive.
4357 *
4358 * During hot standby we do not fret too much about the distinction between
4359 * top-level XIDs and subtransaction XIDs. We store both together in the
4360 * KnownAssignedXids list. In backends, this is copied into snapshots in
4361 * GetSnapshotData(), taking advantage of the fact that XidInMVCCSnapshot()
4362 * doesn't care about the distinction either. Subtransaction XIDs are
4363 * effectively treated as top-level XIDs and in the typical case pg_subtrans
4364 * links are *not* maintained (which does not affect visibility).
4365 *
4366 * We have room in KnownAssignedXids and in snapshots to hold maxProcs *
4367 * (1 + PGPROC_MAX_CACHED_SUBXIDS) XIDs, so every primary transaction must
4368 * report its subtransaction XIDs in a WAL XLOG_XACT_ASSIGNMENT record at
4369 * least every PGPROC_MAX_CACHED_SUBXIDS. When we receive one of these
4370 * records, we mark the subXIDs as children of the top XID in pg_subtrans,
4371 * and then remove them from KnownAssignedXids. This prevents overflow of
4372 * KnownAssignedXids and snapshots, at the cost that status checks for these
4373 * subXIDs will take a slower path through TransactionIdIsInProgress().
4374 * This means that KnownAssignedXids is not necessarily complete for subXIDs,
4375 * though it should be complete for top-level XIDs; this is the same situation
4376 * that holds with respect to the PGPROC entries in normal running.
4377 *
4378 * When we throw away subXIDs from KnownAssignedXids, we need to keep track of
4379 * that, similarly to tracking overflow of a PGPROC's subxids array. We do
4380 * that by remembering the lastOverflowedXid, ie the last thrown-away subXID.
4381 * As long as that is within the range of interesting XIDs, we have to assume
4382 * that subXIDs are missing from snapshots. (Note that subXID overflow occurs
4383 * on primary when 65th subXID arrives, whereas on standby it occurs when 64th
4384 * subXID arrives - that is not an error.)
4385 *
4386 * Should a backend on primary somehow disappear before it can write an abort
4387 * record, then we just leave those XIDs in KnownAssignedXids. They actually
4388 * aborted but we think they were running; the distinction is irrelevant
4389 * because either way any changes done by the transaction are not visible to
4390 * backends in the standby. We prune KnownAssignedXids when
4391 * XLOG_RUNNING_XACTS arrives, to forestall possible overflow of the
4392 * array due to such dead XIDs.
4393 */
4395 /*
4396 * RecordKnownAssignedTransactionIds
4397 * Record the given XID in KnownAssignedXids, as well as any preceding
4398 * unobserved XIDs.
4399 *
4400 * RecordKnownAssignedTransactionIds() should be run for *every* WAL record
4401 * associated with a transaction. Must be called for each record after we
4402 * have executed StartupCLOG() et al, since we must ExtendCLOG() etc..
4403 *
4404 * Called during recovery in analogy with and in place of GetNewTransactionId()
4405 */
4406 void
4408 {
4416 /*
4417 * When a newly observed xid arrives, it is frequently the case that it is
4418 * *not* the next xid in sequence. When this occurs, we must treat the
4419 * intervening xids as running also.
4420 */
4422 {
4423 TransactionId next_expected_xid;
4425 /*
4426 * Extend subtrans like we do in GetNewTransactionId() during normal
4427 * operation using individual extend steps. Note that we do not need
4428 * to extend clog since its extensions are WAL logged.
4429 *
4430 * This part has to be done regardless of standbyState since we
4431 * immediately start assigning subtransactions to their toplevel
4432 * transactions.
4433 */
4436 {
4439 }
4442 /*
4443 * If the KnownAssignedXids machinery isn't up yet, there's nothing
4444 * more to do since we don't track assigned xids yet.
4445 */
4447 {
4450 }
4452 /*
4453 * Add (latestObservedXid, xid] onto the KnownAssignedXids array.
4454 */
4459 /*
4460 * Now we can advance latestObservedXid
4461 */
4464 /* TransamVariables->nextXid must be beyond any observed xid */
4466 }
4467 }
4469 /*
4470 * ExpireTreeKnownAssignedTransactionIds
4471 * Remove the given XIDs from KnownAssignedXids.
4472 *
4473 * Called during recovery in analogy with and in place of ProcArrayEndTransaction()
4474 */
4475 void
4478 {
4481 /*
4482 * Uses same locking as transaction commit
4483 */
4488 /* As in ProcArrayEndTransaction, advance latestCompletedXid */
4491 /* ... and xactCompletionCount */
4495 }
4497 /*
4498 * ExpireAllKnownAssignedTransactionIds
4499 * Remove all entries in KnownAssignedXids and reset lastOverflowedXid.
4500 */
4501 void
4503 {
4507 /*
4508 * Reset lastOverflowedXid. Currently, lastOverflowedXid has no use after
4509 * the call of this function. But do this for unification with what
4510 * ExpireOldKnownAssignedTransactionIds() do.
4511 */
4514 }
4516 /*
4517 * ExpireOldKnownAssignedTransactionIds
4518 * Remove KnownAssignedXids entries preceding the given XID and
4519 * potentially reset lastOverflowedXid.
4520 */
4521 void
4523 {
4526 /*
4527 * Reset lastOverflowedXid if we know all transactions that have been
4528 * possibly running are being gone. Not doing so could cause an incorrect
4529 * lastOverflowedXid value, which makes extra snapshots be marked as
4530 * suboverflowed.
4531 */
4536 }
4538 /*
4539 * KnownAssignedTransactionIdsIdleMaintenance
4540 * Opportunistically do maintenance work when the startup process
4541 * is about to go idle.
4542 */
4543 void
4545 {
4547 }
4550 /*
4551 * Private module functions to manipulate KnownAssignedXids
4552 *
4553 * There are 5 main uses of the KnownAssignedXids data structure:
4554 *
4555 * * backends taking snapshots - all valid XIDs need to be copied out
4556 * * backends seeking to determine presence of a specific XID
4557 * * startup process adding new known-assigned XIDs
4558 * * startup process removing specific XIDs as transactions end
4559 * * startup process pruning array when special WAL records arrive
4560 *
4561 * This data structure is known to be a hot spot during Hot Standby, so we
4562 * go to some lengths to make these operations as efficient and as concurrent
4563 * as possible.
4564 *
4565 * The XIDs are stored in an array in sorted order --- TransactionIdPrecedes
4566 * order, to be exact --- to allow binary search for specific XIDs. Note:
4567 * in general TransactionIdPrecedes would not provide a total order, but
4568 * we know that the entries present at any instant should not extend across
4569 * a large enough fraction of XID space to wrap around (the primary would
4570 * shut down for fear of XID wrap long before that happens). So it's OK to
4571 * use TransactionIdPrecedes as a binary-search comparator.
4572 *
4573 * It's cheap to maintain the sortedness during insertions, since new known
4574 * XIDs are always reported in XID order; we just append them at the right.
4575 *
4576 * To keep individual deletions cheap, we need to allow gaps in the array.
4577 * This is implemented by marking array elements as valid or invalid using
4578 * the parallel boolean array KnownAssignedXidsValid[]. A deletion is done
4579 * by setting KnownAssignedXidsValid[i] to false, *without* clearing the
4580 * XID entry itself. This preserves the property that the XID entries are
4581 * sorted, so we can do binary searches easily. Periodically we compress
4582 * out the unused entries; that's much cheaper than having to compress the
4583 * array immediately on every deletion.
4584 *
4585 * The actually valid items in KnownAssignedXids[] and KnownAssignedXidsValid[]
4586 * are those with indexes tail <= i < head; items outside this subscript range
4587 * have unspecified contents. When head reaches the end of the array, we
4588 * force compression of unused entries rather than wrapping around, since
4589 * allowing wraparound would greatly complicate the search logic. We maintain
4590 * an explicit tail pointer so that pruning of old XIDs can be done without
4591 * immediately moving the array contents. In most cases only a small fraction
4592 * of the array contains valid entries at any instant.
4593 *
4594 * Although only the startup process can ever change the KnownAssignedXids
4595 * data structure, we still need interlocking so that standby backends will
4596 * not observe invalid intermediate states. The convention is that backends
4597 * must hold shared ProcArrayLock to examine the array. To remove XIDs from
4598 * the array, the startup process must hold ProcArrayLock exclusively, for
4599 * the usual transactional reasons (compare commit/abort of a transaction
4600 * during normal running). Compressing unused entries out of the array
4601 * likewise requires exclusive lock. To add XIDs to the array, we just insert
4602 * them into slots to the right of the head pointer and then advance the head
4603 * pointer. This doesn't require any lock at all, but on machines with weak
4604 * memory ordering, we need to be careful that other processors see the array
4605 * element changes before they see the head pointer change. We handle this by
4606 * using memory barriers when reading or writing the head/tail pointers (unless
4607 * the caller holds ProcArrayLock exclusively).
4608 *
4609 * Algorithmic analysis:
4610 *
4611 * If we have a maximum of M slots, with N XIDs currently spread across
4612 * S elements then we have N <= S <= M always.
4613 *
4614 * * Adding a new XID is O(1) and needs no lock (unless compression must
4615 * happen)
4616 * * Compressing the array is O(S) and requires exclusive lock
4617 * * Removing an XID is O(logS) and requires exclusive lock
4618 * * Taking a snapshot is O(S) and requires shared lock
4619 * * Checking for an XID is O(logS) and requires shared lock
4620 *
4621 * In comparison, using a hash table for KnownAssignedXids would mean that
4622 * taking snapshots would be O(M). If we can maintain S << M then the
4623 * sorted array technique will deliver significantly faster snapshots.
4624 * If we try to keep S too small then we will spend too much time compressing,
4625 * so there is an optimal point for any workload mix. We use a heuristic to
4626 * decide when to compress the array, though trimming also helps reduce
4627 * frequency of compressing. The heuristic requires us to track the number of
4628 * currently valid XIDs in the array (N). Except in special cases, we'll
4629 * compress when S >= 2N. Bounding S at 2N in turn bounds the time for
4630 * taking a snapshot to be O(N), which it would have to be anyway.
4631 */
4634 /*
4635 * Compress KnownAssignedXids by shifting valid data down to the start of the
4636 * array, removing any gaps.
4637 *
4638 * A compression step is forced if "reason" is KAX_NO_SPACE, otherwise
4639 * we do it only if a heuristic indicates it's a good time to do it.
4640 *
4641 * Compression requires holding ProcArrayLock in exclusive mode.
4642 * Caller must pass haveLock = true if it already holds the lock.
4643 */
4644 static void
4646 {
4649 tail,
4650 nelements;
4654 /* Counters for compression heuristics */
4658 /* Tuning constants */
4662 /*
4663 * Since only the startup process modifies the head/tail pointers, we
4664 * don't need a lock to read them here.
4665 */
4670 /*
4671 * If we can choose whether to compress, use a heuristic to avoid
4672 * compressing too often or not often enough. "Compress" here simply
4673 * means moving the values to the beginning of the array, so it is not as
4674 * complex or costly as typical data compression algorithms.
4675 */
4677 {
4678 /*
4679 * When there are no gaps between head and tail, don't bother to
4680 * compress, except in the KAX_NO_SPACE case where we must compress to
4681 * create some space after the head.
4682 */
4685 }
4687 {
4688 /*
4689 * Consider compressing only once every so many commits. Frequency
4690 * determined by benchmarks.
4691 */
4695 /*
4696 * Furthermore, compress only if the used part of the array is less
4697 * than 50% full (see comments above).
4698 */
4701 }
4703 {
4704 /*
4705 * We're about to go idle for lack of new WAL, so we might as well
4706 * compress. But not too often, to avoid ProcArray lock contention
4707 * with readers.
4708 */
4710 {
4711 TimestampTz compress_after;
4714 KAX_COMPRESS_IDLE_INTERVAL);
4717 }
4718 }
4720 /* Need to compress, so get the lock if we don't have it. */
4724 /*
4725 * We compress the array by reading the valid values from tail to head,
4726 * re-aligning data to 0th element.
4727 */
4730 {
4732 {
4735 compress_index++;
4736 }
4737 }
4746 /* Update timestamp for maintenance. No need to hold lock for this. */
4748 }
4750 /*
4751 * Add xids into KnownAssignedXids at the head of the array.
4752 *
4753 * xids from from_xid to to_xid, inclusive, are added to the array.
4754 *
4755 * If exclusive_lock is true then caller already holds ProcArrayLock in
4756 * exclusive mode, so we need no extra locking here. Else caller holds no
4757 * lock, so we need to be sure we maintain sufficient interlocks against
4758 * concurrent readers. (Only the startup process ever calls this, so no need
4759 * to worry about concurrent writers.)
4760 */
4761 static void
4764 {
4766 TransactionId next_xid;
4768 tail;
4774 /*
4775 * Calculate how many array slots we'll need. Normally this is cheap; in
4776 * the unusual case where the XIDs cross the wrap point, we do it the hard
4777 * way.
4778 */
4781 else
4782 {
4786 {
4787 nxids++;
4789 }
4790 }
4792 /*
4793 * Since only the startup process modifies the head/tail pointers, we
4794 * don't need a lock to read them here.
4795 */
4802 /*
4803 * Verify that insertions occur in TransactionId sequence. Note that even
4804 * if the last existing element is marked invalid, it must still have a
4805 * correctly sequenced XID value.
4806 */
4809 {
4812 }
4814 /*
4815 * If our xids won't fit in the remaining space, compress out free space
4816 */
4818 {
4822 /* note: we no longer care about the tail pointer */
4824 /*
4825 * If it still won't fit then we're out of memory
4826 */
4829 }
4831 /* Now we can insert the xids into the space starting at head */
4834 {
4838 head++;
4839 }
4841 /* Adjust count of number of valid entries */
4844 /*
4845 * Now update the head pointer. We use a write barrier to ensure that
4846 * other processors see the above array updates before they see the head
4847 * pointer change. The barrier isn't required if we're holding
4848 * ProcArrayLock exclusively.
4849 */
4854 }
4856 /*
4857 * KnownAssignedXidsSearch
4858 *
4859 * Searches KnownAssignedXids for a specific xid and optionally removes it.
4860 * Returns true if it was found, false if not.
4861 *
4862 * Caller must hold ProcArrayLock in shared or exclusive mode.
4863 * Exclusive lock must be held for remove = true.
4864 */
4865 static bool
4867 {
4870 last;
4878 /*
4879 * Only the startup process removes entries, so we don't need the read
4880 * barrier in that case.
4881 */
4885 /*
4886 * Standard binary search. Note we can ignore the KnownAssignedXidsValid
4887 * array here, since even invalid entries will contain sorted XIDs.
4888 */
4892 {
4894 TransactionId mid_xid;
4900 {
4903 }
4906 else
4908 }
4917 {
4923 /*
4924 * If we're removing the tail element then advance tail pointer over
4925 * any invalid elements. This will speed future searches.
4926 */
4928 {
4929 tail++;
4931 tail++;
4933 {
4934 /* Array is empty, so we can reset both pointers */
4937 }
4938 else
4939 {
4941 }
4942 }
4943 }
4946 }
4948 /*
4949 * Is the specified XID present in KnownAssignedXids[]?
4950 *
4951 * Caller must hold ProcArrayLock in shared or exclusive mode.
4952 */
4953 static bool
4955 {
4959 }
4961 /*
4962 * Remove the specified XID from KnownAssignedXids[].
4963 *
4964 * Caller must hold ProcArrayLock in exclusive mode.
4965 */
4966 static void
4968 {
4973 /*
4974 * Note: we cannot consider it an error to remove an XID that's not
4975 * present. We intentionally remove subxact IDs while processing
4976 * XLOG_XACT_ASSIGNMENT, to avoid array overflow. Then those XIDs will be
4977 * removed again when the top-level xact commits or aborts.
4978 *
4979 * It might be possible to track such XIDs to distinguish this case from
4980 * actual errors, but it would be complicated and probably not worth it.
4981 * So, just ignore the search result.
4982 */
4984 }
4986 /*
4987 * KnownAssignedXidsRemoveTree
4988 * Remove xid (if it's not InvalidTransactionId) and all the subxids.
4989 *
4990 * Caller must hold ProcArrayLock in exclusive mode.
4991 */
4992 static void
4995 {
5004 /* Opportunistically compress the array */
5006 }
5008 /*
5009 * Prune KnownAssignedXids up to, but *not* including xid. If xid is invalid
5010 * then clear the whole table.
5011 *
5012 * Caller must hold ProcArrayLock in exclusive mode.
5013 */
5014 static void
5016 {
5020 tail,
5021 i;
5024 {
5029 }
5033 /*
5034 * Mark entries invalid starting at the tail. Since array is sorted, we
5035 * can stop as soon as we reach an entry >= removeXid.
5036 */
5041 {
5043 {
5050 {
5052 count++;
5053 }
5054 }
5055 }
5060 /*
5061 * Advance the tail pointer if we've marked the tail item invalid.
5062 */
5064 {
5067 }
5069 {
5070 /* Array is empty, so we can reset both pointers */
5073 }
5074 else
5075 {
5077 }
5079 /* Opportunistically compress the array */
5081 }
5083 /*
5084 * KnownAssignedXidsGet - Get an array of xids by scanning KnownAssignedXids.
5085 * We filter out anything >= xmax.
5086 *
5087 * Returns the number of XIDs stored into xarray[]. Caller is responsible
5088 * that array is large enough.
5089 *
5090 * Caller must hold ProcArrayLock in (at least) shared mode.
5091 */
5092 static int
5094 {
5098 }
5100 /*
5101 * KnownAssignedXidsGetAndSetXmin - as KnownAssignedXidsGet, plus
5102 * we reduce *xmin to the lowest xid value seen if not already lower.
5103 *
5104 * Caller must hold ProcArrayLock in (at least) shared mode.
5105 */
5106 static int
5108 TransactionId xmax)
5109 {
5112 tail;
5115 /*
5116 * Fetch head just once, since it may change while we loop. We can stop
5117 * once we reach the initially seen head, since we are certain that an xid
5118 * cannot enter and then leave the array while we hold ProcArrayLock. We
5119 * might miss newly-added xids, but they should be >= xmax so irrelevant
5120 * anyway.
5121 */
5128 {
5129 /* Skip any gaps in the array */
5131 {
5134 /*
5135 * Update xmin if required. Only the first XID need be checked,
5136 * since the array is sorted.
5137 */
5142 /*
5143 * Filter out anything >= xmax, again relying on sorted property
5144 * of array.
5145 */
5150 /* Add knownXid into output array */
5152 }
5153 }
5156 }
5158 /*
5159 * Get oldest XID in the KnownAssignedXids array, or InvalidTransactionId
5160 * if nothing there.
5161 */
5162 static TransactionId
5164 {
5166 tail;
5169 /*
5170 * Fetch head just once, since it may change while we loop.
5171 */
5178 {
5179 /* Skip any gaps in the array */
5182 }
5185 }
5187 /*
5188 * Display KnownAssignedXids to provide debug trail
5189 *
5190 * Currently this is only called within startup process, so we need no
5191 * special locking.
5192 *
5193 * Note this is pretty expensive, and much of the expense will be incurred
5194 * even if the elog message will get discarded. It's not currently called
5195 * in any performance-critical places, however, so no need to be tenser.
5196 */
5197 static void
5199 {
5201 StringInfoData buf;
5203 tail,
5204 i;
5213 {
5215 {
5216 nxids++;
5218 }
5219 }
5222 nxids,
5229 }
5231 /*
5232 * KnownAssignedXidsReset
5233 * Resets KnownAssignedXids to be empty
5234 */
5235 static void
5237 {
5247 }