varsup.c File Reference

#include "postgres.h"
#include "access/clog.h"
#include "access/commit_ts.h"
#include "access/subtrans.h"
#include "access/transam.h"
#include "access/xact.h"
#include "access/xlog.h"
#include "commands/dbcommands.h"
#include "miscadmin.h"
#include "postmaster/autovacuum.h"
#include "storage/pmsignal.h"
#include "storage/proc.h"
#include "utils/syscache.h"

Include dependency graph for varsup.c:

Go to the source code of this file.

Macros
#define	VAR_OID_PREFETCH   8192

Functions
TransactionId	GetNewTransactionId (bool isSubXact)
TransactionId	ReadNewTransactionId (void)
void	AdvanceOldestClogXid (TransactionId oldest_datfrozenxid)
void	SetTransactionIdLimit (TransactionId oldest_datfrozenxid, Oid oldest_datoid)
bool	ForceTransactionIdLimitUpdate (void)
Oid	GetNewObjectId (void)

Variables
VariableCache	ShmemVariableCache = NULL

Macro Definition Documentation

VAR_OID_PREFETCH

#define VAR_OID_PREFETCH   8192

Definition at line 31 of file varsup.c.

Referenced by GetNewObjectId().

Function Documentation

AdvanceOldestClogXid()

void AdvanceOldestClogXid

(

TransactionId

oldest_datfrozenxid

)

Definition at line 271 of file varsup.c.

References LW_EXCLUSIVE, LWLockAcquire(), LWLockRelease(), VariableCacheData::oldestClogXid, and TransactionIdPrecedes().

Referenced by BootStrapXLOG(), clog_redo(), StartupXLOG(), and TruncateCLOG().

{
    LWLockAcquire(CLogTruncationLock, LW_EXCLUSIVE);
    if (TransactionIdPrecedes(ShmemVariableCache->oldestClogXid,
                              oldest_datfrozenxid))
    {
        ShmemVariableCache->oldestClogXid = oldest_datfrozenxid;
    }
    LWLockRelease(CLogTruncationLock);
}

ForceTransactionIdLimitUpdate()

bool ForceTransactionIdLimitUpdate

(

void

)

Definition at line 429 of file varsup.c.

References DATABASEOID, LW_SHARED, LWLockAcquire(), LWLockRelease(), VariableCacheData::nextXid, ObjectIdGetDatum, VariableCacheData::oldestXid, VariableCacheData::oldestXidDB, SearchSysCacheExists1, TransactionIdFollowsOrEquals(), TransactionIdIsNormal, TransactionIdIsValid, and VariableCacheData::xidVacLimit.

Referenced by vac_update_datfrozenxid().

{
    TransactionId nextXid;
    TransactionId xidVacLimit;
    TransactionId oldestXid;
    Oid         oldestXidDB;

    /* Locking is probably not really necessary, but let's be careful */
    LWLockAcquire(XidGenLock, LW_SHARED);
    nextXid = ShmemVariableCache->nextXid;
    xidVacLimit = ShmemVariableCache->xidVacLimit;
    oldestXid = ShmemVariableCache->oldestXid;
    oldestXidDB = ShmemVariableCache->oldestXidDB;
    LWLockRelease(XidGenLock);

    if (!TransactionIdIsNormal(oldestXid))
        return true;            /* shouldn't happen, but just in case */
    if (!TransactionIdIsValid(xidVacLimit))
        return true;            /* this shouldn't happen anymore either */
    if (TransactionIdFollowsOrEquals(nextXid, xidVacLimit))
        return true;            /* past VacLimit, don't delay updating */
    if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(oldestXidDB)))
        return true;            /* could happen, per comments above */
    return false;
}

GetNewObjectId()

Oid GetNewObjectId

(

void

)

Definition at line 467 of file varsup.c.

References elog, ERROR, FirstBootstrapObjectId, FirstNormalObjectId, IsPostmasterEnvironment, LW_EXCLUSIVE, LWLockAcquire(), LWLockRelease(), VariableCacheData::nextOid, VariableCacheData::oidCount, RecoveryInProgress(), VAR_OID_PREFETCH, and XLogPutNextOid().

Referenced by GetNewOid(), GetNewOidWithIndex(), and GetNewRelFileNode().

{
    Oid         result;

    /* safety check, we should never get this far in a HS standby */
    if (RecoveryInProgress())
        elog(ERROR, "cannot assign OIDs during recovery");

    LWLockAcquire(OidGenLock, LW_EXCLUSIVE);

    /*
     * Check for wraparound of the OID counter.  We *must* not return 0
     * (InvalidOid), and in normal operation we mustn't return anything below
     * FirstNormalObjectId since that range is reserved for initdb (see
     * IsCatalogClass()).  Note we are relying on unsigned comparison.
     *
     * During initdb, we start the OID generator at FirstBootstrapObjectId, so
     * we only wrap if before that point when in bootstrap or standalone mode.
     * The first time through this routine after normal postmaster start, the
     * counter will be forced up to FirstNormalObjectId.  This mechanism
     * leaves the OIDs between FirstBootstrapObjectId and FirstNormalObjectId
     * available for automatic assignment during initdb, while ensuring they
     * will never conflict with user-assigned OIDs.
     */
    if (ShmemVariableCache->nextOid < ((Oid) FirstNormalObjectId))
    {
        if (IsPostmasterEnvironment)
        {
            /* wraparound, or first post-initdb assignment, in normal mode */
            ShmemVariableCache->nextOid = FirstNormalObjectId;
            ShmemVariableCache->oidCount = 0;
        }
        else
        {
            /* we may be bootstrapping, so don't enforce the full range */
            if (ShmemVariableCache->nextOid < ((Oid) FirstBootstrapObjectId))
            {
                /* wraparound in standalone mode (unlikely but possible) */
                ShmemVariableCache->nextOid = FirstNormalObjectId;
                ShmemVariableCache->oidCount = 0;
            }
        }
    }

    /* If we run out of logged for use oids then we must log more */
    if (ShmemVariableCache->oidCount == 0)
    {
        XLogPutNextOid(ShmemVariableCache->nextOid + VAR_OID_PREFETCH);
        ShmemVariableCache->oidCount = VAR_OID_PREFETCH;
    }

    result = ShmemVariableCache->nextOid;

    (ShmemVariableCache->nextOid)++;
    (ShmemVariableCache->oidCount)--;

    LWLockRelease(OidGenLock);

    return result;
}

GetNewTransactionId()

TransactionId GetNewTransactionId

(

bool

isSubXact

)

Definition at line 48 of file varsup.c.

References Assert, BootstrapTransactionId, elog, ereport, errcode(), errhint(), errmsg(), ERROR, ExtendCLOG(), ExtendCommitTs(), ExtendSUBTRANS(), get_database_name(), IsBootstrapProcessingMode, IsInParallelMode(), IsUnderPostmaster, LW_EXCLUSIVE, LWLockAcquire(), LWLockRelease(), MyPgXact, MyProc, VariableCacheData::nextXid, PGXACT::nxids, VariableCacheData::oldestXidDB, PGXACT::overflowed, PGPROC_MAX_CACHED_SUBXIDS, PMSIGNAL_START_AUTOVAC_LAUNCHER, RecoveryInProgress(), SendPostmasterSignal(), PGPROC::subxids, TransactionIdAdvance, TransactionIdFollowsOrEquals(), WARNING, PGXACT::xid, XidCache::xids, VariableCacheData::xidStopLimit, VariableCacheData::xidVacLimit, VariableCacheData::xidWarnLimit, and VariableCacheData::xidWrapLimit.

Referenced by AssignTransactionId().

{
    TransactionId xid;

    /*
     * Workers synchronize transaction state at the beginning of each parallel
     * operation, so we can't account for new XIDs after that point.
     */
    if (IsInParallelMode())
        elog(ERROR, "cannot assign TransactionIds during a parallel operation");

    /*
     * During bootstrap initialization, we return the special bootstrap
     * transaction id.
     */
    if (IsBootstrapProcessingMode())
    {
        Assert(!isSubXact);
        MyPgXact->xid = BootstrapTransactionId;
        return BootstrapTransactionId;
    }

    /* safety check, we should never get this far in a HS standby */
    if (RecoveryInProgress())
        elog(ERROR, "cannot assign TransactionIds during recovery");

    LWLockAcquire(XidGenLock, LW_EXCLUSIVE);

    xid = ShmemVariableCache->nextXid;

    /*----------
     * Check to see if it's safe to assign another XID.  This protects against
     * catastrophic data loss due to XID wraparound.  The basic rules are:
     *
     * If we're past xidVacLimit, start trying to force autovacuum cycles.
     * If we're past xidWarnLimit, start issuing warnings.
     * If we're past xidStopLimit, refuse to execute transactions, unless
     * we are running in single-user mode (which gives an escape hatch
     * to the DBA who somehow got past the earlier defenses).
     *
     * Note that this coding also appears in GetNewMultiXactId.
     *----------
     */
    if (TransactionIdFollowsOrEquals(xid, ShmemVariableCache->xidVacLimit))
    {
        /*
         * For safety's sake, we release XidGenLock while sending signals,
         * warnings, etc.  This is not so much because we care about
         * preserving concurrency in this situation, as to avoid any
         * possibility of deadlock while doing get_database_name(). First,
         * copy all the shared values we'll need in this path.
         */
        TransactionId xidWarnLimit = ShmemVariableCache->xidWarnLimit;
        TransactionId xidStopLimit = ShmemVariableCache->xidStopLimit;
        TransactionId xidWrapLimit = ShmemVariableCache->xidWrapLimit;
        Oid         oldest_datoid = ShmemVariableCache->oldestXidDB;

        LWLockRelease(XidGenLock);

        /*
         * To avoid swamping the postmaster with signals, we issue the autovac
         * request only once per 64K transaction starts.  This still gives
         * plenty of chances before we get into real trouble.
         */
        if (IsUnderPostmaster && (xid % 65536) == 0)
            SendPostmasterSignal(PMSIGNAL_START_AUTOVAC_LAUNCHER);

        if (IsUnderPostmaster &&
            TransactionIdFollowsOrEquals(xid, xidStopLimit))
        {
            char       *oldest_datname = get_database_name(oldest_datoid);

            /* complain even if that DB has disappeared */
            if (oldest_datname)
                ereport(ERROR,
                        (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
                         errmsg("database is not accepting commands to avoid wraparound data loss in database \"%s\"",
                                oldest_datname),
                         errhint("Stop the postmaster and vacuum that database in single-user mode.\n"
                                 "You might also need to commit or roll back old prepared transactions, or drop stale replication slots.")));
            else
                ereport(ERROR,
                        (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
                         errmsg("database is not accepting commands to avoid wraparound data loss in database with OID %u",
                                oldest_datoid),
                         errhint("Stop the postmaster and vacuum that database in single-user mode.\n"
                                 "You might also need to commit or roll back old prepared transactions, or drop stale replication slots.")));
        }
        else if (TransactionIdFollowsOrEquals(xid, xidWarnLimit))
        {
            char       *oldest_datname = get_database_name(oldest_datoid);

            /* complain even if that DB has disappeared */
            if (oldest_datname)
                ereport(WARNING,
                        (errmsg("database \"%s\" must be vacuumed within %u transactions",
                                oldest_datname,
                                xidWrapLimit - xid),
                         errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n"
                                 "You might also need to commit or roll back old prepared transactions, or drop stale replication slots.")));
            else
                ereport(WARNING,
                        (errmsg("database with OID %u must be vacuumed within %u transactions",
                                oldest_datoid,
                                xidWrapLimit - xid),
                         errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n"
                                 "You might also need to commit or roll back old prepared transactions, or drop stale replication slots.")));
        }

        /* Re-acquire lock and start over */
        LWLockAcquire(XidGenLock, LW_EXCLUSIVE);
        xid = ShmemVariableCache->nextXid;
    }

    /*
     * If we are allocating the first XID of a new page of the commit log,
     * zero out that commit-log page before returning. We must do this while
     * holding XidGenLock, else another xact could acquire and commit a later
     * XID before we zero the page.  Fortunately, a page of the commit log
     * holds 32K or more transactions, so we don't have to do this very often.
     *
     * Extend pg_subtrans and pg_commit_ts too.
     */
    ExtendCLOG(xid);
    ExtendCommitTs(xid);
    ExtendSUBTRANS(xid);

    /*
     * Now advance the nextXid counter.  This must not happen until after we
     * have successfully completed ExtendCLOG() --- if that routine fails, we
     * want the next incoming transaction to try it again.  We cannot assign
     * more XIDs until there is CLOG space for them.
     */
    TransactionIdAdvance(ShmemVariableCache->nextXid);

    /*
     * We must store the new XID into the shared ProcArray before releasing
     * XidGenLock.  This ensures that every active XID older than
     * latestCompletedXid is present in the ProcArray, which is essential for
     * correct OldestXmin tracking; see src/backend/access/transam/README.
     *
     * XXX by storing xid into MyPgXact without acquiring ProcArrayLock, we
     * are relying on fetch/store of an xid to be atomic, else other backends
     * might see a partially-set xid here.  But holding both locks at once
     * would be a nasty concurrency hit.  So for now, assume atomicity.
     *
     * Note that readers of PGXACT xid fields should be careful to fetch the
     * value only once, rather than assume they can read a value multiple
     * times and get the same answer each time.
     *
     * The same comments apply to the subxact xid count and overflow fields.
     *
     * A solution to the atomic-store problem would be to give each PGXACT its
     * own spinlock used only for fetching/storing that PGXACT's xid and
     * related fields.
     *
     * If there's no room to fit a subtransaction XID into PGPROC, set the
     * cache-overflowed flag instead.  This forces readers to look in
     * pg_subtrans to map subtransaction XIDs up to top-level XIDs. There is a
     * race-condition window, in that the new XID will not appear as running
     * until its parent link has been placed into pg_subtrans. However, that
     * will happen before anyone could possibly have a reason to inquire about
     * the status of the XID, so it seems OK.  (Snapshots taken during this
     * window *will* include the parent XID, so they will deliver the correct
     * answer later on when someone does have a reason to inquire.)
     */
    {
        /*
         * Use volatile pointer to prevent code rearrangement; other backends
         * could be examining my subxids info concurrently, and we don't want
         * them to see an invalid intermediate state, such as incrementing
         * nxids before filling the array entry.  Note we are assuming that
         * TransactionId and int fetch/store are atomic.
         */
        volatile PGPROC *myproc = MyProc;
        volatile PGXACT *mypgxact = MyPgXact;

        if (!isSubXact)
            mypgxact->xid = xid;
        else
        {
            int         nxids = mypgxact->nxids;

            if (nxids < PGPROC_MAX_CACHED_SUBXIDS)
            {
                myproc->subxids.xids[nxids] = xid;
                mypgxact->nxids = nxids + 1;
            }
            else
                mypgxact->overflowed = true;
        }
    }

    LWLockRelease(XidGenLock);

    return xid;
}

ReadNewTransactionId()

TransactionId ReadNewTransactionId

(

void

)

Definition at line 250 of file varsup.c.

References LW_SHARED, LWLockAcquire(), LWLockRelease(), and VariableCacheData::nextXid.

Referenced by _bt_unlink_halfdead_page(), ActivateCommitTs(), AutoVacWorkerMain(), do_start_worker(), GetNextXidAndEpoch(), GetStableLatestTransactionId(), vac_truncate_clog(), vac_update_datfrozenxid(), vac_update_relstats(), and vacuum_set_xid_limits().

{
    TransactionId xid;

    LWLockAcquire(XidGenLock, LW_SHARED);
    xid = ShmemVariableCache->nextXid;
    LWLockRelease(XidGenLock);

    return xid;
}

SetTransactionIdLimit()

void SetTransactionIdLimit	(	TransactionId	oldest_datfrozenxid,
		Oid	oldest_datoid
	)

Definition at line 288 of file varsup.c.

References Assert, autovacuum_freeze_max_age, DEBUG1, ereport, errhint(), errmsg(), FirstNormalTransactionId, get_database_name(), InRecovery, IsTransactionState(), IsUnderPostmaster, LW_EXCLUSIVE, LWLockAcquire(), LWLockRelease(), MaxTransactionId, VariableCacheData::nextXid, VariableCacheData::oldestXid, VariableCacheData::oldestXidDB, PMSIGNAL_START_AUTOVAC_LAUNCHER, SendPostmasterSignal(), TransactionIdFollowsOrEquals(), TransactionIdIsNormal, WARNING, VariableCacheData::xidStopLimit, VariableCacheData::xidVacLimit, VariableCacheData::xidWarnLimit, and VariableCacheData::xidWrapLimit.

Referenced by BootStrapXLOG(), StartupXLOG(), vac_truncate_clog(), and xlog_redo().

{
    TransactionId xidVacLimit;
    TransactionId xidWarnLimit;
    TransactionId xidStopLimit;
    TransactionId xidWrapLimit;
    TransactionId curXid;

    Assert(TransactionIdIsNormal(oldest_datfrozenxid));

    /*
     * The place where we actually get into deep trouble is halfway around
     * from the oldest potentially-existing XID.  (This calculation is
     * probably off by one or two counts, because the special XIDs reduce the
     * size of the loop a little bit.  But we throw in plenty of slop below,
     * so it doesn't matter.)
     */
    xidWrapLimit = oldest_datfrozenxid + (MaxTransactionId >> 1);
    if (xidWrapLimit < FirstNormalTransactionId)
        xidWrapLimit += FirstNormalTransactionId;

    /*
     * We'll refuse to continue assigning XIDs in interactive mode once we get
     * within 1M transactions of data loss.  This leaves lots of room for the
     * DBA to fool around fixing things in a standalone backend, while not
     * being significant compared to total XID space. (Note that since
     * vacuuming requires one transaction per table cleaned, we had better be
     * sure there's lots of XIDs left...)
     */
    xidStopLimit = xidWrapLimit - 1000000;
    if (xidStopLimit < FirstNormalTransactionId)
        xidStopLimit -= FirstNormalTransactionId;

    /*
     * We'll start complaining loudly when we get within 10M transactions of
     * the stop point.  This is kind of arbitrary, but if you let your gas
     * gauge get down to 1% of full, would you be looking for the next gas
     * station?  We need to be fairly liberal about this number because there
     * are lots of scenarios where most transactions are done by automatic
     * clients that won't pay attention to warnings. (No, we're not gonna make
     * this configurable.  If you know enough to configure it, you know enough
     * to not get in this kind of trouble in the first place.)
     */
    xidWarnLimit = xidStopLimit - 10000000;
    if (xidWarnLimit < FirstNormalTransactionId)
        xidWarnLimit -= FirstNormalTransactionId;

    /*
     * We'll start trying to force autovacuums when oldest_datfrozenxid gets
     * to be more than autovacuum_freeze_max_age transactions old.
     *
     * Note: guc.c ensures that autovacuum_freeze_max_age is in a sane range,
     * so that xidVacLimit will be well before xidWarnLimit.
     *
     * Note: autovacuum_freeze_max_age is a PGC_POSTMASTER parameter so that
     * we don't have to worry about dealing with on-the-fly changes in its
     * value.  It doesn't look practical to update shared state from a GUC
     * assign hook (too many processes would try to execute the hook,
     * resulting in race conditions as well as crashes of those not connected
     * to shared memory).  Perhaps this can be improved someday.  See also
     * SetMultiXactIdLimit.
     */
    xidVacLimit = oldest_datfrozenxid + autovacuum_freeze_max_age;
    if (xidVacLimit < FirstNormalTransactionId)
        xidVacLimit += FirstNormalTransactionId;

    /* Grab lock for just long enough to set the new limit values */
    LWLockAcquire(XidGenLock, LW_EXCLUSIVE);
    ShmemVariableCache->oldestXid = oldest_datfrozenxid;
    ShmemVariableCache->xidVacLimit = xidVacLimit;
    ShmemVariableCache->xidWarnLimit = xidWarnLimit;
    ShmemVariableCache->xidStopLimit = xidStopLimit;
    ShmemVariableCache->xidWrapLimit = xidWrapLimit;
    ShmemVariableCache->oldestXidDB = oldest_datoid;
    curXid = ShmemVariableCache->nextXid;
    LWLockRelease(XidGenLock);

    /* Log the info */
    ereport(DEBUG1,
            (errmsg("transaction ID wrap limit is %u, limited by database with OID %u",
                    xidWrapLimit, oldest_datoid)));

    /*
     * If past the autovacuum force point, immediately signal an autovac
     * request.  The reason for this is that autovac only processes one
     * database per invocation.  Once it's finished cleaning up the oldest
     * database, it'll call here, and we'll signal the postmaster to start
     * another iteration immediately if there are still any old databases.
     */
    if (TransactionIdFollowsOrEquals(curXid, xidVacLimit) &&
        IsUnderPostmaster && !InRecovery)
        SendPostmasterSignal(PMSIGNAL_START_AUTOVAC_LAUNCHER);

    /* Give an immediate warning if past the wrap warn point */
    if (TransactionIdFollowsOrEquals(curXid, xidWarnLimit) && !InRecovery)
    {
        char       *oldest_datname;

        /*
         * We can be called when not inside a transaction, for example during
         * StartupXLOG().  In such a case we cannot do database access, so we
         * must just report the oldest DB's OID.
         *
         * Note: it's also possible that get_database_name fails and returns
         * NULL, for example because the database just got dropped.  We'll
         * still warn, even though the warning might now be unnecessary.
         */
        if (IsTransactionState())
            oldest_datname = get_database_name(oldest_datoid);
        else
            oldest_datname = NULL;

        if (oldest_datname)
            ereport(WARNING,
                    (errmsg("database \"%s\" must be vacuumed within %u transactions",
                            oldest_datname,
                            xidWrapLimit - curXid),
                     errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n"
                             "You might also need to commit or roll back old prepared transactions, or drop stale replication slots.")));
        else
            ereport(WARNING,
                    (errmsg("database with OID %u must be vacuumed within %u transactions",
                            oldest_datoid,
                            xidWrapLimit - curXid),
                     errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n"
                             "You might also need to commit or roll back old prepared transactions, or drop stale replication slots.")));
    }
}

Variable Documentation

ShmemVariableCache

VariableCache ShmemVariableCache = NULL

Definition at line 34 of file varsup.c.

Referenced by ActivateCommitTs(), AdvanceOldestCommitTsXid(), BootStrapXLOG(), CreateCheckPoint(), DeactivateCommitTs(), ExpireTreeKnownAssignedTransactionIds(), GetOldestActiveTransactionId(), GetOldestSafeDecodingTransactionId(), GetOldestXmin(), GetRunningTransactionData(), GetSnapshotData(), InitShmemAllocation(), multixact_redo(), PostmasterMarkPIDForWorkerNotify(), PrescanPreparedTransactions(), ProcArrayApplyRecoveryInfo(), ProcArrayEndTransactionInternal(), ProcArrayRemove(), ProcessTwoPhaseBuffer(), RecordKnownAssignedTransactionIds(), ReleasePredicateLocks(), SetCommitTsLimit(), StartupCLOG(), StartupSUBTRANS(), StartupXLOG(), TransactionIdGetCommitTsData(), TransactionIdInRecentPast(), TransactionIdIsInProgress(), TransactionTreeSetCommitTsData(), TrimCLOG(), xact_redo_abort(), xact_redo_commit(), XidCacheRemoveRunningXids(), and xlog_redo().