PostgreSQL Source Code  git master
Data Structures | Macros | Typedefs | Enumerations | Functions
verify_heapam.c File Reference
#include "postgres.h"
#include "access/detoast.h"
#include "access/genam.h"
#include "access/heapam.h"
#include "access/heaptoast.h"
#include "access/multixact.h"
#include "access/toast_internals.h"
#include "access/visibilitymap.h"
#include "catalog/pg_am.h"
#include "funcapi.h"
#include "miscadmin.h"
#include "storage/bufmgr.h"
#include "storage/procarray.h"
#include "utils/builtins.h"
#include "utils/fmgroids.h"
Include dependency graph for verify_heapam.c:

Go to the source code of this file.

Data Structures

struct  ToastedAttribute
 
struct  HeapCheckContext
 

Macros

#define HEAPCHECK_RELATION_COLS   4
 
#define VARLENA_SIZE_LIMIT   0x3FFFFFFF
 

Typedefs

typedef enum XidBoundsViolation XidBoundsViolation
 
typedef enum XidCommitStatus XidCommitStatus
 
typedef enum SkipPages SkipPages
 
typedef struct ToastedAttribute ToastedAttribute
 
typedef struct HeapCheckContext HeapCheckContext
 

Enumerations

enum  XidBoundsViolation {
  XID_INVALID , XID_IN_FUTURE , XID_PRECEDES_CLUSTERMIN , XID_PRECEDES_RELMIN ,
  XID_BOUNDS_OK
}
 
enum  XidCommitStatus { XID_COMMITTED , XID_IS_CURRENT_XID , XID_IN_PROGRESS , XID_ABORTED }
 
enum  SkipPages { SKIP_PAGES_ALL_FROZEN , SKIP_PAGES_ALL_VISIBLE , SKIP_PAGES_NONE }
 

Functions

 PG_FUNCTION_INFO_V1 (verify_heapam)
 
static void check_tuple (HeapCheckContext *ctx, bool *xmin_commit_status_ok, XidCommitStatus *xmin_commit_status)
 
static void check_toast_tuple (HeapTuple toasttup, HeapCheckContext *ctx, ToastedAttribute *ta, int32 *expected_chunk_seq, uint32 extsize)
 
static bool check_tuple_attribute (HeapCheckContext *ctx)
 
static void check_toasted_attribute (HeapCheckContext *ctx, ToastedAttribute *ta)
 
static bool check_tuple_header (HeapCheckContext *ctx)
 
static bool check_tuple_visibility (HeapCheckContext *ctx, bool *xmin_commit_status_ok, XidCommitStatus *xmin_commit_status)
 
static void report_corruption (HeapCheckContext *ctx, char *msg)
 
static void report_toast_corruption (HeapCheckContext *ctx, ToastedAttribute *ta, char *msg)
 
static FullTransactionId FullTransactionIdFromXidAndCtx (TransactionId xid, const HeapCheckContext *ctx)
 
static void update_cached_xid_range (HeapCheckContext *ctx)
 
static void update_cached_mxid_range (HeapCheckContext *ctx)
 
static XidBoundsViolation check_mxid_in_range (MultiXactId mxid, HeapCheckContext *ctx)
 
static XidBoundsViolation check_mxid_valid_in_rel (MultiXactId mxid, HeapCheckContext *ctx)
 
static XidBoundsViolation get_xid_status (TransactionId xid, HeapCheckContext *ctx, XidCommitStatus *status)
 
Datum verify_heapam (PG_FUNCTION_ARGS)
 
static void report_corruption_internal (Tuplestorestate *tupstore, TupleDesc tupdesc, BlockNumber blkno, OffsetNumber offnum, AttrNumber attnum, char *msg)
 
static bool fxid_in_cached_range (FullTransactionId fxid, const HeapCheckContext *ctx)
 

Macro Definition Documentation

◆ HEAPCHECK_RELATION_COLS

#define HEAPCHECK_RELATION_COLS   4

Definition at line 31 of file verify_heapam.c.

◆ VARLENA_SIZE_LIMIT

#define VARLENA_SIZE_LIMIT   0x3FFFFFFF

Definition at line 34 of file verify_heapam.c.

Typedef Documentation

◆ HeapCheckContext

typedef struct HeapCheckContext HeapCheckContext

◆ SkipPages

typedef enum SkipPages SkipPages

◆ ToastedAttribute

typedef struct ToastedAttribute ToastedAttribute

◆ XidBoundsViolation

typedef enum XidBoundsViolation XidBoundsViolation

◆ XidCommitStatus

typedef enum XidCommitStatus XidCommitStatus

Enumeration Type Documentation

◆ SkipPages

enum SkipPages
Enumerator
SKIP_PAGES_ALL_FROZEN 
SKIP_PAGES_ALL_VISIBLE 
SKIP_PAGES_NONE 

Definition at line 57 of file verify_heapam.c.

58 {
59  SKIP_PAGES_ALL_FROZEN,
60  SKIP_PAGES_ALL_VISIBLE,
61  SKIP_PAGES_NONE
62 } SkipPages;
SkipPages
SkipPages
Definition: verify_heapam.c:58
SKIP_PAGES_ALL_VISIBLE
@ SKIP_PAGES_ALL_VISIBLE
Definition: verify_heapam.c:60
SKIP_PAGES_ALL_FROZEN
@ SKIP_PAGES_ALL_FROZEN
Definition: verify_heapam.c:59
SKIP_PAGES_NONE
@ SKIP_PAGES_NONE
Definition: verify_heapam.c:61

◆ XidBoundsViolation

enum XidBoundsViolation
Enumerator
XID_INVALID 
XID_IN_FUTURE 
XID_PRECEDES_CLUSTERMIN 
XID_PRECEDES_RELMIN 
XID_BOUNDS_OK 

Definition at line 40 of file verify_heapam.c.

41 {
42  XID_INVALID,
43  XID_IN_FUTURE,
44  XID_PRECEDES_CLUSTERMIN,
45  XID_PRECEDES_RELMIN,
46  XID_BOUNDS_OK
47 } XidBoundsViolation;
XidBoundsViolation
XidBoundsViolation
Definition: verify_heapam.c:41
XID_IN_FUTURE
@ XID_IN_FUTURE
Definition: verify_heapam.c:43
XID_PRECEDES_CLUSTERMIN
@ XID_PRECEDES_CLUSTERMIN
Definition: verify_heapam.c:44
XID_INVALID
@ XID_INVALID
Definition: verify_heapam.c:42
XID_PRECEDES_RELMIN
@ XID_PRECEDES_RELMIN
Definition: verify_heapam.c:45
XID_BOUNDS_OK
@ XID_BOUNDS_OK
Definition: verify_heapam.c:46

◆ XidCommitStatus

enum XidCommitStatus
Enumerator
XID_COMMITTED 
XID_IS_CURRENT_XID 
XID_IN_PROGRESS 
XID_ABORTED 

Definition at line 49 of file verify_heapam.c.

50 {
51  XID_COMMITTED,
52  XID_IS_CURRENT_XID,
53  XID_IN_PROGRESS,
54  XID_ABORTED
55 } XidCommitStatus;
XidCommitStatus
XidCommitStatus
Definition: verify_heapam.c:50
XID_IS_CURRENT_XID
@ XID_IS_CURRENT_XID
Definition: verify_heapam.c:52
XID_IN_PROGRESS
@ XID_IN_PROGRESS
Definition: verify_heapam.c:53
XID_COMMITTED
@ XID_COMMITTED
Definition: verify_heapam.c:51
XID_ABORTED
@ XID_ABORTED
Definition: verify_heapam.c:54

Function Documentation

◆ check_mxid_in_range()

static XidBoundsViolation check_mxid_in_range ( MultiXactId  mxid,
HeapCheckContext ctx 
)
static

Definition at line 1961 of file verify_heapam.c.

1962 {
1963  if (!TransactionIdIsValid(mxid))
1964  return XID_INVALID;
1965  if (MultiXactIdPrecedes(mxid, ctx->relminmxid))
1966  return XID_PRECEDES_RELMIN;
1967  if (MultiXactIdPrecedes(mxid, ctx->oldest_mxact))
1968  return XID_PRECEDES_CLUSTERMIN;
1969  if (MultiXactIdPrecedesOrEquals(ctx->next_mxact, mxid))
1970  return XID_IN_FUTURE;
1971  return XID_BOUNDS_OK;
1972 }
MultiXactIdPrecedes
bool MultiXactIdPrecedes(MultiXactId multi1, MultiXactId multi2)
Definition: multixact.c:3156
MultiXactIdPrecedesOrEquals
bool MultiXactIdPrecedesOrEquals(MultiXactId multi1, MultiXactId multi2)
Definition: multixact.c:3170
HeapCheckContext::relminmxid
TransactionId relminmxid
Definition: verify_heapam.c:111
HeapCheckContext::next_mxact
MultiXactId next_mxact
Definition: verify_heapam.c:98
HeapCheckContext::oldest_mxact
MultiXactId oldest_mxact
Definition: verify_heapam.c:99
TransactionIdIsValid
#define TransactionIdIsValid(xid)
Definition: transam.h:41

References MultiXactIdPrecedes(), MultiXactIdPrecedesOrEquals(), HeapCheckContext::next_mxact, HeapCheckContext::oldest_mxact, HeapCheckContext::relminmxid, TransactionIdIsValid, XID_BOUNDS_OK, XID_IN_FUTURE, XID_INVALID, XID_PRECEDES_CLUSTERMIN, and XID_PRECEDES_RELMIN.

Referenced by check_mxid_valid_in_rel().

◆ check_mxid_valid_in_rel()

static XidBoundsViolation check_mxid_valid_in_rel ( MultiXactId  mxid,
HeapCheckContext ctx 
)
static

Definition at line 1983 of file verify_heapam.c.

1984 {
1985  XidBoundsViolation result;
1986 
1987  result = check_mxid_in_range(mxid, ctx);
1988  if (result == XID_BOUNDS_OK)
1989  return XID_BOUNDS_OK;
1990 
1991  /* The range may have advanced. Recheck. */
1992  update_cached_mxid_range(ctx);
1993  return check_mxid_in_range(mxid, ctx);
1994 }
check_mxid_in_range
static XidBoundsViolation check_mxid_in_range(MultiXactId mxid, HeapCheckContext *ctx)
Definition: verify_heapam.c:1961
update_cached_mxid_range
static void update_cached_mxid_range(HeapCheckContext *ctx)
Definition: verify_heapam.c:1940

References check_mxid_in_range(), update_cached_mxid_range(), and XID_BOUNDS_OK.

Referenced by check_tuple_visibility().

◆ check_toast_tuple()

static void check_toast_tuple ( HeapTuple  toasttup,
HeapCheckContext ctx,
ToastedAttribute ta,
int32 expected_chunk_seq,
uint32  extsize 
)
static

Definition at line 1458 of file verify_heapam.c.

1461 {
1462  int32 chunk_seq;
1463  int32 last_chunk_seq = (extsize - 1) / TOAST_MAX_CHUNK_SIZE;
1464  Pointer chunk;
1465  bool isnull;
1466  int32 chunksize;
1467  int32 expected_size;
1468 
1469  /* Sanity-check the sequence number. */
1470  chunk_seq = DatumGetInt32(fastgetattr(toasttup, 2,
1471  ctx->toast_rel->rd_att, &isnull));
1472  if (isnull)
1473  {
1474  report_toast_corruption(ctx, ta,
1475  psprintf("toast value %u has toast chunk with null sequence number",
1476  ta->toast_pointer.va_valueid));
1477  return;
1478  }
1479  if (chunk_seq != *expected_chunk_seq)
1480  {
1481  /* Either the TOAST index is corrupt, or we don't have all chunks. */
1482  report_toast_corruption(ctx, ta,
1483  psprintf("toast value %u index scan returned chunk %d when expecting chunk %d",
1484  ta->toast_pointer.va_valueid,
1485  chunk_seq, *expected_chunk_seq));
1486  }
1487  *expected_chunk_seq = chunk_seq + 1;
1488 
1489  /* Sanity-check the chunk data. */
1490  chunk = DatumGetPointer(fastgetattr(toasttup, 3,
1491  ctx->toast_rel->rd_att, &isnull));
1492  if (isnull)
1493  {
1494  report_toast_corruption(ctx, ta,
1495  psprintf("toast value %u chunk %d has null data",
1496  ta->toast_pointer.va_valueid,
1497  chunk_seq));
1498  return;
1499  }
1500  if (!VARATT_IS_EXTENDED(chunk))
1501  chunksize = VARSIZE(chunk) - VARHDRSZ;
1502  else if (VARATT_IS_SHORT(chunk))
1503  {
1504  /*
1505  * could happen due to heap_form_tuple doing its thing
1506  */
1507  chunksize = VARSIZE_SHORT(chunk) - VARHDRSZ_SHORT;
1508  }
1509  else
1510  {
1511  /* should never happen */
1512  uint32 header = ((varattrib_4b *) chunk)->va_4byte.va_header;
1513 
1514  report_toast_corruption(ctx, ta,
1515  psprintf("toast value %u chunk %d has invalid varlena header %0x",
1516  ta->toast_pointer.va_valueid,
1517  chunk_seq, header));
1518  return;
1519  }
1520 
1521  /*
1522  * Some checks on the data we've found
1523  */
1524  if (chunk_seq > last_chunk_seq)
1525  {
1526  report_toast_corruption(ctx, ta,
1527  psprintf("toast value %u chunk %d follows last expected chunk %d",
1528  ta->toast_pointer.va_valueid,
1529  chunk_seq, last_chunk_seq));
1530  return;
1531  }
1532 
1533  expected_size = chunk_seq < last_chunk_seq ? TOAST_MAX_CHUNK_SIZE
1534  : extsize - (last_chunk_seq * TOAST_MAX_CHUNK_SIZE);
1535 
1536  if (chunksize != expected_size)
1537  report_toast_corruption(ctx, ta,
1538  psprintf("toast value %u chunk %d has size %u, but expected size %u",
1539  ta->toast_pointer.va_valueid,
1540  chunk_seq, chunksize, expected_size));
1541 }
uint32
unsigned int uint32
Definition: c.h:490
int32
signed int int32
Definition: c.h:478
Pointer
char * Pointer
Definition: c.h:467
VARHDRSZ
#define VARHDRSZ
Definition: c.h:676
TOAST_MAX_CHUNK_SIZE
#define TOAST_MAX_CHUNK_SIZE
Definition: heaptoast.h:84
fastgetattr
static Datum fastgetattr(HeapTuple tup, int attnum, TupleDesc tupleDesc, bool *isnull)
Definition: htup_details.h:749
header
static void header(const char *fmt,...) pg_attribute_printf(1
Definition: pg_regress.c:207
DatumGetPointer
static Pointer DatumGetPointer(Datum X)
Definition: postgres.h:312
DatumGetInt32
static int32 DatumGetInt32(Datum X)
Definition: postgres.h:202
psprintf
char * psprintf(const char *fmt,...)
Definition: psprintf.c:46
RelationData::rd_att
TupleDesc rd_att
Definition: rel.h:111
ToastedAttribute::toast_pointer
struct varatt_external toast_pointer
Definition: verify_heapam.c:71
varatt_external::va_valueid
Oid va_valueid
Definition: varatt.h:37
varattrib_4b
Definition: varatt.h:112
VARHDRSZ_SHORT
#define VARHDRSZ_SHORT
Definition: varatt.h:255
VARSIZE_SHORT
#define VARSIZE_SHORT(PTR)
Definition: varatt.h:281
VARATT_IS_EXTENDED
#define VARATT_IS_EXTENDED(PTR)
Definition: varatt.h:303
VARATT_IS_SHORT
#define VARATT_IS_SHORT(PTR)
Definition: varatt.h:302
VARSIZE
#define VARSIZE(PTR)
Definition: varatt.h:279
report_toast_corruption
static void report_toast_corruption(HeapCheckContext *ctx, ToastedAttribute *ta, char *msg)
Definition: verify_heapam.c:871

References DatumGetInt32(), DatumGetPointer(), fastgetattr(), header(), psprintf(), RelationData::rd_att, report_toast_corruption(), TOAST_MAX_CHUNK_SIZE, ToastedAttribute::toast_pointer, HeapCheckContext::toast_rel, varatt_external::va_valueid, VARATT_IS_EXTENDED, VARATT_IS_SHORT, VARHDRSZ, VARHDRSZ_SHORT, VARSIZE, and VARSIZE_SHORT.

Referenced by check_toasted_attribute().

◆ check_toasted_attribute()

static void check_toasted_attribute ( HeapCheckContext ctx,
ToastedAttribute ta 
)
static

Definition at line 1764 of file verify_heapam.c.

1765 {
1766  SnapshotData SnapshotToast;
1767  ScanKeyData toastkey;
1768  SysScanDesc toastscan;
1769  bool found_toasttup;
1770  HeapTuple toasttup;
1771  uint32 extsize;
1772  int32 expected_chunk_seq = 0;
1773  int32 last_chunk_seq;
1774 
1775  extsize = VARATT_EXTERNAL_GET_EXTSIZE(ta->toast_pointer);
1776  last_chunk_seq = (extsize - 1) / TOAST_MAX_CHUNK_SIZE;
1777 
1778  /*
1779  * Setup a scan key to find chunks in toast table with matching va_valueid
1780  */
1781  ScanKeyInit(&toastkey,
1782  (AttrNumber) 1,
1783  BTEqualStrategyNumber, F_OIDEQ,
1784  ObjectIdGetDatum(ta->toast_pointer.va_valueid));
1785 
1786  /*
1787  * Check if any chunks for this toasted object exist in the toast table,
1788  * accessible via the index.
1789  */
1790  init_toast_snapshot(&SnapshotToast);
1791  toastscan = systable_beginscan_ordered(ctx->toast_rel,
1792  ctx->valid_toast_index,
1793  &SnapshotToast, 1,
1794  &toastkey);
1795  found_toasttup = false;
1796  while ((toasttup =
1797  systable_getnext_ordered(toastscan,
1798  ForwardScanDirection)) != NULL)
1799  {
1800  found_toasttup = true;
1801  check_toast_tuple(toasttup, ctx, ta, &expected_chunk_seq, extsize);
1802  }
1803  systable_endscan_ordered(toastscan);
1804 
1805  if (!found_toasttup)
1806  report_toast_corruption(ctx, ta,
1807  psprintf("toast value %u not found in toast table",
1808  ta->toast_pointer.va_valueid));
1809  else if (expected_chunk_seq <= last_chunk_seq)
1810  report_toast_corruption(ctx, ta,
1811  psprintf("toast value %u was expected to end at chunk %d, but ended while expecting chunk %d",
1812  ta->toast_pointer.va_valueid,
1813  last_chunk_seq, expected_chunk_seq));
1814 }
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
systable_beginscan_ordered
SysScanDesc systable_beginscan_ordered(Relation heapRelation, Relation indexRelation, Snapshot snapshot, int nkeys, ScanKey key)
Definition: genam.c:646
systable_endscan_ordered
void systable_endscan_ordered(SysScanDesc sysscan)
Definition: genam.c:736
systable_getnext_ordered
HeapTuple systable_getnext_ordered(SysScanDesc sysscan, ScanDirection direction)
Definition: genam.c:711
ObjectIdGetDatum
static Datum ObjectIdGetDatum(Oid X)
Definition: postgres.h:252
ScanKeyInit
void ScanKeyInit(ScanKey entry, AttrNumber attributeNumber, StrategyNumber strategy, RegProcedure procedure, Datum argument)
Definition: scankey.c:76
ForwardScanDirection
@ ForwardScanDirection
Definition: sdir.h:28
BTEqualStrategyNumber
#define BTEqualStrategyNumber
Definition: stratnum.h:31
HeapCheckContext::valid_toast_index
Relation valid_toast_index
Definition: verify_heapam.c:114
init_toast_snapshot
void init_toast_snapshot(Snapshot toast_snapshot)
Definition: toast_internals.c:643
VARATT_EXTERNAL_GET_EXTSIZE
#define VARATT_EXTERNAL_GET_EXTSIZE(toast_pointer)
Definition: varatt.h:334
check_toast_tuple
static void check_toast_tuple(HeapTuple toasttup, HeapCheckContext *ctx, ToastedAttribute *ta, int32 *expected_chunk_seq, uint32 extsize)
Definition: verify_heapam.c:1458

References BTEqualStrategyNumber, check_toast_tuple(), ForwardScanDirection, init_toast_snapshot(), ObjectIdGetDatum(), psprintf(), report_toast_corruption(), ScanKeyInit(), systable_beginscan_ordered(), systable_endscan_ordered(), systable_getnext_ordered(), TOAST_MAX_CHUNK_SIZE, ToastedAttribute::toast_pointer, HeapCheckContext::toast_rel, varatt_external::va_valueid, HeapCheckContext::valid_toast_index, and VARATT_EXTERNAL_GET_EXTSIZE.

Referenced by verify_heapam().

◆ check_tuple()

static void check_tuple ( HeapCheckContext ctx,
bool xmin_commit_status_ok,
XidCommitStatus xmin_commit_status 
)
static

Definition at line 1824 of file verify_heapam.c.

1826 {
1827  /*
1828  * Check various forms of tuple header corruption, and if the header is
1829  * too corrupt, do not continue with other checks.
1830  */
1831  if (!check_tuple_header(ctx))
1832  return;
1833 
1834  /*
1835  * Check tuple visibility. If the inserting transaction aborted, we
1836  * cannot assume our relation description matches the tuple structure, and
1837  * therefore cannot check it.
1838  */
1839  if (!check_tuple_visibility(ctx, xmin_commit_status_ok,
1840  xmin_commit_status))
1841  return;
1842 
1843  /*
1844  * The tuple is visible, so it must be compatible with the current version
1845  * of the relation descriptor. It might have fewer columns than are
1846  * present in the relation descriptor, but it cannot have more.
1847  */
1848  if (RelationGetDescr(ctx->rel)->natts < ctx->natts)
1849  {
1850  report_corruption(ctx,
1851  psprintf("number of attributes %u exceeds maximum expected for table %u",
1852  ctx->natts,
1853  RelationGetDescr(ctx->rel)->natts));
1854  return;
1855  }
1856 
1857  /*
1858  * Check each attribute unless we hit corruption that confuses what to do
1859  * next, at which point we abort further attribute checks for this tuple.
1860  * Note that we don't abort for all types of corruption, only for those
1861  * types where we don't know how to continue. We also don't abort the
1862  * checking of toasted attributes collected from the tuple prior to
1863  * aborting. Those will still be checked later along with other toasted
1864  * attributes collected from the page.
1865  */
1866  ctx->offset = 0;
1867  for (ctx->attnum = 0; ctx->attnum < ctx->natts; ctx->attnum++)
1868  if (!check_tuple_attribute(ctx))
1869  break; /* cannot continue */
1870 
1871  /* revert attnum to -1 until we again examine individual attributes */
1872  ctx->attnum = -1;
1873 }
RelationGetDescr
#define RelationGetDescr(relation)
Definition: rel.h:529
HeapCheckContext::attnum
AttrNumber attnum
Definition: verify_heapam.c:133
check_tuple_visibility
static bool check_tuple_visibility(HeapCheckContext *ctx, bool *xmin_commit_status_ok, XidCommitStatus *xmin_commit_status)
Definition: verify_heapam.c:1016
check_tuple_header
static bool check_tuple_header(HeapCheckContext *ctx)
Definition: verify_heapam.c:903
check_tuple_attribute
static bool check_tuple_attribute(HeapCheckContext *ctx)
Definition: verify_heapam.c:1564
report_corruption
static void report_corruption(HeapCheckContext *ctx, char *msg)
Definition: verify_heapam.c:855

References HeapCheckContext::attnum, check_tuple_attribute(), check_tuple_header(), check_tuple_visibility(), HeapCheckContext::natts, HeapCheckContext::offset, psprintf(), HeapCheckContext::rel, RelationGetDescr, and report_corruption().

Referenced by verify_heapam().

◆ check_tuple_attribute()

static bool check_tuple_attribute ( HeapCheckContext ctx)
static

Definition at line 1564 of file verify_heapam.c.

1565 {
1566  Datum attdatum;
1567  struct varlena *attr;
1568  char *tp; /* pointer to the tuple data */
1569  uint16 infomask;
1570  Form_pg_attribute thisatt;
1571  struct varatt_external toast_pointer;
1572 
1573  infomask = ctx->tuphdr->t_infomask;
1574  thisatt = TupleDescAttr(RelationGetDescr(ctx->rel), ctx->attnum);
1575 
1576  tp = (char *) ctx->tuphdr + ctx->tuphdr->t_hoff;
1577 
1578  if (ctx->tuphdr->t_hoff + ctx->offset > ctx->lp_len)
1579  {
1580  report_corruption(ctx,
1581  psprintf("attribute with length %u starts at offset %u beyond total tuple length %u",
1582  thisatt->attlen,
1583  ctx->tuphdr->t_hoff + ctx->offset,
1584  ctx->lp_len));
1585  return false;
1586  }
1587 
1588  /* Skip null values */
1589  if (infomask & HEAP_HASNULL && att_isnull(ctx->attnum, ctx->tuphdr->t_bits))
1590  return true;
1591 
1592  /* Skip non-varlena values, but update offset first */
1593  if (thisatt->attlen != -1)
1594  {
1595  ctx->offset = att_align_nominal(ctx->offset, thisatt->attalign);
1596  ctx->offset = att_addlength_pointer(ctx->offset, thisatt->attlen,
1597  tp + ctx->offset);
1598  if (ctx->tuphdr->t_hoff + ctx->offset > ctx->lp_len)
1599  {
1600  report_corruption(ctx,
1601  psprintf("attribute with length %u ends at offset %u beyond total tuple length %u",
1602  thisatt->attlen,
1603  ctx->tuphdr->t_hoff + ctx->offset,
1604  ctx->lp_len));
1605  return false;
1606  }
1607  return true;
1608  }
1609 
1610  /* Ok, we're looking at a varlena attribute. */
1611  ctx->offset = att_align_pointer(ctx->offset, thisatt->attalign, -1,
1612  tp + ctx->offset);
1613 
1614  /* Get the (possibly corrupt) varlena datum */
1615  attdatum = fetchatt(thisatt, tp + ctx->offset);
1616 
1617  /*
1618  * We have the datum, but we cannot decode it carelessly, as it may still
1619  * be corrupt.
1620  */
1621 
1622  /*
1623  * Check that VARTAG_SIZE won't hit an Assert on a corrupt va_tag before
1624  * risking a call into att_addlength_pointer
1625  */
1626  if (VARATT_IS_EXTERNAL(tp + ctx->offset))
1627  {
1628  uint8 va_tag = VARTAG_EXTERNAL(tp + ctx->offset);
1629 
1630  if (va_tag != VARTAG_ONDISK)
1631  {
1632  report_corruption(ctx,
1633  psprintf("toasted attribute has unexpected TOAST tag %u",
1634  va_tag));
1635  /* We can't know where the next attribute begins */
1636  return false;
1637  }
1638  }
1639 
1640  /* Ok, should be safe now */
1641  ctx->offset = att_addlength_pointer(ctx->offset, thisatt->attlen,
1642  tp + ctx->offset);
1643 
1644  if (ctx->tuphdr->t_hoff + ctx->offset > ctx->lp_len)
1645  {
1646  report_corruption(ctx,
1647  psprintf("attribute with length %u ends at offset %u beyond total tuple length %u",
1648  thisatt->attlen,
1649  ctx->tuphdr->t_hoff + ctx->offset,
1650  ctx->lp_len));
1651 
1652  return false;
1653  }
1654 
1655  /*
1656  * heap_deform_tuple would be done with this attribute at this point,
1657  * having stored it in values[], and would continue to the next attribute.
1658  * We go further, because we need to check if the toast datum is corrupt.
1659  */
1660 
1661  attr = (struct varlena *) DatumGetPointer(attdatum);
1662 
1663  /*
1664  * Now we follow the logic of detoast_external_attr(), with the same
1665  * caveats about being paranoid about corruption.
1666  */
1667 
1668  /* Skip values that are not external */
1669  if (!VARATT_IS_EXTERNAL(attr))
1670  return true;
1671 
1672  /* It is external, and we're looking at a page on disk */
1673 
1674  /*
1675  * Must copy attr into toast_pointer for alignment considerations
1676  */
1677  VARATT_EXTERNAL_GET_POINTER(toast_pointer, attr);
1678 
1679  /* Toasted attributes too large to be untoasted should never be stored */
1680  if (toast_pointer.va_rawsize > VARLENA_SIZE_LIMIT)
1681  report_corruption(ctx,
1682  psprintf("toast value %u rawsize %d exceeds limit %d",
1683  toast_pointer.va_valueid,
1684  toast_pointer.va_rawsize,
1685  VARLENA_SIZE_LIMIT));
1686 
1687  if (VARATT_EXTERNAL_IS_COMPRESSED(toast_pointer))
1688  {
1689  ToastCompressionId cmid;
1690  bool valid = false;
1691 
1692  /* Compressed attributes should have a valid compression method */
1693  cmid = TOAST_COMPRESS_METHOD(&toast_pointer);
1694  switch (cmid)
1695  {
1696  /* List of all valid compression method IDs */
1697  case TOAST_PGLZ_COMPRESSION_ID:
1698  case TOAST_LZ4_COMPRESSION_ID:
1699  valid = true;
1700  break;
1701 
1702  /* Recognized but invalid compression method ID */
1703  case TOAST_INVALID_COMPRESSION_ID:
1704  break;
1705 
1706  /* Intentionally no default here */
1707  }
1708  if (!valid)
1709  report_corruption(ctx,
1710  psprintf("toast value %u has invalid compression method id %d",
1711  toast_pointer.va_valueid, cmid));
1712  }
1713 
1714  /* The tuple header better claim to contain toasted values */
1715  if (!(infomask & HEAP_HASEXTERNAL))
1716  {
1717  report_corruption(ctx,
1718  psprintf("toast value %u is external but tuple header flag HEAP_HASEXTERNAL not set",
1719  toast_pointer.va_valueid));
1720  return true;
1721  }
1722 
1723  /* The relation better have a toast table */
1724  if (!ctx->rel->rd_rel->reltoastrelid)
1725  {
1726  report_corruption(ctx,
1727  psprintf("toast value %u is external but relation has no toast relation",
1728  toast_pointer.va_valueid));
1729  return true;
1730  }
1731 
1732  /* If we were told to skip toast checking, then we're done. */
1733  if (ctx->toast_rel == NULL)
1734  return true;
1735 
1736  /*
1737  * If this tuple is eligible to be pruned, we cannot check the toast.
1738  * Otherwise, we push a copy of the toast tuple so we can check it after
1739  * releasing the main table buffer lock.
1740  */
1741  if (!ctx->tuple_could_be_pruned)
1742  {
1743  ToastedAttribute *ta;
1744 
1745  ta = (ToastedAttribute *) palloc0(sizeof(ToastedAttribute));
1746 
1747  VARATT_EXTERNAL_GET_POINTER(ta->toast_pointer, attr);
1748  ta->blkno = ctx->blkno;
1749  ta->offnum = ctx->offnum;
1750  ta->attnum = ctx->attnum;
1751  ctx->toasted_attributes = lappend(ctx->toasted_attributes, ta);
1752  }
1753 
1754  return true;
1755 }
uint16
unsigned short uint16
Definition: c.h:489
uint8
unsigned char uint8
Definition: c.h:488
VARATT_EXTERNAL_GET_POINTER
#define VARATT_EXTERNAL_GET_POINTER(toast_pointer, attr)
Definition: detoast.h:22
HEAP_HASNULL
#define HEAP_HASNULL
Definition: htup_details.h:190
HEAP_HASEXTERNAL
#define HEAP_HASEXTERNAL
Definition: htup_details.h:192
if
if(TABLE==NULL||TABLE_index==NULL)
Definition: isn.c:77
lappend
List * lappend(List *list, void *datum)
Definition: list.c:338
palloc0
void * palloc0(Size size)
Definition: mcxt.c:1241
Form_pg_attribute
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:209
Datum
uintptr_t Datum
Definition: postgres.h:64
HeapCheckContext::blkno
BlockNumber blkno
Definition: verify_heapam.c:118
HeapCheckContext::toasted_attributes
List * toasted_attributes
Definition: verify_heapam.c:142
HeapCheckContext::offnum
OffsetNumber offnum
Definition: verify_heapam.c:124
HeapCheckContext::tuphdr
HeapTupleHeader tuphdr
Definition: verify_heapam.c:128
HeapTupleHeaderData::t_bits
bits8 t_bits[FLEXIBLE_ARRAY_MEMBER]
Definition: htup_details.h:178
RelationData::rd_rel
Form_pg_class rd_rel
Definition: rel.h:110
ToastedAttribute::attnum
AttrNumber attnum
Definition: verify_heapam.c:74
ToastedAttribute::offnum
OffsetNumber offnum
Definition: verify_heapam.c:73
ToastedAttribute::blkno
BlockNumber blkno
Definition: verify_heapam.c:72
varatt_external
Definition: varatt.h:33
varlena
Definition: c.h:671
ToastCompressionId
ToastCompressionId
Definition: toast_compression.h:38
TOAST_INVALID_COMPRESSION_ID
@ TOAST_INVALID_COMPRESSION_ID
Definition: toast_compression.h:41
TOAST_LZ4_COMPRESSION_ID
@ TOAST_LZ4_COMPRESSION_ID
Definition: toast_compression.h:40
TOAST_PGLZ_COMPRESSION_ID
@ TOAST_PGLZ_COMPRESSION_ID
Definition: toast_compression.h:39
TOAST_COMPRESS_METHOD
#define TOAST_COMPRESS_METHOD(ptr)
Definition: toast_internals.h:36
TupleDescAttr
#define TupleDescAttr(tupdesc, i)
Definition: tupdesc.h:92
att_align_pointer
#define att_align_pointer(cur_offset, attalign, attlen, attptr)
Definition: tupmacs.h:107
att_align_nominal
#define att_align_nominal(cur_offset, attalign)
Definition: tupmacs.h:129
att_isnull
static bool att_isnull(int ATT, const bits8 *BITS)
Definition: tupmacs.h:26
att_addlength_pointer
#define att_addlength_pointer(cur_offset, attlen, attptr)
Definition: tupmacs.h:157
fetchatt
#define fetchatt(A, T)
Definition: tupmacs.h:46
VARATT_EXTERNAL_IS_COMPRESSED
#define VARATT_EXTERNAL_IS_COMPRESSED(toast_pointer)
Definition: varatt.h:354
VARTAG_EXTERNAL
#define VARTAG_EXTERNAL(PTR)
Definition: varatt.h:284
VARATT_IS_EXTERNAL
#define VARATT_IS_EXTERNAL(PTR)
Definition: varatt.h:289
VARTAG_ONDISK
@ VARTAG_ONDISK
Definition: varatt.h:89
VARLENA_SIZE_LIMIT
#define VARLENA_SIZE_LIMIT
Definition: verify_heapam.c:34

References att_addlength_pointer, att_align_nominal, att_align_pointer, att_isnull(), ToastedAttribute::attnum, HeapCheckContext::attnum, ToastedAttribute::blkno, HeapCheckContext::blkno, DatumGetPointer(), fetchatt, HEAP_HASEXTERNAL, HEAP_HASNULL, if(), lappend(), HeapCheckContext::lp_len, ToastedAttribute::offnum, HeapCheckContext::offnum, HeapCheckContext::offset, palloc0(), psprintf(), RelationData::rd_rel, HeapCheckContext::rel, RelationGetDescr, report_corruption(), HeapTupleHeaderData::t_bits, HeapTupleHeaderData::t_hoff, HeapTupleHeaderData::t_infomask, TOAST_COMPRESS_METHOD, TOAST_INVALID_COMPRESSION_ID, TOAST_LZ4_COMPRESSION_ID, TOAST_PGLZ_COMPRESSION_ID, ToastedAttribute::toast_pointer, HeapCheckContext::toast_rel, HeapCheckContext::toasted_attributes, HeapCheckContext::tuphdr, HeapCheckContext::tuple_could_be_pruned, TupleDescAttr, varatt_external::va_rawsize, varatt_external::va_valueid, VARATT_EXTERNAL_GET_POINTER, VARATT_EXTERNAL_IS_COMPRESSED, VARATT_IS_EXTERNAL, VARLENA_SIZE_LIMIT, VARTAG_EXTERNAL, and VARTAG_ONDISK.

Referenced by check_tuple().

◆ check_tuple_header()

static bool check_tuple_header ( HeapCheckContext ctx)
static

Definition at line 903 of file verify_heapam.c.

904 {
905  HeapTupleHeader tuphdr = ctx->tuphdr;
906  uint16 infomask = tuphdr->t_infomask;
907  TransactionId curr_xmax = HeapTupleHeaderGetUpdateXid(tuphdr);
908  bool result = true;
909  unsigned expected_hoff;
910 
911  if (ctx->tuphdr->t_hoff > ctx->lp_len)
912  {
913  report_corruption(ctx,
914  psprintf("data begins at offset %u beyond the tuple length %u",
915  ctx->tuphdr->t_hoff, ctx->lp_len));
916  result = false;
917  }
918 
919  if ((ctx->tuphdr->t_infomask & HEAP_XMAX_COMMITTED) &&
920  (ctx->tuphdr->t_infomask & HEAP_XMAX_IS_MULTI))
921  {
922  report_corruption(ctx,
923  pstrdup("multixact should not be marked committed"));
924 
925  /*
926  * This condition is clearly wrong, but it's not enough to justify
927  * skipping further checks, because we don't rely on this to determine
928  * whether the tuple is visible or to interpret other relevant header
929  * fields.
930  */
931  }
932 
933  if (!TransactionIdIsValid(curr_xmax) &&
934  HeapTupleHeaderIsHotUpdated(tuphdr))
935  {
936  report_corruption(ctx,
937  psprintf("tuple has been HOT updated, but xmax is 0"));
938 
939  /*
940  * As above, even though this shouldn't happen, it's not sufficient
941  * justification for skipping further checks, we should still be able
942  * to perform sensibly.
943  */
944  }
945 
946  if (HeapTupleHeaderIsHeapOnly(tuphdr) &&
947  ((tuphdr->t_infomask & HEAP_UPDATED) == 0))
948  {
949  report_corruption(ctx,
950  psprintf("tuple is heap only, but not the result of an update"));
951 
952  /* Here again, we can still perform further checks. */
953  }
954 
955  if (infomask & HEAP_HASNULL)
956  expected_hoff = MAXALIGN(SizeofHeapTupleHeader + BITMAPLEN(ctx->natts));
957  else
958  expected_hoff = MAXALIGN(SizeofHeapTupleHeader);
959  if (ctx->tuphdr->t_hoff != expected_hoff)
960  {
961  if ((infomask & HEAP_HASNULL) && ctx->natts == 1)
962  report_corruption(ctx,
963  psprintf("tuple data should begin at byte %u, but actually begins at byte %u (1 attribute, has nulls)",
964  expected_hoff, ctx->tuphdr->t_hoff));
965  else if ((infomask & HEAP_HASNULL))
966  report_corruption(ctx,
967  psprintf("tuple data should begin at byte %u, but actually begins at byte %u (%u attributes, has nulls)",
968  expected_hoff, ctx->tuphdr->t_hoff, ctx->natts));
969  else if (ctx->natts == 1)
970  report_corruption(ctx,
971  psprintf("tuple data should begin at byte %u, but actually begins at byte %u (1 attribute, no nulls)",
972  expected_hoff, ctx->tuphdr->t_hoff));
973  else
974  report_corruption(ctx,
975  psprintf("tuple data should begin at byte %u, but actually begins at byte %u (%u attributes, no nulls)",
976  expected_hoff, ctx->tuphdr->t_hoff, ctx->natts));
977  result = false;
978  }
979 
980  return result;
981 }
MAXALIGN
#define MAXALIGN(LEN)
Definition: c.h:795
TransactionId
uint32 TransactionId
Definition: c.h:636
SizeofHeapTupleHeader
#define SizeofHeapTupleHeader
Definition: htup_details.h:185
HeapTupleHeaderIsHeapOnly
#define HeapTupleHeaderIsHeapOnly(tup)
Definition: htup_details.h:499
BITMAPLEN
#define BITMAPLEN(NATTS)
Definition: htup_details.h:545
HEAP_XMAX_IS_MULTI
#define HEAP_XMAX_IS_MULTI
Definition: htup_details.h:209
HEAP_XMAX_COMMITTED
#define HEAP_XMAX_COMMITTED
Definition: htup_details.h:207
HEAP_UPDATED
#define HEAP_UPDATED
Definition: htup_details.h:210
HeapTupleHeaderGetUpdateXid
#define HeapTupleHeaderGetUpdateXid(tup)
Definition: htup_details.h:361
HeapTupleHeaderIsHotUpdated
#define HeapTupleHeaderIsHotUpdated(tup)
Definition: htup_details.h:482
pstrdup
char * pstrdup(const char *in)
Definition: mcxt.c:1624

References BITMAPLEN, HEAP_HASNULL, HEAP_UPDATED, HEAP_XMAX_COMMITTED, HEAP_XMAX_IS_MULTI, HeapTupleHeaderGetUpdateXid, HeapTupleHeaderIsHeapOnly, HeapTupleHeaderIsHotUpdated, HeapCheckContext::lp_len, MAXALIGN, HeapCheckContext::natts, psprintf(), pstrdup(), report_corruption(), SizeofHeapTupleHeader, HeapTupleHeaderData::t_hoff, HeapTupleHeaderData::t_infomask, TransactionIdIsValid, and HeapCheckContext::tuphdr.

Referenced by check_tuple().

◆ check_tuple_visibility()

static bool check_tuple_visibility ( HeapCheckContext ctx,
bool xmin_commit_status_ok,
XidCommitStatus xmin_commit_status 
)
static

Definition at line 1016 of file verify_heapam.c.

1018 {
1019  TransactionId xmin;
1020  TransactionId xvac;
1021  TransactionId xmax;
1022  XidCommitStatus xmin_status;
1023  XidCommitStatus xvac_status;
1024  XidCommitStatus xmax_status;
1025  HeapTupleHeader tuphdr = ctx->tuphdr;
1026 
1027  ctx->tuple_could_be_pruned = true; /* have not yet proven otherwise */
1028  *xmin_commit_status_ok = false; /* have not yet proven otherwise */
1029 
1030  /* If xmin is normal, it should be within valid range */
1031  xmin = HeapTupleHeaderGetXmin(tuphdr);
1032  switch (get_xid_status(xmin, ctx, &xmin_status))
1033  {
1034  case XID_INVALID:
1035  /* Could be the result of a speculative insertion that aborted. */
1036  return false;
1037  case XID_BOUNDS_OK:
1038  *xmin_commit_status_ok = true;
1039  *xmin_commit_status = xmin_status;
1040  break;
1041  case XID_IN_FUTURE:
1042  report_corruption(ctx,
1043  psprintf("xmin %u equals or exceeds next valid transaction ID %u:%u",
1044  xmin,
1045  EpochFromFullTransactionId(ctx->next_fxid),
1046  XidFromFullTransactionId(ctx->next_fxid)));
1047  return false;
1048  case XID_PRECEDES_CLUSTERMIN:
1049  report_corruption(ctx,
1050  psprintf("xmin %u precedes oldest valid transaction ID %u:%u",
1051  xmin,
1052  EpochFromFullTransactionId(ctx->oldest_fxid),
1053  XidFromFullTransactionId(ctx->oldest_fxid)));
1054  return false;
1055  case XID_PRECEDES_RELMIN:
1056  report_corruption(ctx,
1057  psprintf("xmin %u precedes relation freeze threshold %u:%u",
1058  xmin,
1059  EpochFromFullTransactionId(ctx->relfrozenfxid),
1060  XidFromFullTransactionId(ctx->relfrozenfxid)));
1061  return false;
1062  }
1063 
1064  /*
1065  * Has inserting transaction committed?
1066  */
1067  if (!HeapTupleHeaderXminCommitted(tuphdr))
1068  {
1069  if (HeapTupleHeaderXminInvalid(tuphdr))
1070  return false; /* inserter aborted, don't check */
1071  /* Used by pre-9.0 binary upgrades */
1072  else if (tuphdr->t_infomask & HEAP_MOVED_OFF)
1073  {
1074  xvac = HeapTupleHeaderGetXvac(tuphdr);
1075 
1076  switch (get_xid_status(xvac, ctx, &xvac_status))
1077  {
1078  case XID_INVALID:
1079  report_corruption(ctx,
1080  pstrdup("old-style VACUUM FULL transaction ID for moved off tuple is invalid"));
1081  return false;
1082  case XID_IN_FUTURE:
1083  report_corruption(ctx,
1084  psprintf("old-style VACUUM FULL transaction ID %u for moved off tuple equals or exceeds next valid transaction ID %u:%u",
1085  xvac,
1086  EpochFromFullTransactionId(ctx->next_fxid),
1087  XidFromFullTransactionId(ctx->next_fxid)));
1088  return false;
1089  case XID_PRECEDES_RELMIN:
1090  report_corruption(ctx,
1091  psprintf("old-style VACUUM FULL transaction ID %u for moved off tuple precedes relation freeze threshold %u:%u",
1092  xvac,
1093  EpochFromFullTransactionId(ctx->relfrozenfxid),
1094  XidFromFullTransactionId(ctx->relfrozenfxid)));
1095  return false;
1096  case XID_PRECEDES_CLUSTERMIN:
1097  report_corruption(ctx,
1098  psprintf("old-style VACUUM FULL transaction ID %u for moved off tuple precedes oldest valid transaction ID %u:%u",
1099  xvac,
1100  EpochFromFullTransactionId(ctx->oldest_fxid),
1101  XidFromFullTransactionId(ctx->oldest_fxid)));
1102  return false;
1103  case XID_BOUNDS_OK:
1104  break;
1105  }
1106 
1107  switch (xvac_status)
1108  {
1109  case XID_IS_CURRENT_XID:
1110  report_corruption(ctx,
1111  psprintf("old-style VACUUM FULL transaction ID %u for moved off tuple matches our current transaction ID",
1112  xvac));
1113  return false;
1114  case XID_IN_PROGRESS:
1115  report_corruption(ctx,
1116  psprintf("old-style VACUUM FULL transaction ID %u for moved off tuple appears to be in progress",
1117  xvac));
1118  return false;
1119 
1120  case XID_COMMITTED:
1121 
1122  /*
1123  * The tuple is dead, because the xvac transaction moved
1124  * it off and committed. It's checkable, but also
1125  * prunable.
1126  */
1127  return true;
1128 
1129  case XID_ABORTED:
1130 
1131  /*
1132  * The original xmin must have committed, because the xvac
1133  * transaction tried to move it later. Since xvac is
1134  * aborted, whether it's still alive now depends on the
1135  * status of xmax.
1136  */
1137  break;
1138  }
1139  }
1140  /* Used by pre-9.0 binary upgrades */
1141  else if (tuphdr->t_infomask & HEAP_MOVED_IN)
1142  {
1143  xvac = HeapTupleHeaderGetXvac(tuphdr);
1144 
1145  switch (get_xid_status(xvac, ctx, &xvac_status))
1146  {
1147  case XID_INVALID:
1148  report_corruption(ctx,
1149  pstrdup("old-style VACUUM FULL transaction ID for moved in tuple is invalid"));
1150  return false;
1151  case XID_IN_FUTURE:
1152  report_corruption(ctx,
1153  psprintf("old-style VACUUM FULL transaction ID %u for moved in tuple equals or exceeds next valid transaction ID %u:%u",
1154  xvac,
1155  EpochFromFullTransactionId(ctx->next_fxid),
1156  XidFromFullTransactionId(ctx->next_fxid)));
1157  return false;
1158  case XID_PRECEDES_RELMIN:
1159  report_corruption(ctx,
1160  psprintf("old-style VACUUM FULL transaction ID %u for moved in tuple precedes relation freeze threshold %u:%u",
1161  xvac,
1162  EpochFromFullTransactionId(ctx->relfrozenfxid),
1163  XidFromFullTransactionId(ctx->relfrozenfxid)));
1164  return false;
1165  case XID_PRECEDES_CLUSTERMIN:
1166  report_corruption(ctx,
1167  psprintf("old-style VACUUM FULL transaction ID %u for moved in tuple precedes oldest valid transaction ID %u:%u",
1168  xvac,
1169  EpochFromFullTransactionId(ctx->oldest_fxid),
1170  XidFromFullTransactionId(ctx->oldest_fxid)));
1171  return false;
1172  case XID_BOUNDS_OK:
1173  break;
1174  }
1175 
1176  switch (xvac_status)
1177  {
1178  case XID_IS_CURRENT_XID:
1179  report_corruption(ctx,
1180  psprintf("old-style VACUUM FULL transaction ID %u for moved in tuple matches our current transaction ID",
1181  xvac));
1182  return false;
1183  case XID_IN_PROGRESS:
1184  report_corruption(ctx,
1185  psprintf("old-style VACUUM FULL transaction ID %u for moved in tuple appears to be in progress",
1186  xvac));
1187  return false;
1188 
1189  case XID_COMMITTED:
1190 
1191  /*
1192  * The original xmin must have committed, because the xvac
1193  * transaction moved it later. Whether it's still alive
1194  * now depends on the status of xmax.
1195  */
1196  break;
1197 
1198  case XID_ABORTED:
1199 
1200  /*
1201  * The tuple is dead, because the xvac transaction moved
1202  * it off and committed. It's checkable, but also
1203  * prunable.
1204  */
1205  return true;
1206  }
1207  }
1208  else if (xmin_status != XID_COMMITTED)
1209  {
1210  /*
1211  * Inserting transaction is not in progress, and not committed, so
1212  * it might have changed the TupleDesc in ways we don't know
1213  * about. Thus, don't try to check the tuple structure.
1214  *
1215  * If xmin_status happens to be XID_IS_CURRENT_XID, then in theory
1216  * any such DDL changes ought to be visible to us, so perhaps we
1217  * could check anyway in that case. But, for now, let's be
1218  * conservative and treat this like any other uncommitted insert.
1219  */
1220  return false;
1221  }
1222  }
1223 
1224  /*
1225  * Okay, the inserter committed, so it was good at some point. Now what
1226  * about the deleting transaction?
1227  */
1228 
1229  if (tuphdr->t_infomask & HEAP_XMAX_IS_MULTI)
1230  {
1231  /*
1232  * xmax is a multixact, so sanity-check the MXID. Note that we do this
1233  * prior to checking for HEAP_XMAX_INVALID or
1234  * HEAP_XMAX_IS_LOCKED_ONLY. This might therefore complain about
1235  * things that wouldn't actually be a problem during a normal scan,
1236  * but eventually we're going to have to freeze, and that process will
1237  * ignore hint bits.
1238  *
1239  * Even if the MXID is out of range, we still know that the original
1240  * insert committed, so we can check the tuple itself. However, we
1241  * can't rule out the possibility that this tuple is dead, so don't
1242  * clear ctx->tuple_could_be_pruned. Possibly we should go ahead and
1243  * clear that flag anyway if HEAP_XMAX_INVALID is set or if
1244  * HEAP_XMAX_IS_LOCKED_ONLY is true, but for now we err on the side of
1245  * avoiding possibly-bogus complaints about missing TOAST entries.
1246  */
1247  xmax = HeapTupleHeaderGetRawXmax(tuphdr);
1248  switch (check_mxid_valid_in_rel(xmax, ctx))
1249  {
1250  case XID_INVALID:
1251  report_corruption(ctx,
1252  pstrdup("multitransaction ID is invalid"));
1253  return true;
1254  case XID_PRECEDES_RELMIN:
1255  report_corruption(ctx,
1256  psprintf("multitransaction ID %u precedes relation minimum multitransaction ID threshold %u",
1257  xmax, ctx->relminmxid));
1258  return true;
1259  case XID_PRECEDES_CLUSTERMIN:
1260  report_corruption(ctx,
1261  psprintf("multitransaction ID %u precedes oldest valid multitransaction ID threshold %u",
1262  xmax, ctx->oldest_mxact));
1263  return true;
1264  case XID_IN_FUTURE:
1265  report_corruption(ctx,
1266  psprintf("multitransaction ID %u equals or exceeds next valid multitransaction ID %u",
1267  xmax,
1268  ctx->next_mxact));
1269  return true;
1270  case XID_BOUNDS_OK:
1271  break;
1272  }
1273  }
1274 
1275  if (tuphdr->t_infomask & HEAP_XMAX_INVALID)
1276  {
1277  /*
1278  * This tuple is live. A concurrently running transaction could
1279  * delete it before we get around to checking the toast, but any such
1280  * running transaction is surely not less than our safe_xmin, so the
1281  * toast cannot be vacuumed out from under us.
1282  */
1283  ctx->tuple_could_be_pruned = false;
1284  return true;
1285  }
1286 
1287  if (HEAP_XMAX_IS_LOCKED_ONLY(tuphdr->t_infomask))
1288  {
1289  /*
1290  * "Deleting" xact really only locked it, so the tuple is live in any
1291  * case. As above, a concurrently running transaction could delete
1292  * it, but it cannot be vacuumed out from under us.
1293  */
1294  ctx->tuple_could_be_pruned = false;
1295  return true;
1296  }
1297 
1298  if (tuphdr->t_infomask & HEAP_XMAX_IS_MULTI)
1299  {
1300  /*
1301  * We already checked above that this multixact is within limits for
1302  * this table. Now check the update xid from this multixact.
1303  */
1304  xmax = HeapTupleGetUpdateXid(tuphdr);
1305  switch (get_xid_status(xmax, ctx, &xmax_status))
1306  {
1307  case XID_INVALID:
1308  /* not LOCKED_ONLY, so it has to have an xmax */
1309  report_corruption(ctx,
1310  pstrdup("update xid is invalid"));
1311  return true;
1312  case XID_IN_FUTURE:
1313  report_corruption(ctx,
1314  psprintf("update xid %u equals or exceeds next valid transaction ID %u:%u",
1315  xmax,
1316  EpochFromFullTransactionId(ctx->next_fxid),
1317  XidFromFullTransactionId(ctx->next_fxid)));
1318  return true;
1319  case XID_PRECEDES_RELMIN:
1320  report_corruption(ctx,
1321  psprintf("update xid %u precedes relation freeze threshold %u:%u",
1322  xmax,
1323  EpochFromFullTransactionId(ctx->relfrozenfxid),
1324  XidFromFullTransactionId(ctx->relfrozenfxid)));
1325  return true;
1326  case XID_PRECEDES_CLUSTERMIN:
1327  report_corruption(ctx,
1328  psprintf("update xid %u precedes oldest valid transaction ID %u:%u",
1329  xmax,
1330  EpochFromFullTransactionId(ctx->oldest_fxid),
1331  XidFromFullTransactionId(ctx->oldest_fxid)));
1332  return true;
1333  case XID_BOUNDS_OK:
1334  break;
1335  }
1336 
1337  switch (xmax_status)
1338  {
1339  case XID_IS_CURRENT_XID:
1340  case XID_IN_PROGRESS:
1341 
1342  /*
1343  * The delete is in progress, so it cannot be visible to our
1344  * snapshot.
1345  */
1346  ctx->tuple_could_be_pruned = false;
1347  break;
1348  case XID_COMMITTED:
1349 
1350  /*
1351  * The delete committed. Whether the toast can be vacuumed
1352  * away depends on how old the deleting transaction is.
1353  */
1354  ctx->tuple_could_be_pruned = TransactionIdPrecedes(xmax,
1355  ctx->safe_xmin);
1356  break;
1357  case XID_ABORTED:
1358 
1359  /*
1360  * The delete aborted or crashed. The tuple is still live.
1361  */
1362  ctx->tuple_could_be_pruned = false;
1363  break;
1364  }
1365 
1366  /* Tuple itself is checkable even if it's dead. */
1367  return true;
1368  }
1369 
1370  /* xmax is an XID, not a MXID. Sanity check it. */
1371  xmax = HeapTupleHeaderGetRawXmax(tuphdr);
1372  switch (get_xid_status(xmax, ctx, &xmax_status))
1373  {
1374  case XID_INVALID:
1375  ctx->tuple_could_be_pruned = false;
1376  return true;
1377  case XID_IN_FUTURE:
1378  report_corruption(ctx,
1379  psprintf("xmax %u equals or exceeds next valid transaction ID %u:%u",
1380  xmax,
1381  EpochFromFullTransactionId(ctx->next_fxid),
1382  XidFromFullTransactionId(ctx->next_fxid)));
1383  return false; /* corrupt */
1384  case XID_PRECEDES_RELMIN:
1385  report_corruption(ctx,
1386  psprintf("xmax %u precedes relation freeze threshold %u:%u",
1387  xmax,
1388  EpochFromFullTransactionId(ctx->relfrozenfxid),
1389  XidFromFullTransactionId(ctx->relfrozenfxid)));
1390  return false; /* corrupt */
1391  case XID_PRECEDES_CLUSTERMIN:
1392  report_corruption(ctx,
1393  psprintf("xmax %u precedes oldest valid transaction ID %u:%u",
1394  xmax,
1395  EpochFromFullTransactionId(ctx->oldest_fxid),
1396  XidFromFullTransactionId(ctx->oldest_fxid)));
1397  return false; /* corrupt */
1398  case XID_BOUNDS_OK:
1399  break;
1400  }
1401 
1402  /*
1403  * Whether the toast can be vacuumed away depends on how old the deleting
1404  * transaction is.
1405  */
1406  switch (xmax_status)
1407  {
1408  case XID_IS_CURRENT_XID:
1409  case XID_IN_PROGRESS:
1410 
1411  /*
1412  * The delete is in progress, so it cannot be visible to our
1413  * snapshot.
1414  */
1415  ctx->tuple_could_be_pruned = false;
1416  break;
1417 
1418  case XID_COMMITTED:
1419 
1420  /*
1421  * The delete committed. Whether the toast can be vacuumed away
1422  * depends on how old the deleting transaction is.
1423  */
1424  ctx->tuple_could_be_pruned = TransactionIdPrecedes(xmax,
1425  ctx->safe_xmin);
1426  break;
1427 
1428  case XID_ABORTED:
1429 
1430  /*
1431  * The delete aborted or crashed. The tuple is still live.
1432  */
1433  ctx->tuple_could_be_pruned = false;
1434  break;
1435  }
1436 
1437  /* Tuple itself is checkable even if it's dead. */
1438  return true;
1439 }
HeapTupleGetUpdateXid
TransactionId HeapTupleGetUpdateXid(HeapTupleHeader tuple)
Definition: heapam.c:7047
HEAP_MOVED_OFF
#define HEAP_MOVED_OFF
Definition: htup_details.h:211
HEAP_XMAX_IS_LOCKED_ONLY
#define HEAP_XMAX_IS_LOCKED_ONLY(infomask)
Definition: htup_details.h:227
HeapTupleHeaderGetXvac
#define HeapTupleHeaderGetXvac(tup)
Definition: htup_details.h:411
HEAP_MOVED_IN
#define HEAP_MOVED_IN
Definition: htup_details.h:212
HeapTupleHeaderGetXmin
#define HeapTupleHeaderGetXmin(tup)
Definition: htup_details.h:309
HEAP_XMAX_INVALID
#define HEAP_XMAX_INVALID
Definition: htup_details.h:208
HeapTupleHeaderXminCommitted
#define HeapTupleHeaderXminCommitted(tup)
Definition: htup_details.h:320
HeapTupleHeaderGetRawXmax
#define HeapTupleHeaderGetRawXmax(tup)
Definition: htup_details.h:371
HeapTupleHeaderXminInvalid
#define HeapTupleHeaderXminInvalid(tup)
Definition: htup_details.h:325
HeapCheckContext::oldest_fxid
FullTransactionId oldest_fxid
Definition: verify_heapam.c:90
HeapCheckContext::next_fxid
FullTransactionId next_fxid
Definition: verify_heapam.c:87
HeapCheckContext::relfrozenfxid
FullTransactionId relfrozenfxid
Definition: verify_heapam.c:110
HeapCheckContext::safe_xmin
TransactionId safe_xmin
Definition: verify_heapam.c:92
TransactionIdPrecedes
bool TransactionIdPrecedes(TransactionId id1, TransactionId id2)
Definition: transam.c:280
EpochFromFullTransactionId
#define EpochFromFullTransactionId(x)
Definition: transam.h:47
XidFromFullTransactionId
#define XidFromFullTransactionId(x)
Definition: transam.h:48
check_mxid_valid_in_rel
static XidBoundsViolation check_mxid_valid_in_rel(MultiXactId mxid, HeapCheckContext *ctx)
Definition: verify_heapam.c:1983
get_xid_status
static XidBoundsViolation get_xid_status(TransactionId xid, HeapCheckContext *ctx, XidCommitStatus *status)
Definition: verify_heapam.c:2015

References check_mxid_valid_in_rel(), EpochFromFullTransactionId, get_xid_status(), HEAP_MOVED_IN, HEAP_MOVED_OFF, HEAP_XMAX_INVALID, HEAP_XMAX_IS_LOCKED_ONLY, HEAP_XMAX_IS_MULTI, HeapTupleGetUpdateXid(), HeapTupleHeaderGetRawXmax, HeapTupleHeaderGetXmin, HeapTupleHeaderGetXvac, HeapTupleHeaderXminCommitted, HeapTupleHeaderXminInvalid, HeapCheckContext::next_fxid, HeapCheckContext::next_mxact, HeapCheckContext::oldest_fxid, HeapCheckContext::oldest_mxact, psprintf(), pstrdup(), HeapCheckContext::relfrozenfxid, HeapCheckContext::relminmxid, report_corruption(), HeapCheckContext::safe_xmin, HeapTupleHeaderData::t_infomask, TransactionIdPrecedes(), HeapCheckContext::tuphdr, HeapCheckContext::tuple_could_be_pruned, XID_ABORTED, XID_BOUNDS_OK, XID_COMMITTED, XID_IN_FUTURE, XID_IN_PROGRESS, XID_INVALID, XID_IS_CURRENT_XID, XID_PRECEDES_CLUSTERMIN, XID_PRECEDES_RELMIN, and XidFromFullTransactionId.

Referenced by check_tuple().

◆ FullTransactionIdFromXidAndCtx()

static FullTransactionId FullTransactionIdFromXidAndCtx ( TransactionId  xid,
const HeapCheckContext ctx 
)
static

Definition at line 1881 of file verify_heapam.c.

1882 {
1883  uint64 nextfxid_i;
1884  int32 diff;
1885  FullTransactionId fxid;
1886 
1887  Assert(TransactionIdIsNormal(ctx->next_xid));
1888  Assert(FullTransactionIdIsNormal(ctx->next_fxid));
1889  Assert(XidFromFullTransactionId(ctx->next_fxid) == ctx->next_xid);
1890 
1891  if (!TransactionIdIsNormal(xid))
1892  return FullTransactionIdFromEpochAndXid(0, xid);
1893 
1894  nextfxid_i = U64FromFullTransactionId(ctx->next_fxid);
1895 
1896  /* compute the 32bit modulo difference */
1897  diff = (int32) (ctx->next_xid - xid);
1898 
1899  /*
1900  * In cases of corruption we might see a 32bit xid that is before epoch
1901  * 0. We can't represent that as a 64bit xid, due to 64bit xids being
1902  * unsigned integers, without the modulo arithmetic of 32bit xid. There's
1903  * no really nice way to deal with that, but it works ok enough to use
1904  * FirstNormalFullTransactionId in that case, as a freshly initdb'd
1905  * cluster already has a newer horizon.
1906  */
1907  if (diff > 0 && (nextfxid_i - FirstNormalTransactionId) < (int64) diff)
1908  {
1909  Assert(EpochFromFullTransactionId(ctx->next_fxid) == 0);
1910  fxid = FirstNormalFullTransactionId;
1911  }
1912  else
1913  fxid = FullTransactionIdFromU64(nextfxid_i - diff);
1914 
1915  Assert(FullTransactionIdIsNormal(fxid));
1916  return fxid;
1917 }
Assert
Assert(fmt[strlen(fmt) - 1] !='\n')
HeapCheckContext::next_xid
TransactionId next_xid
Definition: verify_heapam.c:88
FullTransactionIdIsNormal
#define FullTransactionIdIsNormal(x)
Definition: transam.h:58
U64FromFullTransactionId
#define U64FromFullTransactionId(x)
Definition: transam.h:49
FullTransactionIdFromU64
static FullTransactionId FullTransactionIdFromU64(uint64 value)
Definition: transam.h:81
FirstNormalTransactionId
#define FirstNormalTransactionId
Definition: transam.h:34
FullTransactionIdFromEpochAndXid
static FullTransactionId FullTransactionIdFromEpochAndXid(uint32 epoch, TransactionId xid)
Definition: transam.h:71
TransactionIdIsNormal
#define TransactionIdIsNormal(xid)
Definition: transam.h:42
FirstNormalFullTransactionId
#define FirstNormalFullTransactionId
Definition: transam.h:57

References Assert(), EpochFromFullTransactionId, FirstNormalFullTransactionId, FirstNormalTransactionId, FullTransactionIdFromEpochAndXid(), FullTransactionIdFromU64(), FullTransactionIdIsNormal, HeapCheckContext::next_fxid, HeapCheckContext::next_xid, TransactionIdIsNormal, U64FromFullTransactionId, and XidFromFullTransactionId.

Referenced by update_cached_xid_range(), and verify_heapam().

◆ fxid_in_cached_range()

static bool fxid_in_cached_range ( FullTransactionId  fxid,
const HeapCheckContext ctx 
)
inlinestatic

Definition at line 1950 of file verify_heapam.c.

1951 {
1952  return (FullTransactionIdPrecedesOrEquals(ctx->oldest_fxid, fxid) &&
1953  FullTransactionIdPrecedes(fxid, ctx->next_fxid));
1954 }
FullTransactionIdPrecedesOrEquals
#define FullTransactionIdPrecedesOrEquals(a, b)
Definition: transam.h:52
FullTransactionIdPrecedes
#define FullTransactionIdPrecedes(a, b)
Definition: transam.h:51

References FullTransactionIdPrecedes, FullTransactionIdPrecedesOrEquals, HeapCheckContext::next_fxid, and HeapCheckContext::oldest_fxid.

◆ get_xid_status()

static XidBoundsViolation get_xid_status ( TransactionId  xid,
HeapCheckContext ctx,
XidCommitStatus status 
)
static

Definition at line 2015 of file verify_heapam.c.

2017 {
2018  FullTransactionId fxid;
2019  FullTransactionId clog_horizon;
2020 
2021  /* Quick check for special xids */
2022  if (!TransactionIdIsValid(xid))
2023  return XID_INVALID;
2024  else if (xid == BootstrapTransactionId || xid == FrozenTransactionId)
2025  {
2026  if (status != NULL)
2027  *status = XID_COMMITTED;
2028  return XID_BOUNDS_OK;
2029  }
2030 
2031  /* Check if the xid is within bounds */
2032  fxid = FullTransactionIdFromXidAndCtx(xid, ctx);
2033  if (!fxid_in_cached_range(fxid, ctx))
2034  {
2035  /*
2036  * We may have been checking against stale values. Update the cached
2037  * range to be sure, and since we relied on the cached range when we
2038  * performed the full xid conversion, reconvert.
2039  */
2040  update_cached_xid_range(ctx);
2041  fxid = FullTransactionIdFromXidAndCtx(xid, ctx);
2042  }
2043 
2044  if (FullTransactionIdPrecedesOrEquals(ctx->next_fxid, fxid))
2045  return XID_IN_FUTURE;
2046  if (FullTransactionIdPrecedes(fxid, ctx->oldest_fxid))
2047  return XID_PRECEDES_CLUSTERMIN;
2048  if (FullTransactionIdPrecedes(fxid, ctx->relfrozenfxid))
2049  return XID_PRECEDES_RELMIN;
2050 
2051  /* Early return if the caller does not request clog checking */
2052  if (status == NULL)
2053  return XID_BOUNDS_OK;
2054 
2055  /* Early return if we just checked this xid in a prior call */
2056  if (xid == ctx->cached_xid)
2057  {
2058  *status = ctx->cached_status;
2059  return XID_BOUNDS_OK;
2060  }
2061 
2062  *status = XID_COMMITTED;
2063  LWLockAcquire(XactTruncationLock, LW_SHARED);
2064  clog_horizon =
2065  FullTransactionIdFromXidAndCtx(ShmemVariableCache->oldestClogXid,
2066  ctx);
2067  if (FullTransactionIdPrecedesOrEquals(clog_horizon, fxid))
2068  {
2069  if (TransactionIdIsCurrentTransactionId(xid))
2070  *status = XID_IS_CURRENT_XID;
2071  else if (TransactionIdIsInProgress(xid))
2072  *status = XID_IN_PROGRESS;
2073  else if (TransactionIdDidCommit(xid))
2074  *status = XID_COMMITTED;
2075  else
2076  *status = XID_ABORTED;
2077  }
2078  LWLockRelease(XactTruncationLock);
2079  ctx->cached_xid = xid;
2080  ctx->cached_status = *status;
2081  return XID_BOUNDS_OK;
2082 }
LWLockAcquire
bool LWLockAcquire(LWLock *lock, LWLockMode mode)
Definition: lwlock.c:1195
LWLockRelease
void LWLockRelease(LWLock *lock)
Definition: lwlock.c:1803
LW_SHARED
@ LW_SHARED
Definition: lwlock.h:116
status
static void static void status(const char *fmt,...) pg_attribute_printf(1
Definition: pg_regress.c:224
TransactionIdIsInProgress
bool TransactionIdIsInProgress(TransactionId xid)
Definition: procarray.c:1389
HeapCheckContext::cached_xid
TransactionId cached_xid
Definition: verify_heapam.c:104
HeapCheckContext::cached_status
XidCommitStatus cached_status
Definition: verify_heapam.c:105
VariableCacheData::oldestClogXid
TransactionId oldestClogXid
Definition: transam.h:253
TransactionIdDidCommit
bool TransactionIdDidCommit(TransactionId transactionId)
Definition: transam.c:126
FrozenTransactionId
#define FrozenTransactionId
Definition: transam.h:33
BootstrapTransactionId
#define BootstrapTransactionId
Definition: transam.h:32
ShmemVariableCache
VariableCache ShmemVariableCache
Definition: varsup.c:34
fxid_in_cached_range
static bool fxid_in_cached_range(FullTransactionId fxid, const HeapCheckContext *ctx)
Definition: verify_heapam.c:1950
update_cached_xid_range
static void update_cached_xid_range(HeapCheckContext *ctx)
Definition: verify_heapam.c:1923
FullTransactionIdFromXidAndCtx
static FullTransactionId FullTransactionIdFromXidAndCtx(TransactionId xid, const HeapCheckContext *ctx)
Definition: verify_heapam.c:1881
TransactionIdIsCurrentTransactionId
bool TransactionIdIsCurrentTransactionId(TransactionId xid)
Definition: xact.c:926

Referenced by check_tuple_visibility().

◆ PG_FUNCTION_INFO_V1()

PG_FUNCTION_INFO_V1 ( verify_heapam  )

◆ report_corruption()

static void report_corruption ( HeapCheckContext ctx,
char *  msg 
)
static

Definition at line 855 of file verify_heapam.c.

856 {
857  report_corruption_internal(ctx->tupstore, ctx->tupdesc, ctx->blkno,
858  ctx->offnum, ctx->attnum, msg);
859  ctx->is_corrupt = true;
860 }
HeapCheckContext::tupstore
Tuplestorestate * tupstore
Definition: verify_heapam.c:149
report_corruption_internal
static void report_corruption_internal(Tuplestorestate *tupstore, TupleDesc tupdesc, BlockNumber blkno, OffsetNumber offnum, AttrNumber attnum, char *msg)
Definition: verify_heapam.c:819

References HeapCheckContext::attnum, HeapCheckContext::blkno, HeapCheckContext::is_corrupt, HeapCheckContext::offnum, report_corruption_internal(), HeapCheckContext::tupdesc, and HeapCheckContext::tupstore.

Referenced by check_tuple(), check_tuple_attribute(), check_tuple_header(), check_tuple_visibility(), and verify_heapam().

◆ report_corruption_internal()

static void report_corruption_internal ( Tuplestorestate tupstore,
TupleDesc  tupdesc,
BlockNumber  blkno,
OffsetNumber  offnum,
AttrNumber  attnum,
char *  msg 
)
static

Definition at line 819 of file verify_heapam.c.

822 {
823  Datum values[HEAPCHECK_RELATION_COLS] = {0};
824  bool nulls[HEAPCHECK_RELATION_COLS] = {0};
825  HeapTuple tuple;
826 
827  values[0] = Int64GetDatum(blkno);
828  values[1] = Int32GetDatum(offnum);
829  values[2] = Int32GetDatum(attnum);
830  nulls[2] = (attnum < 0);
831  values[3] = CStringGetTextDatum(msg);
832 
833  /*
834  * In principle, there is nothing to prevent a scan over a large, highly
835  * corrupted table from using work_mem worth of memory building up the
836  * tuplestore. That's ok, but if we also leak the msg argument memory
837  * until the end of the query, we could exceed work_mem by more than a
838  * trivial amount. Therefore, free the msg argument each time we are
839  * called rather than waiting for our current memory context to be freed.
840  */
841  pfree(msg);
842 
843  tuple = heap_form_tuple(tupdesc, values, nulls);
844  tuplestore_puttuple(tupstore, tuple);
845 }
values
static Datum values[MAXATTR]
Definition: bootstrap.c:156
CStringGetTextDatum
#define CStringGetTextDatum(s)
Definition: builtins.h:94
Int64GetDatum
Datum Int64GetDatum(int64 X)
Definition: fmgr.c:1779
heap_form_tuple
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1020
pfree
void pfree(void *pointer)
Definition: mcxt.c:1436
attnum
int16 attnum
Definition: pg_attribute.h:74
Int32GetDatum
static Datum Int32GetDatum(int32 X)
Definition: postgres.h:212
tuplestore_puttuple
void tuplestore_puttuple(Tuplestorestate *state, HeapTuple tuple)
Definition: tuplestore.c:730
HEAPCHECK_RELATION_COLS
#define HEAPCHECK_RELATION_COLS
Definition: verify_heapam.c:31

References attnum, CStringGetTextDatum, heap_form_tuple(), HEAPCHECK_RELATION_COLS, Int32GetDatum(), Int64GetDatum(), pfree(), tuplestore_puttuple(), and values.

Referenced by report_corruption(), and report_toast_corruption().

◆ report_toast_corruption()

static void report_toast_corruption ( HeapCheckContext ctx,
ToastedAttribute ta,
char *  msg 
)
static

Definition at line 871 of file verify_heapam.c.

873 {
874  report_corruption_internal(ctx->tupstore, ctx->tupdesc, ta->blkno,
875  ta->offnum, ta->attnum, msg);
876  ctx->is_corrupt = true;
877 }

References ToastedAttribute::attnum, ToastedAttribute::blkno, HeapCheckContext::is_corrupt, ToastedAttribute::offnum, report_corruption_internal(), HeapCheckContext::tupdesc, and HeapCheckContext::tupstore.

Referenced by check_toast_tuple(), and check_toasted_attribute().

◆ update_cached_mxid_range()

static void update_cached_mxid_range ( HeapCheckContext ctx)
static

Definition at line 1940 of file verify_heapam.c.

1941 {
1942  ReadMultiXactIdRange(&ctx->oldest_mxact, &ctx->next_mxact);
1943 }
ReadMultiXactIdRange
void ReadMultiXactIdRange(MultiXactId *oldest, MultiXactId *next)
Definition: multixact.c:744

References HeapCheckContext::next_mxact, HeapCheckContext::oldest_mxact, and ReadMultiXactIdRange().

Referenced by check_mxid_valid_in_rel(), and verify_heapam().

◆ update_cached_xid_range()

static void update_cached_xid_range ( HeapCheckContext ctx)
static

Definition at line 1923 of file verify_heapam.c.

1924 {
1925  /* Make cached copies */
1926  LWLockAcquire(XidGenLock, LW_SHARED);
1927  ctx->next_fxid = ShmemVariableCache->nextXid;
1928  ctx->oldest_xid = ShmemVariableCache->oldestXid;
1929  LWLockRelease(XidGenLock);
1930 
1931  /* And compute alternate versions of the same */
1932  ctx->next_xid = XidFromFullTransactionId(ctx->next_fxid);
1933  ctx->oldest_fxid = FullTransactionIdFromXidAndCtx(ctx->oldest_xid, ctx);
1934 }
HeapCheckContext::oldest_xid
TransactionId oldest_xid
Definition: verify_heapam.c:89
VariableCacheData::nextXid
FullTransactionId nextXid
Definition: transam.h:220
VariableCacheData::oldestXid
TransactionId oldestXid
Definition: transam.h:222

References FullTransactionIdFromXidAndCtx(), LW_SHARED, LWLockAcquire(), LWLockRelease(), HeapCheckContext::next_fxid, HeapCheckContext::next_xid, VariableCacheData::nextXid, HeapCheckContext::oldest_fxid, HeapCheckContext::oldest_xid, VariableCacheData::oldestXid, ShmemVariableCache, and XidFromFullTransactionId.

Referenced by verify_heapam().

◆ verify_heapam()

Datum verify_heapam ( PG_FUNCTION_ARGS  )

Definition at line 217 of file verify_heapam.c.

218 {
219  ReturnSetInfo *rsinfo = (ReturnSetInfo *) fcinfo->resultinfo;
220  HeapCheckContext ctx;
221  Buffer vmbuffer = InvalidBuffer;
222  Oid relid;
223  bool on_error_stop;
224  bool check_toast;
225  SkipPages skip_option = SKIP_PAGES_NONE;
226  BlockNumber first_block;
227  BlockNumber last_block;
228  BlockNumber nblocks;
229  const char *skip;
230 
231  /* Check supplied arguments */
232  if (PG_ARGISNULL(0))
233  ereport(ERROR,
234  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
235  errmsg("relation cannot be null")));
236  relid = PG_GETARG_OID(0);
237 
238  if (PG_ARGISNULL(1))
239  ereport(ERROR,
240  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
241  errmsg("on_error_stop cannot be null")));
242  on_error_stop = PG_GETARG_BOOL(1);
243 
244  if (PG_ARGISNULL(2))
245  ereport(ERROR,
246  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
247  errmsg("check_toast cannot be null")));
248  check_toast = PG_GETARG_BOOL(2);
249 
250  if (PG_ARGISNULL(3))
251  ereport(ERROR,
252  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
253  errmsg("skip cannot be null")));
254  skip = text_to_cstring(PG_GETARG_TEXT_PP(3));
255  if (pg_strcasecmp(skip, "all-visible") == 0)
256  skip_option = SKIP_PAGES_ALL_VISIBLE;
257  else if (pg_strcasecmp(skip, "all-frozen") == 0)
258  skip_option = SKIP_PAGES_ALL_FROZEN;
259  else if (pg_strcasecmp(skip, "none") == 0)
260  skip_option = SKIP_PAGES_NONE;
261  else
262  ereport(ERROR,
263  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
264  errmsg("invalid skip option"),
265  errhint("Valid skip options are \"all-visible\", \"all-frozen\", and \"none\".")));
266 
267  memset(&ctx, 0, sizeof(HeapCheckContext));
268  ctx.cached_xid = InvalidTransactionId;
269  ctx.toasted_attributes = NIL;
270 
271  /*
272  * Any xmin newer than the xmin of our snapshot can't become all-visible
273  * while we're running.
274  */
275  ctx.safe_xmin = GetTransactionSnapshot()->xmin;
276 
277  /*
278  * If we report corruption when not examining some individual attribute,
279  * we need attnum to be reported as NULL. Set that up before any
280  * corruption reporting might happen.
281  */
282  ctx.attnum = -1;
283 
284  /* Construct the tuplestore and tuple descriptor */
285  InitMaterializedSRF(fcinfo, 0);
286  ctx.tupdesc = rsinfo->setDesc;
287  ctx.tupstore = rsinfo->setResult;
288 
289  /* Open relation, check relkind and access method */
290  ctx.rel = relation_open(relid, AccessShareLock);
291 
292  /*
293  * Check that a relation's relkind and access method are both supported.
294  */
295  if (!RELKIND_HAS_TABLE_AM(ctx.rel->rd_rel->relkind) &&
296  ctx.rel->rd_rel->relkind != RELKIND_SEQUENCE)
297  ereport(ERROR,
298  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
299  errmsg("cannot check relation \"%s\"",
300  RelationGetRelationName(ctx.rel)),
301  errdetail_relkind_not_supported(ctx.rel->rd_rel->relkind)));
302 
303  /*
304  * Sequences always use heap AM, but they don't show that in the catalogs.
305  * Other relkinds might be using a different AM, so check.
306  */
307  if (ctx.rel->rd_rel->relkind != RELKIND_SEQUENCE &&
308  ctx.rel->rd_rel->relam != HEAP_TABLE_AM_OID)
309  ereport(ERROR,
310  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
311  errmsg("only heap AM is supported")));
312 
313  /*
314  * Early exit for unlogged relations during recovery. These will have no
315  * relation fork, so there won't be anything to check. We behave as if
316  * the relation is empty.
317  */
318  if (ctx.rel->rd_rel->relpersistence == RELPERSISTENCE_UNLOGGED &&
319  RecoveryInProgress())
320  {
321  ereport(DEBUG1,
322  (errcode(ERRCODE_READ_ONLY_SQL_TRANSACTION),
323  errmsg("cannot verify unlogged relation \"%s\" during recovery, skipping",
324  RelationGetRelationName(ctx.rel))));
325  relation_close(ctx.rel, AccessShareLock);
326  PG_RETURN_NULL();
327  }
328 
329  /* Early exit if the relation is empty */
330  nblocks = RelationGetNumberOfBlocks(ctx.rel);
331  if (!nblocks)
332  {
333  relation_close(ctx.rel, AccessShareLock);
334  PG_RETURN_NULL();
335  }
336 
337  ctx.bstrategy = GetAccessStrategy(BAS_BULKREAD);
338  ctx.buffer = InvalidBuffer;
339  ctx.page = NULL;
340 
341  /* Validate block numbers, or handle nulls. */
342  if (PG_ARGISNULL(4))
343  first_block = 0;
344  else
345  {
346  int64 fb = PG_GETARG_INT64(4);
347 
348  if (fb < 0 || fb >= nblocks)
349  ereport(ERROR,
350  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
351  errmsg("starting block number must be between 0 and %u",
352  nblocks - 1)));
353  first_block = (BlockNumber) fb;
354  }
355  if (PG_ARGISNULL(5))
356  last_block = nblocks - 1;
357  else
358  {
359  int64 lb = PG_GETARG_INT64(5);
360 
361  if (lb < 0 || lb >= nblocks)
362  ereport(ERROR,
363  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
364  errmsg("ending block number must be between 0 and %u",
365  nblocks - 1)));
366  last_block = (BlockNumber) lb;
367  }
368 
369  /* Optionally open the toast relation, if any. */
370  if (ctx.rel->rd_rel->reltoastrelid && check_toast)
371  {
372  int offset;
373 
374  /* Main relation has associated toast relation */
375  ctx.toast_rel = table_open(ctx.rel->rd_rel->reltoastrelid,
376  AccessShareLock);
377  offset = toast_open_indexes(ctx.toast_rel,
378  AccessShareLock,
379  &(ctx.toast_indexes),
380  &(ctx.num_toast_indexes));
381  ctx.valid_toast_index = ctx.toast_indexes[offset];
382  }
383  else
384  {
385  /*
386  * Main relation has no associated toast relation, or we're
387  * intentionally skipping it.
388  */
389  ctx.toast_rel = NULL;
390  ctx.toast_indexes = NULL;
391  ctx.num_toast_indexes = 0;
392  }
393 
394  update_cached_xid_range(&ctx);
395  update_cached_mxid_range(&ctx);
396  ctx.relfrozenxid = ctx.rel->rd_rel->relfrozenxid;
397  ctx.relfrozenfxid = FullTransactionIdFromXidAndCtx(ctx.relfrozenxid, &ctx);
398  ctx.relminmxid = ctx.rel->rd_rel->relminmxid;
399 
400  if (TransactionIdIsNormal(ctx.relfrozenxid))
401  ctx.oldest_xid = ctx.relfrozenxid;
402 
403  for (ctx.blkno = first_block; ctx.blkno <= last_block; ctx.blkno++)
404  {
405  OffsetNumber maxoff;
406  OffsetNumber predecessor[MaxOffsetNumber];
407  OffsetNumber successor[MaxOffsetNumber];
408  bool lp_valid[MaxOffsetNumber];
409  bool xmin_commit_status_ok[MaxOffsetNumber];
410  XidCommitStatus xmin_commit_status[MaxOffsetNumber];
411 
412  CHECK_FOR_INTERRUPTS();
413 
414  memset(predecessor, 0, sizeof(OffsetNumber) * MaxOffsetNumber);
415 
416  /* Optionally skip over all-frozen or all-visible blocks */
417  if (skip_option != SKIP_PAGES_NONE)
418  {
419  int32 mapbits;
420 
421  mapbits = (int32) visibilitymap_get_status(ctx.rel, ctx.blkno,
422  &vmbuffer);
423  if (skip_option == SKIP_PAGES_ALL_FROZEN)
424  {
425  if ((mapbits & VISIBILITYMAP_ALL_FROZEN) != 0)
426  continue;
427  }
428 
429  if (skip_option == SKIP_PAGES_ALL_VISIBLE)
430  {
431  if ((mapbits & VISIBILITYMAP_ALL_VISIBLE) != 0)
432  continue;
433  }
434  }
435 
436  /* Read and lock the next page. */
437  ctx.buffer = ReadBufferExtended(ctx.rel, MAIN_FORKNUM, ctx.blkno,
438  RBM_NORMAL, ctx.bstrategy);
439  LockBuffer(ctx.buffer, BUFFER_LOCK_SHARE);
440  ctx.page = BufferGetPage(ctx.buffer);
441 
442  /* Perform tuple checks */
443  maxoff = PageGetMaxOffsetNumber(ctx.page);
444  for (ctx.offnum = FirstOffsetNumber; ctx.offnum <= maxoff;
445  ctx.offnum = OffsetNumberNext(ctx.offnum))
446  {
447  BlockNumber nextblkno;
448  OffsetNumber nextoffnum;
449 
450  successor[ctx.offnum] = InvalidOffsetNumber;
451  lp_valid[ctx.offnum] = false;
452  xmin_commit_status_ok[ctx.offnum] = false;
453  ctx.itemid = PageGetItemId(ctx.page, ctx.offnum);
454 
455  /* Skip over unused/dead line pointers */
456  if (!ItemIdIsUsed(ctx.itemid) || ItemIdIsDead(ctx.itemid))
457  continue;
458 
459  /*
460  * If this line pointer has been redirected, check that it
461  * redirects to a valid offset within the line pointer array
462  */
463  if (ItemIdIsRedirected(ctx.itemid))
464  {
465  OffsetNumber rdoffnum = ItemIdGetRedirect(ctx.itemid);
466  ItemId rditem;
467 
468  if (rdoffnum < FirstOffsetNumber)
469  {
470  report_corruption(&ctx,
471  psprintf("line pointer redirection to item at offset %u precedes minimum offset %u",
472  (unsigned) rdoffnum,
473  (unsigned) FirstOffsetNumber));
474  continue;
475  }
476  if (rdoffnum > maxoff)
477  {
478  report_corruption(&ctx,
479  psprintf("line pointer redirection to item at offset %u exceeds maximum offset %u",
480  (unsigned) rdoffnum,
481  (unsigned) maxoff));
482  continue;
483  }
484 
485  /*
486  * Since we've checked that this redirect points to a line
487  * pointer between FirstOffsetNumber and maxoff, it should
488  * now be safe to fetch the referenced line pointer. We expect
489  * it to be LP_NORMAL; if not, that's corruption.
490  */
491  rditem = PageGetItemId(ctx.page, rdoffnum);
492  if (!ItemIdIsUsed(rditem))
493  {
494  report_corruption(&ctx,
495  psprintf("redirected line pointer points to an unused item at offset %u",
496  (unsigned) rdoffnum));
497  continue;
498  }
499  else if (ItemIdIsDead(rditem))
500  {
501  report_corruption(&ctx,
502  psprintf("redirected line pointer points to a dead item at offset %u",
503  (unsigned) rdoffnum));
504  continue;
505  }
506  else if (ItemIdIsRedirected(rditem))
507  {
508  report_corruption(&ctx,
509  psprintf("redirected line pointer points to another redirected line pointer at offset %u",
510  (unsigned) rdoffnum));
511  continue;
512  }
513 
514  /*
515  * Record the fact that this line pointer has passed basic
516  * sanity checking, and also the offset number to which it
517  * points.
518  */
519  lp_valid[ctx.offnum] = true;
520  successor[ctx.offnum] = rdoffnum;
521  continue;
522  }
523 
524  /* Sanity-check the line pointer's offset and length values */
525  ctx.lp_len = ItemIdGetLength(ctx.itemid);
526  ctx.lp_off = ItemIdGetOffset(ctx.itemid);
527 
528  if (ctx.lp_off != MAXALIGN(ctx.lp_off))
529  {
530  report_corruption(&ctx,
531  psprintf("line pointer to page offset %u is not maximally aligned",
532  ctx.lp_off));
533  continue;
534  }
535  if (ctx.lp_len < MAXALIGN(SizeofHeapTupleHeader))
536  {
537  report_corruption(&ctx,
538  psprintf("line pointer length %u is less than the minimum tuple header size %u",
539  ctx.lp_len,
540  (unsigned) MAXALIGN(SizeofHeapTupleHeader)));
541  continue;
542  }
543  if (ctx.lp_off + ctx.lp_len > BLCKSZ)
544  {
545  report_corruption(&ctx,
546  psprintf("line pointer to page offset %u with length %u ends beyond maximum page offset %u",
547  ctx.lp_off,
548  ctx.lp_len,
549  (unsigned) BLCKSZ));
550  continue;
551  }
552 
553  /* It should be safe to examine the tuple's header, at least */
554  lp_valid[ctx.offnum] = true;
555  ctx.tuphdr = (HeapTupleHeader) PageGetItem(ctx.page, ctx.itemid);
556  ctx.natts = HeapTupleHeaderGetNatts(ctx.tuphdr);
557 
558  /* Ok, ready to check this next tuple */
559  check_tuple(&ctx,
560  &xmin_commit_status_ok[ctx.offnum],
561  &xmin_commit_status[ctx.offnum]);
562 
563  /*
564  * If the CTID field of this tuple seems to point to another tuple
565  * on the same page, record that tuple as the successor of this
566  * one.
567  */
568  nextblkno = ItemPointerGetBlockNumber(&(ctx.tuphdr)->t_ctid);
569  nextoffnum = ItemPointerGetOffsetNumber(&(ctx.tuphdr)->t_ctid);
570  if (nextblkno == ctx.blkno && nextoffnum != ctx.offnum &&
571  nextoffnum >= FirstOffsetNumber && nextoffnum <= maxoff)
572  successor[ctx.offnum] = nextoffnum;
573  }
574 
575  /*
576  * Update chain validation. Check each line pointer that's got a valid
577  * successor against that successor.
578  */
579  ctx.attnum = -1;
580  for (ctx.offnum = FirstOffsetNumber; ctx.offnum <= maxoff;
581  ctx.offnum = OffsetNumberNext(ctx.offnum))
582  {
583  ItemId curr_lp;
584  ItemId next_lp;
585  HeapTupleHeader curr_htup;
586  HeapTupleHeader next_htup;
587  TransactionId curr_xmin;
588  TransactionId curr_xmax;
589  TransactionId next_xmin;
590  OffsetNumber nextoffnum = successor[ctx.offnum];
591 
592  /*
593  * The current line pointer may not have a successor, either
594  * because it's not valid or because it didn't point to anything.
595  * In either case, we have to give up.
596  *
597  * If the current line pointer does point to something, it's
598  * possible that the target line pointer isn't valid. We have to
599  * give up in that case, too.
600  */
601  if (nextoffnum == InvalidOffsetNumber || !lp_valid[nextoffnum])
602  continue;
603 
604  /* We have two valid line pointers that we can examine. */
605  curr_lp = PageGetItemId(ctx.page, ctx.offnum);
606  next_lp = PageGetItemId(ctx.page, nextoffnum);
607 
608  /* Handle the cases where the current line pointer is a redirect. */
609  if (ItemIdIsRedirected(curr_lp))
610  {
611  /*
612  * We should not have set successor[ctx.offnum] to a value
613  * other than InvalidOffsetNumber unless that line pointer
614  * is LP_NORMAL.
615  */
616  Assert(ItemIdIsNormal(next_lp));
617 
618  /* Can only redirect to a HOT tuple. */
619  next_htup = (HeapTupleHeader) PageGetItem(ctx.page, next_lp);
620  if (!HeapTupleHeaderIsHeapOnly(next_htup))
621  {
622  report_corruption(&ctx,
623  psprintf("redirected line pointer points to a non-heap-only tuple at offset %u",
624  (unsigned) nextoffnum));
625  }
626 
627  /* HOT chains should not intersect. */
628  if (predecessor[nextoffnum] != InvalidOffsetNumber)
629  {
630  report_corruption(&ctx,
631  psprintf("redirect line pointer points to offset %u, but offset %u also points there",
632  (unsigned) nextoffnum, (unsigned) predecessor[nextoffnum]));
633  continue;
634  }
635 
636  /*
637  * This redirect and the tuple to which it points seem to be
638  * part of an update chain.
639  */
640  predecessor[nextoffnum] = ctx.offnum;
641  continue;
642  }
643 
644  /*
645  * If the next line pointer is a redirect, or if it's a tuple
646  * but the XMAX of this tuple doesn't match the XMIN of the next
647  * tuple, then the two aren't part of the same update chain and
648  * there is nothing more to do.
649  */
650  if (ItemIdIsRedirected(next_lp))
651  continue;
652  curr_htup = (HeapTupleHeader) PageGetItem(ctx.page, curr_lp);
653  curr_xmax = HeapTupleHeaderGetUpdateXid(curr_htup);
654  next_htup = (HeapTupleHeader) PageGetItem(ctx.page, next_lp);
655  next_xmin = HeapTupleHeaderGetXmin(next_htup);
656  if (!TransactionIdIsValid(curr_xmax) ||
657  !TransactionIdEquals(curr_xmax, next_xmin))
658  continue;
659 
660  /* HOT chains should not intersect. */
661  if (predecessor[nextoffnum] != InvalidOffsetNumber)
662  {
663  report_corruption(&ctx,
664  psprintf("tuple points to new version at offset %u, but offset %u also points there",
665  (unsigned) nextoffnum, (unsigned) predecessor[nextoffnum]));
666  continue;
667  }
668 
669  /*
670  * This tuple and the tuple to which it points seem to be part
671  * of an update chain.
672  */
673  predecessor[nextoffnum] = ctx.offnum;
674 
675  /*
676  * If the current tuple is marked as HOT-updated, then the next
677  * tuple should be marked as a heap-only tuple. Conversely, if the
678  * current tuple isn't marked as HOT-updated, then the next tuple
679  * shouldn't be marked as a heap-only tuple.
680  *
681  * NB: Can't use HeapTupleHeaderIsHotUpdated() as it checks if
682  * hint bits indicate xmin/xmax aborted.
683  */
684  if (!(curr_htup->t_infomask2 & HEAP_HOT_UPDATED) &&
685  HeapTupleHeaderIsHeapOnly(next_htup))
686  {
687  report_corruption(&ctx,
688  psprintf("non-heap-only update produced a heap-only tuple at offset %u",
689  (unsigned) nextoffnum));
690  }
691  if ((curr_htup->t_infomask2 & HEAP_HOT_UPDATED) &&
692  !HeapTupleHeaderIsHeapOnly(next_htup))
693  {
694  report_corruption(&ctx,
695  psprintf("heap-only update produced a non-heap only tuple at offset %u",
696  (unsigned) nextoffnum));
697  }
698 
699  /*
700  * If the current tuple's xmin is still in progress but the
701  * successor tuple's xmin is committed, that's corruption.
702  *
703  * NB: We recheck the commit status of the current tuple's xmin
704  * here, because it might have committed after we checked it and
705  * before we checked the commit status of the successor tuple's
706  * xmin. This should be safe because the xmin itself can't have
707  * changed, only its commit status.
708  */
709  curr_xmin = HeapTupleHeaderGetXmin(curr_htup);
710  if (xmin_commit_status_ok[ctx.offnum] &&
711  xmin_commit_status[ctx.offnum] == XID_IN_PROGRESS &&
712  xmin_commit_status_ok[nextoffnum] &&
713  xmin_commit_status[nextoffnum] == XID_COMMITTED &&
714  TransactionIdIsInProgress(curr_xmin))
715  {
716  report_corruption(&ctx,
717  psprintf("tuple with in-progress xmin %u was updated to produce a tuple at offset %u with committed xmin %u",
718  (unsigned) curr_xmin,
719  (unsigned) ctx.offnum,
720  (unsigned) next_xmin));
721  }
722 
723  /*
724  * If the current tuple's xmin is aborted but the successor tuple's
725  * xmin is in-progress or committed, that's corruption.
726  */
727  if (xmin_commit_status_ok[ctx.offnum] &&
728  xmin_commit_status[ctx.offnum] == XID_ABORTED &&
729  xmin_commit_status_ok[nextoffnum])
730  {
731  if (xmin_commit_status[nextoffnum] == XID_IN_PROGRESS)
732  report_corruption(&ctx,
733  psprintf("tuple with aborted xmin %u was updated to produce a tuple at offset %u with in-progress xmin %u",
734  (unsigned) curr_xmin,
735  (unsigned) ctx.offnum,
736  (unsigned) next_xmin));
737  else if (xmin_commit_status[nextoffnum] == XID_COMMITTED)
738  report_corruption(&ctx,
739  psprintf("tuple with aborted xmin %u was updated to produce a tuple at offset %u with committed xmin %u",
740  (unsigned) curr_xmin,
741  (unsigned) ctx.offnum,
742  (unsigned) next_xmin));
743  }
744  }
745 
746  /*
747  * An update chain can start either with a non-heap-only tuple or with
748  * a redirect line pointer, but not with a heap-only tuple.
749  *
750  * (This check is in a separate loop because we need the predecessor
751  * array to be fully populated before we can perform it.)
752  */
753  for (ctx.offnum = FirstOffsetNumber;
754  ctx.offnum <= maxoff;
755  ctx.offnum = OffsetNumberNext(ctx.offnum))
756  {
757  if (xmin_commit_status_ok[ctx.offnum] &&
758  (xmin_commit_status[ctx.offnum] == XID_COMMITTED ||
759  xmin_commit_status[ctx.offnum] == XID_IN_PROGRESS) &&
760  predecessor[ctx.offnum] == InvalidOffsetNumber)
761  {
762  ItemId curr_lp;
763 
764  curr_lp = PageGetItemId(ctx.page, ctx.offnum);
765  if (!ItemIdIsRedirected(curr_lp))
766  {
767  HeapTupleHeader curr_htup;
768 
769  curr_htup = (HeapTupleHeader)
770  PageGetItem(ctx.page, curr_lp);
771  if (HeapTupleHeaderIsHeapOnly(curr_htup))
772  report_corruption(&ctx,
773  psprintf("tuple is root of chain but is marked as heap-only tuple"));
774  }
775  }
776  }
777 
778  /* clean up */
779  UnlockReleaseBuffer(ctx.buffer);
780 
781  /*
782  * Check any toast pointers from the page whose lock we just released
783  */
784  if (ctx.toasted_attributes != NIL)
785  {
786  ListCell *cell;
787 
788  foreach(cell, ctx.toasted_attributes)
789  check_toasted_attribute(&ctx, lfirst(cell));
790  list_free_deep(ctx.toasted_attributes);
791  ctx.toasted_attributes = NIL;
792  }
793 
794  if (on_error_stop && ctx.is_corrupt)
795  break;
796  }
797 
798  if (vmbuffer != InvalidBuffer)
799  ReleaseBuffer(vmbuffer);
800 
801  /* Close the associated toast table and indexes, if any. */
802  if (ctx.toast_indexes)
803  toast_close_indexes(ctx.toast_indexes, ctx.num_toast_indexes,
804  AccessShareLock);
805  if (ctx.toast_rel)
806  table_close(ctx.toast_rel, AccessShareLock);
807 
808  /* Close the main relation */
809  relation_close(ctx.rel, AccessShareLock);
810 
811  PG_RETURN_NULL();
812 }
BlockNumber
uint32 BlockNumber
Definition: block.h:31
Buffer
int Buffer
Definition: buf.h:23
InvalidBuffer
#define InvalidBuffer
Definition: buf.h:25
ReleaseBuffer
void ReleaseBuffer(Buffer buffer)
Definition: bufmgr.c:3995
UnlockReleaseBuffer
void UnlockReleaseBuffer(Buffer buffer)
Definition: bufmgr.c:4018
LockBuffer
void LockBuffer(Buffer buffer, int mode)
Definition: bufmgr.c:4236
ReadBufferExtended
Buffer ReadBufferExtended(Relation reln, ForkNumber forkNum, BlockNumber blockNum, ReadBufferMode mode, BufferAccessStrategy strategy)
Definition: bufmgr.c:751
BAS_BULKREAD
@ BAS_BULKREAD
Definition: bufmgr.h:35
BUFFER_LOCK_SHARE
#define BUFFER_LOCK_SHARE
Definition: bufmgr.h:111
RelationGetNumberOfBlocks
#define RelationGetNumberOfBlocks(reln)
Definition: bufmgr.h:161
BufferGetPage
static Page BufferGetPage(Buffer buffer)
Definition: bufmgr.h:284
RBM_NORMAL
@ RBM_NORMAL
Definition: bufmgr.h:44
PageGetItem
static Item PageGetItem(Page page, ItemId itemId)
Definition: bufpage.h:351
PageGetItemId
static ItemId PageGetItemId(Page page, OffsetNumber offsetNumber)
Definition: bufpage.h:240
PageGetMaxOffsetNumber
static OffsetNumber PageGetMaxOffsetNumber(Page page)
Definition: bufpage.h:369
errhint
int errhint(const char *fmt,...)
Definition: elog.c:1316
errcode
int errcode(int sqlerrcode)
Definition: elog.c:858
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:1069
DEBUG1
#define DEBUG1
Definition: elog.h:30
ERROR
#define ERROR
Definition: elog.h:39
ereport
#define ereport(elevel,...)
Definition: elog.h:149
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
PG_ARGISNULL
#define PG_ARGISNULL(n)
Definition: fmgr.h:209
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_INT64
#define PG_GETARG_INT64(n)
Definition: fmgr.h:283
PG_GETARG_BOOL
#define PG_GETARG_BOOL(n)
Definition: fmgr.h:274
GetAccessStrategy
BufferAccessStrategy GetAccessStrategy(BufferAccessStrategyType btype)
Definition: freelist.c:541
InitMaterializedSRF
void InitMaterializedSRF(FunctionCallInfo fcinfo, bits32 flags)
Definition: funcapi.c:76
HeapTupleHeader
HeapTupleHeaderData * HeapTupleHeader
Definition: htup.h:23
HeapTupleHeaderGetNatts
#define HeapTupleHeaderGetNatts(tup)
Definition: htup_details.h:529
HEAP_HOT_UPDATED
#define HEAP_HOT_UPDATED
Definition: htup_details.h:276
ItemIdGetLength
#define ItemIdGetLength(itemId)
Definition: itemid.h:59
ItemIdIsNormal
#define ItemIdIsNormal(itemId)
Definition: itemid.h:99
ItemIdGetOffset
#define ItemIdGetOffset(itemId)
Definition: itemid.h:65
ItemIdGetRedirect
#define ItemIdGetRedirect(itemId)
Definition: itemid.h:78
ItemIdIsDead
#define ItemIdIsDead(itemId)
Definition: itemid.h:113
ItemIdIsUsed
#define ItemIdIsUsed(itemId)
Definition: itemid.h:92
ItemIdIsRedirected
#define ItemIdIsRedirected(itemId)
Definition: itemid.h:106
ItemPointerGetOffsetNumber
static OffsetNumber ItemPointerGetOffsetNumber(const ItemPointerData *pointer)
Definition: itemptr.h:124
ItemPointerGetBlockNumber
static BlockNumber ItemPointerGetBlockNumber(const ItemPointerData *pointer)
Definition: itemptr.h:103
list_free_deep
void list_free_deep(List *list)
Definition: list.c:1559
AccessShareLock
#define AccessShareLock
Definition: lockdefs.h:36
CHECK_FOR_INTERRUPTS
#define CHECK_FOR_INTERRUPTS()
Definition: miscadmin.h:121
InvalidOffsetNumber
#define InvalidOffsetNumber
Definition: off.h:26
OffsetNumberNext
#define OffsetNumberNext(offsetNumber)
Definition: off.h:52
OffsetNumber
uint16 OffsetNumber
Definition: off.h:24
FirstOffsetNumber
#define FirstOffsetNumber
Definition: off.h:27
MaxOffsetNumber
#define MaxOffsetNumber
Definition: off.h:28
skip
static const struct exclude_list_item skip[]
Definition: pg_checksums.c:116
errdetail_relkind_not_supported
int errdetail_relkind_not_supported(char relkind)
Definition: pg_class.c:24
lfirst
#define lfirst(lc)
Definition: pg_list.h:172
NIL
#define NIL
Definition: pg_list.h:68
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
Oid
unsigned int Oid
Definition: postgres_ext.h:31
fb
static int fb(int x)
Definition: preproc-init.c:92
RelationGetRelationName
#define RelationGetRelationName(relation)
Definition: rel.h:537
MAIN_FORKNUM
@ MAIN_FORKNUM
Definition: relpath.h:50
GetTransactionSnapshot
Snapshot GetTransactionSnapshot(void)
Definition: snapmgr.c:251
relation_close
void relation_close(Relation relation, LOCKMODE lockmode)
Definition: relation.c:206
relation_open
Relation relation_open(Oid relationId, LOCKMODE lockmode)
Definition: relation.c:48
ReturnSetInfo::setDesc
TupleDesc setDesc
Definition: execnodes.h:334
ReturnSetInfo::setResult
Tuplestorestate * setResult
Definition: execnodes.h:333
SnapshotData::xmin
TransactionId xmin
Definition: snapshot.h:157
table_close
void table_close(Relation relation, LOCKMODE lockmode)
Definition: table.c:126
table_open
Relation table_open(Oid relationId, LOCKMODE lockmode)
Definition: table.c:40
toast_close_indexes
void toast_close_indexes(Relation *toastidxs, int num_indexes, LOCKMODE lock)
Definition: toast_internals.c:624
toast_open_indexes
int toast_open_indexes(Relation toastrel, LOCKMODE lock, Relation **toastidxs, int *num_indexes)
Definition: toast_internals.c:565
InvalidTransactionId
#define InvalidTransactionId
Definition: transam.h:31
TransactionIdEquals
#define TransactionIdEquals(id1, id2)
Definition: transam.h:43
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:215
check_toasted_attribute
static void check_toasted_attribute(HeapCheckContext *ctx, ToastedAttribute *ta)
Definition: verify_heapam.c:1764
check_tuple
static void check_tuple(HeapCheckContext *ctx, bool *xmin_commit_status_ok, XidCommitStatus *xmin_commit_status)
Definition: verify_heapam.c:1824
visibilitymap_get_status
uint8 visibilitymap_get_status(Relation rel, BlockNumber heapBlk, Buffer *vmbuf)
Definition: visibilitymap.c:337
VISIBILITYMAP_ALL_FROZEN
#define VISIBILITYMAP_ALL_FROZEN
Definition: visibilitymapdefs.h:21
VISIBILITYMAP_ALL_VISIBLE
#define VISIBILITYMAP_ALL_VISIBLE
Definition: visibilitymapdefs.h:20
RecoveryInProgress
bool RecoveryInProgress(void)
Definition: xlog.c:5908

References AccessShareLock, Assert(), BAS_BULKREAD, BUFFER_LOCK_SHARE, BufferGetPage(), CHECK_FOR_INTERRUPTS, check_toasted_attribute(), check_tuple(), DEBUG1, ereport, errcode(), errdetail_relkind_not_supported(), errhint(), errmsg(), ERROR, fb(), FirstOffsetNumber, FullTransactionIdFromXidAndCtx(), GetAccessStrategy(), GetTransactionSnapshot(), HEAP_HOT_UPDATED, HeapTupleHeaderGetNatts, HeapTupleHeaderGetUpdateXid, HeapTupleHeaderGetXmin, HeapTupleHeaderIsHeapOnly, if(), InitMaterializedSRF(), InvalidBuffer, InvalidOffsetNumber, InvalidTransactionId, ItemIdGetLength, ItemIdGetOffset, ItemIdGetRedirect, ItemIdIsDead, ItemIdIsNormal, ItemIdIsRedirected, ItemIdIsUsed, ItemPointerGetBlockNumber(), ItemPointerGetOffsetNumber(), lfirst, list_free_deep(), LockBuffer(), MAIN_FORKNUM, MAXALIGN, MaxOffsetNumber, NIL, OffsetNumberNext, PageGetItem(), PageGetItemId(), PageGetMaxOffsetNumber(), PG_ARGISNULL, PG_GETARG_BOOL, PG_GETARG_INT64, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_NULL, pg_strcasecmp(), psprintf(), RBM_NORMAL, ReadBufferExtended(), RecoveryInProgress(), relation_close(), relation_open(), RelationGetNumberOfBlocks, RelationGetRelationName, ReleaseBuffer(), report_corruption(), ReturnSetInfo::setDesc, ReturnSetInfo::setResult, SizeofHeapTupleHeader, skip, SKIP_PAGES_ALL_FROZEN, SKIP_PAGES_ALL_VISIBLE, SKIP_PAGES_NONE, HeapTupleHeaderData::t_infomask2, table_close(), table_open(), text_to_cstring(), toast_close_indexes(), toast_open_indexes(), TransactionIdEquals, TransactionIdIsInProgress(), TransactionIdIsNormal, TransactionIdIsValid, UnlockReleaseBuffer(), update_cached_mxid_range(), update_cached_xid_range(), VISIBILITYMAP_ALL_FROZEN, VISIBILITYMAP_ALL_VISIBLE, visibilitymap_get_status(), XID_ABORTED, XID_COMMITTED, XID_IN_PROGRESS, and SnapshotData::xmin.