PostgreSQL Source Code  git master
xlogutils.c
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * xlogutils.c
4  *
5  * PostgreSQL write-ahead log manager utility routines
6  *
7  * This file contains support routines that are used by XLOG replay functions.
8  * None of this code is used during normal system operation.
9  *
10  *
11  * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
12  * Portions Copyright (c) 1994, Regents of the University of California
13  *
14  * src/backend/access/transam/xlogutils.c
15  *
16  *-------------------------------------------------------------------------
17  */
18 #include "postgres.h"
19 
20 #include <unistd.h>
21 
22 #include "access/timeline.h"
23 #include "access/xlog.h"
24 #include "access/xlog_internal.h"
25 #include "access/xlogutils.h"
26 #include "miscadmin.h"
27 #include "pgstat.h"
28 #include "storage/smgr.h"
29 #include "utils/guc.h"
30 #include "utils/hsearch.h"
31 #include "utils/rel.h"
32 
33 
34 /* GUC variable */
35 bool ignore_invalid_pages = false;
36 
37 /*
38  * During XLOG replay, we may see XLOG records for incremental updates of
39  * pages that no longer exist, because their relation was later dropped or
40  * truncated. (Note: this is only possible when full_page_writes = OFF,
41  * since when it's ON, the first reference we see to a page should always
42  * be a full-page rewrite not an incremental update.) Rather than simply
43  * ignoring such records, we make a note of the referenced page, and then
44  * complain if we don't actually see a drop or truncate covering the page
45  * later in replay.
46  */
47 typedef struct xl_invalid_page_key
48 {
49  RelFileNode node; /* the relation */
50  ForkNumber forkno; /* the fork number */
51  BlockNumber blkno; /* the page */
53 
54 typedef struct xl_invalid_page
55 {
56  xl_invalid_page_key key; /* hash key ... must be first */
57  bool present; /* page existed but contained zeroes */
59 
60 static HTAB *invalid_page_tab = NULL;
61 
62 
63 /* Report a reference to an invalid page */
64 static void
66  BlockNumber blkno, bool present)
67 {
68  char *path = relpathperm(node, forkno);
69 
70  if (present)
71  elog(elevel, "page %u of relation %s is uninitialized",
72  blkno, path);
73  else
74  elog(elevel, "page %u of relation %s does not exist",
75  blkno, path);
76  pfree(path);
77 }
78 
79 /* Log a reference to an invalid page */
80 static void
82  bool present)
83 {
85  xl_invalid_page *hentry;
86  bool found;
87 
88  /*
89  * Once recovery has reached a consistent state, the invalid-page table
90  * should be empty and remain so. If a reference to an invalid page is
91  * found after consistency is reached, PANIC immediately. This might seem
92  * aggressive, but it's better than letting the invalid reference linger
93  * in the hash table until the end of recovery and PANIC there, which
94  * might come only much later if this is a standby server.
95  */
97  {
98  report_invalid_page(WARNING, node, forkno, blkno, present);
100  "WAL contains references to invalid pages");
101  }
102 
103  /*
104  * Log references to invalid pages at DEBUG1 level. This allows some
105  * tracing of the cause (note the elog context mechanism will tell us
106  * something about the XLOG record that generated the reference).
107  */
109  report_invalid_page(DEBUG1, node, forkno, blkno, present);
110 
111  if (invalid_page_tab == NULL)
112  {
113  /* create hash table when first needed */
114  HASHCTL ctl;
115 
116  memset(&ctl, 0, sizeof(ctl));
117  ctl.keysize = sizeof(xl_invalid_page_key);
118  ctl.entrysize = sizeof(xl_invalid_page);
119 
120  invalid_page_tab = hash_create("XLOG invalid-page table",
121  100,
122  &ctl,
124  }
125 
126  /* we currently assume xl_invalid_page_key contains no padding */
127  key.node = node;
128  key.forkno = forkno;
129  key.blkno = blkno;
130  hentry = (xl_invalid_page *)
131  hash_search(invalid_page_tab, (void *) &key, HASH_ENTER, &found);
132 
133  if (!found)
134  {
135  /* hash_search already filled in the key */
136  hentry->present = present;
137  }
138  else
139  {
140  /* repeat reference ... leave "present" as it was */
141  }
142 }
143 
144 /* Forget any invalid pages >= minblkno, because they've been dropped */
145 static void
147 {
149  xl_invalid_page *hentry;
150 
151  if (invalid_page_tab == NULL)
152  return; /* nothing to do */
153 
154  hash_seq_init(&status, invalid_page_tab);
155 
156  while ((hentry = (xl_invalid_page *) hash_seq_search(&status)) != NULL)
157  {
158  if (RelFileNodeEquals(hentry->key.node, node) &&
159  hentry->key.forkno == forkno &&
160  hentry->key.blkno >= minblkno)
161  {
163  {
164  char *path = relpathperm(hentry->key.node, forkno);
165 
166  elog(DEBUG2, "page %u of relation %s has been dropped",
167  hentry->key.blkno, path);
168  pfree(path);
169  }
170 
171  if (hash_search(invalid_page_tab,
172  (void *) &hentry->key,
173  HASH_REMOVE, NULL) == NULL)
174  elog(ERROR, "hash table corrupted");
175  }
176  }
177 }
178 
179 /* Forget any invalid pages in a whole database */
180 static void
182 {
184  xl_invalid_page *hentry;
185 
186  if (invalid_page_tab == NULL)
187  return; /* nothing to do */
188 
189  hash_seq_init(&status, invalid_page_tab);
190 
191  while ((hentry = (xl_invalid_page *) hash_seq_search(&status)) != NULL)
192  {
193  if (hentry->key.node.dbNode == dbid)
194  {
196  {
197  char *path = relpathperm(hentry->key.node, hentry->key.forkno);
198 
199  elog(DEBUG2, "page %u of relation %s has been dropped",
200  hentry->key.blkno, path);
201  pfree(path);
202  }
203 
204  if (hash_search(invalid_page_tab,
205  (void *) &hentry->key,
206  HASH_REMOVE, NULL) == NULL)
207  elog(ERROR, "hash table corrupted");
208  }
209  }
210 }
211 
212 /* Are there any unresolved references to invalid pages? */
213 bool
215 {
216  if (invalid_page_tab != NULL &&
217  hash_get_num_entries(invalid_page_tab) > 0)
218  return true;
219  return false;
220 }
221 
222 /* Complain about any remaining invalid-page entries */
223 void
225 {
227  xl_invalid_page *hentry;
228  bool foundone = false;
229 
230  if (invalid_page_tab == NULL)
231  return; /* nothing to do */
232 
233  hash_seq_init(&status, invalid_page_tab);
234 
235  /*
236  * Our strategy is to emit WARNING messages for all remaining entries and
237  * only PANIC after we've dumped all the available info.
238  */
239  while ((hentry = (xl_invalid_page *) hash_seq_search(&status)) != NULL)
240  {
241  report_invalid_page(WARNING, hentry->key.node, hentry->key.forkno,
242  hentry->key.blkno, hentry->present);
243  foundone = true;
244  }
245 
246  if (foundone)
248  "WAL contains references to invalid pages");
249 
250  hash_destroy(invalid_page_tab);
251  invalid_page_tab = NULL;
252 }
253 
254 
255 /*
256  * XLogReadBufferForRedo
257  * Read a page during XLOG replay
258  *
259  * Reads a block referenced by a WAL record into shared buffer cache, and
260  * determines what needs to be done to redo the changes to it. If the WAL
261  * record includes a full-page image of the page, it is restored.
262  *
263  * 'lsn' is the LSN of the record being replayed. It is compared with the
264  * page's LSN to determine if the record has already been replayed.
265  * 'block_id' is the ID number the block was registered with, when the WAL
266  * record was created.
267  *
268  * Returns one of the following:
269  *
270  * BLK_NEEDS_REDO - changes from the WAL record need to be applied
271  * BLK_DONE - block doesn't need replaying
272  * BLK_RESTORED - block was restored from a full-page image included in
273  * the record
274  * BLK_NOTFOUND - block was not found (because it was truncated away by
275  * an operation later in the WAL stream)
276  *
277  * On return, the buffer is locked in exclusive-mode, and returned in *buf.
278  * Note that the buffer is locked and returned even if it doesn't need
279  * replaying. (Getting the buffer lock is not really necessary during
280  * single-process crash recovery, but some subroutines such as MarkBufferDirty
281  * will complain if we don't have the lock. In hot standby mode it's
282  * definitely necessary.)
283  *
284  * Note: when a backup block is available in XLOG with the BKPIMAGE_APPLY flag
285  * set, we restore it, even if the page in the database appears newer. This
286  * is to protect ourselves against database pages that were partially or
287  * incorrectly written during a crash. We assume that the XLOG data must be
288  * good because it has passed a CRC check, while the database page might not
289  * be. This will force us to replay all subsequent modifications of the page
290  * that appear in XLOG, rather than possibly ignoring them as already
291  * applied, but that's not a huge drawback.
292  */
295  Buffer *buf)
296 {
297  return XLogReadBufferForRedoExtended(record, block_id, RBM_NORMAL,
298  false, buf);
299 }
300 
301 /*
302  * Pin and lock a buffer referenced by a WAL record, for the purpose of
303  * re-initializing it.
304  */
305 Buffer
307 {
308  Buffer buf;
309 
310  XLogReadBufferForRedoExtended(record, block_id, RBM_ZERO_AND_LOCK, false,
311  &buf);
312  return buf;
313 }
314 
315 /*
316  * XLogReadBufferForRedoExtended
317  * Like XLogReadBufferForRedo, but with extra options.
318  *
319  * In RBM_ZERO_* modes, if the page doesn't exist, the relation is extended
320  * with all-zeroes pages up to the referenced block number. In
321  * RBM_ZERO_AND_LOCK and RBM_ZERO_AND_CLEANUP_LOCK modes, the return value
322  * is always BLK_NEEDS_REDO.
323  *
324  * (The RBM_ZERO_AND_CLEANUP_LOCK mode is redundant with the get_cleanup_lock
325  * parameter. Do not use an inconsistent combination!)
326  *
327  * If 'get_cleanup_lock' is true, a "cleanup lock" is acquired on the buffer
328  * using LockBufferForCleanup(), instead of a regular exclusive lock.
329  */
332  uint8 block_id,
333  ReadBufferMode mode, bool get_cleanup_lock,
334  Buffer *buf)
335 {
336  XLogRecPtr lsn = record->EndRecPtr;
337  RelFileNode rnode;
338  ForkNumber forknum;
340  Page page;
341  bool zeromode;
342  bool willinit;
343 
344  if (!XLogRecGetBlockTag(record, block_id, &rnode, &forknum, &blkno))
345  {
346  /* Caller specified a bogus block_id */
347  elog(PANIC, "failed to locate backup block with ID %d", block_id);
348  }
349 
350  /*
351  * Make sure that if the block is marked with WILL_INIT, the caller is
352  * going to initialize it. And vice versa.
353  */
354  zeromode = (mode == RBM_ZERO_AND_LOCK || mode == RBM_ZERO_AND_CLEANUP_LOCK);
355  willinit = (record->blocks[block_id].flags & BKPBLOCK_WILL_INIT) != 0;
356  if (willinit && !zeromode)
357  elog(PANIC, "block with WILL_INIT flag in WAL record must be zeroed by redo routine");
358  if (!willinit && zeromode)
359  elog(PANIC, "block to be initialized in redo routine must be marked with WILL_INIT flag in the WAL record");
360 
361  /* If it has a full-page image and it should be restored, do it. */
362  if (XLogRecBlockImageApply(record, block_id))
363  {
364  Assert(XLogRecHasBlockImage(record, block_id));
365  *buf = XLogReadBufferExtended(rnode, forknum, blkno,
366  get_cleanup_lock ? RBM_ZERO_AND_CLEANUP_LOCK : RBM_ZERO_AND_LOCK);
367  page = BufferGetPage(*buf);
368  if (!RestoreBlockImage(record, block_id, page))
369  elog(ERROR, "failed to restore block image");
370 
371  /*
372  * The page may be uninitialized. If so, we can't set the LSN because
373  * that would corrupt the page.
374  */
375  if (!PageIsNew(page))
376  {
377  PageSetLSN(page, lsn);
378  }
379 
380  MarkBufferDirty(*buf);
381 
382  /*
383  * At the end of crash recovery the init forks of unlogged relations
384  * are copied, without going through shared buffers. So we need to
385  * force the on-disk state of init forks to always be in sync with the
386  * state in shared buffers.
387  */
388  if (forknum == INIT_FORKNUM)
389  FlushOneBuffer(*buf);
390 
391  return BLK_RESTORED;
392  }
393  else
394  {
395  *buf = XLogReadBufferExtended(rnode, forknum, blkno, mode);
396  if (BufferIsValid(*buf))
397  {
398  if (mode != RBM_ZERO_AND_LOCK && mode != RBM_ZERO_AND_CLEANUP_LOCK)
399  {
400  if (get_cleanup_lock)
401  LockBufferForCleanup(*buf);
402  else
404  }
405  if (lsn <= PageGetLSN(BufferGetPage(*buf)))
406  return BLK_DONE;
407  else
408  return BLK_NEEDS_REDO;
409  }
410  else
411  return BLK_NOTFOUND;
412  }
413 }
414 
415 /*
416  * XLogReadBufferExtended
417  * Read a page during XLOG replay
418  *
419  * This is functionally comparable to ReadBufferExtended. There's some
420  * differences in the behavior wrt. the "mode" argument:
421  *
422  * In RBM_NORMAL mode, if the page doesn't exist, or contains all-zeroes, we
423  * return InvalidBuffer. In this case the caller should silently skip the
424  * update on this page. (In this situation, we expect that the page was later
425  * dropped or truncated. If we don't see evidence of that later in the WAL
426  * sequence, we'll complain at the end of WAL replay.)
427  *
428  * In RBM_ZERO_* modes, if the page doesn't exist, the relation is extended
429  * with all-zeroes pages up to the given block number.
430  *
431  * In RBM_NORMAL_NO_LOG mode, we return InvalidBuffer if the page doesn't
432  * exist, and we don't check for all-zeroes. Thus, no log entry is made
433  * to imply that the page should be dropped or truncated later.
434  *
435  * NB: A redo function should normally not call this directly. To get a page
436  * to modify, use XLogReadBufferForRedoExtended instead. It is important that
437  * all pages modified by a WAL record are registered in the WAL records, or
438  * they will be invisible to tools that that need to know which pages are
439  * modified.
440  */
441 Buffer
444 {
445  BlockNumber lastblock;
446  Buffer buffer;
447  SMgrRelation smgr;
448 
449  Assert(blkno != P_NEW);
450 
451  /* Open the relation at smgr level */
452  smgr = smgropen(rnode, InvalidBackendId);
453 
454  /*
455  * Create the target file if it doesn't already exist. This lets us cope
456  * if the replay sequence contains writes to a relation that is later
457  * deleted. (The original coding of this routine would instead suppress
458  * the writes, but that seems like it risks losing valuable data if the
459  * filesystem loses an inode during a crash. Better to write the data
460  * until we are actually told to delete the file.)
461  */
462  smgrcreate(smgr, forknum, true);
463 
464  lastblock = smgrnblocks(smgr, forknum);
465 
466  if (blkno < lastblock)
467  {
468  /* page exists in file */
469  buffer = ReadBufferWithoutRelcache(rnode, forknum, blkno,
470  mode, NULL);
471  }
472  else
473  {
474  /* hm, page doesn't exist in file */
475  if (mode == RBM_NORMAL)
476  {
477  log_invalid_page(rnode, forknum, blkno, false);
478  return InvalidBuffer;
479  }
480  if (mode == RBM_NORMAL_NO_LOG)
481  return InvalidBuffer;
482  /* OK to extend the file */
483  /* we do this in recovery only - no rel-extension lock needed */
485  buffer = InvalidBuffer;
486  do
487  {
488  if (buffer != InvalidBuffer)
489  {
490  if (mode == RBM_ZERO_AND_LOCK || mode == RBM_ZERO_AND_CLEANUP_LOCK)
492  ReleaseBuffer(buffer);
493  }
494  buffer = ReadBufferWithoutRelcache(rnode, forknum,
495  P_NEW, mode, NULL);
496  }
497  while (BufferGetBlockNumber(buffer) < blkno);
498  /* Handle the corner case that P_NEW returns non-consecutive pages */
499  if (BufferGetBlockNumber(buffer) != blkno)
500  {
501  if (mode == RBM_ZERO_AND_LOCK || mode == RBM_ZERO_AND_CLEANUP_LOCK)
503  ReleaseBuffer(buffer);
504  buffer = ReadBufferWithoutRelcache(rnode, forknum, blkno,
505  mode, NULL);
506  }
507  }
508 
509  if (mode == RBM_NORMAL)
510  {
511  /* check that page has been initialized */
512  Page page = (Page) BufferGetPage(buffer);
513 
514  /*
515  * We assume that PageIsNew is safe without a lock. During recovery,
516  * there should be no other backends that could modify the buffer at
517  * the same time.
518  */
519  if (PageIsNew(page))
520  {
521  ReleaseBuffer(buffer);
522  log_invalid_page(rnode, forknum, blkno, true);
523  return InvalidBuffer;
524  }
525  }
526 
527  return buffer;
528 }
529 
530 /*
531  * Struct actually returned by CreateFakeRelcacheEntry, though the declared
532  * return type is Relation.
533  */
534 typedef struct
535 {
536  RelationData reldata; /* Note: this must be first */
539 
541 
542 /*
543  * Create a fake relation cache entry for a physical relation
544  *
545  * It's often convenient to use the same functions in XLOG replay as in the
546  * main codepath, but those functions typically work with a relcache entry.
547  * We don't have a working relation cache during XLOG replay, but this
548  * function can be used to create a fake relcache entry instead. Only the
549  * fields related to physical storage, like rd_rel, are initialized, so the
550  * fake entry is only usable in low-level operations like ReadBuffer().
551  *
552  * This is also used for syncing WAL-skipped files.
553  *
554  * Caller must free the returned entry with FreeFakeRelcacheEntry().
555  */
556 Relation
558 {
559  FakeRelCacheEntry fakeentry;
560  Relation rel;
561 
562  /* Allocate the Relation struct and all related space in one block. */
563  fakeentry = palloc0(sizeof(FakeRelCacheEntryData));
564  rel = (Relation) fakeentry;
565 
566  rel->rd_rel = &fakeentry->pgc;
567  rel->rd_node = rnode;
568 
569  /*
570  * We will never be working with temp rels during recovery or while
571  * syncing WAL-skipped files.
572  */
574 
575  /* It must be a permanent table here */
576  rel->rd_rel->relpersistence = RELPERSISTENCE_PERMANENT;
577 
578  /* We don't know the name of the relation; use relfilenode instead */
579  sprintf(RelationGetRelationName(rel), "%u", rnode.relNode);
580 
581  /*
582  * We set up the lockRelId in case anything tries to lock the dummy
583  * relation. Note that this is fairly bogus since relNode may be
584  * different from the relation's OID. It shouldn't really matter though.
585  * In recovery, we are running by ourselves and can't have any lock
586  * conflicts. While syncing, we already hold AccessExclusiveLock.
587  */
588  rel->rd_lockInfo.lockRelId.dbId = rnode.dbNode;
589  rel->rd_lockInfo.lockRelId.relId = rnode.relNode;
590 
591  rel->rd_smgr = NULL;
592 
593  return rel;
594 }
595 
596 /*
597  * Free a fake relation cache entry.
598  */
599 void
601 {
602  /* make sure the fakerel is not referenced by the SmgrRelation anymore */
603  if (fakerel->rd_smgr != NULL)
604  smgrclearowner(&fakerel->rd_smgr, fakerel->rd_smgr);
605  pfree(fakerel);
606 }
607 
608 /*
609  * Drop a relation during XLOG replay
610  *
611  * This is called when the relation is about to be deleted; we need to remove
612  * any open "invalid-page" records for the relation.
613  */
614 void
616 {
617  forget_invalid_pages(rnode, forknum, 0);
618 }
619 
620 /*
621  * Drop a whole database during XLOG replay
622  *
623  * As above, but for DROP DATABASE instead of dropping a single rel
624  */
625 void
627 {
628  /*
629  * This is unnecessarily heavy-handed, as it will close SMgrRelation
630  * objects for other databases as well. DROP DATABASE occurs seldom enough
631  * that it's not worth introducing a variant of smgrclose for just this
632  * purpose. XXX: Or should we rather leave the smgr entries dangling?
633  */
634  smgrcloseall();
635 
637 }
638 
639 /*
640  * Truncate a relation during XLOG replay
641  *
642  * We need to clean up any open "invalid-page" records for the dropped pages.
643  */
644 void
646  BlockNumber nblocks)
647 {
648  forget_invalid_pages(rnode, forkNum, nblocks);
649 }
650 
651 /*
652  * Determine which timeline to read an xlog page from and set the
653  * XLogReaderState's currTLI to that timeline ID.
654  *
655  * We care about timelines in xlogreader when we might be reading xlog
656  * generated prior to a promotion, either if we're currently a standby in
657  * recovery or if we're a promoted master reading xlogs generated by the old
658  * master before our promotion.
659  *
660  * wantPage must be set to the start address of the page to read and
661  * wantLength to the amount of the page that will be read, up to
662  * XLOG_BLCKSZ. If the amount to be read isn't known, pass XLOG_BLCKSZ.
663  *
664  * We switch to an xlog segment from the new timeline eagerly when on a
665  * historical timeline, as soon as we reach the start of the xlog segment
666  * containing the timeline switch. The server copied the segment to the new
667  * timeline so all the data up to the switch point is the same, but there's no
668  * guarantee the old segment will still exist. It may have been deleted or
669  * renamed with a .partial suffix so we can't necessarily keep reading from
670  * the old TLI even though tliSwitchPoint says it's OK.
671  *
672  * We can't just check the timeline when we read a page on a different segment
673  * to the last page. We could've received a timeline switch from a cascading
674  * upstream, so the current segment ends abruptly (possibly getting renamed to
675  * .partial) and we have to switch to a new one. Even in the middle of reading
676  * a page we could have to dump the cached page and switch to a new TLI.
677  *
678  * Because of this, callers MAY NOT assume that currTLI is the timeline that
679  * will be in a page's xlp_tli; the page may begin on an older timeline or we
680  * might be reading from historical timeline data on a segment that's been
681  * copied to a new timeline.
682  *
683  * The caller must also make sure it doesn't read past the current replay
684  * position (using GetXLogReplayRecPtr) if executing in recovery, so it
685  * doesn't fail to notice that the current timeline became historical. The
686  * caller must also update ThisTimeLineID with the result of
687  * GetXLogReplayRecPtr and must check RecoveryInProgress().
688  */
689 void
691 {
692  const XLogRecPtr lastReadPage = (state->seg.ws_segno *
693  state->segcxt.ws_segsize + state->segoff);
694 
695  Assert(wantPage != InvalidXLogRecPtr && wantPage % XLOG_BLCKSZ == 0);
696  Assert(wantLength <= XLOG_BLCKSZ);
697  Assert(state->readLen == 0 || state->readLen <= XLOG_BLCKSZ);
698 
699  /*
700  * If the desired page is currently read in and valid, we have nothing to
701  * do.
702  *
703  * The caller should've ensured that it didn't previously advance readOff
704  * past the valid limit of this timeline, so it doesn't matter if the
705  * current TLI has since become historical.
706  */
707  if (lastReadPage == wantPage &&
708  state->readLen != 0 &&
709  lastReadPage + state->readLen >= wantPage + Min(wantLength, XLOG_BLCKSZ - 1))
710  return;
711 
712  /*
713  * If we're reading from the current timeline, it hasn't become historical
714  * and the page we're reading is after the last page read, we can again
715  * just carry on. (Seeking backwards requires a check to make sure the
716  * older page isn't on a prior timeline).
717  *
718  * ThisTimeLineID might've become historical since we last looked, but the
719  * caller is required not to read past the flush limit it saw at the time
720  * it looked up the timeline. There's nothing we can do about it if
721  * StartupXLOG() renames it to .partial concurrently.
722  */
723  if (state->currTLI == ThisTimeLineID && wantPage >= lastReadPage)
724  {
726  return;
727  }
728 
729  /*
730  * If we're just reading pages from a previously validated historical
731  * timeline and the timeline we're reading from is valid until the end of
732  * the current segment we can just keep reading.
733  */
734  if (state->currTLIValidUntil != InvalidXLogRecPtr &&
735  state->currTLI != ThisTimeLineID &&
736  state->currTLI != 0 &&
737  ((wantPage + wantLength) / state->segcxt.ws_segsize) <
738  (state->currTLIValidUntil / state->segcxt.ws_segsize))
739  return;
740 
741  /*
742  * If we reach this point we're either looking up a page for random
743  * access, the current timeline just became historical, or we're reading
744  * from a new segment containing a timeline switch. In all cases we need
745  * to determine the newest timeline on the segment.
746  *
747  * If it's the current timeline we can just keep reading from here unless
748  * we detect a timeline switch that makes the current timeline historical.
749  * If it's a historical timeline we can read all the segment on the newest
750  * timeline because it contains all the old timelines' data too. So only
751  * one switch check is required.
752  */
753  {
754  /*
755  * We need to re-read the timeline history in case it's been changed
756  * by a promotion or replay from a cascaded replica.
757  */
758  List *timelineHistory = readTimeLineHistory(ThisTimeLineID);
759  XLogRecPtr endOfSegment;
760 
761  endOfSegment = ((wantPage / state->segcxt.ws_segsize) + 1) *
762  state->segcxt.ws_segsize - 1;
763  Assert(wantPage / state->segcxt.ws_segsize ==
764  endOfSegment / state->segcxt.ws_segsize);
765 
766  /*
767  * Find the timeline of the last LSN on the segment containing
768  * wantPage.
769  */
770  state->currTLI = tliOfPointInHistory(endOfSegment, timelineHistory);
771  state->currTLIValidUntil = tliSwitchPoint(state->currTLI, timelineHistory,
772  &state->nextTLI);
773 
775  wantPage + wantLength < state->currTLIValidUntil);
776 
777  list_free_deep(timelineHistory);
778 
779  elog(DEBUG3, "switched to timeline %u valid until %X/%X",
780  state->currTLI,
781  (uint32) (state->currTLIValidUntil >> 32),
782  (uint32) (state->currTLIValidUntil));
783  }
784 }
785 
786 /* XLogReaderRoutine->segment_open callback for local pg_wal files */
787 void
789  TimeLineID *tli_p)
790 {
791  TimeLineID tli = *tli_p;
792  char path[MAXPGPATH];
793 
794  XLogFilePath(path, tli, nextSegNo, state->segcxt.ws_segsize);
795  state->seg.ws_file = BasicOpenFile(path, O_RDONLY | PG_BINARY);
796  if (state->seg.ws_file >= 0)
797  return;
798 
799  if (errno == ENOENT)
800  ereport(ERROR,
802  errmsg("requested WAL segment %s has already been removed",
803  path)));
804  else
805  ereport(ERROR,
807  errmsg("could not open file \"%s\": %m",
808  path)));
809 }
810 
811 /* stock XLogReaderRoutine->segment_close callback */
812 void
814 {
815  close(state->seg.ws_file);
816  /* need to check errno? */
817  state->seg.ws_file = -1;
818 }
819 
820 /*
821  * XLogReaderRoutine->page_read callback for reading local xlog files
822  *
823  * Public because it would likely be very helpful for someone writing another
824  * output method outside walsender, e.g. in a bgworker.
825  *
826  * TODO: The walsender has its own version of this, but it relies on the
827  * walsender's latch being set whenever WAL is flushed. No such infrastructure
828  * exists for normal backends, so we have to do a check/sleep/repeat style of
829  * loop for now.
830  */
831 int
833  int reqLen, XLogRecPtr targetRecPtr, char *cur_page)
834 {
835  XLogRecPtr read_upto,
836  loc;
837  TimeLineID tli;
838  int count;
839  WALReadError errinfo;
840 
841  loc = targetPagePtr + reqLen;
842 
843  /* Loop waiting for xlog to be available if necessary */
844  while (1)
845  {
846  /*
847  * Determine the limit of xlog we can currently read to, and what the
848  * most recent timeline is.
849  *
850  * RecoveryInProgress() will update ThisTimeLineID when it first
851  * notices recovery finishes, so we only have to maintain it for the
852  * local process until recovery ends.
853  */
854  if (!RecoveryInProgress())
855  read_upto = GetFlushRecPtr();
856  else
857  read_upto = GetXLogReplayRecPtr(&ThisTimeLineID);
858  tli = ThisTimeLineID;
859 
860  /*
861  * Check which timeline to get the record from.
862  *
863  * We have to do it each time through the loop because if we're in
864  * recovery as a cascading standby, the current timeline might've
865  * become historical. We can't rely on RecoveryInProgress() because in
866  * a standby configuration like
867  *
868  * A => B => C
869  *
870  * if we're a logical decoding session on C, and B gets promoted, our
871  * timeline will change while we remain in recovery.
872  *
873  * We can't just keep reading from the old timeline as the last WAL
874  * archive in the timeline will get renamed to .partial by
875  * StartupXLOG().
876  *
877  * If that happens after our caller updated ThisTimeLineID but before
878  * we actually read the xlog page, we might still try to read from the
879  * old (now renamed) segment and fail. There's not much we can do
880  * about this, but it can only happen when we're a leaf of a cascading
881  * standby whose master gets promoted while we're decoding, so a
882  * one-off ERROR isn't too bad.
883  */
884  XLogReadDetermineTimeline(state, targetPagePtr, reqLen);
885 
886  if (state->currTLI == ThisTimeLineID)
887  {
888 
889  if (loc <= read_upto)
890  break;
891 
893  pg_usleep(1000L);
894  }
895  else
896  {
897  /*
898  * We're on a historical timeline, so limit reading to the switch
899  * point where we moved to the next timeline.
900  *
901  * We don't need to GetFlushRecPtr or GetXLogReplayRecPtr. We know
902  * about the new timeline, so we must've received past the end of
903  * it.
904  */
905  read_upto = state->currTLIValidUntil;
906 
907  /*
908  * Setting tli to our wanted record's TLI is slightly wrong; the
909  * page might begin on an older timeline if it contains a timeline
910  * switch, since its xlog segment will have been copied from the
911  * prior timeline. This is pretty harmless though, as nothing
912  * cares so long as the timeline doesn't go backwards. We should
913  * read the page header instead; FIXME someday.
914  */
915  tli = state->currTLI;
916 
917  /* No need to wait on a historical timeline */
918  break;
919  }
920  }
921 
922  if (targetPagePtr + XLOG_BLCKSZ <= read_upto)
923  {
924  /*
925  * more than one block available; read only that block, have caller
926  * come back if they need more.
927  */
928  count = XLOG_BLCKSZ;
929  }
930  else if (targetPagePtr + reqLen > read_upto)
931  {
932  /* not enough data there */
933  return -1;
934  }
935  else
936  {
937  /* enough bytes available to satisfy the request */
938  count = read_upto - targetPagePtr;
939  }
940 
941  /*
942  * Even though we just determined how much of the page can be validly read
943  * as 'count', read the whole page anyway. It's guaranteed to be
944  * zero-padded up to the page boundary if it's incomplete.
945  */
946  if (!WALRead(state, cur_page, targetPagePtr, XLOG_BLCKSZ, tli,
947  &errinfo))
948  WALReadRaiseError(&errinfo);
949 
950  /* number of valid bytes in the buffer */
951  return count;
952 }
953 
954 /*
955  * Backend-specific convenience code to handle read errors encountered by
956  * WALRead().
957  */
958 void
960 {
961  WALOpenSegment *seg = &errinfo->wre_seg;
962  char fname[MAXFNAMELEN];
963 
964  XLogFileName(fname, seg->ws_tli, seg->ws_segno, wal_segment_size);
965 
966  if (errinfo->wre_read < 0)
967  {
968  errno = errinfo->wre_errno;
969  ereport(ERROR,
971  errmsg("could not read from log segment %s, offset %u: %m",
972  fname, errinfo->wre_off)));
973  }
974  else if (errinfo->wre_read == 0)
975  {
976  ereport(ERROR,
978  errmsg("could not read from log segment %s, offset %u: read %d of %zu",
979  fname, errinfo->wre_off, errinfo->wre_read,
980  (Size) errinfo->wre_req)));
981  }
982 }
WALOpenSegment wre_seg
Definition: xlogreader.h:293
bool XLogHaveInvalidPages(void)
Definition: xlogutils.c:214
void XLogTruncateRelation(RelFileNode rnode, ForkNumber forkNum, BlockNumber nblocks)
Definition: xlogutils.c:645
static PgChecksumMode mode
Definition: pg_checksums.c:61
#define BUFFER_LOCK_UNLOCK
Definition: bufmgr.h:96
void hash_destroy(HTAB *hashp)
Definition: dynahash.c:816
void LockBufferForCleanup(Buffer buffer)
Definition: bufmgr.c:3779
LockRelId lockRelId
Definition: rel.h:44
#define relpathperm(rnode, forknum)
Definition: relpath.h:83
#define InvalidXLogRecPtr
Definition: xlogdefs.h:28
TimeLineID tliOfPointInHistory(XLogRecPtr ptr, List *history)
Definition: timeline.c:552
#define DEBUG1
Definition: elog.h:25
void smgrcreate(SMgrRelation reln, ForkNumber forknum, bool isRedo)
Definition: smgr.c:333
void wal_segment_close(XLogReaderState *state)
Definition: xlogutils.c:813
uint32 TimeLineID
Definition: xlogdefs.h:52
void smgrclearowner(SMgrRelation *owner, SMgrRelation reln)
Definition: smgr.c:227
RelationData reldata
Definition: xlogutils.c:536
struct xl_invalid_page xl_invalid_page
#define HASH_ELEM
Definition: hsearch.h:87
int wal_segment_size
Definition: xlog.c:116
#define DEBUG3
Definition: elog.h:23
#define XLogRecHasBlockImage(decoder, block_id)
Definition: xlogreader.h:316
void MarkBufferDirty(Buffer buffer)
Definition: bufmgr.c:1468
static void forget_invalid_pages_db(Oid dbid)
Definition: xlogutils.c:181
struct SMgrRelationData * rd_smgr
Definition: rel.h:57
void XLogCheckInvalidPages(void)
Definition: xlogutils.c:224
bool InRecovery
Definition: xlog.c:204
#define Min(x, y)
Definition: c.h:920
Oid dbId
Definition: rel.h:39
void WALReadRaiseError(WALReadError *errinfo)
Definition: xlogutils.c:959
List * readTimeLineHistory(TimeLineID targetTLI)
Definition: timeline.c:76
Buffer XLogReadBufferExtended(RelFileNode rnode, ForkNumber forknum, BlockNumber blkno, ReadBufferMode mode)
Definition: xlogutils.c:442
unsigned char uint8
Definition: c.h:365
#define InvalidBuffer
Definition: buf.h:25
Size entrysize
Definition: hsearch.h:73
Buffer ReadBufferWithoutRelcache(RelFileNode rnode, ForkNumber forkNum, BlockNumber blockNum, ReadBufferMode mode, BufferAccessStrategy strategy)
Definition: bufmgr.c:694
void wal_segment_open(XLogReaderState *state, XLogSegNo nextSegNo, TimeLineID *tli_p)
Definition: xlogutils.c:788
int errcode(int sqlerrcode)
Definition: elog.c:610
struct xl_invalid_page_key xl_invalid_page_key
long hash_get_num_entries(HTAB *hashp)
Definition: dynahash.c:1337
XLogRecPtr GetFlushRecPtr(void)
Definition: xlog.c:8420
uint32 BlockNumber
Definition: block.h:31
void ReleaseBuffer(Buffer buffer)
Definition: bufmgr.c:3483
ForkNumber forkno
Definition: xlogutils.c:50
#define P_NEW
Definition: bufmgr.h:91
void * hash_search(HTAB *hashp, const void *keyPtr, HASHACTION action, bool *foundPtr)
Definition: dynahash.c:908
#define BUFFER_LOCK_EXCLUSIVE
Definition: bufmgr.h:98
Form_pg_class rd_rel
Definition: rel.h:109
unsigned int Oid
Definition: postgres_ext.h:31
bool RecoveryInProgress(void)
Definition: xlog.c:8069
#define PANIC
Definition: elog.h:53
void list_free_deep(List *list)
Definition: list.c:1390
#define PG_BINARY
Definition: c.h:1234
void XLogReadDetermineTimeline(XLogReaderState *state, XLogRecPtr wantPage, uint32 wantLength)
Definition: xlogutils.c:690
XLogRecPtr EndRecPtr
Definition: xlogreader.h:176
void smgrcloseall(void)
Definition: smgr.c:286
#define sprintf
Definition: port.h:195
WALOpenSegment seg
Definition: xlogreader.h:213
RelFileNode node
Definition: xlogutils.c:49
void pg_usleep(long microsec)
Definition: signal.c:53
Definition: dynahash.c:210
struct RelationData * Relation
Definition: relcache.h:27
void pfree(void *pointer)
Definition: mcxt.c:1056
static void report_invalid_page(int elevel, RelFileNode node, ForkNumber forkno, BlockNumber blkno, bool present)
Definition: xlogutils.c:65
#define ERROR
Definition: elog.h:43
Buffer XLogInitBufferForRedo(XLogReaderState *record, uint8 block_id)
Definition: xlogutils.c:306
static void log_invalid_page(RelFileNode node, ForkNumber forkno, BlockNumber blkno, bool present)
Definition: xlogutils.c:81
#define MAXPGPATH
XLogRecPtr GetXLogReplayRecPtr(TimeLineID *replayTLI)
Definition: xlog.c:11463
#define DEBUG2
Definition: elog.h:24
Relation CreateFakeRelcacheEntry(RelFileNode rnode)
Definition: xlogutils.c:557
static void forget_invalid_pages(RelFileNode node, ForkNumber forkno, BlockNumber minblkno)
Definition: xlogutils.c:146
LockInfoData rd_lockInfo
Definition: rel.h:112
static char * buf
Definition: pg_test_fsync.c:67
uint64 XLogSegNo
Definition: xlogdefs.h:41
BlockNumber blkno
Definition: xlogutils.c:51
xl_invalid_page_key key
Definition: xlogutils.c:56
XLogSegNo ws_segno
Definition: xlogreader.h:47
int errcode_for_file_access(void)
Definition: elog.c:633
XLogRecPtr currTLIValidUntil
Definition: xlogreader.h:236
#define RelationGetRelationName(relation)
Definition: rel.h:490
unsigned int uint32
Definition: c.h:367
#define BufferGetPage(buffer)
Definition: bufmgr.h:169
#define BKPBLOCK_WILL_INIT
Definition: xlogrecord.h:182
bool ignore_invalid_pages
Definition: xlogutils.c:35
SMgrRelation smgropen(RelFileNode rnode, BackendId backend)
Definition: smgr.c:145
ForkNumber
Definition: relpath.h:40
#define ERRCODE_DATA_CORRUPTED
Definition: pg_basebackup.c:45
#define WARNING
Definition: elog.h:40
ReadBufferMode
Definition: bufmgr.h:37
void FreeFakeRelcacheEntry(Relation fakerel)
Definition: xlogutils.c:600
#define MAXFNAMELEN
static int elevel
Definition: vacuumlazy.c:323
TimeLineID nextTLI
Definition: xlogreader.h:242
bool XLogRecGetBlockTag(XLogReaderState *record, uint8 block_id, RelFileNode *rnode, ForkNumber *forknum, BlockNumber *blknum)
Definition: xlogreader.c:1490
#define HASH_BLOBS
Definition: hsearch.h:88
#define InvalidBackendId
Definition: backendid.h:23
void * palloc0(Size size)
Definition: mcxt.c:980
HTAB * hash_create(const char *tabname, long nelem, HASHCTL *info, int flags)
Definition: dynahash.c:318
void LockBuffer(Buffer buffer, int mode)
Definition: bufmgr.c:3722
Size keysize
Definition: hsearch.h:72
XLogRecPtr tliSwitchPoint(TimeLineID tli, List *history, TimeLineID *nextTLI)
Definition: timeline.c:580
int log_min_messages
Definition: guc.c:543
TimeLineID ThisTimeLineID
Definition: xlog.c:191
#define ereport(elevel,...)
Definition: elog.h:144
TimeLineID currTLI
Definition: xlogreader.h:226
XLogRedoAction XLogReadBufferForRedo(XLogReaderState *record, uint8 block_id, Buffer *buf)
Definition: xlogutils.c:294
RelFileNode rd_node
Definition: rel.h:55
bool reachedConsistency
Definition: xlog.c:869
BlockNumber smgrnblocks(SMgrRelation reln, ForkNumber forknum)
Definition: smgr.c:538
FakeRelCacheEntryData * FakeRelCacheEntry
Definition: xlogutils.c:540
uint64 XLogRecPtr
Definition: xlogdefs.h:21
BackendId rd_backend
Definition: rel.h:59
#define Assert(condition)
Definition: c.h:738
Definition: regguts.h:298
XLogRedoAction
Definition: xlogutils.h:27
size_t Size
Definition: c.h:466
#define XLogFileName(fname, tli, logSegNo, wal_segsz_bytes)
#define BufferIsValid(bufnum)
Definition: bufmgr.h:123
void * hash_seq_search(HASH_SEQ_STATUS *status)
Definition: dynahash.c:1391
void hash_seq_init(HASH_SEQ_STATUS *status, HTAB *hashp)
Definition: dynahash.c:1381
TimeLineID ws_tli
Definition: xlogreader.h:48
void FlushOneBuffer(Buffer buffer)
Definition: bufmgr.c:3463
bool RestoreBlockImage(XLogReaderState *record, uint8 block_id, char *page)
Definition: xlogreader.c:1543
#define PageGetLSN(page)
Definition: bufpage.h:366
int BasicOpenFile(const char *fileName, int fileFlags)
Definition: fd.c:983
FormData_pg_class
Definition: pg_class.h:142
#define XLogFilePath(path, tli, logSegNo, wal_segsz_bytes)
BlockNumber BufferGetBlockNumber(Buffer buffer)
Definition: bufmgr.c:2633
void XLogDropRelation(RelFileNode rnode, ForkNumber forknum)
Definition: xlogutils.c:615
#define PageIsNew(page)
Definition: bufpage.h:229
int errmsg(const char *fmt,...)
Definition: elog.c:824
XLogRedoAction XLogReadBufferForRedoExtended(XLogReaderState *record, uint8 block_id, ReadBufferMode mode, bool get_cleanup_lock, Buffer *buf)
Definition: xlogutils.c:331
void XLogDropDatabase(Oid dbid)
Definition: xlogutils.c:626
#define elog(elevel,...)
Definition: elog.h:214
static HTAB * invalid_page_tab
Definition: xlogutils.c:60
FormData_pg_class pgc
Definition: xlogutils.c:537
int client_min_messages
Definition: guc.c:544
bool WALRead(XLogReaderState *state, char *buf, XLogRecPtr startptr, Size count, TimeLineID tli, WALReadError *errinfo)
Definition: xlogreader.c:1060
WALSegmentContext segcxt
Definition: xlogreader.h:212
#define CHECK_FOR_INTERRUPTS()
Definition: miscadmin.h:99
#define XLogRecBlockImageApply(decoder, block_id)
Definition: xlogreader.h:318
#define close(a)
Definition: win32.h:12
static void static void status(const char *fmt,...) pg_attribute_printf(1
Definition: pg_regress.c:225
int read_local_xlog_page(XLogReaderState *state, XLogRecPtr targetPagePtr, int reqLen, XLogRecPtr targetRecPtr, char *cur_page)
Definition: xlogutils.c:832
#define PageSetLSN(page, lsn)
Definition: bufpage.h:368
Definition: pg_list.h:50
int Buffer
Definition: buf.h:23
Pointer Page
Definition: bufpage.h:78
#define RelFileNodeEquals(node1, node2)
Definition: relfilenode.h:88
DecodedBkpBlock blocks[XLR_MAX_BLOCK_ID+1]
Definition: xlogreader.h:195
Oid relId
Definition: rel.h:38