NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitadf6d5d

committed

Fix visibility check when XID is committed in CLOG but not in procarray.

TransactionIdIsInProgress had a fast path to return 'false' if thesingle-item CLOG cache said that the transaction was known to becommitted. However, that was wrong, because a transaction is firstmarked as committed in the CLOG but doesn't become visible to othersuntil it has removed its XID from the proc array. That could lead to anerror: ERROR: t_xmin is uncommitted in tuple to be updatedor for an UPDATE to go ahead without blocking, before the previousUPDATE on the same row was made visible.The window is usually very short, but synchronous replication makes itmuch wider, because the wait for synchronous replica happens in thatwindow.Another thing that makes it hard to hit is that it's hard to get sucha commit-in-progress transaction into the single item CLOG cache.Normally, if you call TransactionIdIsInProgress on such a transaction,it determines that the XID is in progress without checking the CLOGand without populating the cache. One way to prime the cache is toexplicitly call pg_xact_status() on the XID. Another way is to use alot of subtransactions, so that the subxid cache in the proc array isoverflown, making TransactionIdIsInProgress rely on pg_subtrans andCLOG checks.This has been broken ever since it was introduced in 2008, but the racecondition is very hard to hit, especially without synchronousreplication. There were a couple of reports of the error starting fromsummer 2021, but no one was able to find the root cause then.TransactionIdIsKnownCompleted() is now unused. In 'master', remove it,but I left it in place in backbranches in case it's used by extensions.Also change pg_xact_status() to check TransactionIdIsInProgress().Previously, it only checked the CLOG, and returned "committed" beforethe transaction was actually made visible to other queries. Note thatthis also means that you cannot use pg_xact_status() to reproduce thebug anymore, even if the code wasn't fixed.Report and analysis by Konstantin Knizhnik. Patch by Simon Riggs, withthe pg_xact_status() change added by me.Author: Simon RiggsReviewed-by: Andres FreundDiscussion:https://www.postgresql.org/message-id/flat/4da7913d-398c-e2ad-d777-f752cf7f0bbb%40garret.ru

1 parent7201cd1 commitadf6d5dCopy full SHA for adf6d5d

File tree

4 files changed

+23

-47

lines changed

src
- backend
  - access/transam
    - transam.c
  - storage/ipc
    - procarray.c
  - utils/adt
    - xid8funcs.c
- include/access
  - transam.h

4 files changed

+23

-47

lines changed

`‎src/backend/access/transam/transam.c‎`

Lines changed: 0 additions & 27 deletions

Original file line number	Diff line number	Diff line change
`@@ -219,33 +219,6 @@ TransactionIdDidAbort(TransactionId transactionId)`
`219`	`219`	`return false;`
`220`	`220`	`}`
`221`	`221`
`222`		`-/*`
`223`		`- * TransactionIdIsKnownCompleted`
`224`		`- *True iff transaction associated with the identifier is currently`
`225`		`- *known to have either committed or aborted.`
`226`		`- *`
`227`		`- * This does NOT look into pg_xact but merely probes our local cache`
`228`		`- * (and so it's not named TransactionIdDidComplete, which would be the`
`229`		`- * appropriate name for a function that worked that way). The intended`
`230`		`- * use is just to short-circuit TransactionIdIsInProgress calls when doing`
`231`		`- * repeated heapam_visibility.c checks for the same XID. If this isn't`
`232`		`- * extremely fast then it will be counterproductive.`
`233`		`- *`
`234`		`- * Note:`
`235`		`- *Assumes transaction identifier is valid.`
`236`		`- */`
`237`		`-bool`
`238`		`-TransactionIdIsKnownCompleted(TransactionIdtransactionId)`
`239`		`-{`
`240`		`-if (TransactionIdEquals(transactionId,cachedFetchXid))`
`241`		`-{`
`242`		`-/* If it's in the cache at all, it must be completed. */`
`243`		`-return true;`
`244`		`-}`
`245`		`-`
`246`		`-return false;`
`247`		`-}`
`248`		`-`
`249`	`222`	`/*`
`250`	`223`	`* TransactionIdCommitTree`
`251`	`224`	`*Marks the given transaction and children as committed`

`‎src/backend/storage/ipc/procarray.c‎`

Lines changed: 11 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -261,6 +261,11 @@ static ProcArrayStruct *procArray;`
`261`	`261`
`262`	`262`	`staticPGPROC*allProcs;`
`263`	`263`
	`264`	`+/*`
	`265`	`+ * Cache to reduce overhead of repeated calls to TransactionIdIsInProgress()`
	`266`	`+ */`
	`267`	`+staticTransactionIdcachedXidIsNotInProgress=InvalidTransactionId;`
	`268`	`+`
`264`	`269`	`/*`
`265`	`270`	`* Bookkeeping for tracking emulated transactions in recovery`
`266`	`271`	`*/`
`@@ -1396,7 +1401,7 @@ TransactionIdIsInProgress(TransactionId xid)`
`1396`	`1401`	`* already known to be completed, we can fall out without any access to`
`1397`	`1402`	`* shared memory.`
`1398`	`1403`	`*/`
`1399`		`-if (TransactionIdIsKnownCompleted(xid))`
	`1404`	`+if (TransactionIdEquals(cachedXidIsNotInProgress,xid))`
`1400`	`1405`	`{`
`1401`	`1406`	`xc_by_known_xact_inc();`
`1402`	`1407`	`return false;`
`@@ -1554,6 +1559,7 @@ TransactionIdIsInProgress(TransactionId xid)`
`1554`	`1559`	`if (nxids==0)`
`1555`	`1560`	`{`
`1556`	`1561`	`xc_no_overflow_inc();`
	`1562`	`+cachedXidIsNotInProgress=xid;`
`1557`	`1563`	`return false;`
`1558`	`1564`	`}`
`1559`	`1565`
`@@ -1568,7 +1574,10 @@ TransactionIdIsInProgress(TransactionId xid)`
`1568`	`1574`	`xc_slow_answer_inc();`
`1569`	`1575`
`1570`	`1576`	`if (TransactionIdDidAbort(xid))`
	`1577`	`+{`
	`1578`	`+cachedXidIsNotInProgress=xid;`
`1571`	`1579`	`return false;`
	`1580`	`+}`
`1572`	`1581`
`1573`	`1582`	`/*`
`1574`	`1583`	`* It isn't aborted, so check whether the transaction tree it belongs to`
`@@ -1586,6 +1595,7 @@ TransactionIdIsInProgress(TransactionId xid)`
`1586`	`1595`	`}`
`1587`	`1596`	`}`
`1588`	`1597`
	`1598`	`+cachedXidIsNotInProgress=xid;`
`1589`	`1599`	`return false;`
`1590`	`1600`	`}`
`1591`	`1601`

`‎src/backend/utils/adt/xid8funcs.c‎`

Lines changed: 12 additions & 18 deletions

Original file line number	Diff line number	Diff line change
`@@ -36,6 +36,7 @@`
`36`	`36`	`#include"miscadmin.h"`
`37`	`37`	`#include"postmaster/postmaster.h"`
`38`	`38`	`#include"storage/lwlock.h"`
	`39`	`+#include"storage/procarray.h"`
`39`	`40`	`#include"utils/builtins.h"`
`40`	`41`	`#include"utils/memutils.h"`
`41`	`42`	`#include"utils/snapmgr.h"`
`@@ -676,29 +677,22 @@ pg_xact_status(PG_FUNCTION_ARGS)`
`676`	`677`	`{`
`677`	`678`	`Assert(TransactionIdIsValid(xid));`
`678`	`679`
`679`		`-if (TransactionIdIsCurrentTransactionId(xid))`
	`680`	`+/*`
	`681`	`+ * Like when doing visiblity checks on a row, check whether the`
	`682`	`+ * transaction is still in progress before looking into the CLOG.`
	`683`	`+ * Otherwise we would incorrectly return "committed" for a transaction`
	`684`	`+ * that is committing and has already updated the CLOG, but hasn't`
	`685`	`+ * removed its XID from the proc array yet. (See comment on that race`
	`686`	`+ * condition at the top of heapam_visibility.c)`
	`687`	`+ */`
	`688`	`+if (TransactionIdIsInProgress(xid))`
`680`	`689`	`status="in progress";`
`681`	`690`	`elseif (TransactionIdDidCommit(xid))`
`682`	`691`	`status="committed";`
`683`		`-elseif (TransactionIdDidAbort(xid))`
`684`		`-status="aborted";`
`685`	`692`	`else`
`686`	`693`	`{`
`687`		`-/*`
`688`		`- * The xact is not marked as either committed or aborted in clog.`
`689`		`- *`
`690`		`- * It could be a transaction that ended without updating clog or`
`691`		`- * writing an abort record due to a crash. We can safely assume`
`692`		`- * it's aborted if it isn't committed and is older than our`
`693`		`- * snapshot xmin.`
`694`		`- *`
`695`		`- * Otherwise it must be in-progress (or have been at the time we`
`696`		`- * checked commit/abort status).`
`697`		`- */`
`698`		`-if (TransactionIdPrecedes(xid,GetActiveSnapshot()->xmin))`
`699`		`-status="aborted";`
`700`		`-else`
`701`		`-status="in progress";`
	`694`	`+/* it must have aborted or crashed */`
	`695`	`+status="aborted";`
`702`	`696`	`}`
`703`	`697`	`}`
`704`	`698`	`else`

`‎src/include/access/transam.h‎`

Lines changed: 0 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -273,7 +273,6 @@ extern PGDLLIMPORT VariableCache ShmemVariableCache;`
`273`	`273`	`*/`
`274`	`274`	`externboolTransactionIdDidCommit(TransactionIdtransactionId);`
`275`	`275`	`externboolTransactionIdDidAbort(TransactionIdtransactionId);`
`276`		`-externboolTransactionIdIsKnownCompleted(TransactionIdtransactionId);`
`277`	`276`	`externvoidTransactionIdCommitTree(TransactionIdxid,intnxids,TransactionId*xids);`
`278`	`277`	`externvoidTransactionIdAsyncCommitTree(TransactionIdxid,intnxids,TransactionId*xids,XLogRecPtrlsn);`
`279`	`278`	`externvoidTransactionIdAbortTree(TransactionIdxid,intnxids,TransactionId*xids);`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitadf6d5d

File tree

4 files changed

4 files changed

`‎src/backend/access/transam/transam.c‎`

`‎src/backend/storage/ipc/procarray.c‎`

`‎src/backend/utils/adt/xid8funcs.c‎`

`‎src/include/access/transam.h‎`

0 commit comments