| blob | 5bb5ebba23057ae77b88b7dfa186e3107fd3bdf2 |
1 /*-------------------------------------------------------------------------
2 *
3 * rewriteheap.c
4 * Support functions to rewrite tables.
5 *
6 * These functions provide a facility to completely rewrite a heap, while
7 * preserving visibility information and update chains.
8 *
9 * INTERFACE
10 *
11 * The caller is responsible for creating the new heap, all catalog
12 * changes, supplying the tuples to be written to the new heap, and
13 * rebuilding indexes. The caller must hold AccessExclusiveLock on the
14 * target table, because we assume no one else is writing into it.
15 *
16 * To use the facility:
17 *
18 * begin_heap_rewrite
19 * while (fetch next tuple)
20 * {
21 * if (tuple is dead)
22 * rewrite_heap_dead_tuple
23 * else
24 * {
25 * // do any transformations here if required
26 * rewrite_heap_tuple
27 * }
28 * }
29 * end_heap_rewrite
30 *
31 * The contents of the new relation shouldn't be relied on until after
32 * end_heap_rewrite is called.
33 *
34 *
35 * IMPLEMENTATION
36 *
37 * This would be a fairly trivial affair, except that we need to maintain
38 * the ctid chains that link versions of an updated tuple together.
39 * Since the newly stored tuples will have tids different from the original
40 * ones, if we just copied t_ctid fields to the new table the links would
41 * be wrong. When we are required to copy a (presumably recently-dead or
42 * delete-in-progress) tuple whose ctid doesn't point to itself, we have
43 * to substitute the correct ctid instead.
44 *
45 * For each ctid reference from A -> B, we might encounter either A first
46 * or B first. (Note that a tuple in the middle of a chain is both A and B
47 * of different pairs.)
48 *
49 * If we encounter A first, we'll store the tuple in the unresolved_tups
50 * hash table. When we later encounter B, we remove A from the hash table,
51 * fix the ctid to point to the new location of B, and insert both A and B
52 * to the new heap.
53 *
54 * If we encounter B first, we can insert B to the new heap right away.
55 * We then add an entry to the old_new_tid_map hash table showing B's
56 * original tid (in the old heap) and new tid (in the new heap).
57 * When we later encounter A, we get the new location of B from the table,
58 * and can write A immediately with the correct ctid.
59 *
60 * Entries in the hash tables can be removed as soon as the later tuple
61 * is encountered. That helps to keep the memory usage down. At the end,
62 * both tables are usually empty; we should have encountered both A and B
63 * of each pair. However, it's possible for A to be RECENTLY_DEAD and B
64 * entirely DEAD according to HeapTupleSatisfiesVacuum, because the test
65 * for deadness using OldestXmin is not exact. In such a case we might
66 * encounter B first, and skip it, and find A later. Then A would be added
67 * to unresolved_tups, and stay there until end of the rewrite. Since
68 * this case is very unusual, we don't worry about the memory usage.
69 *
70 * Using in-memory hash tables means that we use some memory for each live
71 * update chain in the table, from the time we find one end of the
72 * reference until we find the other end. That shouldn't be a problem in
73 * practice, but if you do something like an UPDATE without a where-clause
74 * on a large table, and then run CLUSTER in the same transaction, you
75 * could run out of memory. It doesn't seem worthwhile to add support for
76 * spill-to-disk, as there shouldn't be that many RECENTLY_DEAD tuples in a
77 * table under normal circumstances. Furthermore, in the typical scenario
78 * of CLUSTERing on an unchanging key column, we'll see all the versions
79 * of a given tuple together anyway, and so the peak memory usage is only
80 * proportional to the number of RECENTLY_DEAD versions of a single row, not
81 * in the whole table. Note that if we do fail halfway through a CLUSTER,
82 * the old table is still valid, so failure is not catastrophic.
83 *
84 * We can't use the normal heap_insert function to insert into the new
85 * heap, because heap_insert overwrites the visibility information.
86 * We use a special-purpose raw_heap_insert function instead, which
87 * is optimized for bulk inserting a lot of tuples, knowing that we have
88 * exclusive access to the heap. raw_heap_insert builds new pages in
89 * local storage. When a page is full, or at the end of the process,
90 * we insert it to WAL as a single record and then write it to disk
91 * directly through smgr. Note, however, that any data sent to the new
92 * heap's TOAST table will go through the normal bufmgr.
93 *
94 *
95 * Portions Copyright (c) 1996-2022, PostgreSQL Global Development Group
96 * Portions Copyright (c) 1994-5, Regents of the University of California
97 *
98 * IDENTIFICATION
99 * src/backend/access/heap/rewriteheap.c
100 *
101 *-------------------------------------------------------------------------
102 */
105 #include <sys/stat.h>
106 #include <unistd.h>
128 /*
129 * State associated with a rewrite operation. This is opaque to the user
130 * of the rewrite facility.
131 */
133 {
141 * tuple visibility */
143 * point */
145 * for logical rewrites */
147 * point for multixacts */
149 * them */
157 /*
158 * The lookup keys for the hash tables are tuple TID and xmin (we must check
159 * both to avoid false matches from dead tuples). Beware that there is
160 * probably some padding space in this struct; it must be zeroed out for
161 * correct hashtable operation.
162 */
164 {
169 /*
170 * Entry structures for the hash tables
171 */
173 {
182 {
189 /*
190 * In-Memory data for an xid that might need logical remapping entries
191 * to be logged.
192 */
194 {
203 /*
204 * A single In-Memory logical rewrite mapping, hanging off
205 * RewriteMappingFile->mappings.
206 */
208 {
210 * tuple */
211 dlist_node node;
215 /* prototypes for internal functions */
218 /* internal logical remapping prototypes */
220 static void logical_rewrite_heap_tuple(RewriteState state, ItemPointerData old_tid, HeapTuple new_tuple);
224 /*
225 * Begin a rewrite of a table
226 *
227 * old_heap old, locked heap relation tuples will be read from
228 * new_heap new, locked heap relation to insert tuples to
229 * oldest_xmin xid used by the caller to determine which tuples are dead
230 * freeze_xid xid before which tuples will be frozen
231 * cutoff_multi multixact before which multis will be removed
232 *
233 * Returns an opaque RewriteState, allocated in current memory context,
234 * to be used in subsequent calls to the other functions.
235 */
236 RewriteState
239 {
240 RewriteState state;
241 MemoryContext rw_cxt;
242 MemoryContext old_cxt;
243 HASHCTL hash_ctl;
245 /*
246 * To ease cleanup, make a separate context that will contain the
247 * RewriteState struct itself plus all subsidiary data.
248 */
251 ALLOCSET_DEFAULT_SIZES);
254 /* Create and fill in the state struct */
260 /* new_heap needn't be empty, just locked */
268 /* Initialize hash tables used to track update chains */
292 }
294 /*
295 * End a rewrite.
296 *
297 * state and any other resources are freed.
298 */
299 void
301 {
302 HASH_SEQ_STATUS seq_status;
303 UnresolvedTup unresolved;
305 /*
306 * Write any remaining tuples in the UnresolvedTups table. If we have any
307 * left, they should in fact be dead, but let's err on the safe side.
308 */
312 {
315 }
317 /* Write the last page, if any */
319 {
322 MAIN_FORKNUM,
331 }
333 /*
334 * When we WAL-logged rel pages, we must nonetheless fsync them. The
335 * reason is the same as in storage.c's RelationCopyStorage(): we're
336 * writing data that's not in shared buffers, and so a CHECKPOINT
337 * occurring during the rewriteheap operation won't have fsync'd data we
338 * wrote before the checkpoint.
339 */
345 /* Deleting the context frees everything */
347 }
349 /*
350 * Add a tuple to the new heap.
351 *
352 * Visibility information is copied from the original tuple, except that
353 * we "freeze" very-old tuples. Note that since we scribble on new_tuple,
354 * it had better be temp storage not a pointer to the original tuple.
355 *
356 * state opaque state as returned by begin_heap_rewrite
357 * old_tuple original tuple in the old heap
358 * new_tuple new, rewritten tuple to be inserted to new heap
359 */
360 void
363 {
364 MemoryContext old_cxt;
365 ItemPointerData old_tid;
366 TidHashKey hashkey;
372 /*
373 * Copy the original tuple's visibility information into new_tuple.
374 *
375 * XXX we might later need to copy some t_infomask2 bits, too? Right now,
376 * we intentionally clear the HOT status bits.
377 */
387 /*
388 * While we have our hands on the tuple, we may as well freeze any
389 * eligible xmin or xmax, so that future VACUUM effort can be saved.
390 */
397 /*
398 * Invalid ctid means that ctid should point to the tuple itself. We'll
399 * override it later if the tuple is part of an update chain.
400 */
403 /*
404 * If the tuple has been updated, check the old-to-new mapping hash table.
405 */
411 {
412 OldToNewMapping mapping;
423 {
424 /*
425 * We've already copied the tuple that t_ctid points to, so we can
426 * set the ctid of this tuple to point to the new location, and
427 * insert it right away.
428 */
431 /* We don't need the mapping entry anymore */
435 }
436 else
437 {
438 /*
439 * We haven't seen the tuple t_ctid points to yet. Stash this
440 * tuple into unresolved_tups to be written later.
441 */
442 UnresolvedTup unresolved;
451 /*
452 * We can't do anything more now, since we don't know where the
453 * tuple will be written.
454 */
457 }
458 }
460 /*
461 * Now we will write the tuple, and then check to see if it is the B tuple
462 * in any new or known pair. When we resolve a known pair, we will be
463 * able to write that pair's A tuple, and then we have to check if it
464 * resolves some other pair. Hence, we need a loop here.
465 */
470 {
471 ItemPointerData new_tid;
473 /* Insert the tuple and find out where it's put in new_heap */
479 /*
480 * If the tuple is the updated version of a row, and the prior version
481 * wouldn't be DEAD yet, then we need to either resolve the prior
482 * version (if it's waiting in rs_unresolved_tups), or make an entry
483 * in rs_old_new_tid_map (so we can resolve it when we do see it). The
484 * previous tuple's xmax would equal this one's xmin, so it's
485 * RECENTLY_DEAD if and only if the xmin is not before OldestXmin.
486 */
490 {
491 /*
492 * Okay, this is B in an update pair. See if we've seen A.
493 */
494 UnresolvedTup unresolved;
504 {
505 /*
506 * We have seen and memorized the previous tuple already. Now
507 * that we know where we inserted the tuple its t_ctid points
508 * to, fix its t_ctid and insert it to the new heap.
509 */
517 /*
518 * We don't need the hash entry anymore, but don't free its
519 * tuple just yet.
520 */
525 /* loop back to insert the previous tuple in the chain */
527 }
528 else
529 {
530 /*
531 * Remember the new tid of this tuple. We'll use it to set the
532 * ctid when we find the previous tuple in the chain.
533 */
534 OldToNewMapping mapping;
541 }
542 }
544 /* Done with this (chain of) tuples, for now */
548 }
551 }
553 /*
554 * Register a dead tuple with an ongoing rewrite. Dead tuples are not
555 * copied to the new table, but we still make note of them so that we
556 * can release some resources earlier.
557 *
558 * Returns true if a tuple was removed from the unresolved_tups table.
559 * This indicates that that tuple, previously thought to be "recently dead",
560 * is now known really dead and won't be written to the output.
561 */
562 bool
564 {
565 /*
566 * If we have already seen an earlier tuple in the update chain that
567 * points to this tuple, let's forget about that earlier tuple. It's in
568 * fact dead as well, our simple xmax < OldestXmin test in
569 * HeapTupleSatisfiesVacuum just wasn't enough to detect it. It happens
570 * when xmin of a tuple is greater than xmax, which sounds
571 * counter-intuitive but is perfectly valid.
572 *
573 * We don't bother to try to detect the situation the other way round,
574 * when we encounter the dead tuple first and then the recently dead one
575 * that points to it. If that happens, we'll have some unmatched entries
576 * in the UnresolvedTups hash table at the end. That can happen anyway,
577 * because a vacuum might have removed the dead tuple in the chain before
578 * us.
579 */
580 UnresolvedTup unresolved;
581 TidHashKey hashkey;
592 {
593 /* Need to free the contained tuple as well as the hashtable entry */
599 }
602 }
604 /*
605 * Insert a tuple to the new relation. This has to track heap_insert
606 * and its subsidiary functions!
607 *
608 * t_self of the tuple is set to the new TID of the tuple. If t_ctid of the
609 * tuple is invalid on entry, it's replaced with the new TID as well (in
610 * the inserted data only, not in the caller's copy).
611 */
612 static void
614 {
616 Size pageFreeSpace,
617 saveFreeSpace;
618 Size len;
619 OffsetNumber newoff;
620 HeapTuple heaptup;
622 /*
623 * If the new tuple is too big for storage or contains already toasted
624 * out-of-line attributes from some other relation, invoke the toaster.
625 *
626 * Note: below this point, heaptup is the data we actually intend to store
627 * into the relation; tup is the caller's original untoasted data.
628 */
630 {
631 /* toast table entries should never be recursively toasted */
634 }
636 {
639 /*
640 * While rewriting the heap for VACUUM FULL / CLUSTER, make sure data
641 * for the TOAST table are not logically decoded. The main heap is
642 * WAL-logged as XLOG FPI records, which are not logically decoded.
643 */
647 options);
648 }
649 else
654 /*
655 * If we're gonna fail for oversize tuple, do it right away
656 */
663 /* Compute desired extra freespace due to fillfactor option */
665 HEAP_DEFAULT_FILLFACTOR);
667 /* Now we can check to see if there's enough free space already. */
669 {
673 {
674 /*
675 * Doesn't fit, so write out the existing page. It always
676 * contains a tuple. Hence, unlike RelationGetBufferForTuple(),
677 * enforce saveFreeSpace unconditionally.
678 */
680 /* XLOG stuff */
683 MAIN_FORKNUM,
685 page,
688 /*
689 * Now write the page. We say skipFsync = true because there's no
690 * need for smgr to schedule an fsync for this write; we'll do it
691 * ourselves in end_heap_rewrite.
692 */
700 }
701 }
704 {
705 /* Initialize a new empty page */
708 }
710 /* And now we can insert the tuple into the page */
716 /* Update caller's t_self to the actual position where it was stored */
719 /*
720 * Insert the correct position into CTID of the stored tuple, too, if the
721 * caller didn't supply a valid CTID.
722 */
724 {
725 ItemId newitemid;
726 HeapTupleHeader onpage_tup;
732 }
734 /* If heaptup is a private copy, release it. */
737 }
739 /* ------------------------------------------------------------------------
740 * Logical rewrite support
741 *
742 * When doing logical decoding - which relies on using cmin/cmax of catalog
743 * tuples, via xl_heap_new_cid records - heap rewrites have to log enough
744 * information to allow the decoding backend to updates its internal mapping
745 * of (relfilenode,ctid) => (cmin, cmax) to be correct for the rewritten heap.
746 *
747 * For that, every time we find a tuple that's been modified in a catalog
748 * relation within the xmin horizon of any decoding slot, we log a mapping
749 * from the old to the new location.
750 *
751 * To deal with rewrites that abort the filename of a mapping file contains
752 * the xid of the transaction performing the rewrite, which then can be
753 * checked before being read in.
754 *
755 * For efficiency we don't immediately spill every single map mapping for a
756 * row to disk but only do so in batches when we've collected several of them
757 * in memory or when end_heap_rewrite() has been called.
758 *
759 * Crash-Safety: This module diverts from the usual patterns of doing WAL
760 * since it cannot rely on checkpoint flushing out all buffers and thus
761 * waiting for exclusive locks on buffers. Usually the XLogInsert() covering
762 * buffer modifications is performed while the buffer(s) that are being
763 * modified are exclusively locked guaranteeing that both the WAL record and
764 * the modified heap are on either side of the checkpoint. But since the
765 * mapping files we log aren't in shared_buffers that interlock doesn't work.
766 *
767 * Instead we simply write the mapping files out to disk, *before* the
768 * XLogInsert() is performed. That guarantees that either the XLogInsert() is
769 * inserted after the checkpoint's redo pointer or that the checkpoint (via
770 * CheckPointLogicalRewriteHeap()) has flushed the (partial) mapping file to
771 * disk. That leaves the tail end that has not yet been flushed open to
772 * corruption, which is solved by including the current offset in the
773 * xl_heap_rewrite_mapping records and truncating the mapping file to it
774 * during replay. Every time a rewrite is finished all generated mapping files
775 * are synced to disk.
776 *
777 * Note that if we were only concerned about crash safety we wouldn't have to
778 * deal with WAL logging at all - an fsync() at the end of a rewrite would be
779 * sufficient for crash safety. Any mapping that hasn't been safely flushed to
780 * disk has to be by an aborted (explicitly or via a crash) transaction and is
781 * ignored by virtue of the xid in its name being subject to a
782 * TransactionDidCommit() check. But we want to support having standbys via
783 * physical replication, both for availability and to do logical decoding
784 * there.
785 * ------------------------------------------------------------------------
786 */
788 /*
789 * Do preparations for logging logical mappings during a rewrite if
790 * necessary. If we detect that we don't need to log anything we'll prevent
791 * any further action by the various logical rewrite functions.
792 */
793 static void
795 {
796 HASHCTL hash_ctl;
797 TransactionId logical_xmin;
799 /*
800 * We only need to persist these mappings if the rewritten table can be
801 * accessed during logical decoding, if not, we can skip doing any
802 * additional work.
803 */
812 /*
813 * If there are no logical slots in progress we don't need to do anything,
814 * there cannot be any remappings for relevant rows yet. The relation's
815 * lock protects us against races.
816 */
818 {
821 }
836 }
838 /*
839 * Flush all logical in-memory mappings to disk, but don't fsync them yet.
840 */
841 static void
843 {
844 HASH_SEQ_STATUS seq_status;
846 dlist_mutable_iter iter;
850 /* no logical rewrite in progress, no need to iterate over mappings */
859 {
862 xl_heap_rewrite_mapping xlrec;
863 Oid dboid;
864 uint32 len;
867 /* this file hasn't got any new mappings */
873 else
883 /* write all mappings consecutively */
887 /*
888 * collect data we need to write out, but don't modify ondisk data yet
889 */
891 {
899 /* remove from the list and free */
903 /* update bookkeeping */
906 }
911 /*
912 * Note that we deviate from the usual WAL coding practices here,
913 * check the above "Logical rewrite support" comment for reasoning.
914 */
916 WAIT_EVENT_LOGICAL_REWRITE_WRITE);
928 /* write xlog record */
932 }
934 }
936 /*
937 * Logical remapping part of end_heap_rewrite().
938 */
939 static void
941 {
942 HASH_SEQ_STATUS seq_status;
945 /* done, no logical rewrite in progress */
949 /* writeout remaining in-memory entries */
953 /* Iterate over all mappings we have written and fsync the files. */
956 {
962 }
963 /* memory context cleanup will deal with the rest */
964 }
966 /*
967 * Log a single (old->new) mapping for 'xid'.
968 */
969 static void
972 {
975 Oid relid;
980 /* look for existing mappings for this 'mapped' xid */
984 /*
985 * We haven't yet had the need to map anything for this xid, create
986 * per-xid data structures.
987 */
989 {
991 Oid dboid;
995 else
1014 }
1023 /*
1024 * Write out buffer every time we've too many in-memory entries across all
1025 * mapping files.
1026 */
1029 }
1031 /*
1032 * Perform logical remapping for a tuple that's mapped from old_tid to
1033 * new_tuple->t_self by rewrite_heap_tuple() if necessary for the tuple.
1034 */
1035 static void
1037 HeapTuple new_tuple)
1038 {
1041 TransactionId xmin;
1042 TransactionId xmax;
1045 LogicalRewriteMappingData map;
1047 /* no logical rewrite in progress, we don't need to log anything */
1052 /* use *GetUpdateXid to correctly deal with multixacts */
1055 /*
1056 * Log the mapping iff the tuple has been created recently.
1057 */
1062 {
1063 /*
1064 * no xmax is set, can't have any permanent ones, so this check is
1065 * sufficient
1066 */
1067 }
1069 {
1070 /* only locked, we don't care */
1071 }
1073 {
1074 /* tuple has been deleted recently, log */
1076 }
1078 /* if neither needs to be logged, we're done */
1082 /* fill out mapping information */
1088 /* ---
1089 * Now persist the mapping for the individual xids that are affected. We
1090 * need to log for both xmin and xmax if they aren't the same transaction
1091 * since the mapping files are per "affected" xid.
1092 * We don't muster all that much effort detecting whether xmin and xmax
1093 * are actually the same transaction, we just check whether the xid is the
1094 * same disregarding subtransactions. Logging too much is relatively
1095 * harmless and we could never do the check fully since subtransaction
1096 * data is thrown away during restarts.
1097 * ---
1098 */
1101 /* separately log mapping for xmax unless it'd be redundant */
1104 }
1106 /*
1107 * Replay XLOG_HEAP2_REWRITE records
1108 */
1109 void
1111 {
1115 uint32 len;
1133 /*
1134 * Truncate all data that's not guaranteed to have been safely fsynced (by
1135 * previous record or by the last checkpoint).
1136 */
1149 /* write out tail end of mapping file (again) */
1153 {
1154 /* if write didn't set errno, assume problem is no disk space */
1160 }
1163 /*
1164 * Now fsync all previously written data. We could improve things and only
1165 * do this for the last write to a file, but the required bookkeeping
1166 * doesn't seem worth the trouble.
1167 */
1179 }
1181 /* ---
1182 * Perform a checkpoint for logical rewrite mappings
1183 *
1184 * This serves two tasks:
1185 * 1) Remove all mappings not needed anymore based on the logical restart LSN
1186 * 2) Flush all remaining mappings to disk, so that replay after a checkpoint
1187 * only has to deal with the parts of a mapping that have been written out
1188 * after the checkpoint started.
1189 * ---
1190 */
1191 void
1193 {
1194 XLogRecPtr cutoff;
1195 XLogRecPtr redo;
1200 /*
1201 * We start of with a minimum of the last redo pointer. No new decoding
1202 * slot will start before that, so that's a safe upper bound for removal.
1203 */
1206 /* now check for the restart ptrs from existing slots */
1209 /* don't start earlier than the restart lsn */
1215 {
1217 Oid dboid;
1218 Oid relid;
1219 XLogRecPtr lsn;
1220 TransactionId rewrite_xid;
1221 TransactionId create_xid;
1222 uint32 hi,
1223 lo;
1233 /* Skip over files that cannot be ours. */
1244 {
1250 }
1251 else
1252 {
1253 /* on some operating systems fsyncing a file requires O_RDWR */
1256 /*
1257 * The file cannot vanish due to concurrency since this function
1258 * is the only one removing logical mappings and only one
1259 * checkpoint can be in progress at a time.
1260 */
1266 /*
1267 * We could try to avoid fsyncing files that either haven't
1268 * changed or have only been created since the checkpoint's start,
1269 * but it's currently not deemed worth the effort.
1270 */
1282 }
1283 }
1285 }