| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Xiaoran Wang <fanfuxiaoran(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org, Andres Freund <andres(at)anarazel(dot)de> |
| Subject: | Re: Recovering from detoast-related catcache invalidations |
| Date: | 2024-01-12 20:14:12 |
| Message-ID: | 754826.1705090452@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Xiaoran Wang <fanfuxiaoran(at)gmail(dot)com> writes:
>> Maybe, but that undocumented hack in SetHintBits seems completely
>> unacceptable. Isn't there a cleaner way to make this check?
> Maybe we don't need to call 'HeapTupleSatisfiesVisibility' to check if the
> tuple has been deleted.
> As the tuple's xmin must been committed, so we just need to check if its
> xmax is committed,
I'm not super thrilled with that. Something I realized last night is
that your proposal only works if "ntp" is pointing directly into the
catalog's disk buffers. If something earlier than this code had made
a local-memory copy of the catalog tuple, then it's possible that its
header fields (particularly xmax) are out of date compared to shared
buffers and would fail to tell us that some other process just
invalidated the tuple. Now in fact, with the current implementation
of syscache_getnext() the result is actually a live tuple and so we
can expect to see any relevant updates. But I think we'd better add
some Asserts that that's so; and that also provides us with a way to
call HeapTupleSatisfiesVisibility fully legally, because we can get
the buffer reference out of the scan descriptor too.
This is uncomfortably much in bed with the tuple table slot code,
perhaps, but I don't see a way to do it more cleanly unless we want
to add some new provisions to that API. Andres, do you have any
thoughts about that?
Anyway, this approach gets rid of false positives, which is great
for performance and bad for testing. Code coverage says that now
we never hit the failure paths during regression tests, which is
unsurprising, but I'm not very comfortable with leaving those paths
unexercised. I tried to make an isolation test to exercise them,
but there's no good way at the SQL level to get a session to block
during the detoast step. LOCK TABLE on some catalog's toast table
would do, but we disallow it. I thought about adding a small C
function to regress.so to take out such a lock, but we have no
infrastructure for referencing regress.so from isolation tests.
What I ended up doing is adding a random failure about 0.1% of
the time in USE_ASSERT_CHECKING builds --- that's intellectually
ugly for sure, but doing better seems like way more work than
it's worth.
regards, tom lane
| Attachment | Content-Type | Size |
|---|---|---|
| v3-fix-stale-catcache-entries.patch | text/x-diff | 11.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2024-01-12 20:22:16 | Re: Emit fewer vacuum records by reaping removable tuples during pruning |
| Previous Message | Melanie Plageman | 2024-01-12 20:04:19 | Re: Emit fewer vacuum records by reaping removable tuples during pruning |