Fix handling of orphaned 2PC files in the future at recovery

michaelpq · michaelpq · commit 58626e24a95d · 2024-12-30T08:06:45.000+09:00
Before 728bd99, that has improved the support for 2PC files during recovery, the initial logic scanning files in pg_twophase was done so as files in the future of the transaction ID horizon were checked first, followed by a check if a transaction ID is aborted or committed which could involve a pg_xact lookup. After this commit, these checks have been done in reverse order. Files detected as in the future do not have a state that can be checked in pg_xact, hence this caused recovery to fail abruptly should an orphaned 2PC file in the future of the transaction ID horizon exist in pg_twophase at the beginning of recovery. A test is added to check for this scenario, using an empty 2PC with a transaction ID large enough to be in the future when running the test. This test is added in 16 and older versions for now. 17 and newer versions are impacted by a second bug caused by the addition of the epoch in the 2PC file names. An equivalent test will be added in these branches in a follow-up commit, once the second set of issues reported are fixed. Author: Vitaly Davydov, Michael Paquier Discussion: https://postgr.es/m/11e597-676ab680-8d-374f23c0@145466129 Backpatch-through: 13
diff --git a/src/backend/access/transam/twophase.c b/src/backend/access/transam/twophase.c
@@ -2156,40 +2156,40 @@ ProcessTwoPhaseBuffer(TransactionId xid,
 	if (!fromdisk)
 		Assert(prepare_start_lsn != InvalidXLogRecPtr);
 
-	/* Already processed? */
-	if (TransactionIdDidCommit(xid) || TransactionIdDidAbort(xid))
+	/* Reject XID if too new */
+	if (TransactionIdFollowsOrEquals(xid, origNextXid))
 	{
 		if (fromdisk)
 		{
 			ereport(WARNING,
-					(errmsg("removing stale two-phase state file for transaction %u",
+					(errmsg("removing future two-phase state file for transaction %u",
 							xid)));
 			RemoveTwoPhaseFile(xid, true);
 		}
 		else
 		{
 			ereport(WARNING,
-					(errmsg("removing stale two-phase state from memory for transaction %u",
+					(errmsg("removing future two-phase state from memory for transaction %u",
 							xid)));
 			PrepareRedoRemove(xid, true);
 		}
 		return NULL;
 	}
 
-	/* Reject XID if too new */
-	if (TransactionIdFollowsOrEquals(xid, origNextXid))
+	/* Already processed? */
+	if (TransactionIdDidCommit(xid) || TransactionIdDidAbort(xid))
 	{
 		if (fromdisk)
 		{
 			ereport(WARNING,
-					(errmsg("removing future two-phase state file for transaction %u",
+					(errmsg("removing stale two-phase state file for transaction %u",
 							xid)));
 			RemoveTwoPhaseFile(xid, true);
 		}
 		else
 		{
 			ereport(WARNING,
-					(errmsg("removing future two-phase state from memory for transaction %u",
+					(errmsg("removing stale two-phase state from memory for transaction %u",
 							xid)));
 			PrepareRedoRemove(xid, true);
 		}
diff --git a/src/test/recovery/t/009_twophase.pl b/src/test/recovery/t/009_twophase.pl
@@ -7,7 +7,7 @@
 
 use PostgresNode;
 use TestLib;
-use Test::More tests => 27;
+use Test::More tests => 28;
 
 my $psql_out = '';
 my $psql_rc  = '';
@@ -527,3 +527,26 @@ sub configure_and_reload
 is( $psql_out,
 	qq{27|issued to paris},
 	"Check expected t_009_tbl2 data on standby");
+
+###############################################################################
+# Check handling of orphaned 2PC files at recovery.
+###############################################################################
+
+$cur_primary->teardown_node;
+
+# Grab location in logs of primary
+my $log_offset = -s $cur_primary->logfile;
+
+# Create a fake file with a transaction ID large enough to be in the future,
+# then check that the primary is able to start and remove this file at
+# recovery.
+
+my $future_2pc_file = $cur_primary->data_dir . '/pg_twophase/00FFFFFF';
+append_to_file $future_2pc_file, "";
+
+$cur_primary->start;
+$cur_primary->log_check(
+	"future two-phase file removed at recovery",
+	$log_offset,
+	log_like =>
+	  [qr/removing future two-phase state file for transaction 16777215/]);

Original file line number	Diff line number	Diff line change
`@@ -2156,40 +2156,40 @@ ProcessTwoPhaseBuffer(TransactionId xid,`
`2156`	`2156`	`if (!fromdisk)`
`2157`	`2157`	`Assert(prepare_start_lsn != InvalidXLogRecPtr);`
`2158`	`2158`
`2159`		`- /* Already processed? */`
`2160`		`- if (TransactionIdDidCommit(xid) \|\| TransactionIdDidAbort(xid))`
	`2159`	`+ /* Reject XID if too new */`
	`2160`	`+ if (TransactionIdFollowsOrEquals(xid, origNextXid))`
`2161`	`2161`	`{`
`2162`	`2162`	`if (fromdisk)`
`2163`	`2163`	`{`
`2164`	`2164`	`ereport(WARNING,`
`2165`		`- (errmsg("removing stale two-phase state file for transaction %u",`
	`2165`	`+ (errmsg("removing future two-phase state file for transaction %u",`
`2166`	`2166`	`xid)));`
`2167`	`2167`	`RemoveTwoPhaseFile(xid, true);`
`2168`	`2168`	`}`
`2169`	`2169`	`else`
`2170`	`2170`	`{`
`2171`	`2171`	`ereport(WARNING,`
`2172`		`- (errmsg("removing stale two-phase state from memory for transaction %u",`
	`2172`	`+ (errmsg("removing future two-phase state from memory for transaction %u",`
`2173`	`2173`	`xid)));`
`2174`	`2174`	`PrepareRedoRemove(xid, true);`
`2175`	`2175`	`}`
`2176`	`2176`	`return NULL;`
`2177`	`2177`	`}`
`2178`	`2178`
`2179`		`- /* Reject XID if too new */`
`2180`		`- if (TransactionIdFollowsOrEquals(xid, origNextXid))`
	`2179`	`+ /* Already processed? */`
	`2180`	`+ if (TransactionIdDidCommit(xid) \|\| TransactionIdDidAbort(xid))`
`2181`	`2181`	`{`
`2182`	`2182`	`if (fromdisk)`
`2183`	`2183`	`{`
`2184`	`2184`	`ereport(WARNING,`
`2185`		`- (errmsg("removing future two-phase state file for transaction %u",`
	`2185`	`+ (errmsg("removing stale two-phase state file for transaction %u",`
`2186`	`2186`	`xid)));`
`2187`	`2187`	`RemoveTwoPhaseFile(xid, true);`
`2188`	`2188`	`}`
`2189`	`2189`	`else`
`2190`	`2190`	`{`
`2191`	`2191`	`ereport(WARNING,`
`2192`		`- (errmsg("removing future two-phase state from memory for transaction %u",`
	`2192`	`+ (errmsg("removing stale two-phase state from memory for transaction %u",`
`2193`	`2193`	`xid)));`
`2194`	`2194`	`PrepareRedoRemove(xid, true);`
`2195`	`2195`	`}`