From 9c3b184331c734c0178bd0e7e8e507477023dd54 Mon Sep 17 00:00:00 2001 From: Aleksander Alekseev Date: Mon, 16 Jan 2023 12:23:30 +0300 Subject: [PATCH v4 1/3] Correct the docs and messages about preventing XID wraparound Prior to this commit the documentation was somewhat misleading. It stated that the system will "shutdown" in order to prevent XID wraparound. This is not what actually happens though. Actually the system refuses to allocate new XIDs. XIDs are allocated lazily and not needed for checking the visibility rules. Thus read-only transaction will continues to execute. Additionally, read-write transactions that are in progress and have an allocated XID will continue to execute and can be committed. Additionally, fix the messages shown when approaching xidWrapLimit, xidWarnLimit and multiWarnLimit accordingly. Author: Aleksander Alekseev Reviewed-by: John Naylor Discussion: https://postgr.es/m/CAJ7c6TM2D277U2wH8X78kg8pH3tdUqebV3_JCJqAkYQFHCFzeg@mail.gmail.com --- doc/src/sgml/maintenance.sgml | 22 +++++++++++----------- src/backend/access/transam/multixact.c | 4 ++-- src/backend/access/transam/varsup.c | 12 ++++++------ 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/doc/src/sgml/maintenance.sgml b/doc/src/sgml/maintenance.sgml index 9cf9d030a8..2a902e422c 100644 --- a/doc/src/sgml/maintenance.sgml +++ b/doc/src/sgml/maintenance.sgml @@ -656,31 +656,31 @@ SELECT datname, age(datfrozenxid) FROM pg_database; WARNING: database "mydb" must be vacuumed within 39985967 transactions -HINT: To avoid a database shutdown, execute a database-wide VACUUM in that database. +HINT: To prevent entering read-only mode, execute a database-wide VACUUM in that database. (A manual VACUUM should fix the problem, as suggested by the hint; but note that the VACUUM must be performed by a superuser, else it will fail to process system catalogs and thus not be able to advance the database's datfrozenxid.) - If these warnings are - ignored, the system will shut down and refuse to start any new - transactions once there are fewer than three million transactions left - until wraparound: + If these warnings are ignored, the system will refuse to allocate new XIDs + once there are fewer than three million transactions left until wraparound: -ERROR: database is not accepting commands to avoid wraparound data loss in database "mydb" +ERROR: database is not accepting commands that generate new XIDs to avoid wraparound data loss in database "mydb" HINT: Stop the postmaster and vacuum that database in single-user mode. + In this condition any transactions already started can continue. + Only new read-only transactions can be started. + The three-million-transaction safety margin exists to let the administrator recover without data loss, by manually executing the - required VACUUM commands. However, since the system will not - execute commands once it has gone into the safety shutdown mode, + required VACUUM commands. However the only way to do this is to stop the server and start the server in single-user - mode to execute VACUUM. The shutdown mode is not enforced - in single-user mode. See the reference - page for details about using single-user mode. + mode to execute VACUUM. See the + reference page for details about using + single-user mode. diff --git a/src/backend/access/transam/multixact.c b/src/backend/access/transam/multixact.c index fe6698d5ff..1dd29c02cc 100644 --- a/src/backend/access/transam/multixact.c +++ b/src/backend/access/transam/multixact.c @@ -2335,7 +2335,7 @@ SetMultiXactIdLimit(MultiXactId oldest_datminmxid, Oid oldest_datoid, multiWrapLimit - curMulti, oldest_datname, multiWrapLimit - curMulti), - errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n" + errhint("To prevent entering read-only mode, execute a database-wide VACUUM in that database.\n" "You might also need to commit or roll back old prepared transactions, or drop stale replication slots."))); else ereport(WARNING, @@ -2344,7 +2344,7 @@ SetMultiXactIdLimit(MultiXactId oldest_datminmxid, Oid oldest_datoid, multiWrapLimit - curMulti, oldest_datoid, multiWrapLimit - curMulti), - errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n" + errhint("To prevent entering read-only mode, execute a database-wide VACUUM in that database.\n" "You might also need to commit or roll back old prepared transactions, or drop stale replication slots."))); } } diff --git a/src/backend/access/transam/varsup.c b/src/backend/access/transam/varsup.c index 334adac09e..485d8ebf81 100644 --- a/src/backend/access/transam/varsup.c +++ b/src/backend/access/transam/varsup.c @@ -126,14 +126,14 @@ GetNewTransactionId(bool isSubXact) if (oldest_datname) ereport(ERROR, (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), - errmsg("database is not accepting commands to avoid wraparound data loss in database \"%s\"", + errmsg("database is not accepting commands that generate new XIDs to avoid wraparound data loss in database \"%s\"", oldest_datname), errhint("Stop the postmaster and vacuum that database in single-user mode.\n" "You might also need to commit or roll back old prepared transactions, or drop stale replication slots."))); else ereport(ERROR, (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), - errmsg("database is not accepting commands to avoid wraparound data loss in database with OID %u", + errmsg("database is not accepting commands that generate new XIDs to avoid wraparound data loss in database with OID %u", oldest_datoid), errhint("Stop the postmaster and vacuum that database in single-user mode.\n" "You might also need to commit or roll back old prepared transactions, or drop stale replication slots."))); @@ -148,14 +148,14 @@ GetNewTransactionId(bool isSubXact) (errmsg("database \"%s\" must be vacuumed within %u transactions", oldest_datname, xidWrapLimit - xid), - errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n" + errhint("To prevent entering read-only mode, execute a database-wide VACUUM in that database.\n" "You might also need to commit or roll back old prepared transactions, or drop stale replication slots."))); else ereport(WARNING, (errmsg("database with OID %u must be vacuumed within %u transactions", oldest_datoid, xidWrapLimit - xid), - errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n" + errhint("To prevent entering read-only mode, execute a database-wide VACUUM in that database.\n" "You might also need to commit or roll back old prepared transactions, or drop stale replication slots."))); } @@ -463,14 +463,14 @@ SetTransactionIdLimit(TransactionId oldest_datfrozenxid, Oid oldest_datoid) (errmsg("database \"%s\" must be vacuumed within %u transactions", oldest_datname, xidWrapLimit - curXid), - errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n" + errhint("To prevent entering read-only mode, execute a database-wide VACUUM in that database.\n" "You might also need to commit or roll back old prepared transactions, or drop stale replication slots."))); else ereport(WARNING, (errmsg("database with OID %u must be vacuumed within %u transactions", oldest_datoid, xidWrapLimit - curXid), - errhint("To avoid a database shutdown, execute a database-wide VACUUM in that database.\n" + errhint("To prevent entering read-only mode, execute a database-wide VACUUM in that database.\n" "You might also need to commit or roll back old prepared transactions, or drop stale replication slots."))); } } -- 2.39.2