/*-------------------------------------------------------------------------

 *

 * multixact.c

 *    PostgreSQL multi-transaction-log manager

 *

 * The pg_multixact manager is a pg_xact-like manager that stores an array of

 * MultiXactMember for each MultiXactId.  It is a fundamental part of the

 * shared-row-lock implementation.  Each MultiXactMember is comprised of a

 * TransactionId and a set of flag bits.  The name is a bit historical:

 * originally, a MultiXactId consisted of more than one TransactionId (except

 * in rare corner cases), hence "multi".  Nowadays, however, it's perfectly

 * legitimate to have MultiXactIds that only include a single Xid.

 *

 * The meaning of the flag bits is opaque to this module, but they are mostly

 * used in heapam.c to identify lock modes that each of the member transactions

 * is holding on any given tuple.  This module just contains support to store

 * and retrieve the arrays.

 *

 * We use two SLRU areas, one for storing the offsets at which the data

 * starts for each MultiXactId in the other one.  This trick allows us to

 * store variable length arrays of TransactionIds.  (We could alternatively

 * use one area containing counts and TransactionIds, with valid MultiXactId

 * values pointing at slots containing counts; but that way seems less robust

 * since it would get completely confused if someone inquired about a bogus

 * MultiXactId that pointed to an intermediate slot containing an XID.)

 *

 * XLOG interactions: this module generates a record whenever a new OFFSETs or

 * MEMBERs page is initialized to zeroes, as well as an

 * XLOG_MULTIXACT_CREATE_ID record whenever a new MultiXactId is defined.

 * This module ignores the WAL rule "write xlog before data," because it

 * suffices that actions recording a MultiXactId in a heap xmax do follow that

 * rule.  The only way for the MXID to be referenced from any data page is for

 * heap_lock_tuple() or heap_update() to have put it there, and each generates

 * an XLOG record that must follow ours.  The normal LSN interlock between the

 * data page and that XLOG record will ensure that our XLOG record reaches

 * disk first.  If the SLRU members/offsets data reaches disk sooner than the

 * XLOG records, we do not care; after recovery, no xmax will refer to it.  On

 * the flip side, to ensure that all referenced entries _do_ reach disk, this

 * module's XLOG records completely rebuild the data entered since the last

 * checkpoint.  We flush and sync all dirty OFFSETs and MEMBERs pages to disk

 * before each checkpoint is considered complete.

 *

 * Like clog.c, and unlike subtrans.c, we have to preserve state across

 * crashes and ensure that MXID and offset numbering increases monotonically

 * across a crash.  We do this in the same way as it's done for transaction

 * IDs: the WAL record is guaranteed to contain evidence of every MXID we

 * could need to worry about, and we just make sure that at the end of

 * replay, the next-MXID and next-offset counters are at least as large as

 * anything we saw during replay.

 *

 * We are able to remove segments no longer necessary by carefully tracking

 * each table's used values: during vacuum, any multixact older than a certain

 * value is removed; the cutoff value is stored in pg_class.  The minimum value

 * across all tables in each database is stored in pg_database, and the global

 * minimum across all databases is part of pg_control and is kept in shared

 * memory.  Whenever that minimum is advanced, the SLRUs are truncated.

 *

 * When new multixactid values are to be created, care is taken that the

 * counter does not fall within the wraparound horizon considering the global

 * minimum value.

 *

 * Portions Copyright (c) 1996-2025, PostgreSQL Global Development Group

 * Portions Copyright (c) 1994, Regents of the University of California

 *

 * src/backend/access/transam/multixact.c

 *

 *-------------------------------------------------------------------------

 */

#include "postgres.h"

#include "access/multixact.h"

#include "access/slru.h"

#include "access/transam.h"

#include "access/twophase.h"

#include "access/twophase_rmgr.h"

#include "access/xact.h"

#include "access/xlog.h"

#include "access/xloginsert.h"

#include "access/xlogutils.h"

#include "commands/dbcommands.h"

#include "funcapi.h"

#include "lib/ilist.h"

#include "miscadmin.h"

#include "pg_trace.h"

#include "pgstat.h"

#include "postmaster/autovacuum.h"

#include "storage/pmsignal.h"

#include "storage/proc.h"

#include "storage/procarray.h"

#include "utils/fmgrprotos.h"

#include "utils/guc_hooks.h"

#include "utils/injection_point.h"

#include "utils/memutils.h"

/*

 * Defines for MultiXactOffset page sizes.  A page is the same BLCKSZ as is

 * used everywhere else in Postgres.

 *

 * Note: because MultiXactOffsets are 32 bits and wrap around at 0xFFFFFFFF,

 * MultiXact page numbering also wraps around at

 * 0xFFFFFFFF/MULTIXACT_OFFSETS_PER_PAGE, and segment numbering at

 * 0xFFFFFFFF/MULTIXACT_OFFSETS_PER_PAGE/SLRU_PAGES_PER_SEGMENT.  We need

 * take no explicit notice of that fact in this module, except when comparing

 * segment and page numbers in TruncateMultiXact (see

 * MultiXactOffsetPagePrecedes).

 */

/* We need four bytes per offset */

#define MULTIXACT_OFFSETS_PER_PAGE (BLCKSZ / sizeof(MultiXactOffset))

static inline int64

MultiXactIdToOffsetPage(MultiXactId multi)

{

  return multi / MULTIXACT_OFFSETS_PER_PAGE;

}

static inline int

MultiXactIdToOffsetEntry(MultiXactId multi)

{

  return multi % MULTIXACT_OFFSETS_PER_PAGE;

}

static inline int64

MultiXactIdToOffsetSegment(MultiXactId multi)

{

  return MultiXactIdToOffsetPage(multi) / SLRU_PAGES_PER_SEGMENT;

}

/*

 * The situation for members is a bit more complex: we store one byte of

 * additional flag bits for each TransactionId.  To do this without getting

 * into alignment issues, we store four bytes of flags, and then the

 * corresponding 4 Xids.  Each such 5-word (20-byte) set we call a "group", and

 * are stored as a whole in pages.  Thus, with 8kB BLCKSZ, we keep 409 groups

 * per page.  This wastes 12 bytes per page, but that's OK -- simplicity (and

 * performance) trumps space efficiency here.

 *

 * Note that the "offset" macros work with byte offset, not array indexes, so

 * arithmetic must be done using "char *" pointers.

 */

/* We need eight bits per xact, so one xact fits in a byte */

#define MXACT_MEMBER_BITS_PER_XACT      8

#define MXACT_MEMBER_FLAGS_PER_BYTE     1

#define MXACT_MEMBER_XACT_BITMASK ((1 << MXACT_MEMBER_BITS_PER_XACT) - 1)

/* how many full bytes of flags are there in a group? */

#define MULTIXACT_FLAGBYTES_PER_GROUP   4

#define MULTIXACT_MEMBERS_PER_MEMBERGROUP \

  (MULTIXACT_FLAGBYTES_PER_GROUP * MXACT_MEMBER_FLAGS_PER_BYTE)

/* size in bytes of a complete group */

#define MULTIXACT_MEMBERGROUP_SIZE \

  (sizeof(TransactionId) * MULTIXACT_MEMBERS_PER_MEMBERGROUP + MULTIXACT_FLAGBYTES_PER_GROUP)

#define MULTIXACT_MEMBERGROUPS_PER_PAGE (BLCKSZ / MULTIXACT_MEMBERGROUP_SIZE)

#define MULTIXACT_MEMBERS_PER_PAGE  \

  (MULTIXACT_MEMBERGROUPS_PER_PAGE * MULTIXACT_MEMBERS_PER_MEMBERGROUP)

/*

 * Because the number of items per page is not a divisor of the last item

 * number (member 0xFFFFFFFF), the last segment does not use the maximum number

 * of pages, and moreover the last used page therein does not use the same

 * number of items as previous pages.  (Another way to say it is that the

 * 0xFFFFFFFF member is somewhere in the middle of the last page, so the page

 * has some empty space after that item.)

 *

 * This constant is the number of members in the last page of the last segment.

 */

#define MAX_MEMBERS_IN_LAST_MEMBERS_PAGE \

    ((uint32) ((0xFFFFFFFF % MULTIXACT_MEMBERS_PER_PAGE) + 1))

/* page in which a member is to be found */

static inline int64

MXOffsetToMemberPage(MultiXactOffset offset)

{

  return offset / MULTIXACT_MEMBERS_PER_PAGE;

}

static inline int64

MXOffsetToMemberSegment(MultiXactOffset offset)

{

  return MXOffsetToMemberPage(offset) / SLRU_PAGES_PER_SEGMENT;

}

/* Location (byte offset within page) of flag word for a given member */

static inline int

MXOffsetToFlagsOffset(MultiXactOffset offset)

{

  MultiXactOffset group = offset / MULTIXACT_MEMBERS_PER_MEMBERGROUP;

  int     grouponpg = group % MULTIXACT_MEMBERGROUPS_PER_PAGE;

  int     byteoff = grouponpg * MULTIXACT_MEMBERGROUP_SIZE;

  return byteoff;

}

static inline int

MXOffsetToFlagsBitShift(MultiXactOffset offset)

{

  int     member_in_group = offset % MULTIXACT_MEMBERS_PER_MEMBERGROUP;

  int     bshift = member_in_group * MXACT_MEMBER_BITS_PER_XACT;

  return bshift;

}

/* Location (byte offset within page) of TransactionId of given member */

static inline int

MXOffsetToMemberOffset(MultiXactOffset offset)

{

  int     member_in_group = offset % MULTIXACT_MEMBERS_PER_MEMBERGROUP;

  return MXOffsetToFlagsOffset(offset) +

    MULTIXACT_FLAGBYTES_PER_GROUP +

    member_in_group * sizeof(TransactionId);

}

/* Multixact members wraparound thresholds. */

#define MULTIXACT_MEMBER_SAFE_THRESHOLD   (MaxMultiXactOffset / 2)

#define MULTIXACT_MEMBER_DANGER_THRESHOLD \

  (MaxMultiXactOffset - MaxMultiXactOffset / 4)

static inline MultiXactId

PreviousMultiXactId(MultiXactId multi)

{

  return multi == FirstMultiXactId ? MaxMultiXactId : multi - 1;

}

/*

 * Links to shared-memory data structures for MultiXact control

 */

static SlruCtlData MultiXactOffsetCtlData;

static SlruCtlData MultiXactMemberCtlData;

#define MultiXactOffsetCtl  (&MultiXactOffsetCtlData)

#define MultiXactMemberCtl  (&MultiXactMemberCtlData)

/*

 * MultiXact state shared across all backends.  All this state is protected

 * by MultiXactGenLock.  (We also use SLRU bank's lock of MultiXactOffset and

 * MultiXactMember to guard accesses to the two sets of SLRU buffers.  For

 * concurrency's sake, we avoid holding more than one of these locks at a

 * time.)

 */

typedef struct MultiXactStateData

{

  /* next-to-be-assigned MultiXactId */

  MultiXactId nextMXact;

  /* next-to-be-assigned offset */

  MultiXactOffset nextOffset;

  /* Have we completed multixact startup? */

  bool    finishedStartup;

  /*

   * Oldest multixact that is still potentially referenced by a relation.

   * Anything older than this should not be consulted.  These values are

   * updated by vacuum.

   */

  MultiXactId oldestMultiXactId;

  Oid     oldestMultiXactDB;

  /*

   * Oldest multixact offset that is potentially referenced by a multixact

   * referenced by a relation.  We don't always know this value, so there's

   * a flag here to indicate whether or not we currently do.

   */

  MultiXactOffset oldestOffset;

  bool    oldestOffsetKnown;

  /* support for anti-wraparound measures */

  MultiXactId multiVacLimit;

  MultiXactId multiWarnLimit;

  MultiXactId multiStopLimit;

  MultiXactId multiWrapLimit;

  /* support for members anti-wraparound measures */

  MultiXactOffset offsetStopLimit;  /* known if oldestOffsetKnown */

  /*

   * This is used to sleep until a multixact offset is written when we want

   * to create the next one.

   */

  ConditionVariable nextoff_cv;

  /*

   * Per-backend data starts here.  We have two arrays stored in the area

   * immediately following the MultiXactStateData struct. Each is indexed by

   * ProcNumber.

   *

   * In both arrays, there's a slot for all normal backends

   * (0..MaxBackends-1) followed by a slot for max_prepared_xacts prepared

   * transactions.

   *

   * OldestMemberMXactId[k] is the oldest MultiXactId each backend's current

   * transaction(s) could possibly be a member of, or InvalidMultiXactId

   * when the backend has no live transaction that could possibly be a

   * member of a MultiXact.  Each backend sets its entry to the current

   * nextMXact counter just before first acquiring a shared lock in a given

   * transaction, and clears it at transaction end. (This works because only

   * during or after acquiring a shared lock could an XID possibly become a

   * member of a MultiXact, and that MultiXact would have to be created

   * during or after the lock acquisition.)

   *

   * OldestVisibleMXactId[k] is the oldest MultiXactId each backend's

   * current transaction(s) think is potentially live, or InvalidMultiXactId

   * when not in a transaction or not in a transaction that's paid any

   * attention to MultiXacts yet.  This is computed when first needed in a

   * given transaction, and cleared at transaction end.  We can compute it

   * as the minimum of the valid OldestMemberMXactId[] entries at the time

   * we compute it (using nextMXact if none are valid).  Each backend is

   * required not to attempt to access any SLRU data for MultiXactIds older

   * than its own OldestVisibleMXactId[] setting; this is necessary because

   * the relevant SLRU data can be concurrently truncated away.

   *

   * The oldest valid value among all of the OldestMemberMXactId[] and

   * OldestVisibleMXactId[] entries is considered by vacuum as the earliest

   * possible value still having any live member transaction -- OldestMxact.

   * Any value older than that is typically removed from tuple headers, or

   * "frozen" via being replaced with a new xmax.  VACUUM can sometimes even

   * remove an individual MultiXact xmax whose value is >= its OldestMxact

   * cutoff, though typically only when no individual member XID is still

   * running.  See FreezeMultiXactId for full details.

   *

   * Whenever VACUUM advances relminmxid, then either its OldestMxact cutoff

   * or the oldest extant Multi remaining in the table is used as the new

   * pg_class.relminmxid value (whichever is earlier).  The minimum of all

   * relminmxid values in each database is stored in pg_database.datminmxid.

   * In turn, the minimum of all of those values is stored in pg_control.

   * This is used as the truncation point for pg_multixact when unneeded

   * segments get removed by vac_truncate_clog() during vacuuming.

   */

  MultiXactId perBackendXactIds[FLEXIBLE_ARRAY_MEMBER];

} MultiXactStateData;

/*

 * Size of OldestMemberMXactId and OldestVisibleMXactId arrays.

 */

#define MaxOldestSlot (MaxBackends + max_prepared_xacts)

/* Pointers to the state data in shared memory */

static MultiXactStateData *MultiXactState;

static MultiXactId *OldestMemberMXactId;

static MultiXactId *OldestVisibleMXactId;

/*

 * Definitions for the backend-local MultiXactId cache.

 *

 * We use this cache to store known MultiXacts, so we don't need to go to

 * SLRU areas every time.

 *

 * The cache lasts for the duration of a single transaction, the rationale

 * for this being that most entries will contain our own TransactionId and

 * so they will be uninteresting by the time our next transaction starts.

 * (XXX not clear that this is correct --- other members of the MultiXact

 * could hang around longer than we did.  However, it's not clear what a

 * better policy for flushing old cache entries would be.)  FIXME actually

 * this is plain wrong now that multixact's may contain update Xids.

 *

 * We allocate the cache entries in a memory context that is deleted at

 * transaction end, so we don't need to do retail freeing of entries.

 */

typedef struct mXactCacheEnt

{

  MultiXactId multi;

  int     nmembers;

  dlist_node  node;

  MultiXactMember members[FLEXIBLE_ARRAY_MEMBER];

} mXactCacheEnt;

#define MAX_CACHE_ENTRIES 256

static dclist_head MXactCache = DCLIST_STATIC_INIT(MXactCache);

static MemoryContext MXactContext = NULL;

#ifdef MULTIXACT_DEBUG

#define debug_elog2(a,b) elog(a,b)

#define debug_elog3(a,b,c) elog(a,b,c)

#define debug_elog4(a,b,c,d) elog(a,b,c,d)

#define debug_elog5(a,b,c,d,e) elog(a,b,c,d,e)

#define debug_elog6(a,b,c,d,e,f) elog(a,b,c,d,e,f)

#else

#define debug_elog2(a,b)

#define debug_elog3(a,b,c)

#define debug_elog4(a,b,c,d)

#define debug_elog5(a,b,c,d,e)

#define debug_elog6(a,b,c,d,e,f)

#endif

/* internal MultiXactId management */

static void MultiXactIdSetOldestVisible(void);

static void RecordNewMultiXact(MultiXactId multi, MultiXactOffset offset,

                 int nmembers, MultiXactMember *members);

static MultiXactId GetNewMultiXactId(int nmembers, MultiXactOffset *offset);

/* MultiXact cache management */

static int  mxactMemberComparator(const void *arg1, const void *arg2);

static MultiXactId mXactCacheGetBySet(int nmembers, MultiXactMember *members);

static int  mXactCacheGetById(MultiXactId multi, MultiXactMember **members);

static void mXactCachePut(MultiXactId multi, int nmembers,

              MultiXactMember *members);

static char *mxstatus_to_string(MultiXactStatus status);

/* management of SLRU infrastructure */

static int  ZeroMultiXactOffsetPage(int64 pageno, bool writeXlog);

static int  ZeroMultiXactMemberPage(int64 pageno, bool writeXlog);

static bool MultiXactOffsetPagePrecedes(int64 page1, int64 page2);

static bool MultiXactMemberPagePrecedes(int64 page1, int64 page2);

static bool MultiXactOffsetPrecedes(MultiXactOffset offset1,

                  MultiXactOffset offset2);

static void ExtendMultiXactOffset(MultiXactId multi);

static void ExtendMultiXactMember(MultiXactOffset offset, int nmembers);

static bool MultiXactOffsetWouldWrap(MultiXactOffset boundary,

                   MultiXactOffset start, uint32 distance);

static bool SetOffsetVacuumLimit(bool is_startup);

static bool find_multixact_start(MultiXactId multi, MultiXactOffset *result);

static void WriteMZeroPageXlogRec(int64 pageno, uint8 info);

static void WriteMTruncateXlogRec(Oid oldestMultiDB,

                  MultiXactId startTruncOff,

                  MultiXactId endTruncOff,

                  MultiXactOffset startTruncMemb,

                  MultiXactOffset endTruncMemb);

/*

 * MultiXactIdCreate

 *    Construct a MultiXactId representing two TransactionIds.

 *

 * The two XIDs must be different, or be requesting different statuses.

 *

 * NB - we don't worry about our local MultiXactId cache here, because that

 * is handled by the lower-level routines.

 */

MultiXactId

MultiXactIdCreate(TransactionId xid1, MultiXactStatus status1,

          TransactionId xid2, MultiXactStatus status2)

{

  MultiXactId newMulti;

  MultiXactMember members[2];

  Assert(TransactionIdIsValid(xid1));

  Assert(TransactionIdIsValid(xid2));

  Assert(!TransactionIdEquals(xid1, xid2) || (status1 != status2));

  /* MultiXactIdSetOldestMember() must have been called already. */

  Assert(MultiXactIdIsValid(OldestMemberMXactId[MyProcNumber]));

  /*

   * Note: unlike MultiXactIdExpand, we don't bother to check that both XIDs

   * are still running.  In typical usage, xid2 will be our own XID and the

   * caller just did a check on xid1, so it'd be wasted effort.

   */

  members[0].xid = xid1;

  members[0].status = status1;

  members[1].xid = xid2;

  members[1].status = status2;

  newMulti = MultiXactIdCreateFromMembers(2, members);

  debug_elog3(DEBUG2, "Create: %s",

        mxid_to_string(newMulti, 2, members));

  return newMulti;

}

/*

 * MultiXactIdExpand

 *    Add a TransactionId to a pre-existing MultiXactId.

 *

 * If the TransactionId is already a member of the passed MultiXactId with the

 * same status, just return it as-is.

 *

 * Note that we do NOT actually modify the membership of a pre-existing

 * MultiXactId; instead we create a new one.  This is necessary to avoid

 * a race condition against code trying to wait for one MultiXactId to finish;

 * see notes in heapam.c.

 *

 * NB - we don't worry about our local MultiXactId cache here, because that

 * is handled by the lower-level routines.

 *

 * Note: It is critical that MultiXactIds that come from an old cluster (i.e.

 * one upgraded by pg_upgrade from a cluster older than this feature) are not

 * passed in.

 */

MultiXactId

MultiXactIdExpand(MultiXactId multi, TransactionId xid, MultiXactStatus status)

{

  MultiXactId newMulti;

  MultiXactMember *members;

  MultiXactMember *newMembers;

  int     nmembers;

  int     i;

  int     j;

  Assert(MultiXactIdIsValid(multi));

  Assert(TransactionIdIsValid(xid));

  /* MultiXactIdSetOldestMember() must have been called already. */

  Assert(MultiXactIdIsValid(OldestMemberMXactId[MyProcNumber]));

  debug_elog5(DEBUG2, "Expand: received multi %u, xid %u status %s",

        multi, xid, mxstatus_to_string(status));

  /*

   * Note: we don't allow for old multis here.  The reason is that the only

   * caller of this function does a check that the multixact is no longer

   * running.

   */

  nmembers = GetMultiXactIdMembers(multi, &members, false, false);

  if (nmembers < 0)

  {

    MultiXactMember member;

    /*

     * The MultiXactId is obsolete.  This can only happen if all the

     * MultiXactId members stop running between the caller checking and

     * passing it to us.  It would be better to return that fact to the

     * caller, but it would complicate the API and it's unlikely to happen

     * too often, so just deal with it by creating a singleton MultiXact.

     */

    member.xid = xid;

    member.status = status;

    newMulti = MultiXactIdCreateFromMembers(1, &member);

    debug_elog4(DEBUG2, "Expand: %u has no members, create singleton %u",

          multi, newMulti);

    return newMulti;

  }

  /*

   * If the TransactionId is already a member of the MultiXactId with the

   * same status, just return the existing MultiXactId.

   */

  for (i = 0; i < nmembers; i++)

  {

    if (TransactionIdEquals(members[i].xid, xid) &&

      (members[i].status == status))

    {

      debug_elog4(DEBUG2, "Expand: %u is already a member of %u",

            xid, multi);

      pfree(members);

      return multi;

    }

  }

  /*

   * Determine which of the members of the MultiXactId are still of

   * interest. This is any running transaction, and also any transaction

   * that grabbed something stronger than just a lock and was committed. (An

   * update that aborted is of no interest here; and having more than one

   * update Xid in a multixact would cause errors elsewhere.)

   *

   * Removing dead members is not just an optimization: freezing of tuples

   * whose Xmax are multis depends on this behavior.

   *

   * Note we have the same race condition here as above: j could be 0 at the

   * end of the loop.

   */

  newMembers = (MultiXactMember *)

    palloc(sizeof(MultiXactMember) * (nmembers + 1));

  for (i = 0, j = 0; i < nmembers; i++)

  {

    if (TransactionIdIsInProgress(members[i].xid) ||

      (ISUPDATE_from_mxstatus(members[i].status) &&

       TransactionIdDidCommit(members[i].xid)))

    {

      newMembers[j].xid = members[i].xid;

      newMembers[j++].status = members[i].status;

    }

  }

  newMembers[j].xid = xid;

  newMembers[j++].status = status;

  newMulti = MultiXactIdCreateFromMembers(j, newMembers);

  pfree(members);

  pfree(newMembers);

  debug_elog3(DEBUG2, "Expand: returning new multi %u", newMulti);

  return newMulti;

}

/*

 * MultiXactIdIsRunning

 *    Returns whether a MultiXactId is "running".

 *

 * We return true if at least one member of the given MultiXactId is still

 * running.  Note that a "false" result is certain not to change,

 * because it is not legal to add members to an existing MultiXactId.

 *

 * Caller is expected to have verified that the multixact does not come from

 * a pg_upgraded share-locked tuple.

 */

bool

MultiXactIdIsRunning(MultiXactId multi, bool isLockOnly)

{

  MultiXactMember *members;

  int     nmembers;

  int     i;

  debug_elog3(DEBUG2, "IsRunning %u?", multi);

  /*

   * "false" here means we assume our callers have checked that the given

   * multi cannot possibly come from a pg_upgraded database.

   */

  nmembers = GetMultiXactIdMembers(multi, &members, false, isLockOnly);

  if (nmembers <= 0)

  {

    debug_elog2(DEBUG2, "IsRunning: no members");

    return false;

  }

  /*

   * Checking for myself is cheap compared to looking in shared memory;

   * return true if any live subtransaction of the current top-level

   * transaction is a member.

   *

   * This is not needed for correctness, it's just a fast path.

   */

  for (i = 0; i < nmembers; i++)

  {

    if (TransactionIdIsCurrentTransactionId(members[i].xid))

    {

      debug_elog3(DEBUG2, "IsRunning: I (%d) am running!", i);

      pfree(members);

      return true;

    }

  }

  /*

   * This could be made faster by having another entry point in procarray.c,

   * walking the PGPROC array only once for all the members.  But in most

   * cases nmembers should be small enough that it doesn't much matter.

   */

  for (i = 0; i < nmembers; i++)

  {

    if (TransactionIdIsInProgress(members[i].xid))

    {

      debug_elog4(DEBUG2, "IsRunning: member %d (%u) is running",

            i, members[i].xid);

      pfree(members);

      return true;

    }

  }

  pfree(members);

  debug_elog3(DEBUG2, "IsRunning: %u is not running", multi);

  return false;

}

/*

 * MultiXactIdSetOldestMember

 *    Save the oldest MultiXactId this transaction could be a member of.

 *

 * We set the OldestMemberMXactId for a given transaction the first time it's

 * going to do some operation that might require a MultiXactId (tuple lock,

 * update or delete).  We need to do this even if we end up using a

 * TransactionId instead of a MultiXactId, because there is a chance that

 * another transaction would add our XID to a MultiXactId.

 *

 * The value to set is the next-to-be-assigned MultiXactId, so this is meant to

 * be called just before doing any such possibly-MultiXactId-able operation.

 */

void

MultiXactIdSetOldestMember(void)

{

  if (!MultiXactIdIsValid(OldestMemberMXactId[MyProcNumber]))

  {

    MultiXactId nextMXact;

    /*

     * You might think we don't need to acquire a lock here, since

     * fetching and storing of TransactionIds is probably atomic, but in

     * fact we do: suppose we pick up nextMXact and then lose the CPU for

     * a long time.  Someone else could advance nextMXact, and then

     * another someone else could compute an OldestVisibleMXactId that

     * would be after the value we are going to store when we get control

     * back.  Which would be wrong.

     *

     * Note that a shared lock is sufficient, because it's enough to stop

     * someone from advancing nextMXact; and nobody else could be trying

     * to write to our OldestMember entry, only reading (and we assume

     * storing it is atomic.)

     */

    LWLockAcquire(MultiXactGenLock, LW_SHARED);

    /*

     * We have to beware of the possibility that nextMXact is in the

     * wrapped-around state.  We don't fix the counter itself here, but we

     * must be sure to store a valid value in our array entry.

     */

    nextMXact = MultiXactState->nextMXact;

    if (nextMXact < FirstMultiXactId)

      nextMXact = FirstMultiXactId;

    OldestMemberMXactId[MyProcNumber] = nextMXact;

    LWLockRelease(MultiXactGenLock);

    debug_elog4(DEBUG2, "MultiXact: setting OldestMember[%d] = %u",

          MyProcNumber, nextMXact);

  }

}

/*

 * MultiXactIdSetOldestVisible

 *    Save the oldest MultiXactId this transaction considers possibly live.

 *

 * We set the OldestVisibleMXactId for a given transaction the first time

 * it's going to inspect any MultiXactId.  Once we have set this, we are

 * guaranteed that SLRU data for MultiXactIds >= our own OldestVisibleMXactId

 * won't be truncated away.

 *

 * The value to set is the oldest of nextMXact and all the valid per-backend

 * OldestMemberMXactId[] entries.  Because of the locking we do, we can be

 * certain that no subsequent call to MultiXactIdSetOldestMember can set

 * an OldestMemberMXactId[] entry older than what we compute here.  Therefore

 * there is no live transaction, now or later, that can be a member of any

 * MultiXactId older than the OldestVisibleMXactId we compute here.

 */

static void

MultiXactIdSetOldestVisible(void)

{

  if (!MultiXactIdIsValid(OldestVisibleMXactId[MyProcNumber]))

  {

    MultiXactId oldestMXact;

    int     i;

    LWLockAcquire(MultiXactGenLock, LW_EXCLUSIVE);

    /*

     * We have to beware of the possibility that nextMXact is in the

     * wrapped-around state.  We don't fix the counter itself here, but we

     * must be sure to store a valid value in our array entry.

     */

    oldestMXact = MultiXactState->nextMXact;

    if (oldestMXact < FirstMultiXactId)

      oldestMXact = FirstMultiXactId;

    for (i = 0; i < MaxOldestSlot; i++)

    {

      MultiXactId thisoldest = OldestMemberMXactId[i];

      if (MultiXactIdIsValid(thisoldest) &&

        MultiXactIdPrecedes(thisoldest, oldestMXact))

        oldestMXact = thisoldest;

    }

    OldestVisibleMXactId[MyProcNumber] = oldestMXact;

    LWLockRelease(MultiXactGenLock);

    debug_elog4(DEBUG2, "MultiXact: setting OldestVisible[%d] = %u",

          MyProcNumber, oldestMXact);

  }

}

/*

 * ReadNextMultiXactId

 *    Return the next MultiXactId to be assigned, but don't allocate it

 */

MultiXactId

ReadNextMultiXactId(void)

{

  MultiXactId mxid;

  /* XXX we could presumably do this without a lock. */

  LWLockAcquire(MultiXactGenLock, LW_SHARED);

  mxid = MultiXactState->nextMXact;

  LWLockRelease(MultiXactGenLock);

  if (mxid < FirstMultiXactId)

    mxid = FirstMultiXactId;

  return mxid;

}

/*

 * ReadMultiXactIdRange

 *    Get the range of IDs that may still be referenced by a relation.

 */

void

ReadMultiXactIdRange(MultiXactId *oldest, MultiXactId *next)

{

  LWLockAcquire(MultiXactGenLock, LW_SHARED);

  *oldest = MultiXactState->oldestMultiXactId;

  *next = MultiXactState->nextMXact;

  LWLockRelease(MultiXactGenLock);

  if (*oldest < FirstMultiXactId)

    *oldest = FirstMultiXactId;

  if (*next < FirstMultiXactId)

    *next = FirstMultiXactId;

}

/*

 * MultiXactIdCreateFromMembers

 *    Make a new MultiXactId from the specified set of members

 *

 * Make XLOG, SLRU and cache entries for a new MultiXactId, recording the

 * given TransactionIds as members.  Returns the newly created MultiXactId.

 *

 * NB: the passed members[] array will be sorted in-place.

 */

MultiXactId

MultiXactIdCreateFromMembers(int nmembers, MultiXactMember *members)

{

  MultiXactId multi;

  MultiXactOffset offset;

  xl_multixact_create xlrec;

  debug_elog3(DEBUG2, "Create: %s",

        mxid_to_string(InvalidMultiXactId, nmembers, members));

  /*

   * See if the same set of members already exists in our cache; if so, just

   * re-use that MultiXactId.  (Note: it might seem that looking in our

   * cache is insufficient, and we ought to search disk to see if a

   * duplicate definition already exists.  But since we only ever create

   * MultiXacts containing our own XID, in most cases any such MultiXacts

   * were in fact created by us, and so will be in our cache.  There are

   * corner cases where someone else added us to a MultiXact without our

   * knowledge, but it's not worth checking for.)

   */

  multi = mXactCacheGetBySet(nmembers, members);

  if (MultiXactIdIsValid(multi))

  {

    debug_elog2(DEBUG2, "Create: in cache!");

    return multi;

  }

  /* Verify that there is a single update Xid among the given members. */

  {

    int     i;

    bool    has_update = false;

    for (i = 0; i < nmembers; i++)

    {

      if (ISUPDATE_from_mxstatus(members[i].status))

      {

        if (has_update)

          elog(ERROR, "new multixact has more than one updating member: %s",

             mxid_to_string(InvalidMultiXactId, nmembers, members));

        has_update = true;

      }

    }

  }

  /* Load the injection point before entering the critical section */

  INJECTION_POINT_LOAD("multixact-create-from-members");

  /*

   * Assign the MXID and offsets range to use, and make sure there is space

   * in the OFFSETs and MEMBERs files.  NB: this routine does

   * START_CRIT_SECTION().

   *

   * Note: unlike MultiXactIdCreate and MultiXactIdExpand, we do not check

   * that we've called MultiXactIdSetOldestMember here.  This is because

   * this routine is used in some places to create new MultiXactIds of which

   * the current backend is not a member, notably during freezing of multis

   * in vacuum.  During vacuum, in particular, it would be unacceptable to

   * keep OldestMulti set, in case it runs for long.

   */

  multi = GetNewMultiXactId(nmembers, &offset);

  INJECTION_POINT_CACHED("multixact-create-from-members", NULL);

  /* Make an XLOG entry describing the new MXID. */

  xlrec.mid = multi;

  xlrec.moff = offset;

  xlrec.nmembers = nmembers;

  /*

   * XXX Note: there's a lot of padding space in MultiXactMember.  We could

   * find a more compact representation of this Xlog record -- perhaps all

   * the status flags in one XLogRecData, then all the xids in another one?

   * Not clear that it's worth the trouble though.

   */

  XLogBeginInsert();

  XLogRegisterData(&xlrec, SizeOfMultiXactCreate);

  XLogRegisterData(members, nmembers * sizeof(MultiXactMember));

  (void) XLogInsert(RM_MULTIXACT_ID, XLOG_MULTIXACT_CREATE_ID);

  /* Now enter the information into the OFFSETs and MEMBERs logs */

  RecordNewMultiXact(multi, offset, nmembers, members);

  /* Done with critical section */

  END_CRIT_SECTION();

  /* Store the new MultiXactId in the local cache, too */

  mXactCachePut(multi, nmembers, members);

  debug_elog2(DEBUG2, "Create: all done");

  return multi;

}

/*

 * RecordNewMultiXact

 *    Write info about a new multixact into the offsets and members files

 *

 * This is broken out of MultiXactIdCreateFromMembers so that xlog replay can

 * use it.

 */

static void

RecordNewMultiXact(MultiXactId multi, MultiXactOffset offset,

           int nmembers, MultiXactMember *members)

{

  int64   pageno;

  int64   prev_pageno;

  int     entryno;

  int     slotno;

  MultiXactOffset *offptr;

  int     i;

  LWLock     *lock;

  LWLock     *prevlock = NULL;

  pageno = MultiXactIdToOffsetPage(multi);

  entryno = MultiXactIdToOffsetEntry(multi);

  lock = SimpleLruGetBankLock(MultiXactOffsetCtl, pageno);

  LWLockAcquire(lock, LW_EXCLUSIVE);

  /*

   * Note: we pass the MultiXactId to SimpleLruReadPage as the "transaction"

   * to complain about if there's any I/O error.  This is kinda bogus, but

   * since the errors will always give the full pathname, it should be clear

   * enough that a MultiXactId is really involved.  Perhaps someday we'll

   * take the trouble to generalize the slru.c error reporting code.

   */

  slotno = SimpleLruReadPage(MultiXactOffsetCtl, pageno, true, multi);

  offptr = (MultiXactOffset *) MultiXactOffsetCtl->shared->page_buffer[slotno];

  offptr += entryno;

  *offptr = offset;

  MultiXactOffsetCtl->shared->page_dirty[slotno] = true;

  /* Release MultiXactOffset SLRU lock. */

  LWLockRelease(lock);

  /*

   * If anybody was waiting to know the offset of this multixact ID we just

   * wrote, they can read it now, so wake them up.

   */

  ConditionVariableBroadcast(&MultiXactState->nextoff_cv);

  prev_pageno = -1;

  for (i = 0; i < nmembers; i++, offset++)

  {

    TransactionId *memberptr;

    uint32     *flagsptr;

    uint32    flagsval;

    int     bshift;

    int     flagsoff;

    int     memberoff;

    Assert(members[i].status <= MultiXactStatusUpdate);

    pageno = MXOffsetToMemberPage(offset);

    memberoff = MXOffsetToMemberOffset(offset);

    flagsoff = MXOffsetToFlagsOffset(offset);

    bshift = MXOffsetToFlagsBitShift(offset);

    if (pageno != prev_pageno)

    {

      /*

       * MultiXactMember SLRU page is changed so check if this new page

       * fall into the different SLRU bank then release the old bank's

       * lock and acquire lock on the new bank.

       */

      lock = SimpleLruGetBankLock(MultiXactMemberCtl, pageno);

      if (lock != prevlock)

      {

        if (prevlock != NULL)

          LWLockRelease(prevlock);

        LWLockAcquire(lock, LW_EXCLUSIVE);

        prevlock = lock;

      }

      slotno = SimpleLruReadPage(MultiXactMemberCtl, pageno, true, multi);

      prev_pageno = pageno;

    }

    memberptr = (TransactionId *)

      (MultiXactMemberCtl->shared->page_buffer[slotno] + memberoff);

    *memberptr = members[i].xid;

    flagsptr = (uint32 *)

      (MultiXactMemberCtl->shared->page_buffer[slotno] + flagsoff);

    flagsval = *flagsptr;

    flagsval &= ~(((1 << MXACT_MEMBER_BITS_PER_XACT) - 1) << bshift);

    flagsval |= (members[i].status << bshift);