/*-------------------------------------------------------------------------

 * applyparallelworker.c

 *     Support routines for applying xact by parallel apply worker

 *

 * Copyright (c) 2023-2025, PostgreSQL Global Development Group

 *

 * IDENTIFICATION

 *    src/backend/replication/logical/applyparallelworker.c

 *

 * This file contains the code to launch, set up, and teardown a parallel apply

 * worker which receives the changes from the leader worker and invokes routines

 * to apply those on the subscriber database. Additionally, this file contains

 * routines that are intended to support setting up, using, and tearing down a

 * ParallelApplyWorkerInfo which is required so the leader worker and parallel

 * apply workers can communicate with each other.

 *

 * The parallel apply workers are assigned (if available) as soon as xact's

 * first stream is received for subscriptions that have set their 'streaming'

 * option as parallel. The leader apply worker will send changes to this new

 * worker via shared memory. We keep this worker assigned till the transaction

 * commit is received and also wait for the worker to finish at commit. This

 * preserves commit ordering and avoid file I/O in most cases, although we

 * still need to spill to a file if there is no worker available. See comments

 * atop logical/worker to know more about streamed xacts whose changes are

 * spilled to disk. It is important to maintain commit order to avoid failures

 * due to: (a) transaction dependencies - say if we insert a row in the first

 * transaction and update it in the second transaction on publisher then

 * allowing the subscriber to apply both in parallel can lead to failure in the

 * update; (b) deadlocks - allowing transactions that update the same set of

 * rows/tables in the opposite order to be applied in parallel can lead to

 * deadlocks.

 *

 * A worker pool is used to avoid restarting workers for each streaming

 * transaction. We maintain each worker's information (ParallelApplyWorkerInfo)

 * in the ParallelApplyWorkerPool. After successfully launching a new worker,

 * its information is added to the ParallelApplyWorkerPool. Once the worker

 * finishes applying the transaction, it is marked as available for re-use.

 * Now, before starting a new worker to apply the streaming transaction, we

 * check the list for any available worker. Note that we retain a maximum of

 * half the max_parallel_apply_workers_per_subscription workers in the pool and

 * after that, we simply exit the worker after applying the transaction.

 *

 * XXX This worker pool threshold is arbitrary and we can provide a GUC

 * variable for this in the future if required.

 *

 * The leader apply worker will create a separate dynamic shared memory segment

 * when each parallel apply worker starts. The reason for this design is that

 * we cannot predict how many workers will be needed. It may be possible to

 * allocate enough shared memory in one segment based on the maximum number of

 * parallel apply workers (max_parallel_apply_workers_per_subscription), but

 * this would waste memory if no process is actually started.

 *

 * The dynamic shared memory segment contains: (a) a shm_mq that is used to

 * send changes in the transaction from leader apply worker to parallel apply

 * worker; (b) another shm_mq that is used to send errors (and other messages

 * reported via elog/ereport) from the parallel apply worker to leader apply

 * worker; (c) necessary information to be shared among parallel apply workers

 * and the leader apply worker (i.e. members of ParallelApplyWorkerShared).

 *

 * Locking Considerations

 * ----------------------

 * We have a risk of deadlock due to concurrently applying the transactions in

 * parallel mode that were independent on the publisher side but became

 * dependent on the subscriber side due to the different database structures

 * (like schema of subscription tables, constraints, etc.) on each side. This

 * can happen even without parallel mode when there are concurrent operations

 * on the subscriber. In order to detect the deadlocks among leader (LA) and

 * parallel apply (PA) workers, we used lmgr locks when the PA waits for the

 * next stream (set of changes) and LA waits for PA to finish the transaction.

 * An alternative approach could be to not allow parallelism when the schema of

 * tables is different between the publisher and subscriber but that would be

 * too restrictive and would require the publisher to send much more

 * information than it is currently sending.

 *

 * Consider a case where the subscribed table does not have a unique key on the

 * publisher and has a unique key on the subscriber. The deadlock can happen in

 * the following ways:

 *

 * 1) Deadlock between the leader apply worker and a parallel apply worker

 *

 * Consider that the parallel apply worker (PA) is executing TX-1 and the

 * leader apply worker (LA) is executing TX-2 concurrently on the subscriber.

 * Now, LA is waiting for PA because of the unique key constraint of the

 * subscribed table while PA is waiting for LA to send the next stream of

 * changes or transaction finish command message.

 *

 * In order for lmgr to detect this, we have LA acquire a session lock on the

 * remote transaction (by pa_lock_stream()) and have PA wait on the lock before

 * trying to receive the next stream of changes. Specifically, LA will acquire

 * the lock in AccessExclusive mode before sending the STREAM_STOP and will

 * release it if already acquired after sending the STREAM_START, STREAM_ABORT

 * (for toplevel transaction), STREAM_PREPARE, and STREAM_COMMIT. The PA will

 * acquire the lock in AccessShare mode after processing STREAM_STOP and

 * STREAM_ABORT (for subtransaction) and then release the lock immediately

 * after acquiring it.

 *

 * The lock graph for the above example will look as follows:

 * LA (waiting to acquire the lock on the unique index) -> PA (waiting to

 * acquire the stream lock) -> LA

 *

 * This way, when PA is waiting for LA for the next stream of changes, we can

 * have a wait-edge from PA to LA in lmgr, which will make us detect the

 * deadlock between LA and PA.

 *

 * 2) Deadlock between the leader apply worker and parallel apply workers

 *

 * This scenario is similar to the first case but TX-1 and TX-2 are executed by

 * two parallel apply workers (PA-1 and PA-2 respectively). In this scenario,

 * PA-2 is waiting for PA-1 to complete its transaction while PA-1 is waiting

 * for subsequent input from LA. Also, LA is waiting for PA-2 to complete its

 * transaction in order to preserve the commit order. There is a deadlock among

 * the three processes.

 *

 * In order for lmgr to detect this, we have PA acquire a session lock (this is

 * a different lock than referred in the previous case, see

 * pa_lock_transaction()) on the transaction being applied and have LA wait on

 * the lock before proceeding in the transaction finish commands. Specifically,

 * PA will acquire this lock in AccessExclusive mode before executing the first

 * message of the transaction and release it at the xact end. LA will acquire

 * this lock in AccessShare mode at transaction finish commands and release it

 * immediately.

 *

 * The lock graph for the above example will look as follows:

 * LA (waiting to acquire the transaction lock) -> PA-2 (waiting to acquire the

 * lock due to unique index constraint) -> PA-1 (waiting to acquire the stream

 * lock) -> LA

 *

 * This way when LA is waiting to finish the transaction end command to preserve

 * the commit order, we will be able to detect deadlock, if any.

 *

 * One might think we can use XactLockTableWait(), but XactLockTableWait()

 * considers PREPARED TRANSACTION as still in progress which means the lock

 * won't be released even after the parallel apply worker has prepared the

 * transaction.

 *

 * 3) Deadlock when the shm_mq buffer is full

 *

 * In the previous scenario (ie. PA-1 and PA-2 are executing transactions

 * concurrently), if the shm_mq buffer between LA and PA-2 is full, LA has to

 * wait to send messages, and this wait doesn't appear in lmgr.

 *

 * To avoid this wait, we use a non-blocking write and wait with a timeout. If

 * the timeout is exceeded, the LA will serialize all the pending messages to

 * a file and indicate PA-2 that it needs to read that file for the remaining

 * messages. Then LA will start waiting for commit as in the previous case

 * which will detect deadlock if any. See pa_send_data() and

 * enum TransApplyAction.

 *

 * Lock types

 * ----------

 * Both the stream lock and the transaction lock mentioned above are

 * session-level locks because both locks could be acquired outside the

 * transaction, and the stream lock in the leader needs to persist across

 * transaction boundaries i.e. until the end of the streaming transaction.

 *-------------------------------------------------------------------------

 */

#include "postgres.h"

#include "libpq/pqformat.h"

#include "libpq/pqmq.h"

#include "pgstat.h"

#include "postmaster/interrupt.h"

#include "replication/logicallauncher.h"

#include "replication/logicalworker.h"

#include "replication/origin.h"

#include "replication/worker_internal.h"

#include "storage/ipc.h"

#include "storage/lmgr.h"

#include "tcop/tcopprot.h"

#include "utils/inval.h"

#include "utils/memutils.h"

#include "utils/syscache.h"

#define PG_LOGICAL_APPLY_SHM_MAGIC 0x787ca067

/*

 * DSM keys for parallel apply worker. Unlike other parallel execution code,

 * since we don't need to worry about DSM keys conflicting with plan_node_id we

 * can use small integers.

 */

#define PARALLEL_APPLY_KEY_SHARED   1

#define PARALLEL_APPLY_KEY_MQ     2

#define PARALLEL_APPLY_KEY_ERROR_QUEUE  3

/* Queue size of DSM, 16 MB for now. */

#define DSM_QUEUE_SIZE  (16 * 1024 * 1024)

/*

 * Error queue size of DSM. It is desirable to make it large enough that a

 * typical ErrorResponse can be sent without blocking. That way, a worker that

 * errors out can write the whole message into the queue and terminate without

 * waiting for the user backend.

 */

#define DSM_ERROR_QUEUE_SIZE      (16 * 1024)

/*

 * There are three fields in each message received by the parallel apply

 * worker: start_lsn, end_lsn and send_time. Because we have updated these

 * statistics in the leader apply worker, we can ignore these fields in the

 * parallel apply worker (see function LogicalRepApplyLoop).

 */

#define SIZE_STATS_MESSAGE (2 * sizeof(XLogRecPtr) + sizeof(TimestampTz))

/*

 * The type of session-level lock on a transaction being applied on a logical

 * replication subscriber.

 */

#define PARALLEL_APPLY_LOCK_STREAM  0

#define PARALLEL_APPLY_LOCK_XACT  1

/*

 * Hash table entry to map xid to the parallel apply worker state.

 */

typedef struct ParallelApplyWorkerEntry

{

  TransactionId xid;      /* Hash key -- must be first */

  ParallelApplyWorkerInfo *winfo;

} ParallelApplyWorkerEntry;

/*

 * A hash table used to cache the state of streaming transactions being applied

 * by the parallel apply workers.

 */

static HTAB *ParallelApplyTxnHash = NULL;

/*

* A list (pool) of active parallel apply workers. The information for

* the new worker is added to the list after successfully launching it. The

* list entry is removed if there are already enough workers in the worker

* pool at the end of the transaction. For more information about the worker

* pool, see comments atop this file.

 */

static List *ParallelApplyWorkerPool = NIL;

/*

 * Information shared between leader apply worker and parallel apply worker.

 */

ParallelApplyWorkerShared *MyParallelShared = NULL;

/*

 * Is there a message sent by a parallel apply worker that the leader apply

 * worker needs to receive?

 */

volatile sig_atomic_t ParallelApplyMessagePending = false;

/*

 * Cache the parallel apply worker information required for applying the

 * current streaming transaction. It is used to save the cost of searching the

 * hash table when applying the changes between STREAM_START and STREAM_STOP.

 */

static ParallelApplyWorkerInfo *stream_apply_worker = NULL;

/* A list to maintain subtransactions, if any. */

static List *subxactlist = NIL;

static void pa_free_worker_info(ParallelApplyWorkerInfo *winfo);

static ParallelTransState pa_get_xact_state(ParallelApplyWorkerShared *wshared);

static PartialFileSetState pa_get_fileset_state(void);

/*

 * Returns true if it is OK to start a parallel apply worker, false otherwise.

 */

static bool

pa_can_start(void)

{

  /* Only leader apply workers can start parallel apply workers. */

  if (!am_leader_apply_worker())

    return false;

  /*

   * It is good to check for any change in the subscription parameter to

   * avoid the case where for a very long time the change doesn't get

   * reflected. This can happen when there is a constant flow of streaming

   * transactions that are handled by parallel apply workers.

   *

   * It is better to do it before the below checks so that the latest values

   * of subscription can be used for the checks.

   */

  maybe_reread_subscription();

  /*

   * Don't start a new parallel apply worker if the subscription is not

   * using parallel streaming mode, or if the publisher does not support

   * parallel apply.

   */

  if (!MyLogicalRepWorker->parallel_apply)

    return false;

  /*

   * Don't start a new parallel worker if user has set skiplsn as it's

   * possible that they want to skip the streaming transaction. For

   * streaming transactions, we need to serialize the transaction to a file

   * so that we can get the last LSN of the transaction to judge whether to

   * skip before starting to apply the change.

   *

   * One might think that we could allow parallelism if the first lsn of the

   * transaction is greater than skiplsn, but we don't send it with the

   * STREAM START message, and it doesn't seem worth sending the extra eight

   * bytes with the STREAM START to enable parallelism for this case.

   */

  if (!XLogRecPtrIsInvalid(MySubscription->skiplsn))

    return false;

  /*

   * For streaming transactions that are being applied using a parallel

   * apply worker, we cannot decide whether to apply the change for a

   * relation that is not in the READY state (see

   * should_apply_changes_for_rel) as we won't know remote_final_lsn by that

   * time. So, we don't start the new parallel apply worker in this case.

   */

  if (!AllTablesyncsReady())

    return false;

  return true;

}

/*

 * Set up a dynamic shared memory segment.

 *

 * We set up a control region that contains a fixed-size worker info

 * (ParallelApplyWorkerShared), a message queue, and an error queue.

 *

 * Returns true on success, false on failure.

 */

static bool

pa_setup_dsm(ParallelApplyWorkerInfo *winfo)

{

  shm_toc_estimator e;

  Size    segsize;

  dsm_segment *seg;

  shm_toc    *toc;

  ParallelApplyWorkerShared *shared;

  shm_mq     *mq;

  Size    queue_size = DSM_QUEUE_SIZE;

  Size    error_queue_size = DSM_ERROR_QUEUE_SIZE;

  /*

   * Estimate how much shared memory we need.

   *

   * Because the TOC machinery may choose to insert padding of oddly-sized

   * requests, we must estimate each chunk separately.

   *

   * We need one key to register the location of the header, and two other

   * keys to track the locations of the message queue and the error message

   * queue.

   */

  shm_toc_initialize_estimator(&e);

  shm_toc_estimate_chunk(&e, sizeof(ParallelApplyWorkerShared));

  shm_toc_estimate_chunk(&e, queue_size);

  shm_toc_estimate_chunk(&e, error_queue_size);

  shm_toc_estimate_keys(&e, 3);

  segsize = shm_toc_estimate(&e);

  /* Create the shared memory segment and establish a table of contents. */

  seg = dsm_create(shm_toc_estimate(&e), 0);

  if (!seg)

    return false;

  toc = shm_toc_create(PG_LOGICAL_APPLY_SHM_MAGIC, dsm_segment_address(seg),

             segsize);

  /* Set up the header region. */

  shared = shm_toc_allocate(toc, sizeof(ParallelApplyWorkerShared));

  SpinLockInit(&shared->mutex);

  shared->xact_state = PARALLEL_TRANS_UNKNOWN;

  pg_atomic_init_u32(&(shared->pending_stream_count), 0);

  shared->last_commit_end = InvalidXLogRecPtr;

  shared->fileset_state = FS_EMPTY;

  shm_toc_insert(toc, PARALLEL_APPLY_KEY_SHARED, shared);

  /* Set up message queue for the worker. */

  mq = shm_mq_create(shm_toc_allocate(toc, queue_size), queue_size);

  shm_toc_insert(toc, PARALLEL_APPLY_KEY_MQ, mq);

  shm_mq_set_sender(mq, MyProc);

  /* Attach the queue. */

  winfo->mq_handle = shm_mq_attach(mq, seg, NULL);

  /* Set up error queue for the worker. */

  mq = shm_mq_create(shm_toc_allocate(toc, error_queue_size),

             error_queue_size);

  shm_toc_insert(toc, PARALLEL_APPLY_KEY_ERROR_QUEUE, mq);

  shm_mq_set_receiver(mq, MyProc);

  /* Attach the queue. */

  winfo->error_mq_handle = shm_mq_attach(mq, seg, NULL);

  /* Return results to caller. */

  winfo->dsm_seg = seg;

  winfo->shared = shared;

  return true;

}

/*

 * Try to get a parallel apply worker from the pool. If none is available then

 * start a new one.

 */

static ParallelApplyWorkerInfo *

pa_launch_parallel_worker(void)

{

  MemoryContext oldcontext;

  bool    launched;

  ParallelApplyWorkerInfo *winfo;

  ListCell   *lc;

  /* Try to get an available parallel apply worker from the worker pool. */

  foreach(lc, ParallelApplyWorkerPool)

  {

    winfo = (ParallelApplyWorkerInfo *) lfirst(lc);

    if (!winfo->in_use)

      return winfo;

  }

  /*

   * Start a new parallel apply worker.

   *

   * The worker info can be used for the lifetime of the worker process, so

   * create it in a permanent context.

   */

  oldcontext = MemoryContextSwitchTo(ApplyContext);

  winfo = (ParallelApplyWorkerInfo *) palloc0(sizeof(ParallelApplyWorkerInfo));

  /* Setup shared memory. */

  if (!pa_setup_dsm(winfo))

  {

    MemoryContextSwitchTo(oldcontext);

    pfree(winfo);

    return NULL;

  }

  launched = logicalrep_worker_launch(WORKERTYPE_PARALLEL_APPLY,

                    MyLogicalRepWorker->dbid,

                    MySubscription->oid,

                    MySubscription->name,

                    MyLogicalRepWorker->userid,

                    InvalidOid,

                    dsm_segment_handle(winfo->dsm_seg));

  if (launched)

  {

    ParallelApplyWorkerPool = lappend(ParallelApplyWorkerPool, winfo);

  }

  else

  {

    pa_free_worker_info(winfo);

    winfo = NULL;

  }

  MemoryContextSwitchTo(oldcontext);

  return winfo;

}

/*

 * Allocate a parallel apply worker that will be used for the specified xid.

 *

 * We first try to get an available worker from the pool, if any and then try

 * to launch a new worker. On successful allocation, remember the worker

 * information in the hash table so that we can get it later for processing the

 * streaming changes.

 */

void

pa_allocate_worker(TransactionId xid)

{

  bool    found;

  ParallelApplyWorkerInfo *winfo = NULL;

  ParallelApplyWorkerEntry *entry;

  if (!pa_can_start())

    return;

  winfo = pa_launch_parallel_worker();

  if (!winfo)

    return;

  /* First time through, initialize parallel apply worker state hashtable. */

  if (!ParallelApplyTxnHash)

  {

    HASHCTL   ctl;

    MemSet(&ctl, 0, sizeof(ctl));

    ctl.keysize = sizeof(TransactionId);

    ctl.entrysize = sizeof(ParallelApplyWorkerEntry);

    ctl.hcxt = ApplyContext;

    ParallelApplyTxnHash = hash_create("logical replication parallel apply workers hash",

                       16, &ctl,

                       HASH_ELEM | HASH_BLOBS | HASH_CONTEXT);

  }

  /* Create an entry for the requested transaction. */

  entry = hash_search(ParallelApplyTxnHash, &xid, HASH_ENTER, &found);

  if (found)

    elog(ERROR, "hash table corrupted");

  /* Update the transaction information in shared memory. */

  SpinLockAcquire(&winfo->shared->mutex);

  winfo->shared->xact_state = PARALLEL_TRANS_UNKNOWN;

  winfo->shared->xid = xid;

  SpinLockRelease(&winfo->shared->mutex);

  winfo->in_use = true;

  winfo->serialize_changes = false;

  entry->winfo = winfo;

}

/*

 * Find the assigned worker for the given transaction, if any.

 */

ParallelApplyWorkerInfo *

pa_find_worker(TransactionId xid)

{

  bool    found;

  ParallelApplyWorkerEntry *entry;

  if (!TransactionIdIsValid(xid))

    return NULL;

  if (!ParallelApplyTxnHash)

    return NULL;

  /* Return the cached parallel apply worker if valid. */

  if (stream_apply_worker)

    return stream_apply_worker;

  /* Find an entry for the requested transaction. */

  entry = hash_search(ParallelApplyTxnHash, &xid, HASH_FIND, &found);

  if (found)

  {

    /* The worker must not have exited.  */

    Assert(entry->winfo->in_use);

    return entry->winfo;

  }

  return NULL;

}

/*

 * Makes the worker available for reuse.

 *

 * This removes the parallel apply worker entry from the hash table so that it

 * can't be used. If there are enough workers in the pool, it stops the worker

 * and frees the corresponding info. Otherwise it just marks the worker as

 * available for reuse.

 *

 * For more information about the worker pool, see comments atop this file.

 */

static void

pa_free_worker(ParallelApplyWorkerInfo *winfo)

{

  Assert(!am_parallel_apply_worker());

  Assert(winfo->in_use);

  Assert(pa_get_xact_state(winfo->shared) == PARALLEL_TRANS_FINISHED);

  if (!hash_search(ParallelApplyTxnHash, &winfo->shared->xid, HASH_REMOVE, NULL))

    elog(ERROR, "hash table corrupted");

  /*

   * Stop the worker if there are enough workers in the pool.

   *

   * XXX Additionally, we also stop the worker if the leader apply worker

   * serialize part of the transaction data due to a send timeout. This is

   * because the message could be partially written to the queue and there

   * is no way to clean the queue other than resending the message until it

   * succeeds. Instead of trying to send the data which anyway would have

   * been serialized and then letting the parallel apply worker deal with

   * the spurious message, we stop the worker.

   */

  if (winfo->serialize_changes ||

    list_length(ParallelApplyWorkerPool) >

    (max_parallel_apply_workers_per_subscription / 2))

  {

    logicalrep_pa_worker_stop(winfo);

    pa_free_worker_info(winfo);

    return;

  }

  winfo->in_use = false;

  winfo->serialize_changes = false;

}

/*

 * Free the parallel apply worker information and unlink the files with

 * serialized changes if any.

 */

static void

pa_free_worker_info(ParallelApplyWorkerInfo *winfo)

{

  Assert(winfo);

  if (winfo->mq_handle)

    shm_mq_detach(winfo->mq_handle);

  if (winfo->error_mq_handle)

    shm_mq_detach(winfo->error_mq_handle);

  /* Unlink the files with serialized changes. */

  if (winfo->serialize_changes)

    stream_cleanup_files(MyLogicalRepWorker->subid, winfo->shared->xid);

  if (winfo->dsm_seg)

    dsm_detach(winfo->dsm_seg);

  /* Remove from the worker pool. */

  ParallelApplyWorkerPool = list_delete_ptr(ParallelApplyWorkerPool, winfo);

  pfree(winfo);

}

/*

 * Detach the error queue for all parallel apply workers.

 */

void

pa_detach_all_error_mq(void)

{

  ListCell   *lc;

  foreach(lc, ParallelApplyWorkerPool)

  {

    ParallelApplyWorkerInfo *winfo = (ParallelApplyWorkerInfo *) lfirst(lc);

    if (winfo->error_mq_handle)

    {

      shm_mq_detach(winfo->error_mq_handle);

      winfo->error_mq_handle = NULL;

    }

  }

}

/*

 * Check if there are any pending spooled messages.

 */

static bool

pa_has_spooled_message_pending()

{

  PartialFileSetState fileset_state;

  fileset_state = pa_get_fileset_state();

  return (fileset_state != FS_EMPTY);

}

/*

 * Replay the spooled messages once the leader apply worker has finished

 * serializing changes to the file.

 *

 * Returns false if there aren't any pending spooled messages, true otherwise.

 */

static bool

pa_process_spooled_messages_if_required(void)

{

  PartialFileSetState fileset_state;

  fileset_state = pa_get_fileset_state();

  if (fileset_state == FS_EMPTY)

    return false;

  /*

   * If the leader apply worker is busy serializing the partial changes then

   * acquire the stream lock now and wait for the leader worker to finish

   * serializing the changes. Otherwise, the parallel apply worker won't get

   * a chance to receive a STREAM_STOP (and acquire the stream lock) until

   * the leader had serialized all changes which can lead to undetected

   * deadlock.

   *

   * Note that the fileset state can be FS_SERIALIZE_DONE once the leader

   * worker has finished serializing the changes.

   */

  if (fileset_state == FS_SERIALIZE_IN_PROGRESS)

  {

    pa_lock_stream(MyParallelShared->xid, AccessShareLock);

    pa_unlock_stream(MyParallelShared->xid, AccessShareLock);

    fileset_state = pa_get_fileset_state();

  }

  /*

   * We cannot read the file immediately after the leader has serialized all

   * changes to the file because there may still be messages in the memory

   * queue. We will apply all spooled messages the next time we call this

   * function and that will ensure there are no messages left in the memory

   * queue.

   */

  if (fileset_state == FS_SERIALIZE_DONE)

  {

    pa_set_fileset_state(MyParallelShared, FS_READY);

  }

  else if (fileset_state == FS_READY)

  {

    apply_spooled_messages(&MyParallelShared->fileset,

                 MyParallelShared->xid,

                 InvalidXLogRecPtr);

    pa_set_fileset_state(MyParallelShared, FS_EMPTY);

  }

  return true;

}

/*

 * Interrupt handler for main loop of parallel apply worker.

 */

static void

ProcessParallelApplyInterrupts(void)

{

  CHECK_FOR_INTERRUPTS();

  if (ShutdownRequestPending)

  {

    ereport(LOG,

        (errmsg("logical replication parallel apply worker for subscription \"%s\" has finished",

            MySubscription->name)));

    proc_exit(0);

  }

  if (ConfigReloadPending)

  {

    ConfigReloadPending = false;

    ProcessConfigFile(PGC_SIGHUP);

  }

}

/* Parallel apply worker main loop. */

static void

LogicalParallelApplyLoop(shm_mq_handle *mqh)

{

  shm_mq_result shmq_res;

  ErrorContextCallback errcallback;

  MemoryContext oldcxt = CurrentMemoryContext;

  /*

   * Init the ApplyMessageContext which we clean up after each replication

   * protocol message.

   */

  ApplyMessageContext = AllocSetContextCreate(ApplyContext,

                        "ApplyMessageContext",

                        ALLOCSET_DEFAULT_SIZES);

  /*

   * Push apply error context callback. Fields will be filled while applying

   * a change.

   */

  errcallback.callback = apply_error_callback;

  errcallback.previous = error_context_stack;

  error_context_stack = &errcallback;

  for (;;)

  {

    void     *data;

    Size    len;

    ProcessParallelApplyInterrupts();

    /* Ensure we are reading the data into our memory context. */

    MemoryContextSwitchTo(ApplyMessageContext);

    shmq_res = shm_mq_receive(mqh, &len, &data, true);

    if (shmq_res == SHM_MQ_SUCCESS)

    {

      StringInfoData s;

      int     c;

      if (len == 0)

        elog(ERROR, "invalid message length");

      initReadOnlyStringInfo(&s, data, len);

      /*

       * The first byte of messages sent from leader apply worker to

       * parallel apply workers can only be 'w'.

       */

      c = pq_getmsgbyte(&s);

      if (c != 'w')

        elog(ERROR, "unexpected message \"%c\"", c);

      /*

       * Ignore statistics fields that have been updated by the leader

       * apply worker.

       *

       * XXX We can avoid sending the statistics fields from the leader

       * apply worker but for that, it needs to rebuild the entire

       * message by removing these fields which could be more work than

       * simply ignoring these fields in the parallel apply worker.

       */

      s.cursor += SIZE_STATS_MESSAGE;

      apply_dispatch(&s);

    }

    else if (shmq_res == SHM_MQ_WOULD_BLOCK)

    {

      /* Replay the changes from the file, if any. */

      if (!pa_process_spooled_messages_if_required())

      {

        int     rc;

        /* Wait for more work. */

        rc = WaitLatch(MyLatch,

                 WL_LATCH_SET | WL_TIMEOUT | WL_EXIT_ON_PM_DEATH,

                 1000L,

                 WAIT_EVENT_LOGICAL_PARALLEL_APPLY_MAIN);

        if (rc & WL_LATCH_SET)

          ResetLatch(MyLatch);

      }

    }

    else

    {

      Assert(shmq_res == SHM_MQ_DETACHED);

      ereport(ERROR,

          (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),

           errmsg("lost connection to the logical replication apply worker")));

    }

    MemoryContextReset(ApplyMessageContext);

    MemoryContextSwitchTo(oldcxt);

  }

  /* Pop the error context stack. */

  error_context_stack = errcallback.previous;

  MemoryContextSwitchTo(oldcxt);

}

/*

 * Make sure the leader apply worker tries to read from our error queue one more

 * time. This guards against the case where we exit uncleanly without sending

 * an ErrorResponse, for example because some code calls proc_exit directly.

 *

 * Also explicitly detach from dsm segment to invoke on_dsm_detach callbacks,

 * if any. See ParallelWorkerShutdown for details.

 */

static void

pa_shutdown(int code, Datum arg)

{

  SendProcSignal(MyLogicalRepWorker->leader_pid,

           PROCSIG_PARALLEL_APPLY_MESSAGE,

           INVALID_PROC_NUMBER);

  dsm_detach((dsm_segment *) DatumGetPointer(arg));

}

/*

 * Parallel apply worker entry point.

 */

void

ParallelApplyWorkerMain(Datum main_arg)

{

  ParallelApplyWorkerShared *shared;

  dsm_handle  handle;

  dsm_segment *seg;

  shm_toc    *toc;

  shm_mq     *mq;

  shm_mq_handle *mqh;

  shm_mq_handle *error_mqh;

  RepOriginId originid;

  int     worker_slot = DatumGetInt32(main_arg);

  char    originname[NAMEDATALEN];

  InitializingApplyWorker = true;

  /* Setup signal handling. */

  pqsignal(SIGHUP, SignalHandlerForConfigReload);

  pqsignal(SIGINT, SignalHandlerForShutdownRequest);

  pqsignal(SIGTERM, die);

  BackgroundWorkerUnblockSignals();

  /*

   * Attach to the dynamic shared memory segment for the parallel apply, and

   * find its table of contents.

   *

   * Like parallel query, we don't need resource owner by this time. See

   * ParallelWorkerMain.

   */

  memcpy(&handle, MyBgworkerEntry->bgw_extra, sizeof(dsm_handle));

  seg = dsm_attach(handle);

  if (!seg)

    ereport(ERROR,

        (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),

         errmsg("could not map dynamic shared memory segment")));

  toc = shm_toc_attach(PG_LOGICAL_APPLY_SHM_MAGIC, dsm_segment_address(seg));

  if (!toc)

    ereport(ERROR,

        (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),

         errmsg("invalid magic number in dynamic shared memory segment")));

  /* Look up the shared information. */

  shared = shm_toc_lookup(toc, PARALLEL_APPLY_KEY_SHARED, false);

  MyParallelShared = shared;

  /*

   * Attach to the message queue.

   */

  mq = shm_toc_lookup(toc, PARALLEL_APPLY_KEY_MQ, false);

  shm_mq_set_receiver(mq, MyProc);

  mqh = shm_mq_attach(mq, seg, NULL);

  /*

   * Primary initialization is complete. Now, we can attach to our slot.

   * This is to ensure that the leader apply worker does not write data to

   * the uninitialized memory queue.

   */

  logicalrep_worker_attach(worker_slot);

  /*

   * Register the shutdown callback after we are attached to the worker

   * slot. This is to ensure that MyLogicalRepWorker remains valid when this

   * callback is invoked.

   */

  before_shmem_exit(pa_shutdown, PointerGetDatum(seg));

  SpinLockAcquire(&MyParallelShared->mutex);

  MyParallelShared->logicalrep_worker_generation = MyLogicalRepWorker->generation;

  MyParallelShared->logicalrep_worker_slot_no = worker_slot;

  SpinLockRelease(&MyParallelShared->mutex);

  /*

   * Attach to the error queue.

   */

  mq = shm_toc_lookup(toc, PARALLEL_APPLY_KEY_ERROR_QUEUE, false);

  shm_mq_set_sender(mq, MyProc);

  error_mqh = shm_mq_attach(mq, seg, NULL);

  pq_redirect_to_shm_mq(seg, error_mqh);

  pq_set_parallel_leader(MyLogicalRepWorker->leader_pid,

               INVALID_PROC_NUMBER);

  MyLogicalRepWorker->last_send_time = MyLogicalRepWorker->last_recv_time =

    MyLogicalRepWorker->reply_time = 0;

  InitializeLogRepWorker();

  InitializingApplyWorker = false;

  /* Setup replication origin tracking. */

  StartTransactionCommand();

  ReplicationOriginNameForLogicalRep(MySubscription->oid, InvalidOid,

                     originname, sizeof(originname));

  originid = replorigin_by_name(originname, false);

  /*

   * The parallel apply worker doesn't need to monopolize this replication

   * origin which was already acquired by its leader process.

   */

  replorigin_session_setup(originid, MyLogicalRepWorker->leader_pid);

  replorigin_session_origin = originid;

  CommitTransactionCommand();

  /*

   * Setup callback for syscache so that we know when something changes in

   * the subscription relation state.

   */

  CacheRegisterSyscacheCallback(SUBSCRIPTIONRELMAP,

                  invalidate_syncing_table_states,

                  (Datum) 0);

  set_apply_error_context_origin(originname);

  LogicalParallelApplyLoop(mqh);

  /*

   * The parallel apply worker must not get here because the parallel apply

   * worker will only stop when it receives a SIGTERM or SIGINT from the

   * leader, or when there is an error. None of these cases will allow the

   * code to reach here.

   */

  Assert(false);

}

/*

 * Handle receipt of an interrupt indicating a parallel apply worker message.

 *

 * Note: this is called within a signal handler! All we can do is set a flag

 * that will cause the next CHECK_FOR_INTERRUPTS() to invoke

 * ProcessParallelApplyMessages().

 */

void

HandleParallelApplyMessageInterrupt(void)