1 /*-------------------------------------------------------------------------
5 * The background writer (bgwriter) is new in Postgres 8.0. It attempts
6 * to keep regular backends from having to write out dirty shared buffers
7 * (which they would only do when needing to free a shared buffer to read in
8 * another page). In the best scenario all writes from shared buffers will
9 * be issued by the background writer process. However, regular backends are
10 * still empowered to issue writes if the bgwriter fails to maintain enough
11 * clean shared buffers.
13 * The bgwriter is also charged with handling all checkpoints. It will
14 * automatically dispatch a checkpoint after a certain amount of time has
15 * elapsed since the last one, and it can be signaled to perform requested
16 * checkpoints as well. (The GUC parameter that mandates a checkpoint every
17 * so many WAL segments is implemented by having backends signal the bgwriter
18 * when they fill WAL segments; the bgwriter itself doesn't watch for the
21 * The bgwriter is started by the postmaster as soon as the startup subprocess
22 * finishes. It remains alive until the postmaster commands it to terminate.
23 * Normal termination is by SIGUSR2, which instructs the bgwriter to execute
24 * a shutdown checkpoint and then exit(0). (All backends must be stopped
25 * before SIGUSR2 is issued!) Emergency termination is by SIGQUIT; like any
26 * backend, the bgwriter will simply abort and exit on SIGQUIT.
28 * If the bgwriter exits unexpectedly, the postmaster treats that the same
29 * as a backend crash: shared memory may be corrupted, so remaining backends
30 * should be killed by SIGQUIT and then a recovery cycle started. (Even if
31 * shared memory isn't corrupted, we have lost information about which
32 * files need to be fsync'd for the next checkpoint, and so a system
33 * restart needs to be forced.)
36 * Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
40 * $PostgreSQL: pgsql/src/backend/postmaster/bgwriter.c,v 1.15 2005/03/04 20:21:06 tgl Exp $
42 *-------------------------------------------------------------------------
49 #include "access/xlog.h"
50 #include "libpq/pqsignal.h"
51 #include "miscadmin.h"
52 #include "postmaster/bgwriter.h"
53 #include "storage/bufmgr.h"
54 #include "storage/freespace.h"
55 #include "storage/ipc.h"
56 #include "storage/pmsignal.h"
57 #include "storage/smgr.h"
58 #include "tcop/tcopprot.h"
59 #include "utils/guc.h"
60 #include "utils/memutils.h"
64 * Shared memory area for communication between bgwriter and backends
66 * The ckpt counters allow backends to watch for completion of a checkpoint
67 * request they send. Here's how it works:
68 * * At start of a checkpoint, bgwriter increments ckpt_started.
69 * * On completion of a checkpoint, bgwriter sets ckpt_done to
71 * * On failure of a checkpoint, bgwrite first increments ckpt_failed,
72 * then sets ckpt_done to equal ckpt_started.
73 * All three fields are declared sig_atomic_t to ensure they can be read
74 * and written without explicit locking. The algorithm for backends is:
75 * 1. Record current values of ckpt_failed and ckpt_started (in that
77 * 2. Send signal to request checkpoint.
78 * 3. Sleep until ckpt_started changes. Now you know a checkpoint has
79 * begun since you started this algorithm (although *not* that it was
80 * specifically initiated by your signal).
81 * 4. Record new value of ckpt_started.
82 * 5. Sleep until ckpt_done >= saved value of ckpt_started. (Use modulo
83 * arithmetic here in case counters wrap around.) Now you know a
84 * checkpoint has started and completed, but not whether it was
86 * 6. If ckpt_failed is different from the originally saved value,
87 * assume request failed; otherwise it was definitely successful.
89 * The requests array holds fsync requests sent by backends and not yet
90 * absorbed by the bgwriter.
97 /* might add a request-type field later */
102 pid_t bgwriter_pid; /* PID of bgwriter (0 if not started) */
104 sig_atomic_t ckpt_started; /* advances when checkpoint starts */
105 sig_atomic_t ckpt_done; /* advances when checkpoint done */
106 sig_atomic_t ckpt_failed; /* advances when checkpoint fails */
108 int num_requests; /* current # of requests */
109 int max_requests; /* allocated array size */
110 BgWriterRequest requests[1]; /* VARIABLE LENGTH ARRAY */
111 } BgWriterShmemStruct;
113 static BgWriterShmemStruct *BgWriterShmem;
118 int BgWriterDelay = 200;
119 int CheckPointTimeout = 300;
120 int CheckPointWarning = 30;
123 * Flags set by interrupt handlers for later service in the main loop.
125 static volatile sig_atomic_t got_SIGHUP = false;
126 static volatile sig_atomic_t checkpoint_requested = false;
127 static volatile sig_atomic_t shutdown_requested = false;
132 static bool am_bg_writer = false;
134 static bool ckpt_active = false;
136 static time_t last_checkpoint_time;
139 static void bg_quickdie(SIGNAL_ARGS);
140 static void BgSigHupHandler(SIGNAL_ARGS);
141 static void ReqCheckpointHandler(SIGNAL_ARGS);
142 static void ReqShutdownHandler(SIGNAL_ARGS);
146 * Main entry point for bgwriter process
148 * This is invoked from BootstrapMain, which has already created the basic
149 * execution environment, but not enabled signals yet.
152 BackgroundWriterMain(void)
154 sigjmp_buf local_sigjmp_buf;
156 Assert(BgWriterShmem != NULL);
157 BgWriterShmem->bgwriter_pid = MyProcPid;
161 * Properly accept or ignore signals the postmaster might send us
163 * Note: we deliberately ignore SIGTERM, because during a standard Unix
164 * system shutdown cycle, init will SIGTERM all processes at once. We
165 * want to wait for the backends to exit, whereupon the postmaster
166 * will tell us it's okay to shut down (via SIGUSR2).
168 * SIGUSR1 is presently unused; keep it spare in case someday we want
169 * this process to participate in sinval messaging.
171 pqsignal(SIGHUP, BgSigHupHandler); /* set flag to read config file */
172 pqsignal(SIGINT, ReqCheckpointHandler); /* request checkpoint */
173 pqsignal(SIGTERM, SIG_IGN); /* ignore SIGTERM */
174 pqsignal(SIGQUIT, bg_quickdie); /* hard crash time */
175 pqsignal(SIGALRM, SIG_IGN);
176 pqsignal(SIGPIPE, SIG_IGN);
177 pqsignal(SIGUSR1, SIG_IGN); /* reserve for sinval */
178 pqsignal(SIGUSR2, ReqShutdownHandler); /* request shutdown */
181 * Reset some signals that are accepted by postmaster but not here
183 pqsignal(SIGCHLD, SIG_DFL);
184 pqsignal(SIGTTIN, SIG_DFL);
185 pqsignal(SIGTTOU, SIG_DFL);
186 pqsignal(SIGCONT, SIG_DFL);
187 pqsignal(SIGWINCH, SIG_DFL);
189 /* We allow SIGQUIT (quickdie) at all times */
190 #ifdef HAVE_SIGPROCMASK
191 sigdelset(&BlockSig, SIGQUIT);
193 BlockSig &= ~(sigmask(SIGQUIT));
197 * Initialize so that first time-driven checkpoint happens at the
200 last_checkpoint_time = time(NULL);
203 * If an exception is encountered, processing resumes here.
205 * See notes in postgres.c about the design of this coding.
207 if (sigsetjmp(local_sigjmp_buf, 1) != 0)
209 /* Since not using PG_TRY, must reset error stack by hand */
210 error_context_stack = NULL;
212 /* Prevent interrupts while cleaning up */
215 /* Report the error to the server log */
219 * These operations are really just a minimal subset of
220 * AbortTransaction(). We don't have very many resources to worry
221 * about in bgwriter, but we do have LWLocks and buffers.
227 /* Warn any waiting backends that the checkpoint failed. */
230 /* use volatile pointer to prevent code rearrangement */
231 volatile BgWriterShmemStruct *bgs = BgWriterShmem;
234 bgs->ckpt_done = bgs->ckpt_started;
239 * Now return to normal top-level context and clear ErrorContext
242 MemoryContextSwitchTo(TopMemoryContext);
245 /* Now we can allow interrupts again */
249 * Sleep at least 1 second after any error. A write error is
250 * likely to be repeated, and we don't want to be filling the
251 * error logs as fast as we can. (XXX think about ways to make
252 * progress when the LRU dirty buffer cannot be written...)
257 /* We can now handle ereport(ERROR) */
258 PG_exception_stack = &local_sigjmp_buf;
261 * Unblock signals (they were blocked when the postmaster forked us)
263 PG_SETMASK(&UnBlockSig);
270 bool do_checkpoint = false;
271 bool force_checkpoint = false;
277 * Emergency bailout if postmaster has died. This is to avoid the
278 * necessity for manual cleanup of all postmaster children.
280 if (!PostmasterIsAlive(true))
284 * Process any requests or signals received recently.
286 AbsorbFsyncRequests();
291 ProcessConfigFile(PGC_SIGHUP);
293 if (checkpoint_requested)
295 checkpoint_requested = false;
296 do_checkpoint = true;
297 force_checkpoint = true;
299 if (shutdown_requested)
302 DumpFreeSpaceMap(0, 0);
303 /* Normal exit from the bgwriter is here */
304 proc_exit(0); /* done */
308 * Do an unforced checkpoint if too much time has elapsed since
312 elapsed_secs = now - last_checkpoint_time;
313 if (elapsed_secs >= CheckPointTimeout)
314 do_checkpoint = true;
317 * Do a checkpoint if requested, otherwise do one cycle of
318 * dirty-buffer writing.
322 if (CheckPointWarning != 0)
325 * Ideally we should only warn if this checkpoint was
326 * requested due to running out of segment files, and not
327 * if it was manually requested. However we can't tell
328 * the difference with the current signalling mechanism.
330 if (elapsed_secs < CheckPointWarning)
332 (errmsg("checkpoints are occurring too frequently (%d seconds apart)",
334 errhint("Consider increasing the configuration parameter \"checkpoint_segments\".")));
338 * Indicate checkpoint start to any waiting backends.
341 BgWriterShmem->ckpt_started++;
343 CreateCheckPoint(false, force_checkpoint);
346 * After any checkpoint, close all smgr files. This is so we
347 * won't hang onto smgr references to deleted files
353 * Indicate checkpoint completion to any waiting backends.
355 BgWriterShmem->ckpt_done = BgWriterShmem->ckpt_started;
359 * Note we record the checkpoint start time not end time as
360 * last_checkpoint_time. This is so that time-driven
361 * checkpoints happen at a predictable spacing.
363 last_checkpoint_time = now;
369 * Nap for the configured time, or sleep for 10 seconds if there
370 * is no bgwriter activity configured.
372 * On some platforms, signals won't interrupt the sleep. To ensure
373 * we respond reasonably promptly when someone signals us, break
374 * down the sleep into 1-second increments, and check for
375 * interrupts after each nap.
377 * We absorb pending requests after each short sleep.
379 if ((bgwriter_all_percent > 0.0 && bgwriter_all_maxpages > 0) ||
380 (bgwriter_lru_percent > 0.0 && bgwriter_lru_maxpages > 0))
381 udelay = BgWriterDelay * 1000L;
384 while (udelay > 1000000L)
386 if (got_SIGHUP || checkpoint_requested || shutdown_requested)
389 AbsorbFsyncRequests();
392 if (!(got_SIGHUP || checkpoint_requested || shutdown_requested))
398 /* --------------------------------
399 * signal handler routines
400 * --------------------------------
404 * bg_quickdie() occurs when signalled SIGQUIT by the postmaster.
406 * Some backend has bought the farm,
407 * so we need to stop what we're doing and exit.
410 bg_quickdie(SIGNAL_ARGS)
412 PG_SETMASK(&BlockSig);
415 * DO NOT proc_exit() -- we're here because shared memory may be
416 * corrupted, so we don't want to try to clean up our transaction.
417 * Just nail the windows shut and get out of town.
419 * Note we do exit(1) not exit(0). This is to force the postmaster into
420 * a system reset cycle if some idiot DBA sends a manual SIGQUIT to a
421 * random backend. This is necessary precisely because we don't clean
422 * up our shared memory state.
427 /* SIGHUP: set flag to re-read config file at next convenient time */
429 BgSigHupHandler(SIGNAL_ARGS)
434 /* SIGINT: set flag to run a normal checkpoint right away */
436 ReqCheckpointHandler(SIGNAL_ARGS)
438 checkpoint_requested = true;
441 /* SIGUSR2: set flag to run a shutdown checkpoint and exit */
443 ReqShutdownHandler(SIGNAL_ARGS)
445 shutdown_requested = true;
449 /* --------------------------------
450 * communication with backends
451 * --------------------------------
456 * Compute space needed for bgwriter-related shared memory
459 BgWriterShmemSize(void)
462 * Currently, the size of the requests[] array is arbitrarily set
463 * equal to NBuffers. This may prove too large or small ...
465 return MAXALIGN(sizeof(BgWriterShmemStruct) +
466 (NBuffers - 1) *sizeof(BgWriterRequest));
471 * Allocate and initialize bgwriter-related shared memory
474 BgWriterShmemInit(void)
478 BgWriterShmem = (BgWriterShmemStruct *)
479 ShmemInitStruct("Background Writer Data",
482 if (BgWriterShmem == NULL)
484 (errcode(ERRCODE_OUT_OF_MEMORY),
485 errmsg("not enough shared memory for background writer")));
487 return; /* already initialized */
489 MemSet(BgWriterShmem, 0, sizeof(BgWriterShmemStruct));
490 BgWriterShmem->max_requests = NBuffers;
495 * Called in backend processes to request an immediate checkpoint
497 * If waitforit is true, wait until the checkpoint is completed
498 * before returning; otherwise, just signal the request and return
502 RequestCheckpoint(bool waitforit)
504 /* use volatile pointer to prevent code rearrangement */
505 volatile BgWriterShmemStruct *bgs = BgWriterShmem;
506 sig_atomic_t old_failed = bgs->ckpt_failed;
507 sig_atomic_t old_started = bgs->ckpt_started;
510 * If in a standalone backend, just do it ourselves.
512 if (!IsPostmasterEnvironment)
514 CreateCheckPoint(false, true);
517 * After any checkpoint, close all smgr files. This is so we
518 * won't hang onto smgr references to deleted files
527 * Send signal to request checkpoint. When waitforit is false, we
528 * consider failure to send the signal to be nonfatal.
530 if (BgWriterShmem->bgwriter_pid == 0)
531 elog(waitforit ? ERROR : LOG,
532 "could not request checkpoint because bgwriter not running");
533 if (kill(BgWriterShmem->bgwriter_pid, SIGINT) != 0)
534 elog(waitforit ? ERROR : LOG,
535 "could not signal for checkpoint: %m");
538 * If requested, wait for completion. We detect completion according
539 * to the algorithm given above.
543 while (bgs->ckpt_started == old_started)
545 CHECK_FOR_INTERRUPTS();
548 old_started = bgs->ckpt_started;
551 * We are waiting for ckpt_done >= old_started, in a modulo sense.
552 * This is a little tricky since we don't know the width or
553 * signedness of sig_atomic_t. We make the lowest common
554 * denominator assumption that it is only as wide as "char". This
555 * means that this algorithm will cope correctly as long as we
556 * don't sleep for more than 127 completed checkpoints. (If we
557 * do, we will get another chance to exit after 128 more
560 while (((signed char) (bgs->ckpt_done - old_started)) < 0)
562 CHECK_FOR_INTERRUPTS();
565 if (bgs->ckpt_failed != old_failed)
567 (errmsg("checkpoint request failed"),
568 errhint("Consult the server log for details.")));
573 * ForwardFsyncRequest
574 * Forward a file-fsync request from a backend to the bgwriter
576 * Whenever a backend is compelled to write directly to a relation
577 * (which should be seldom, if the bgwriter is getting its job done),
578 * the backend calls this routine to pass over knowledge that the relation
579 * is dirty and must be fsync'd before next checkpoint.
581 * If we are unable to pass over the request (at present, this can happen
582 * if the shared memory queue is full), we return false. That forces
583 * the backend to do its own fsync. We hope that will be even more seldom.
585 * Note: we presently make no attempt to eliminate duplicate requests
586 * in the requests[] queue. The bgwriter will have to eliminate dups
587 * internally anyway, so we may as well avoid holding the lock longer
588 * than we have to here.
591 ForwardFsyncRequest(RelFileNode rnode, BlockNumber segno)
593 BgWriterRequest *request;
595 if (!IsUnderPostmaster)
596 return false; /* probably shouldn't even get here */
597 Assert(BgWriterShmem != NULL);
599 LWLockAcquire(BgWriterCommLock, LW_EXCLUSIVE);
600 if (BgWriterShmem->bgwriter_pid == 0 ||
601 BgWriterShmem->num_requests >= BgWriterShmem->max_requests)
603 LWLockRelease(BgWriterCommLock);
606 request = &BgWriterShmem->requests[BgWriterShmem->num_requests++];
607 request->rnode = rnode;
608 request->segno = segno;
609 LWLockRelease(BgWriterCommLock);
614 * AbsorbFsyncRequests
615 * Retrieve queued fsync requests and pass them to local smgr.
617 * This is exported because it must be called during CreateCheckPoint;
618 * we have to be sure we have accepted all pending requests *after* we
619 * establish the checkpoint redo pointer. Since CreateCheckPoint
620 * sometimes runs in non-bgwriter processes, do nothing if not bgwriter.
623 AbsorbFsyncRequests(void)
625 BgWriterRequest *requests = NULL;
626 BgWriterRequest *request;
633 * We try to avoid holding the lock for a long time by copying the
636 LWLockAcquire(BgWriterCommLock, LW_EXCLUSIVE);
638 n = BgWriterShmem->num_requests;
641 requests = (BgWriterRequest *) palloc(n * sizeof(BgWriterRequest));
642 memcpy(requests, BgWriterShmem->requests, n * sizeof(BgWriterRequest));
644 BgWriterShmem->num_requests = 0;
646 LWLockRelease(BgWriterCommLock);
648 for (request = requests; n > 0; request++, n--)
649 RememberFsyncRequest(request->rnode, request->segno);