1 /*-------------------------------------------------------------------------
5 * The background writer (bgwriter) is new in Postgres 7.5. It attempts
6 * to keep regular backends from having to write out dirty shared buffers
7 * (which they would only do when needing to free a shared buffer to read in
8 * another page). In the best scenario all writes from shared buffers will
9 * be issued by the background writer process. However, regular backends are
10 * still empowered to issue writes if the bgwriter fails to maintain enough
11 * clean shared buffers.
13 * The bgwriter is also charged with handling all checkpoints. It will
14 * automatically dispatch a checkpoint after a certain amount of time has
15 * elapsed since the last one, and it can be signaled to perform requested
16 * checkpoints as well. (The GUC parameter that mandates a checkpoint every
17 * so many WAL segments is implemented by having backends signal the bgwriter
18 * when they fill WAL segments; the bgwriter itself doesn't watch for the
21 * The bgwriter is started by the postmaster as soon as the startup subprocess
22 * finishes. It remains alive until the postmaster commands it to terminate.
23 * Normal termination is by SIGUSR2, which instructs the bgwriter to execute
24 * a shutdown checkpoint and then exit(0). (All backends must be stopped
25 * before SIGUSR2 is issued!) Emergency termination is by SIGQUIT; like any
26 * backend, the bgwriter will simply abort and exit on SIGQUIT.
28 * If the bgwriter exits unexpectedly, the postmaster treats that the same
29 * as a backend crash: shared memory may be corrupted, so remaining backends
30 * should be killed by SIGQUIT and then a recovery cycle started. (Even if
31 * shared memory isn't corrupted, we have lost information about which
32 * files need to be fsync'd for the next checkpoint, and so a system
33 * restart needs to be forced.)
36 * Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group
40 * $PostgreSQL: pgsql/src/backend/postmaster/bgwriter.c,v 1.3 2004/06/03 02:08:03 tgl Exp $
42 *-------------------------------------------------------------------------
49 #include "access/xlog.h"
50 #include "libpq/pqsignal.h"
51 #include "miscadmin.h"
52 #include "postmaster/bgwriter.h"
53 #include "storage/bufmgr.h"
54 #include "storage/freespace.h"
55 #include "storage/ipc.h"
56 #include "storage/pmsignal.h"
57 #include "storage/smgr.h"
58 #include "tcop/tcopprot.h"
59 #include "utils/guc.h"
63 * Shared memory area for communication between bgwriter and backends
65 * The ckpt counters allow backends to watch for completion of a checkpoint
66 * request they send. Here's how it works:
67 * * At start of a checkpoint, bgwriter increments ckpt_started.
68 * * On completion of a checkpoint, bgwriter sets ckpt_done to
70 * * On failure of a checkpoint, bgwrite first increments ckpt_failed,
71 * then sets ckpt_done to equal ckpt_started.
72 * All three fields are declared sig_atomic_t to ensure they can be read
73 * and written without explicit locking. The algorithm for backends is:
74 * 1. Record current values of ckpt_failed and ckpt_started (in that
76 * 2. Send signal to request checkpoint.
77 * 3. Sleep until ckpt_started changes. Now you know a checkpoint has
78 * begun since you started this algorithm (although *not* that it was
79 * specifically initiated by your signal).
80 * 4. Record new value of ckpt_started.
81 * 5. Sleep until ckpt_done >= saved value of ckpt_started. (Use modulo
82 * arithmetic here in case counters wrap around.) Now you know a
83 * checkpoint has started and completed, but not whether it was
85 * 6. If ckpt_failed is different from the originally saved value,
86 * assume request failed; otherwise it was definitely successful.
88 * The requests array holds fsync requests sent by backends and not yet
89 * absorbed by the bgwriter.
96 /* might add a request-type field later */
101 pid_t bgwriter_pid; /* PID of bgwriter (0 if not started) */
103 sig_atomic_t ckpt_started; /* advances when checkpoint starts */
104 sig_atomic_t ckpt_done; /* advances when checkpoint done */
105 sig_atomic_t ckpt_failed; /* advances when checkpoint fails */
107 int num_requests; /* current # of requests */
108 int max_requests; /* allocated array size */
109 BgWriterRequest requests[1]; /* VARIABLE LENGTH ARRAY */
110 } BgWriterShmemStruct;
112 static BgWriterShmemStruct *BgWriterShmem;
117 int BgWriterDelay = 200;
118 int BgWriterPercent = 1;
119 int BgWriterMaxPages = 100;
121 int CheckPointTimeout = 300;
122 int CheckPointWarning = 30;
125 * Flags set by interrupt handlers for later service in the main loop.
127 static volatile sig_atomic_t got_SIGHUP = false;
128 static volatile sig_atomic_t checkpoint_requested = false;
129 static volatile sig_atomic_t shutdown_requested = false;
134 static bool am_bg_writer = false;
136 static bool ckpt_active = false;
138 static time_t last_checkpoint_time;
141 static void bg_quickdie(SIGNAL_ARGS);
142 static void BgSigHupHandler(SIGNAL_ARGS);
143 static void ReqCheckpointHandler(SIGNAL_ARGS);
144 static void ReqShutdownHandler(SIGNAL_ARGS);
148 * Main entry point for bgwriter process
150 * This is invoked from BootstrapMain, which has already created the basic
151 * execution environment, but not enabled signals yet.
154 BackgroundWriterMain(void)
156 Assert(BgWriterShmem != NULL);
157 BgWriterShmem->bgwriter_pid = MyProcPid;
161 * Properly accept or ignore signals the postmaster might send us
163 * Note: we deliberately ignore SIGTERM, because during a standard Unix
164 * system shutdown cycle, init will SIGTERM all processes at once. We
165 * want to wait for the backends to exit, whereupon the postmaster will
166 * tell us it's okay to shut down (via SIGUSR2).
168 * SIGUSR1 is presently unused; keep it spare in case someday we want
169 * this process to participate in sinval messaging.
171 pqsignal(SIGHUP, BgSigHupHandler); /* set flag to read config file */
172 pqsignal(SIGINT, ReqCheckpointHandler); /* request checkpoint */
173 pqsignal(SIGTERM, SIG_IGN); /* ignore SIGTERM */
174 pqsignal(SIGQUIT, bg_quickdie); /* hard crash time */
175 pqsignal(SIGALRM, SIG_IGN);
176 pqsignal(SIGPIPE, SIG_IGN);
177 pqsignal(SIGUSR1, SIG_IGN); /* reserve for sinval */
178 pqsignal(SIGUSR2, ReqShutdownHandler); /* request shutdown */
181 * Reset some signals that are accepted by postmaster but not here
183 pqsignal(SIGCHLD, SIG_DFL);
184 pqsignal(SIGTTIN, SIG_DFL);
185 pqsignal(SIGTTOU, SIG_DFL);
186 pqsignal(SIGCONT, SIG_DFL);
187 pqsignal(SIGWINCH, SIG_DFL);
189 /* We allow SIGQUIT (quickdie) at all times */
190 #ifdef HAVE_SIGPROCMASK
191 sigdelset(&BlockSig, SIGQUIT);
193 BlockSig &= ~(sigmask(SIGQUIT));
197 * Initialize so that first time-driven checkpoint happens
198 * at the correct time.
200 last_checkpoint_time = time(NULL);
203 * If an exception is encountered, processing resumes here.
205 if (sigsetjmp(Warn_restart, 1) != 0)
208 * Make sure we're not interrupted while cleaning up. Also forget
209 * any pending QueryCancel request, since we're aborting anyway.
210 * Force InterruptHoldoffCount to a known state in case we
211 * ereport'd from inside a holdoff section.
213 ImmediateInterruptOK = false;
214 QueryCancelPending = false;
215 InterruptHoldoffCount = 1;
216 CritSectionCount = 0; /* should be unnecessary, but... */
219 * These operations are really just a minimal subset of
220 * AbortTransaction(). We don't have very many resources
221 * to worry about in bgwriter, but we do have LWLocks and buffers.
228 * Clear flag to indicate that we got out of error recovery mode
229 * successfully. (Flag was set in elog.c before longjmp().)
233 /* Warn any waiting backends that the checkpoint failed. */
236 /* use volatile pointer to prevent code rearrangement */
237 volatile BgWriterShmemStruct *bgs = BgWriterShmem;
240 bgs->ckpt_done = bgs->ckpt_started;
245 * Exit interrupt holdoff section we implicitly established above.
250 * Sleep at least 1 second after any error. A write error is
251 * likely to be repeated, and we don't want to be filling the
252 * error logs as fast as we can. (XXX think about ways to make
253 * progress when the LRU dirty buffer cannot be written...)
258 Warn_restart_ready = true; /* we can now handle ereport(ERROR) */
261 * Unblock signals (they were blocked when the postmaster forked us)
263 PG_SETMASK(&UnBlockSig);
270 bool do_checkpoint = false;
271 bool force_checkpoint = false;
278 * Emergency bailout if postmaster has died. This is to avoid the
279 * necessity for manual cleanup of all postmaster children.
281 if (!PostmasterIsAlive(true))
285 * Process any requests or signals received recently.
287 AbsorbFsyncRequests();
292 ProcessConfigFile(PGC_SIGHUP);
294 if (checkpoint_requested)
296 checkpoint_requested = false;
297 do_checkpoint = true;
298 force_checkpoint = true;
300 if (shutdown_requested)
303 DumpFreeSpaceMap(0, 0);
304 /* Normal exit from the bgwriter is here */
305 proc_exit(0); /* done */
309 * Do an unforced checkpoint if too much time has elapsed
310 * since the last one.
313 elapsed_secs = now - last_checkpoint_time;
314 if (elapsed_secs >= CheckPointTimeout)
315 do_checkpoint = true;
318 * Do a checkpoint if requested, otherwise do one cycle of
319 * dirty-buffer writing.
323 if (CheckPointWarning != 0)
326 * Ideally we should only warn if this checkpoint was
327 * requested due to running out of segment files, and not
328 * if it was manually requested. However we can't tell the
329 * difference with the current signalling mechanism.
331 if (elapsed_secs < CheckPointWarning)
333 (errmsg("checkpoints are occurring too frequently (%d seconds apart)",
335 errhint("Consider increasing the configuration parameter \"checkpoint_segments\".")));
339 * Indicate checkpoint start to any waiting backends.
342 BgWriterShmem->ckpt_started++;
344 CreateCheckPoint(false, force_checkpoint);
347 * Indicate checkpoint completion to any waiting backends.
349 BgWriterShmem->ckpt_done = BgWriterShmem->ckpt_started;
353 * Note we record the checkpoint start time not end time as
354 * last_checkpoint_time. This is so that time-driven checkpoints
355 * happen at a predictable spacing.
357 last_checkpoint_time = now;
360 * After any checkpoint, close all smgr files. This is so we
361 * won't hang onto smgr references to deleted files indefinitely.
362 * (It is safe to do this because this process does not have a
363 * relcache, and so no dangling references could remain.)
367 /* Nap for configured time before rechecking */
372 n = BufferSync(BgWriterPercent, BgWriterMaxPages);
376 * Nap for the configured time or sleep for 10 seconds if
377 * there was nothing to do at all.
379 * On some platforms, signals won't interrupt the sleep. To ensure
380 * we respond reasonably promptly when someone signals us,
381 * break down the sleep into 1-second increments, and check for
382 * interrupts after each nap.
384 * We absorb pending requests after each short sleep.
386 udelay = ((n > 0) ? BgWriterDelay : 10000) * 1000L;
387 while (udelay > 1000000L)
389 if (got_SIGHUP || checkpoint_requested || shutdown_requested)
392 AbsorbFsyncRequests();
395 if (!(got_SIGHUP || checkpoint_requested || shutdown_requested))
401 /* --------------------------------
402 * signal handler routines
403 * --------------------------------
407 * bg_quickdie() occurs when signalled SIGQUIT by the postmaster.
409 * Some backend has bought the farm,
410 * so we need to stop what we're doing and exit.
413 bg_quickdie(SIGNAL_ARGS)
415 PG_SETMASK(&BlockSig);
418 * DO NOT proc_exit() -- we're here because shared memory may be
419 * corrupted, so we don't want to try to clean up our transaction.
420 * Just nail the windows shut and get out of town.
422 * Note we do exit(1) not exit(0). This is to force the postmaster into
423 * a system reset cycle if some idiot DBA sends a manual SIGQUIT to a
424 * random backend. This is necessary precisely because we don't clean
425 * up our shared memory state.
430 /* SIGHUP: set flag to re-read config file at next convenient time */
432 BgSigHupHandler(SIGNAL_ARGS)
437 /* SIGINT: set flag to run a normal checkpoint right away */
439 ReqCheckpointHandler(SIGNAL_ARGS)
441 checkpoint_requested = true;
444 /* SIGUSR2: set flag to run a shutdown checkpoint and exit */
446 ReqShutdownHandler(SIGNAL_ARGS)
448 shutdown_requested = true;
452 /* --------------------------------
453 * communication with backends
454 * --------------------------------
459 * Compute space needed for bgwriter-related shared memory
462 BgWriterShmemSize(void)
465 * Currently, the size of the requests[] array is arbitrarily set
466 * equal to NBuffers. This may prove too large or small ...
468 return MAXALIGN(sizeof(BgWriterShmemStruct) +
469 (NBuffers - 1) * sizeof(BgWriterRequest));
474 * Allocate and initialize bgwriter-related shared memory
477 BgWriterShmemInit(void)
481 BgWriterShmem = (BgWriterShmemStruct *)
482 ShmemInitStruct("Background Writer Data",
485 if (BgWriterShmem == NULL)
487 (errcode(ERRCODE_OUT_OF_MEMORY),
488 errmsg("insufficient shared memory for bgwriter")));
490 return; /* already initialized */
492 MemSet(BgWriterShmem, 0, sizeof(BgWriterShmemStruct));
493 BgWriterShmem->max_requests = NBuffers;
498 * Called in backend processes to request an immediate checkpoint
500 * If waitforit is true, wait until the checkpoint is completed
501 * before returning; otherwise, just signal the request and return
505 RequestCheckpoint(bool waitforit)
507 /* use volatile pointer to prevent code rearrangement */
508 volatile BgWriterShmemStruct *bgs = BgWriterShmem;
509 sig_atomic_t old_failed = bgs->ckpt_failed;
510 sig_atomic_t old_started = bgs->ckpt_started;
513 * Send signal to request checkpoint. When waitforit is false,
514 * we consider failure to send the signal to be nonfatal.
516 if (BgWriterShmem->bgwriter_pid == 0)
517 elog(waitforit ? ERROR : LOG,
518 "could not request checkpoint because bgwriter not running");
519 if (kill(BgWriterShmem->bgwriter_pid, SIGINT) != 0)
520 elog(waitforit ? ERROR : LOG,
521 "could not signal for checkpoint: %m");
524 * If requested, wait for completion. We detect completion according
525 * to the algorithm given above.
529 while (bgs->ckpt_started == old_started)
531 CHECK_FOR_INTERRUPTS();
534 old_started = bgs->ckpt_started;
536 * We are waiting for ckpt_done >= old_started, in a modulo
537 * sense. This is a little tricky since we don't know the
538 * width or signedness of sig_atomic_t. We make the lowest
539 * common denominator assumption that it is only as wide
540 * as "char". This means that this algorithm will cope
541 * correctly as long as we don't sleep for more than 127
542 * completed checkpoints. (If we do, we will get another
543 * chance to exit after 128 more checkpoints...)
545 while (((signed char) (bgs->ckpt_done - old_started)) < 0)
547 CHECK_FOR_INTERRUPTS();
550 if (bgs->ckpt_failed != old_failed)
552 (errmsg("checkpoint request failed"),
553 errhint("Consult the postmaster log for details.")));
558 * ForwardFsyncRequest
559 * Forward a file-fsync request from a backend to the bgwriter
561 * Whenever a backend is compelled to write directly to a relation
562 * (which should be seldom, if the bgwriter is getting its job done),
563 * the backend calls this routine to pass over knowledge that the relation
564 * is dirty and must be fsync'd before next checkpoint.
566 * If we are unable to pass over the request (at present, this can happen
567 * if the shared memory queue is full), we return false. That forces
568 * the backend to do its own fsync. We hope that will be even more seldom.
570 * Note: we presently make no attempt to eliminate duplicate requests
571 * in the requests[] queue. The bgwriter will have to eliminate dups
572 * internally anyway, so we may as well avoid holding the lock longer
573 * than we have to here.
576 ForwardFsyncRequest(RelFileNode rnode, BlockNumber segno)
578 BgWriterRequest *request;
580 if (!IsUnderPostmaster)
581 return false; /* probably shouldn't even get here */
582 Assert(BgWriterShmem != NULL);
584 LWLockAcquire(BgWriterCommLock, LW_EXCLUSIVE);
585 if (BgWriterShmem->bgwriter_pid == 0 ||
586 BgWriterShmem->num_requests >= BgWriterShmem->max_requests)
588 LWLockRelease(BgWriterCommLock);
591 request = &BgWriterShmem->requests[BgWriterShmem->num_requests++];
592 request->rnode = rnode;
593 request->segno = segno;
594 LWLockRelease(BgWriterCommLock);
599 * AbsorbFsyncRequests
600 * Retrieve queued fsync requests and pass them to local smgr.
602 * This is exported because it must be called during CreateCheckpoint;
603 * we have to be sure we have accepted all pending requests *after* we
604 * establish the checkpoint redo pointer. Since CreateCheckpoint
605 * sometimes runs in non-bgwriter processes, do nothing if not bgwriter.
608 AbsorbFsyncRequests(void)
610 BgWriterRequest *requests = NULL;
611 BgWriterRequest *request;
618 * We try to avoid holding the lock for a long time by copying the
621 LWLockAcquire(BgWriterCommLock, LW_EXCLUSIVE);
623 n = BgWriterShmem->num_requests;
626 requests = (BgWriterRequest *) palloc(n * sizeof(BgWriterRequest));
627 memcpy(requests, BgWriterShmem->requests, n * sizeof(BgWriterRequest));
629 BgWriterShmem->num_requests = 0;
631 LWLockRelease(BgWriterCommLock);
633 for (request = requests; n > 0; request++, n--)
635 RememberFsyncRequest(request->rnode, request->segno);