1 /*-------------------------------------------------------------------------
5 * The background writer (bgwriter) is new in Postgres 7.5. It attempts
6 * to keep regular backends from having to write out dirty shared buffers
7 * (which they would only do when needing to free a shared buffer to read in
8 * another page). In the best scenario all writes from shared buffers will
9 * be issued by the background writer process. However, regular backends are
10 * still empowered to issue writes if the bgwriter fails to maintain enough
11 * clean shared buffers.
13 * The bgwriter is also charged with handling all checkpoints. It will
14 * automatically dispatch a checkpoint after a certain amount of time has
15 * elapsed since the last one, and it can be signaled to perform requested
16 * checkpoints as well. (The GUC parameter that mandates a checkpoint every
17 * so many WAL segments is implemented by having backends signal the bgwriter
18 * when they fill WAL segments; the bgwriter itself doesn't watch for the
21 * The bgwriter is started by the postmaster as soon as the startup subprocess
22 * finishes. It remains alive until the postmaster commands it to terminate.
23 * Normal termination is by SIGUSR2, which instructs the bgwriter to execute
24 * a shutdown checkpoint and then exit(0). (All backends must be stopped
25 * before SIGUSR2 is issued!) Emergency termination is by SIGQUIT; like any
26 * backend, the bgwriter will simply abort and exit on SIGQUIT.
28 * If the bgwriter exits unexpectedly, the postmaster treats that the same
29 * as a backend crash: shared memory may be corrupted, so remaining backends
30 * should be killed by SIGQUIT and then a recovery cycle started. (Even if
31 * shared memory isn't corrupted, we have lost information about which
32 * files need to be fsync'd for the next checkpoint, and so a system
33 * restart needs to be forced.)
36 * Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group
40 * $PostgreSQL: pgsql/src/backend/postmaster/bgwriter.c,v 1.2 2004/05/31 03:47:59 tgl Exp $
42 *-------------------------------------------------------------------------
48 #include "access/xlog.h"
49 #include "libpq/pqsignal.h"
50 #include "miscadmin.h"
51 #include "postmaster/bgwriter.h"
52 #include "storage/bufmgr.h"
53 #include "storage/freespace.h"
54 #include "storage/ipc.h"
55 #include "storage/pmsignal.h"
56 #include "storage/smgr.h"
57 #include "tcop/tcopprot.h"
58 #include "utils/guc.h"
62 * Shared memory area for communication between bgwriter and backends
64 * The ckpt counters allow backends to watch for completion of a checkpoint
65 * request they send. Here's how it works:
66 * * At start of a checkpoint, bgwriter increments ckpt_started.
67 * * On completion of a checkpoint, bgwriter sets ckpt_done to
69 * * On failure of a checkpoint, bgwrite first increments ckpt_failed,
70 * then sets ckpt_done to equal ckpt_started.
71 * All three fields are declared sig_atomic_t to ensure they can be read
72 * and written without explicit locking. The algorithm for backends is:
73 * 1. Record current values of ckpt_failed and ckpt_started (in that
75 * 2. Send signal to request checkpoint.
76 * 3. Sleep until ckpt_started changes. Now you know a checkpoint has
77 * begun since you started this algorithm (although *not* that it was
78 * specifically initiated by your signal).
79 * 4. Record new value of ckpt_started.
80 * 5. Sleep until ckpt_done >= saved value of ckpt_started. (Use modulo
81 * arithmetic here in case counters wrap around.) Now you know a
82 * checkpoint has started and completed, but not whether it was
84 * 6. If ckpt_failed is different from the originally saved value,
85 * assume request failed; otherwise it was definitely successful.
87 * The requests array holds fsync requests sent by backends and not yet
88 * absorbed by the bgwriter.
95 /* might add a request-type field later */
100 pid_t bgwriter_pid; /* PID of bgwriter (0 if not started) */
102 sig_atomic_t ckpt_started; /* advances when checkpoint starts */
103 sig_atomic_t ckpt_done; /* advances when checkpoint done */
104 sig_atomic_t ckpt_failed; /* advances when checkpoint fails */
106 int num_requests; /* current # of requests */
107 int max_requests; /* allocated array size */
108 BgWriterRequest requests[1]; /* VARIABLE LENGTH ARRAY */
109 } BgWriterShmemStruct;
111 static BgWriterShmemStruct *BgWriterShmem;
116 int BgWriterDelay = 200;
117 int BgWriterPercent = 1;
118 int BgWriterMaxPages = 100;
120 int CheckPointTimeout = 300;
121 int CheckPointWarning = 30;
124 * Flags set by interrupt handlers for later service in the main loop.
126 static volatile sig_atomic_t got_SIGHUP = false;
127 static volatile sig_atomic_t checkpoint_requested = false;
128 static volatile sig_atomic_t shutdown_requested = false;
133 static bool am_bg_writer = false;
135 static bool ckpt_active = false;
137 static time_t last_checkpoint_time;
140 static void bg_quickdie(SIGNAL_ARGS);
141 static void BgSigHupHandler(SIGNAL_ARGS);
142 static void ReqCheckpointHandler(SIGNAL_ARGS);
143 static void ReqShutdownHandler(SIGNAL_ARGS);
147 * Main entry point for bgwriter process
149 * This is invoked from BootstrapMain, which has already created the basic
150 * execution environment, but not enabled signals yet.
153 BackgroundWriterMain(void)
155 Assert(BgWriterShmem != NULL);
156 BgWriterShmem->bgwriter_pid = MyProcPid;
160 * Properly accept or ignore signals the postmaster might send us
162 * Note: we deliberately ignore SIGTERM, because during a standard Unix
163 * system shutdown cycle, init will SIGTERM all processes at once. We
164 * want to wait for the backends to exit, whereupon the postmaster will
165 * tell us it's okay to shut down (via SIGUSR2).
167 * SIGUSR1 is presently unused; keep it spare in case someday we want
168 * this process to participate in sinval messaging.
170 pqsignal(SIGHUP, BgSigHupHandler); /* set flag to read config file */
171 pqsignal(SIGINT, ReqCheckpointHandler); /* request checkpoint */
172 pqsignal(SIGTERM, SIG_IGN); /* ignore SIGTERM */
173 pqsignal(SIGQUIT, bg_quickdie); /* hard crash time */
174 pqsignal(SIGALRM, SIG_IGN);
175 pqsignal(SIGPIPE, SIG_IGN);
176 pqsignal(SIGUSR1, SIG_IGN); /* reserve for sinval */
177 pqsignal(SIGUSR2, ReqShutdownHandler); /* request shutdown */
180 * Reset some signals that are accepted by postmaster but not here
182 pqsignal(SIGCHLD, SIG_DFL);
183 pqsignal(SIGTTIN, SIG_DFL);
184 pqsignal(SIGTTOU, SIG_DFL);
185 pqsignal(SIGCONT, SIG_DFL);
186 pqsignal(SIGWINCH, SIG_DFL);
188 /* We allow SIGQUIT (quickdie) at all times */
189 #ifdef HAVE_SIGPROCMASK
190 sigdelset(&BlockSig, SIGQUIT);
192 BlockSig &= ~(sigmask(SIGQUIT));
196 * Initialize so that first time-driven checkpoint happens
197 * at the correct time.
199 last_checkpoint_time = time(NULL);
202 * If an exception is encountered, processing resumes here.
204 if (sigsetjmp(Warn_restart, 1) != 0)
207 * Make sure we're not interrupted while cleaning up. Also forget
208 * any pending QueryCancel request, since we're aborting anyway.
209 * Force InterruptHoldoffCount to a known state in case we
210 * ereport'd from inside a holdoff section.
212 ImmediateInterruptOK = false;
213 QueryCancelPending = false;
214 InterruptHoldoffCount = 1;
215 CritSectionCount = 0; /* should be unnecessary, but... */
218 * These operations are really just a minimal subset of
219 * AbortTransaction(). We don't have very many resources
220 * to worry about in bgwriter, but we do have LWLocks and buffers.
227 * Clear flag to indicate that we got out of error recovery mode
228 * successfully. (Flag was set in elog.c before longjmp().)
232 /* Warn any waiting backends that the checkpoint failed. */
235 /* use volatile pointer to prevent code rearrangement */
236 volatile BgWriterShmemStruct *bgs = BgWriterShmem;
239 bgs->ckpt_done = bgs->ckpt_started;
244 * Exit interrupt holdoff section we implicitly established above.
249 * Sleep at least 1 second after any error. A write error is
250 * likely to be repeated, and we don't want to be filling the
251 * error logs as fast as we can. (XXX think about ways to make
252 * progress when the LRU dirty buffer cannot be written...)
257 Warn_restart_ready = true; /* we can now handle ereport(ERROR) */
260 * Unblock signals (they were blocked when the postmaster forked us)
262 PG_SETMASK(&UnBlockSig);
269 bool do_checkpoint = false;
270 bool force_checkpoint = false;
277 * Emergency bailout if postmaster has died. This is to avoid the
278 * necessity for manual cleanup of all postmaster children.
280 if (!PostmasterIsAlive(true))
284 * Process any requests or signals received recently.
286 AbsorbFsyncRequests();
291 ProcessConfigFile(PGC_SIGHUP);
293 if (checkpoint_requested)
295 checkpoint_requested = false;
296 do_checkpoint = true;
297 force_checkpoint = true;
299 if (shutdown_requested)
302 DumpFreeSpaceMap(0, 0);
303 /* Normal exit from the bgwriter is here */
304 proc_exit(0); /* done */
308 * Do an unforced checkpoint if too much time has elapsed
309 * since the last one.
312 elapsed_secs = now - last_checkpoint_time;
313 if (elapsed_secs >= CheckPointTimeout)
314 do_checkpoint = true;
317 * Do a checkpoint if requested, otherwise do one cycle of
318 * dirty-buffer writing.
322 if (CheckPointWarning != 0)
325 * Ideally we should only warn if this checkpoint was
326 * requested due to running out of segment files, and not
327 * if it was manually requested. However we can't tell the
328 * difference with the current signalling mechanism.
330 if (elapsed_secs < CheckPointWarning)
332 (errmsg("checkpoints are occurring too frequently (%d seconds apart)",
334 errhint("Consider increasing the configuration parameter \"checkpoint_segments\".")));
338 * Indicate checkpoint start to any waiting backends.
341 BgWriterShmem->ckpt_started++;
343 CreateCheckPoint(false, force_checkpoint);
346 * Indicate checkpoint completion to any waiting backends.
348 BgWriterShmem->ckpt_done = BgWriterShmem->ckpt_started;
352 * Note we record the checkpoint start time not end time as
353 * last_checkpoint_time. This is so that time-driven checkpoints
354 * happen at a predictable spacing.
356 last_checkpoint_time = now;
359 * After any checkpoint, close all smgr files. This is so we
360 * won't hang onto smgr references to deleted files indefinitely.
361 * (It is safe to do this because this process does not have a
362 * relcache, and so no dangling references could remain.)
366 /* Nap for configured time before rechecking */
371 n = BufferSync(BgWriterPercent, BgWriterMaxPages);
375 * Nap for the configured time or sleep for 10 seconds if
376 * there was nothing to do at all.
378 * On some platforms, signals won't interrupt the sleep. To ensure
379 * we respond reasonably promptly when someone signals us,
380 * break down the sleep into 1-second increments, and check for
381 * interrupts after each nap.
383 * We absorb pending requests after each short sleep.
385 udelay = ((n > 0) ? BgWriterDelay : 10000) * 1000L;
386 while (udelay > 1000000L)
388 if (got_SIGHUP || checkpoint_requested || shutdown_requested)
391 AbsorbFsyncRequests();
394 if (!(got_SIGHUP || checkpoint_requested || shutdown_requested))
400 /* --------------------------------
401 * signal handler routines
402 * --------------------------------
406 * bg_quickdie() occurs when signalled SIGQUIT by the postmaster.
408 * Some backend has bought the farm,
409 * so we need to stop what we're doing and exit.
412 bg_quickdie(SIGNAL_ARGS)
414 PG_SETMASK(&BlockSig);
417 * DO NOT proc_exit() -- we're here because shared memory may be
418 * corrupted, so we don't want to try to clean up our transaction.
419 * Just nail the windows shut and get out of town.
421 * Note we do exit(1) not exit(0). This is to force the postmaster into
422 * a system reset cycle if some idiot DBA sends a manual SIGQUIT to a
423 * random backend. This is necessary precisely because we don't clean
424 * up our shared memory state.
429 /* SIGHUP: set flag to re-read config file at next convenient time */
431 BgSigHupHandler(SIGNAL_ARGS)
436 /* SIGINT: set flag to run a normal checkpoint right away */
438 ReqCheckpointHandler(SIGNAL_ARGS)
440 checkpoint_requested = true;
443 /* SIGUSR2: set flag to run a shutdown checkpoint and exit */
445 ReqShutdownHandler(SIGNAL_ARGS)
447 shutdown_requested = true;
451 /* --------------------------------
452 * communication with backends
453 * --------------------------------
458 * Compute space needed for bgwriter-related shared memory
461 BgWriterShmemSize(void)
464 * Currently, the size of the requests[] array is arbitrarily set
465 * equal to NBuffers. This may prove too large or small ...
467 return MAXALIGN(sizeof(BgWriterShmemStruct) +
468 (NBuffers - 1) * sizeof(BgWriterRequest));
473 * Allocate and initialize bgwriter-related shared memory
476 BgWriterShmemInit(void)
480 BgWriterShmem = (BgWriterShmemStruct *)
481 ShmemInitStruct("Background Writer Data",
484 if (BgWriterShmem == NULL)
486 (errcode(ERRCODE_OUT_OF_MEMORY),
487 errmsg("insufficient shared memory for bgwriter")));
489 return; /* already initialized */
491 MemSet(BgWriterShmem, 0, sizeof(BgWriterShmemStruct));
492 BgWriterShmem->max_requests = NBuffers;
497 * Called in backend processes to request an immediate checkpoint
499 * If waitforit is true, wait until the checkpoint is completed
500 * before returning; otherwise, just signal the request and return
504 RequestCheckpoint(bool waitforit)
506 /* use volatile pointer to prevent code rearrangement */
507 volatile BgWriterShmemStruct *bgs = BgWriterShmem;
508 sig_atomic_t old_failed = bgs->ckpt_failed;
509 sig_atomic_t old_started = bgs->ckpt_started;
512 * Send signal to request checkpoint. When waitforit is false,
513 * we consider failure to send the signal to be nonfatal.
515 if (BgWriterShmem->bgwriter_pid == 0)
516 elog(waitforit ? ERROR : LOG,
517 "could not request checkpoint because bgwriter not running");
518 if (kill(BgWriterShmem->bgwriter_pid, SIGINT) != 0)
519 elog(waitforit ? ERROR : LOG,
520 "could not signal for checkpoint: %m");
523 * If requested, wait for completion. We detect completion according
524 * to the algorithm given above.
528 while (bgs->ckpt_started == old_started)
530 CHECK_FOR_INTERRUPTS();
533 old_started = bgs->ckpt_started;
535 * We are waiting for ckpt_done >= old_started, in a modulo
536 * sense. This is a little tricky since we don't know the
537 * width or signedness of sig_atomic_t. We make the lowest
538 * common denominator assumption that it is only as wide
539 * as "char". This means that this algorithm will cope
540 * correctly as long as we don't sleep for more than 127
541 * completed checkpoints. (If we do, we will get another
542 * chance to exit after 128 more checkpoints...)
544 while (((signed char) (bgs->ckpt_done - old_started)) < 0)
546 CHECK_FOR_INTERRUPTS();
549 if (bgs->ckpt_failed != old_failed)
551 (errmsg("checkpoint request failed"),
552 errhint("Consult the postmaster log for details.")));
557 * ForwardFsyncRequest
558 * Forward a file-fsync request from a backend to the bgwriter
560 * Whenever a backend is compelled to write directly to a relation
561 * (which should be seldom, if the bgwriter is getting its job done),
562 * the backend calls this routine to pass over knowledge that the relation
563 * is dirty and must be fsync'd before next checkpoint.
565 * If we are unable to pass over the request (at present, this can happen
566 * if the shared memory queue is full), we return false. That forces
567 * the backend to do its own fsync. We hope that will be even more seldom.
569 * Note: we presently make no attempt to eliminate duplicate requests
570 * in the requests[] queue. The bgwriter will have to eliminate dups
571 * internally anyway, so we may as well avoid holding the lock longer
572 * than we have to here.
575 ForwardFsyncRequest(RelFileNode rnode, BlockNumber segno)
577 BgWriterRequest *request;
579 if (!IsUnderPostmaster)
580 return false; /* probably shouldn't even get here */
581 Assert(BgWriterShmem != NULL);
583 LWLockAcquire(BgWriterCommLock, LW_EXCLUSIVE);
584 if (BgWriterShmem->bgwriter_pid == 0 ||
585 BgWriterShmem->num_requests >= BgWriterShmem->max_requests)
587 LWLockRelease(BgWriterCommLock);
590 request = &BgWriterShmem->requests[BgWriterShmem->num_requests++];
591 request->rnode = rnode;
592 request->segno = segno;
593 LWLockRelease(BgWriterCommLock);
598 * AbsorbFsyncRequests
599 * Retrieve queued fsync requests and pass them to local smgr.
601 * This is exported because it must be called during CreateCheckpoint;
602 * we have to be sure we have accepted all pending requests *after* we
603 * establish the checkpoint redo pointer. Since CreateCheckpoint
604 * sometimes runs in non-bgwriter processes, do nothing if not bgwriter.
607 AbsorbFsyncRequests(void)
609 BgWriterRequest *requests = NULL;
610 BgWriterRequest *request;
617 * We try to avoid holding the lock for a long time by copying the
620 LWLockAcquire(BgWriterCommLock, LW_EXCLUSIVE);
622 n = BgWriterShmem->num_requests;
625 requests = (BgWriterRequest *) palloc(n * sizeof(BgWriterRequest));
626 memcpy(requests, BgWriterShmem->requests, n * sizeof(BgWriterRequest));
628 BgWriterShmem->num_requests = 0;
630 LWLockRelease(BgWriterCommLock);
632 for (request = requests; n > 0; request++, n--)
634 RememberFsyncRequest(request->rnode, request->segno);