1 /*-------------------------------------------------------------------------
4 * Routines for interprocess signaling
7 * Portions Copyright (c) 1996-2022, PostgreSQL Global Development Group
8 * Portions Copyright (c) 1994, Regents of the University of California
11 * src/backend/storage/ipc/procsignal.c
13 *-------------------------------------------------------------------------
20 #include "access/parallel.h"
21 #include "port/pg_bitutils.h"
22 #include "commands/async.h"
23 #include "miscadmin.h"
25 #include "replication/walsender.h"
26 #include "storage/condition_variable.h"
27 #include "storage/ipc.h"
28 #include "storage/latch.h"
29 #include "storage/proc.h"
30 #include "storage/shmem.h"
31 #include "storage/sinval.h"
32 #include "tcop/tcopprot.h"
33 #include "utils/memutils.h"
36 * The SIGUSR1 signal is multiplexed to support signaling multiple event
37 * types. The specific reason is communicated via flags in shared memory.
38 * We keep a boolean flag for each possible "reason", so that different
39 * reasons can be signaled to a process concurrently. (However, if the same
40 * reason is signaled more than once nearly simultaneously, the process may
41 * observe it only once.)
43 * Each process that wants to receive signals registers its process ID
44 * in the ProcSignalSlots array. The array is indexed by backend ID to make
45 * slot allocation simple, and to avoid having to search the array when you
46 * know the backend ID of the process you're signaling. (We do support
47 * signaling without backend ID, but it's a bit less efficient.)
49 * The flags are actually declared as "volatile sig_atomic_t" for maximum
50 * portability. This should ensure that loads and stores of the flag
51 * values are atomic, allowing us to dispense with any explicit locking.
53 * pss_signalFlags are intended to be set in cases where we don't need to
54 * keep track of whether or not the target process has handled the signal,
55 * but sometimes we need confirmation, as when making a global state change
56 * that cannot be considered complete until all backends have taken notice
57 * of it. For such use cases, we set a bit in pss_barrierCheckMask and then
58 * increment the current "barrier generation"; when the new barrier generation
59 * (or greater) appears in the pss_barrierGeneration flag of every process,
60 * we know that the message has been received everywhere.
64 volatile pid_t pss_pid
;
65 volatile sig_atomic_t pss_signalFlags
[NUM_PROCSIGNALS
];
66 pg_atomic_uint64 pss_barrierGeneration
;
67 pg_atomic_uint32 pss_barrierCheckMask
;
68 ConditionVariable pss_barrierCV
;
72 * Information that is global to the entire ProcSignal system can be stored
75 * psh_barrierGeneration is the highest barrier generation in existence.
79 pg_atomic_uint64 psh_barrierGeneration
;
80 ProcSignalSlot psh_slot
[FLEXIBLE_ARRAY_MEMBER
];
84 * We reserve a slot for each possible BackendId, plus one for each
85 * possible auxiliary process type. (This scheme assumes there is not
86 * more than one of any auxiliary process type at a time.)
88 #define NumProcSignalSlots (MaxBackends + NUM_AUXPROCTYPES)
90 /* Check whether the relevant type bit is set in the flags. */
91 #define BARRIER_SHOULD_CHECK(flags, type) \
92 (((flags) & (((uint32) 1) << (uint32) (type))) != 0)
94 /* Clear the relevant type bit from the flags. */
95 #define BARRIER_CLEAR_BIT(flags, type) \
96 ((flags) &= ~(((uint32) 1) << (uint32) (type)))
98 static ProcSignalHeader
*ProcSignal
= NULL
;
99 static ProcSignalSlot
*MyProcSignalSlot
= NULL
;
101 static bool CheckProcSignal(ProcSignalReason reason
);
102 static void CleanupProcSignalState(int status
, Datum arg
);
103 static void ResetProcSignalBarrierBits(uint32 flags
);
104 static bool ProcessBarrierPlaceholder(void);
107 * ProcSignalShmemSize
108 * Compute space needed for ProcSignal's shared memory
111 ProcSignalShmemSize(void)
115 size
= mul_size(NumProcSignalSlots
, sizeof(ProcSignalSlot
));
116 size
= add_size(size
, offsetof(ProcSignalHeader
, psh_slot
));
121 * ProcSignalShmemInit
122 * Allocate and initialize ProcSignal's shared memory
125 ProcSignalShmemInit(void)
127 Size size
= ProcSignalShmemSize();
130 ProcSignal
= (ProcSignalHeader
*)
131 ShmemInitStruct("ProcSignal", size
, &found
);
133 /* If we're first, initialize. */
138 pg_atomic_init_u64(&ProcSignal
->psh_barrierGeneration
, 0);
140 for (i
= 0; i
< NumProcSignalSlots
; ++i
)
142 ProcSignalSlot
*slot
= &ProcSignal
->psh_slot
[i
];
145 MemSet(slot
->pss_signalFlags
, 0, sizeof(slot
->pss_signalFlags
));
146 pg_atomic_init_u64(&slot
->pss_barrierGeneration
, PG_UINT64_MAX
);
147 pg_atomic_init_u32(&slot
->pss_barrierCheckMask
, 0);
148 ConditionVariableInit(&slot
->pss_barrierCV
);
155 * Register the current process in the ProcSignal array
157 * The passed index should be my BackendId if the process has one,
158 * or MaxBackends + aux process type if not.
161 ProcSignalInit(int pss_idx
)
163 ProcSignalSlot
*slot
;
164 uint64 barrier_generation
;
166 Assert(pss_idx
>= 1 && pss_idx
<= NumProcSignalSlots
);
168 slot
= &ProcSignal
->psh_slot
[pss_idx
- 1];
171 if (slot
->pss_pid
!= 0)
172 elog(LOG
, "process %d taking over ProcSignal slot %d, but it's not empty",
175 /* Clear out any leftover signal reasons */
176 MemSet(slot
->pss_signalFlags
, 0, NUM_PROCSIGNALS
* sizeof(sig_atomic_t));
179 * Initialize barrier state. Since we're a brand-new process, there
180 * shouldn't be any leftover backend-private state that needs to be
181 * updated. Therefore, we can broadcast the latest barrier generation and
182 * disregard any previously-set check bits.
184 * NB: This only works if this initialization happens early enough in the
185 * startup sequence that we haven't yet cached any state that might need
186 * to be invalidated. That's also why we have a memory barrier here, to be
187 * sure that any later reads of memory happen strictly after this.
189 pg_atomic_write_u32(&slot
->pss_barrierCheckMask
, 0);
191 pg_atomic_read_u64(&ProcSignal
->psh_barrierGeneration
);
192 pg_atomic_write_u64(&slot
->pss_barrierGeneration
, barrier_generation
);
195 /* Mark slot with my PID */
196 slot
->pss_pid
= MyProcPid
;
198 /* Remember slot location for CheckProcSignal */
199 MyProcSignalSlot
= slot
;
201 /* Set up to release the slot on process exit */
202 on_shmem_exit(CleanupProcSignalState
, Int32GetDatum(pss_idx
));
206 * CleanupProcSignalState
207 * Remove current process from ProcSignal mechanism
209 * This function is called via on_shmem_exit() during backend shutdown.
212 CleanupProcSignalState(int status
, Datum arg
)
214 int pss_idx
= DatumGetInt32(arg
);
215 ProcSignalSlot
*slot
;
217 slot
= &ProcSignal
->psh_slot
[pss_idx
- 1];
218 Assert(slot
== MyProcSignalSlot
);
221 * Clear MyProcSignalSlot, so that a SIGUSR1 received after this point
222 * won't try to access it after it's no longer ours (and perhaps even
223 * after we've unmapped the shared memory segment).
225 MyProcSignalSlot
= NULL
;
228 if (slot
->pss_pid
!= MyProcPid
)
231 * don't ERROR here. We're exiting anyway, and don't want to get into
232 * infinite loop trying to exit
234 elog(LOG
, "process %d releasing ProcSignal slot %d, but it contains %d",
235 MyProcPid
, pss_idx
, (int) slot
->pss_pid
);
236 return; /* XXX better to zero the slot anyway? */
240 * Make this slot look like it's absorbed all possible barriers, so that
241 * no barrier waits block on it.
243 pg_atomic_write_u64(&slot
->pss_barrierGeneration
, PG_UINT64_MAX
);
244 ConditionVariableBroadcast(&slot
->pss_barrierCV
);
251 * Send a signal to a Postgres process
253 * Providing backendId is optional, but it will speed up the operation.
255 * On success (a signal was sent), zero is returned.
256 * On error, -1 is returned, and errno is set (typically to ESRCH or EPERM).
258 * Not to be confused with ProcSendSignal
261 SendProcSignal(pid_t pid
, ProcSignalReason reason
, BackendId backendId
)
263 volatile ProcSignalSlot
*slot
;
265 if (backendId
!= InvalidBackendId
)
267 slot
= &ProcSignal
->psh_slot
[backendId
- 1];
270 * Note: Since there's no locking, it's possible that the target
271 * process detaches from shared memory and exits right after this
272 * test, before we set the flag and send signal. And the signal slot
273 * might even be recycled by a new process, so it's remotely possible
274 * that we set a flag for a wrong process. That's OK, all the signals
275 * are such that no harm is done if they're mistakenly fired.
277 if (slot
->pss_pid
== pid
)
279 /* Atomically set the proper flag */
280 slot
->pss_signalFlags
[reason
] = true;
282 return kill(pid
, SIGUSR1
);
288 * BackendId not provided, so search the array using pid. We search
289 * the array back to front so as to reduce search overhead. Passing
290 * InvalidBackendId means that the target is most likely an auxiliary
291 * process, which will have a slot near the end of the array.
295 for (i
= NumProcSignalSlots
- 1; i
>= 0; i
--)
297 slot
= &ProcSignal
->psh_slot
[i
];
299 if (slot
->pss_pid
== pid
)
301 /* the above note about race conditions applies here too */
303 /* Atomically set the proper flag */
304 slot
->pss_signalFlags
[reason
] = true;
306 return kill(pid
, SIGUSR1
);
316 * EmitProcSignalBarrier
317 * Send a signal to every Postgres process
319 * The return value of this function is the barrier "generation" created
320 * by this operation. This value can be passed to WaitForProcSignalBarrier
321 * to wait until it is known that every participant in the ProcSignal
322 * mechanism has absorbed the signal (or started afterwards).
324 * Note that it would be a bad idea to use this for anything that happens
325 * frequently, as interrupting every backend could cause a noticeable
328 * Callers are entitled to assume that this function will not throw ERROR
332 EmitProcSignalBarrier(ProcSignalBarrierType type
)
334 uint32 flagbit
= 1 << (uint32
) type
;
340 * Note that pg_atomic_fetch_or_u32 has full barrier semantics, so this is
341 * totally ordered with respect to anything the caller did before, and
342 * anything that we do afterwards. (This is also true of the later call to
343 * pg_atomic_add_fetch_u64.)
345 for (int i
= 0; i
< NumProcSignalSlots
; i
++)
347 volatile ProcSignalSlot
*slot
= &ProcSignal
->psh_slot
[i
];
349 pg_atomic_fetch_or_u32(&slot
->pss_barrierCheckMask
, flagbit
);
353 * Increment the generation counter.
356 pg_atomic_add_fetch_u64(&ProcSignal
->psh_barrierGeneration
, 1);
359 * Signal all the processes, so that they update their advertised barrier
362 * Concurrency is not a problem here. Backends that have exited don't
363 * matter, and new backends that have joined since we entered this
364 * function must already have current state, since the caller is
365 * responsible for making sure that the relevant state is entirely visible
366 * before calling this function in the first place. We still have to wake
367 * them up - because we can't distinguish between such backends and older
368 * backends that need to update state - but they won't actually need to
371 for (int i
= NumProcSignalSlots
- 1; i
>= 0; i
--)
373 volatile ProcSignalSlot
*slot
= &ProcSignal
->psh_slot
[i
];
374 pid_t pid
= slot
->pss_pid
;
378 /* see SendProcSignal for details */
379 slot
->pss_signalFlags
[PROCSIG_BARRIER
] = true;
388 * WaitForProcSignalBarrier - wait until it is guaranteed that all changes
389 * requested by a specific call to EmitProcSignalBarrier() have taken effect.
392 WaitForProcSignalBarrier(uint64 generation
)
394 Assert(generation
<= pg_atomic_read_u64(&ProcSignal
->psh_barrierGeneration
));
396 for (int i
= NumProcSignalSlots
- 1; i
>= 0; i
--)
398 ProcSignalSlot
*slot
= &ProcSignal
->psh_slot
[i
];
402 * It's important that we check only pss_barrierGeneration here and
403 * not pss_barrierCheckMask. Bits in pss_barrierCheckMask get cleared
404 * before the barrier is actually absorbed, but pss_barrierGeneration
405 * is updated only afterward.
407 oldval
= pg_atomic_read_u64(&slot
->pss_barrierGeneration
);
408 while (oldval
< generation
)
410 ConditionVariableSleep(&slot
->pss_barrierCV
,
411 WAIT_EVENT_PROC_SIGNAL_BARRIER
);
412 oldval
= pg_atomic_read_u64(&slot
->pss_barrierGeneration
);
414 ConditionVariableCancelSleep();
418 * The caller is probably calling this function because it wants to read
419 * the shared state or perform further writes to shared state once all
420 * backends are known to have absorbed the barrier. However, the read of
421 * pss_barrierGeneration was performed unlocked; insert a memory barrier
422 * to separate it from whatever follows.
428 * Handle receipt of an interrupt indicating a global barrier event.
430 * All the actual work is deferred to ProcessProcSignalBarrier(), because we
431 * cannot safely access the barrier generation inside the signal handler as
432 * 64bit atomics might use spinlock based emulation, even for reads. As this
433 * routine only gets called when PROCSIG_BARRIER is sent that won't cause a
434 * lot of unnecessary work.
437 HandleProcSignalBarrierInterrupt(void)
439 InterruptPending
= true;
440 ProcSignalBarrierPending
= true;
441 /* latch will be set by procsignal_sigusr1_handler */
445 * Perform global barrier related interrupt checking.
447 * Any backend that participates in ProcSignal signaling must arrange to
448 * call this function periodically. It is called from CHECK_FOR_INTERRUPTS(),
449 * which is enough for normal backends, but not necessarily for all types of
450 * background processes.
453 ProcessProcSignalBarrier(void)
457 volatile uint32 flags
;
459 Assert(MyProcSignalSlot
);
461 /* Exit quickly if there's no work to do. */
462 if (!ProcSignalBarrierPending
)
464 ProcSignalBarrierPending
= false;
467 * It's not unlikely to process multiple barriers at once, before the
468 * signals for all the barriers have arrived. To avoid unnecessary work in
469 * response to subsequent signals, exit early if we already have processed
472 local_gen
= pg_atomic_read_u64(&MyProcSignalSlot
->pss_barrierGeneration
);
473 shared_gen
= pg_atomic_read_u64(&ProcSignal
->psh_barrierGeneration
);
475 Assert(local_gen
<= shared_gen
);
477 if (local_gen
== shared_gen
)
481 * Get and clear the flags that are set for this backend. Note that
482 * pg_atomic_exchange_u32 is a full barrier, so we're guaranteed that the
483 * read of the barrier generation above happens before we atomically
484 * extract the flags, and that any subsequent state changes happen
487 * NB: In order to avoid race conditions, we must zero
488 * pss_barrierCheckMask first and only afterwards try to do barrier
489 * processing. If we did it in the other order, someone could send us
490 * another barrier of some type right after we called the
491 * barrier-processing function but before we cleared the bit. We would
492 * have no way of knowing that the bit needs to stay set in that case, so
493 * the need to call the barrier-processing function again would just get
494 * forgotten. So instead, we tentatively clear all the bits and then put
495 * back any for which we don't manage to successfully absorb the barrier.
497 flags
= pg_atomic_exchange_u32(&MyProcSignalSlot
->pss_barrierCheckMask
, 0);
500 * If there are no flags set, then we can skip doing any real work.
501 * Otherwise, establish a PG_TRY block, so that we don't lose track of
502 * which types of barrier processing are needed if an ERROR occurs.
511 * Process each type of barrier. The barrier-processing functions
512 * should normally return true, but may return false if the
513 * barrier can't be absorbed at the current time. This should be
514 * rare, because it's pretty expensive. Every single
515 * CHECK_FOR_INTERRUPTS() will return here until we manage to
516 * absorb the barrier, and that cost will add up in a hurry.
518 * NB: It ought to be OK to call the barrier-processing functions
519 * unconditionally, but it's more efficient to call only the ones
520 * that might need us to do something based on the flags.
524 ProcSignalBarrierType type
;
525 bool processed
= true;
527 type
= (ProcSignalBarrierType
) pg_rightmost_one_pos32(flags
);
530 case PROCSIGNAL_BARRIER_PLACEHOLDER
:
531 processed
= ProcessBarrierPlaceholder();
536 * To avoid an infinite loop, we must always unset the bit in
539 BARRIER_CLEAR_BIT(flags
, type
);
542 * If we failed to process the barrier, reset the shared bit
543 * so we try again later, and set a flag so that we don't bump
548 ResetProcSignalBarrierBits(((uint32
) 1) << type
);
556 * If an ERROR occurred, we'll need to try again later to handle
557 * that barrier type and any others that haven't been handled yet
558 * or weren't successfully absorbed.
560 ResetProcSignalBarrierBits(flags
);
566 * If some barrier types were not successfully absorbed, we will have
567 * to try again later.
574 * State changes related to all types of barriers that might have been
575 * emitted have now been handled, so we can update our notion of the
576 * generation to the one we observed before beginning the updates. If
577 * things have changed further, it'll get fixed up when this function is
580 pg_atomic_write_u64(&MyProcSignalSlot
->pss_barrierGeneration
, shared_gen
);
581 ConditionVariableBroadcast(&MyProcSignalSlot
->pss_barrierCV
);
585 * If it turns out that we couldn't absorb one or more barrier types, either
586 * because the barrier-processing functions returned false or due to an error,
587 * arrange for processing to be retried later.
590 ResetProcSignalBarrierBits(uint32 flags
)
592 pg_atomic_fetch_or_u32(&MyProcSignalSlot
->pss_barrierCheckMask
, flags
);
593 ProcSignalBarrierPending
= true;
594 InterruptPending
= true;
598 ProcessBarrierPlaceholder(void)
601 * XXX. This is just a placeholder until the first real user of this
602 * machinery gets committed. Rename PROCSIGNAL_BARRIER_PLACEHOLDER to
603 * PROCSIGNAL_BARRIER_SOMETHING_ELSE where SOMETHING_ELSE is something
604 * appropriately descriptive. Get rid of this function and instead have
605 * ProcessBarrierSomethingElse. Most likely, that function should live in
606 * the file pertaining to that subsystem, rather than here.
608 * The return value should be 'true' if the barrier was successfully
609 * absorbed and 'false' if not. Note that returning 'false' can lead to
610 * very frequent retries, so try hard to make that an uncommon case.
616 * CheckProcSignal - check to see if a particular reason has been
617 * signaled, and clear the signal flag. Should be called after receiving
621 CheckProcSignal(ProcSignalReason reason
)
623 volatile ProcSignalSlot
*slot
= MyProcSignalSlot
;
627 /* Careful here --- don't clear flag if we haven't seen it set */
628 if (slot
->pss_signalFlags
[reason
])
630 slot
->pss_signalFlags
[reason
] = false;
639 * procsignal_sigusr1_handler - handle SIGUSR1 signal.
642 procsignal_sigusr1_handler(SIGNAL_ARGS
)
644 int save_errno
= errno
;
646 if (CheckProcSignal(PROCSIG_CATCHUP_INTERRUPT
))
647 HandleCatchupInterrupt();
649 if (CheckProcSignal(PROCSIG_NOTIFY_INTERRUPT
))
650 HandleNotifyInterrupt();
652 if (CheckProcSignal(PROCSIG_PARALLEL_MESSAGE
))
653 HandleParallelMessageInterrupt();
655 if (CheckProcSignal(PROCSIG_WALSND_INIT_STOPPING
))
656 HandleWalSndInitStopping();
658 if (CheckProcSignal(PROCSIG_BARRIER
))
659 HandleProcSignalBarrierInterrupt();
661 if (CheckProcSignal(PROCSIG_LOG_MEMORY_CONTEXT
))
662 HandleLogMemoryContextInterrupt();
664 if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_DATABASE
))
665 RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_DATABASE
);
667 if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_TABLESPACE
))
668 RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_TABLESPACE
);
670 if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_LOCK
))
671 RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_LOCK
);
673 if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_SNAPSHOT
))
674 RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_SNAPSHOT
);
676 if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_STARTUP_DEADLOCK
))
677 RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_STARTUP_DEADLOCK
);
679 if (CheckProcSignal(PROCSIG_RECOVERY_CONFLICT_BUFFERPIN
))
680 RecoveryConflictInterrupt(PROCSIG_RECOVERY_CONFLICT_BUFFERPIN
);