/*------------------------------------------------------------------------- * * checkpointer.c * * The checkpointer is new as of Postgres 9.2. It handles all checkpoints. * Checkpoints are automatically dispatched after a certain amount of time has * elapsed since the last one, and it can be signaled to perform requested * checkpoints as well. (The GUC parameter that mandates a checkpoint every * so many WAL segments is implemented by having backends signal when they * fill WAL segments; the checkpointer itself doesn't watch for the * condition.) * * The checkpointer is started by the postmaster as soon as the startup * subprocess finishes, or as soon as recovery begins if we are doing archive * recovery. It remains alive until the postmaster commands it to terminate. * Normal termination is by SIGUSR2, which instructs the checkpointer to * execute a shutdown checkpoint and then exit(0). (All backends must be * stopped before SIGUSR2 is issued!) Emergency termination is by SIGQUIT; * like any backend, the checkpointer will simply abort and exit on SIGQUIT. * * If the checkpointer exits unexpectedly, the postmaster treats that the same * as a backend crash: shared memory may be corrupted, so remaining backends * should be killed by SIGQUIT and then a recovery cycle started. (Even if * shared memory isn't corrupted, we have lost information about which * files need to be fsync'd for the next checkpoint, and so a system * restart needs to be forced.) * * * Portions Copyright (c) 1996-2012, PostgreSQL Global Development Group * * * IDENTIFICATION * src/backend/postmaster/checkpointer.c * *------------------------------------------------------------------------- */ #include "postgres.h" #include #include #include #include #include "access/xlog_internal.h" #include "libpq/pqsignal.h" #include "miscadmin.h" #include "pgstat.h" #include "postmaster/bgwriter.h" #include "replication/syncrep.h" #include "storage/bufmgr.h" #include "storage/fd.h" #include "storage/ipc.h" #include "storage/lwlock.h" #include "storage/proc.h" #include "storage/shmem.h" #include "storage/smgr.h" #include "storage/spin.h" #include "utils/guc.h" #include "utils/memutils.h" #include "utils/resowner.h" /*---------- * Shared memory area for communication between checkpointer and backends * * The ckpt counters allow backends to watch for completion of a checkpoint * request they send. Here's how it works: * * At start of a checkpoint, checkpointer reads (and clears) the request * flags and increments ckpt_started, while holding ckpt_lck. * * On completion of a checkpoint, checkpointer sets ckpt_done to * equal ckpt_started. * * On failure of a checkpoint, checkpointer increments ckpt_failed * and sets ckpt_done to equal ckpt_started. * * The algorithm for backends is: * 1. Record current values of ckpt_failed and ckpt_started, and * set request flags, while holding ckpt_lck. * 2. Send signal to request checkpoint. * 3. Sleep until ckpt_started changes. Now you know a checkpoint has * begun since you started this algorithm (although *not* that it was * specifically initiated by your signal), and that it is using your flags. * 4. Record new value of ckpt_started. * 5. Sleep until ckpt_done >= saved value of ckpt_started. (Use modulo * arithmetic here in case counters wrap around.) Now you know a * checkpoint has started and completed, but not whether it was * successful. * 6. If ckpt_failed is different from the originally saved value, * assume request failed; otherwise it was definitely successful. * * ckpt_flags holds the OR of the checkpoint request flags sent by all * requesting backends since the last checkpoint start. The flags are * chosen so that OR'ing is the correct way to combine multiple requests. * * num_backend_writes is used to count the number of buffer writes performed * by user backend processes. This counter should be wide enough that it * can't overflow during a single processing cycle. num_backend_fsync * counts the subset of those writes that also had to do their own fsync, * because the checkpointer failed to absorb their request. * * The requests array holds fsync requests sent by backends and not yet * absorbed by the checkpointer. * * Unlike the checkpoint fields, num_backend_writes, num_backend_fsync, and * the requests fields are protected by CheckpointerCommLock. *---------- */ typedef struct { RelFileNode rnode; ForkNumber forknum; BlockNumber segno; /* see md.c for special values */ /* might add a real request-type field later; not needed yet */ } CheckpointerRequest; typedef struct { pid_t checkpointer_pid; /* PID (0 if not started) */ slock_t ckpt_lck; /* protects all the ckpt_* fields */ int ckpt_started; /* advances when checkpoint starts */ int ckpt_done; /* advances when checkpoint done */ int ckpt_failed; /* advances when checkpoint fails */ int ckpt_flags; /* checkpoint flags, as defined in xlog.h */ uint32 num_backend_writes; /* counts user backend buffer writes */ uint32 num_backend_fsync; /* counts user backend fsync calls */ int num_requests; /* current # of requests */ int max_requests; /* allocated array size */ CheckpointerRequest requests[1]; /* VARIABLE LENGTH ARRAY */ } CheckpointerShmemStruct; static CheckpointerShmemStruct *CheckpointerShmem; /* interval for calling AbsorbFsyncRequests in CheckpointWriteDelay */ #define WRITES_PER_ABSORB 1000 /* * GUC parameters */ int CheckPointTimeout = 300; int CheckPointWarning = 30; double CheckPointCompletionTarget = 0.5; /* * Flags set by interrupt handlers for later service in the main loop. */ static volatile sig_atomic_t got_SIGHUP = false; static volatile sig_atomic_t checkpoint_requested = false; static volatile sig_atomic_t shutdown_requested = false; /* * Private state */ static bool ckpt_active = false; /* these values are valid when ckpt_active is true: */ static pg_time_t ckpt_start_time; static XLogRecPtr ckpt_start_recptr; static double ckpt_cached_elapsed; static pg_time_t last_checkpoint_time; static pg_time_t last_xlog_switch_time; /* Prototypes for private functions */ static void CheckArchiveTimeout(void); static bool IsCheckpointOnSchedule(double progress); static bool ImmediateCheckpointRequested(void); static bool CompactCheckpointerRequestQueue(void); static void UpdateSharedMemoryConfig(void); /* Signal handlers */ static void chkpt_quickdie(SIGNAL_ARGS); static void ChkptSigHupHandler(SIGNAL_ARGS); static void ReqCheckpointHandler(SIGNAL_ARGS); static void chkpt_sigusr1_handler(SIGNAL_ARGS); static void ReqShutdownHandler(SIGNAL_ARGS); /* * Main entry point for checkpointer process * * This is invoked from AuxiliaryProcessMain, which has already created the * basic execution environment, but not enabled signals yet. */ void CheckpointerMain(void) { sigjmp_buf local_sigjmp_buf; MemoryContext checkpointer_context; CheckpointerShmem->checkpointer_pid = MyProcPid; /* * If possible, make this process a group leader, so that the postmaster * can signal any child processes too. (checkpointer probably never has * any child processes, but for consistency we make all postmaster child * processes do this.) */ #ifdef HAVE_SETSID if (setsid() < 0) elog(FATAL, "setsid() failed: %m"); #endif /* * Properly accept or ignore signals the postmaster might send us * * Note: we deliberately ignore SIGTERM, because during a standard Unix * system shutdown cycle, init will SIGTERM all processes at once. We * want to wait for the backends to exit, whereupon the postmaster will * tell us it's okay to shut down (via SIGUSR2). */ pqsignal(SIGHUP, ChkptSigHupHandler); /* set flag to read config * file */ pqsignal(SIGINT, ReqCheckpointHandler); /* request checkpoint */ pqsignal(SIGTERM, SIG_IGN); /* ignore SIGTERM */ pqsignal(SIGQUIT, chkpt_quickdie); /* hard crash time */ pqsignal(SIGALRM, SIG_IGN); pqsignal(SIGPIPE, SIG_IGN); pqsignal(SIGUSR1, chkpt_sigusr1_handler); pqsignal(SIGUSR2, ReqShutdownHandler); /* request shutdown */ /* * Reset some signals that are accepted by postmaster but not here */ pqsignal(SIGCHLD, SIG_DFL); pqsignal(SIGTTIN, SIG_DFL); pqsignal(SIGTTOU, SIG_DFL); pqsignal(SIGCONT, SIG_DFL); pqsignal(SIGWINCH, SIG_DFL); /* We allow SIGQUIT (quickdie) at all times */ sigdelset(&BlockSig, SIGQUIT); /* * Initialize so that first time-driven event happens at the correct time. */ last_checkpoint_time = last_xlog_switch_time = (pg_time_t) time(NULL); /* * Create a resource owner to keep track of our resources (currently only * buffer pins). */ CurrentResourceOwner = ResourceOwnerCreate(NULL, "Checkpointer"); /* * Create a memory context that we will do all our work in. We do this so * that we can reset the context during error recovery and thereby avoid * possible memory leaks. Formerly this code just ran in * TopMemoryContext, but resetting that would be a really bad idea. */ checkpointer_context = AllocSetContextCreate(TopMemoryContext, "Checkpointer", ALLOCSET_DEFAULT_MINSIZE, ALLOCSET_DEFAULT_INITSIZE, ALLOCSET_DEFAULT_MAXSIZE); MemoryContextSwitchTo(checkpointer_context); /* * If an exception is encountered, processing resumes here. * * See notes in postgres.c about the design of this coding. */ if (sigsetjmp(local_sigjmp_buf, 1) != 0) { /* Since not using PG_TRY, must reset error stack by hand */ error_context_stack = NULL; /* Prevent interrupts while cleaning up */ HOLD_INTERRUPTS(); /* Report the error to the server log */ EmitErrorReport(); /* * These operations are really just a minimal subset of * AbortTransaction(). We don't have very many resources to worry * about in checkpointer, but we do have LWLocks, buffers, and temp * files. */ LWLockReleaseAll(); AbortBufferIO(); UnlockBuffers(); /* buffer pins are released here: */ ResourceOwnerRelease(CurrentResourceOwner, RESOURCE_RELEASE_BEFORE_LOCKS, false, true); /* we needn't bother with the other ResourceOwnerRelease phases */ AtEOXact_Buffers(false); AtEOXact_SMgr(); AtEOXact_Files(); AtEOXact_HashTables(false); /* Warn any waiting backends that the checkpoint failed. */ if (ckpt_active) { /* use volatile pointer to prevent code rearrangement */ volatile CheckpointerShmemStruct *cps = CheckpointerShmem; SpinLockAcquire(&cps->ckpt_lck); cps->ckpt_failed++; cps->ckpt_done = cps->ckpt_started; SpinLockRelease(&cps->ckpt_lck); ckpt_active = false; } /* * Now return to normal top-level context and clear ErrorContext for * next time. */ MemoryContextSwitchTo(checkpointer_context); FlushErrorState(); /* Flush any leaked data in the top-level context */ MemoryContextResetAndDeleteChildren(checkpointer_context); /* Now we can allow interrupts again */ RESUME_INTERRUPTS(); /* * Sleep at least 1 second after any error. A write error is likely * to be repeated, and we don't want to be filling the error logs as * fast as we can. */ pg_usleep(1000000L); /* * Close all open files after any error. This is helpful on Windows, * where holding deleted files open causes various strange errors. * It's not clear we need it elsewhere, but shouldn't hurt. */ smgrcloseall(); } /* We can now handle ereport(ERROR) */ PG_exception_stack = &local_sigjmp_buf; /* * Unblock signals (they were blocked when the postmaster forked us) */ PG_SETMASK(&UnBlockSig); /* * Use the recovery target timeline ID during recovery */ if (RecoveryInProgress()) ThisTimeLineID = GetRecoveryTargetTLI(); /* * Ensure all shared memory values are set correctly for the config. Doing * this here ensures no race conditions from other concurrent updaters. */ UpdateSharedMemoryConfig(); /* * Advertise our latch that backends can use to wake us up while we're * sleeping. */ ProcGlobal->checkpointerLatch = &MyProc->procLatch; /* * Loop forever */ for (;;) { bool do_checkpoint = false; int flags = 0; pg_time_t now; int elapsed_secs; int cur_timeout; int rc; /* Clear any already-pending wakeups */ ResetLatch(&MyProc->procLatch); /* * Process any requests or signals received recently. */ AbsorbFsyncRequests(); if (got_SIGHUP) { got_SIGHUP = false; ProcessConfigFile(PGC_SIGHUP); /* * Checkpointer is the last process to shut down, so we ask it to * hold the keys for a range of other tasks required most of which * have nothing to do with checkpointing at all. * * For various reasons, some config values can change dynamically * so the primary copy of them is held in shared memory to make * sure all backends see the same value. We make Checkpointer * responsible for updating the shared memory copy if the * parameter setting changes because of SIGHUP. */ UpdateSharedMemoryConfig(); } if (checkpoint_requested) { checkpoint_requested = false; do_checkpoint = true; BgWriterStats.m_requested_checkpoints++; } if (shutdown_requested) { /* * From here on, elog(ERROR) should end with exit(1), not send * control back to the sigsetjmp block above */ ExitOnAnyError = true; /* Close down the database */ ShutdownXLOG(0, 0); /* Normal exit from the checkpointer is here */ proc_exit(0); /* done */ } /* * Force a checkpoint if too much time has elapsed since the last one. * Note that we count a timed checkpoint in stats only when this * occurs without an external request, but we set the CAUSE_TIME flag * bit even if there is also an external request. */ now = (pg_time_t) time(NULL); elapsed_secs = now - last_checkpoint_time; if (elapsed_secs >= CheckPointTimeout) { if (!do_checkpoint) BgWriterStats.m_timed_checkpoints++; do_checkpoint = true; flags |= CHECKPOINT_CAUSE_TIME; } /* * Do a checkpoint if requested. */ if (do_checkpoint) { bool ckpt_performed = false; bool do_restartpoint; /* use volatile pointer to prevent code rearrangement */ volatile CheckpointerShmemStruct *cps = CheckpointerShmem; /* * Check if we should perform a checkpoint or a restartpoint. As a * side-effect, RecoveryInProgress() initializes TimeLineID if * it's not set yet. */ do_restartpoint = RecoveryInProgress(); /* * Atomically fetch the request flags to figure out what kind of a * checkpoint we should perform, and increase the started-counter * to acknowledge that we've started a new checkpoint. */ SpinLockAcquire(&cps->ckpt_lck); flags |= cps->ckpt_flags; cps->ckpt_flags = 0; cps->ckpt_started++; SpinLockRelease(&cps->ckpt_lck); /* * The end-of-recovery checkpoint is a real checkpoint that's * performed while we're still in recovery. */ if (flags & CHECKPOINT_END_OF_RECOVERY) do_restartpoint = false; /* * We will warn if (a) too soon since last checkpoint (whatever * caused it) and (b) somebody set the CHECKPOINT_CAUSE_XLOG flag * since the last checkpoint start. Note in particular that this * implementation will not generate warnings caused by * CheckPointTimeout < CheckPointWarning. */ if (!do_restartpoint && (flags & CHECKPOINT_CAUSE_XLOG) && elapsed_secs < CheckPointWarning) ereport(LOG, (errmsg_plural("checkpoints are occurring too frequently (%d second apart)", "checkpoints are occurring too frequently (%d seconds apart)", elapsed_secs, elapsed_secs), errhint("Consider increasing the configuration parameter \"checkpoint_segments\"."))); /* * Initialize checkpointer-private variables used during * checkpoint */ ckpt_active = true; if (!do_restartpoint) ckpt_start_recptr = GetInsertRecPtr(); ckpt_start_time = now; ckpt_cached_elapsed = 0; /* * Do the checkpoint. */ if (!do_restartpoint) { CreateCheckPoint(flags); ckpt_performed = true; } else ckpt_performed = CreateRestartPoint(flags); /* * After any checkpoint, close all smgr files. This is so we * won't hang onto smgr references to deleted files indefinitely. */ smgrcloseall(); /* * Indicate checkpoint completion to any waiting backends. */ SpinLockAcquire(&cps->ckpt_lck); cps->ckpt_done = cps->ckpt_started; SpinLockRelease(&cps->ckpt_lck); if (ckpt_performed) { /* * Note we record the checkpoint start time not end time as * last_checkpoint_time. This is so that time-driven * checkpoints happen at a predictable spacing. */ last_checkpoint_time = now; } else { /* * We were not able to perform the restartpoint (checkpoints * throw an ERROR in case of error). Most likely because we * have not received any new checkpoint WAL records since the * last restartpoint. Try again in 15 s. */ last_checkpoint_time = now - CheckPointTimeout + 15; } ckpt_active = false; } /* Check for archive_timeout and switch xlog files if necessary. */ CheckArchiveTimeout(); /* * Send off activity statistics to the stats collector. (The reason * why we re-use bgwriter-related code for this is that the bgwriter * and checkpointer used to be just one process. It's probably not * worth the trouble to split the stats support into two independent * stats message types.) */ pgstat_send_bgwriter(); /* * Sleep until we are signaled or it's time for another checkpoint or * xlog file switch. */ now = (pg_time_t) time(NULL); elapsed_secs = now - last_checkpoint_time; if (elapsed_secs >= CheckPointTimeout) continue; /* no sleep for us ... */ cur_timeout = CheckPointTimeout - elapsed_secs; if (XLogArchiveTimeout > 0 && !RecoveryInProgress()) { elapsed_secs = now - last_xlog_switch_time; if (elapsed_secs >= XLogArchiveTimeout) continue; /* no sleep for us ... */ cur_timeout = Min(cur_timeout, XLogArchiveTimeout - elapsed_secs); } rc = WaitLatch(&MyProc->procLatch, WL_LATCH_SET | WL_TIMEOUT | WL_POSTMASTER_DEATH, cur_timeout * 1000L /* convert to ms */ ); /* * Emergency bailout if postmaster has died. This is to avoid the * necessity for manual cleanup of all postmaster children. */ if (rc & WL_POSTMASTER_DEATH) exit(1); } } /* * CheckArchiveTimeout -- check for archive_timeout and switch xlog files * * This will switch to a new WAL file and force an archive file write * if any activity is recorded in the current WAL file, including just * a single checkpoint record. */ static void CheckArchiveTimeout(void) { pg_time_t now; pg_time_t last_time; if (XLogArchiveTimeout <= 0 || RecoveryInProgress()) return; now = (pg_time_t) time(NULL); /* First we do a quick check using possibly-stale local state. */ if ((int) (now - last_xlog_switch_time) < XLogArchiveTimeout) return; /* * Update local state ... note that last_xlog_switch_time is the last time * a switch was performed *or requested*. */ last_time = GetLastSegSwitchTime(); last_xlog_switch_time = Max(last_xlog_switch_time, last_time); /* Now we can do the real check */ if ((int) (now - last_xlog_switch_time) >= XLogArchiveTimeout) { XLogRecPtr switchpoint; /* OK, it's time to switch */ switchpoint = RequestXLogSwitch(); /* * If the returned pointer points exactly to a segment boundary, * assume nothing happened. */ if ((switchpoint % XLogSegSize) != 0) ereport(DEBUG1, (errmsg("transaction log switch forced (archive_timeout=%d)", XLogArchiveTimeout))); /* * Update state in any case, so we don't retry constantly when the * system is idle. */ last_xlog_switch_time = now; } } /* * Returns true if an immediate checkpoint request is pending. (Note that * this does not check the *current* checkpoint's IMMEDIATE flag, but whether * there is one pending behind it.) */ static bool ImmediateCheckpointRequested(void) { if (checkpoint_requested) { volatile CheckpointerShmemStruct *cps = CheckpointerShmem; /* * We don't need to acquire the ckpt_lck in this case because we're * only looking at a single flag bit. */ if (cps->ckpt_flags & CHECKPOINT_IMMEDIATE) return true; } return false; } /* * CheckpointWriteDelay -- control rate of checkpoint * * This function is called after each page write performed by BufferSync(). * It is responsible for throttling BufferSync()'s write rate to hit * checkpoint_completion_target. * * The checkpoint request flags should be passed in; currently the only one * examined is CHECKPOINT_IMMEDIATE, which disables delays between writes. * * 'progress' is an estimate of how much of the work has been done, as a * fraction between 0.0 meaning none, and 1.0 meaning all done. */ void CheckpointWriteDelay(int flags, double progress) { static int absorb_counter = WRITES_PER_ABSORB; /* Do nothing if checkpoint is being executed by non-checkpointer process */ if (!AmCheckpointerProcess()) return; /* * Perform the usual duties and take a nap, unless we're behind schedule, * in which case we just try to catch up as quickly as possible. */ if (!(flags & CHECKPOINT_IMMEDIATE) && !shutdown_requested && !ImmediateCheckpointRequested() && IsCheckpointOnSchedule(progress)) { if (got_SIGHUP) { got_SIGHUP = false; ProcessConfigFile(PGC_SIGHUP); /* update shmem copies of config variables */ UpdateSharedMemoryConfig(); } AbsorbFsyncRequests(); absorb_counter = WRITES_PER_ABSORB; CheckArchiveTimeout(); /* * Report interim activity statistics to the stats collector. */ pgstat_send_bgwriter(); /* * This sleep used to be connected to bgwriter_delay, typically 200ms. * That resulted in more frequent wakeups if not much work to do. * Checkpointer and bgwriter are no longer related so take the Big * Sleep. */ pg_usleep(100000L); } else if (--absorb_counter <= 0) { /* * Absorb pending fsync requests after each WRITES_PER_ABSORB write * operations even when we don't sleep, to prevent overflow of the * fsync request queue. */ AbsorbFsyncRequests(); absorb_counter = WRITES_PER_ABSORB; } } /* * IsCheckpointOnSchedule -- are we on schedule to finish this checkpoint * in time? * * Compares the current progress against the time/segments elapsed since last * checkpoint, and returns true if the progress we've made this far is greater * than the elapsed time/segments. */ static bool IsCheckpointOnSchedule(double progress) { XLogRecPtr recptr; struct timeval now; double elapsed_xlogs, elapsed_time; Assert(ckpt_active); /* Scale progress according to checkpoint_completion_target. */ progress *= CheckPointCompletionTarget; /* * Check against the cached value first. Only do the more expensive * calculations once we reach the target previously calculated. Since * neither time or WAL insert pointer moves backwards, a freshly * calculated value can only be greater than or equal to the cached value. */ if (progress < ckpt_cached_elapsed) return false; /* * Check progress against WAL segments written and checkpoint_segments. * * We compare the current WAL insert location against the location * computed before calling CreateCheckPoint. The code in XLogInsert that * actually triggers a checkpoint when checkpoint_segments is exceeded * compares against RedoRecptr, so this is not completely accurate. * However, it's good enough for our purposes, we're only calculating an * estimate anyway. */ if (!RecoveryInProgress()) { recptr = GetInsertRecPtr(); elapsed_xlogs = (((double) (recptr - ckpt_start_recptr)) / XLogSegSize) / CheckPointSegments; if (progress < elapsed_xlogs) { ckpt_cached_elapsed = elapsed_xlogs; return false; } } /* * Check progress against time elapsed and checkpoint_timeout. */ gettimeofday(&now, NULL); elapsed_time = ((double) ((pg_time_t) now.tv_sec - ckpt_start_time) + now.tv_usec / 1000000.0) / CheckPointTimeout; if (progress < elapsed_time) { ckpt_cached_elapsed = elapsed_time; return false; } /* It looks like we're on schedule. */ return true; } /* -------------------------------- * signal handler routines * -------------------------------- */ /* * chkpt_quickdie() occurs when signalled SIGQUIT by the postmaster. * * Some backend has bought the farm, * so we need to stop what we're doing and exit. */ static void chkpt_quickdie(SIGNAL_ARGS) { PG_SETMASK(&BlockSig); /* * We DO NOT want to run proc_exit() callbacks -- we're here because * shared memory may be corrupted, so we don't want to try to clean up our * transaction. Just nail the windows shut and get out of town. Now that * there's an atexit callback to prevent third-party code from breaking * things by calling exit() directly, we have to reset the callbacks * explicitly to make this work as intended. */ on_exit_reset(); /* * Note we do exit(2) not exit(0). This is to force the postmaster into a * system reset cycle if some idiot DBA sends a manual SIGQUIT to a random * backend. This is necessary precisely because we don't clean up our * shared memory state. (The "dead man switch" mechanism in pmsignal.c * should ensure the postmaster sees this as a crash, too, but no harm in * being doubly sure.) */ exit(2); } /* SIGHUP: set flag to re-read config file at next convenient time */ static void ChkptSigHupHandler(SIGNAL_ARGS) { int save_errno = errno; got_SIGHUP = true; if (MyProc) SetLatch(&MyProc->procLatch); errno = save_errno; } /* SIGINT: set flag to run a normal checkpoint right away */ static void ReqCheckpointHandler(SIGNAL_ARGS) { int save_errno = errno; checkpoint_requested = true; if (MyProc) SetLatch(&MyProc->procLatch); errno = save_errno; } /* SIGUSR1: used for latch wakeups */ static void chkpt_sigusr1_handler(SIGNAL_ARGS) { int save_errno = errno; latch_sigusr1_handler(); errno = save_errno; } /* SIGUSR2: set flag to run a shutdown checkpoint and exit */ static void ReqShutdownHandler(SIGNAL_ARGS) { int save_errno = errno; shutdown_requested = true; if (MyProc) SetLatch(&MyProc->procLatch); errno = save_errno; } /* -------------------------------- * communication with backends * -------------------------------- */ /* * CheckpointerShmemSize * Compute space needed for checkpointer-related shared memory */ Size CheckpointerShmemSize(void) { Size size; /* * Currently, the size of the requests[] array is arbitrarily set equal to * NBuffers. This may prove too large or small ... */ size = offsetof(CheckpointerShmemStruct, requests); size = add_size(size, mul_size(NBuffers, sizeof(CheckpointerRequest))); return size; } /* * CheckpointerShmemInit * Allocate and initialize checkpointer-related shared memory */ void CheckpointerShmemInit(void) { Size size = CheckpointerShmemSize(); bool found; CheckpointerShmem = (CheckpointerShmemStruct *) ShmemInitStruct("Checkpointer Data", size, &found); if (!found) { /* * First time through, so initialize. Note that we zero the whole * requests array; this is so that CompactCheckpointerRequestQueue * can assume that any pad bytes in the request structs are zeroes. */ MemSet(CheckpointerShmem, 0, size); SpinLockInit(&CheckpointerShmem->ckpt_lck); CheckpointerShmem->max_requests = NBuffers; } } /* * RequestCheckpoint * Called in backend processes to request a checkpoint * * flags is a bitwise OR of the following: * CHECKPOINT_IS_SHUTDOWN: checkpoint is for database shutdown. * CHECKPOINT_END_OF_RECOVERY: checkpoint is for end of WAL recovery. * CHECKPOINT_IMMEDIATE: finish the checkpoint ASAP, * ignoring checkpoint_completion_target parameter. * CHECKPOINT_FORCE: force a checkpoint even if no XLOG activity has occurred * since the last one (implied by CHECKPOINT_IS_SHUTDOWN or * CHECKPOINT_END_OF_RECOVERY). * CHECKPOINT_WAIT: wait for completion before returning (otherwise, * just signal checkpointer to do it, and return). * CHECKPOINT_CAUSE_XLOG: checkpoint is requested due to xlog filling. * (This affects logging, and in particular enables CheckPointWarning.) */ void RequestCheckpoint(int flags) { /* use volatile pointer to prevent code rearrangement */ volatile CheckpointerShmemStruct *cps = CheckpointerShmem; int ntries; int old_failed, old_started; /* * If in a standalone backend, just do it ourselves. */ if (!IsPostmasterEnvironment) { /* * There's no point in doing slow checkpoints in a standalone backend, * because there's no other backends the checkpoint could disrupt. */ CreateCheckPoint(flags | CHECKPOINT_IMMEDIATE); /* * After any checkpoint, close all smgr files. This is so we won't * hang onto smgr references to deleted files indefinitely. */ smgrcloseall(); return; } /* * Atomically set the request flags, and take a snapshot of the counters. * When we see ckpt_started > old_started, we know the flags we set here * have been seen by checkpointer. * * Note that we OR the flags with any existing flags, to avoid overriding * a "stronger" request by another backend. The flag senses must be * chosen to make this work! */ SpinLockAcquire(&cps->ckpt_lck); old_failed = cps->ckpt_failed; old_started = cps->ckpt_started; cps->ckpt_flags |= flags; SpinLockRelease(&cps->ckpt_lck); /* * Send signal to request checkpoint. It's possible that the checkpointer * hasn't started yet, or is in process of restarting, so we will retry a * few times if needed. Also, if not told to wait for the checkpoint to * occur, we consider failure to send the signal to be nonfatal and merely * LOG it. */ for (ntries = 0;; ntries++) { if (CheckpointerShmem->checkpointer_pid == 0) { if (ntries >= 20) /* max wait 2.0 sec */ { elog((flags & CHECKPOINT_WAIT) ? ERROR : LOG, "could not request checkpoint because checkpointer not running"); break; } } else if (kill(CheckpointerShmem->checkpointer_pid, SIGINT) != 0) { if (ntries >= 20) /* max wait 2.0 sec */ { elog((flags & CHECKPOINT_WAIT) ? ERROR : LOG, "could not signal for checkpoint: %m"); break; } } else break; /* signal sent successfully */ CHECK_FOR_INTERRUPTS(); pg_usleep(100000L); /* wait 0.1 sec, then retry */ } /* * If requested, wait for completion. We detect completion according to * the algorithm given above. */ if (flags & CHECKPOINT_WAIT) { int new_started, new_failed; /* Wait for a new checkpoint to start. */ for (;;) { SpinLockAcquire(&cps->ckpt_lck); new_started = cps->ckpt_started; SpinLockRelease(&cps->ckpt_lck); if (new_started != old_started) break; CHECK_FOR_INTERRUPTS(); pg_usleep(100000L); } /* * We are waiting for ckpt_done >= new_started, in a modulo sense. */ for (;;) { int new_done; SpinLockAcquire(&cps->ckpt_lck); new_done = cps->ckpt_done; new_failed = cps->ckpt_failed; SpinLockRelease(&cps->ckpt_lck); if (new_done - new_started >= 0) break; CHECK_FOR_INTERRUPTS(); pg_usleep(100000L); } if (new_failed != old_failed) ereport(ERROR, (errmsg("checkpoint request failed"), errhint("Consult recent messages in the server log for details."))); } } /* * ForwardFsyncRequest * Forward a file-fsync request from a backend to the checkpointer * * Whenever a backend is compelled to write directly to a relation * (which should be seldom, if the background writer is getting its job done), * the backend calls this routine to pass over knowledge that the relation * is dirty and must be fsync'd before next checkpoint. We also use this * opportunity to count such writes for statistical purposes. * * This functionality is only supported for regular (not backend-local) * relations, so the rnode argument is intentionally RelFileNode not * RelFileNodeBackend. * * segno specifies which segment (not block!) of the relation needs to be * fsync'd. (Since the valid range is much less than BlockNumber, we can * use high values for special flags; that's all internal to md.c, which * see for details.) * * To avoid holding the lock for longer than necessary, we normally write * to the requests[] queue without checking for duplicates. The checkpointer * will have to eliminate dups internally anyway. However, if we discover * that the queue is full, we make a pass over the entire queue to compact * it. This is somewhat expensive, but the alternative is for the backend * to perform its own fsync, which is far more expensive in practice. It * is theoretically possible a backend fsync might still be necessary, if * the queue is full and contains no duplicate entries. In that case, we * let the backend know by returning false. */ bool ForwardFsyncRequest(RelFileNode rnode, ForkNumber forknum, BlockNumber segno) { CheckpointerRequest *request; bool too_full; if (!IsUnderPostmaster) return false; /* probably shouldn't even get here */ if (AmCheckpointerProcess()) elog(ERROR, "ForwardFsyncRequest must not be called in checkpointer"); LWLockAcquire(CheckpointerCommLock, LW_EXCLUSIVE); /* Count all backend writes regardless of if they fit in the queue */ if (!AmBackgroundWriterProcess()) CheckpointerShmem->num_backend_writes++; /* * If the checkpointer isn't running or the request queue is full, the * backend will have to perform its own fsync request. But before forcing * that to happen, we can try to compact the request queue. */ if (CheckpointerShmem->checkpointer_pid == 0 || (CheckpointerShmem->num_requests >= CheckpointerShmem->max_requests && !CompactCheckpointerRequestQueue())) { /* * Count the subset of writes where backends have to do their own * fsync */ if (!AmBackgroundWriterProcess()) CheckpointerShmem->num_backend_fsync++; LWLockRelease(CheckpointerCommLock); return false; } /* OK, insert request */ request = &CheckpointerShmem->requests[CheckpointerShmem->num_requests++]; request->rnode = rnode; request->forknum = forknum; request->segno = segno; /* If queue is more than half full, nudge the checkpointer to empty it */ too_full = (CheckpointerShmem->num_requests >= CheckpointerShmem->max_requests / 2); LWLockRelease(CheckpointerCommLock); /* ... but not till after we release the lock */ if (too_full && ProcGlobal->checkpointerLatch) SetLatch(ProcGlobal->checkpointerLatch); return true; } /* * CompactCheckpointerRequestQueue * Remove duplicates from the request queue to avoid backend fsyncs. * Returns "true" if any entries were removed. * * Although a full fsync request queue is not common, it can lead to severe * performance problems when it does happen. So far, this situation has * only been observed to occur when the system is under heavy write load, * and especially during the "sync" phase of a checkpoint. Without this * logic, each backend begins doing an fsync for every block written, which * gets very expensive and can slow down the whole system. * * Trying to do this every time the queue is full could lose if there * aren't any removable entries. But that should be vanishingly rare in * practice: there's one queue entry per shared buffer. */ static bool CompactCheckpointerRequestQueue(void) { struct CheckpointerSlotMapping { CheckpointerRequest request; int slot; }; int n, preserve_count; int num_skipped = 0; HASHCTL ctl; HTAB *htab; bool *skip_slot; /* must hold CheckpointerCommLock in exclusive mode */ Assert(LWLockHeldByMe(CheckpointerCommLock)); /* Initialize skip_slot array */ skip_slot = palloc0(sizeof(bool) * CheckpointerShmem->num_requests); /* Initialize temporary hash table */ MemSet(&ctl, 0, sizeof(ctl)); ctl.keysize = sizeof(CheckpointerRequest); ctl.entrysize = sizeof(struct CheckpointerSlotMapping); ctl.hash = tag_hash; ctl.hcxt = CurrentMemoryContext; htab = hash_create("CompactCheckpointerRequestQueue", CheckpointerShmem->num_requests, &ctl, HASH_ELEM | HASH_FUNCTION | HASH_CONTEXT); /* * The basic idea here is that a request can be skipped if it's followed * by a later, identical request. It might seem more sensible to work * backwards from the end of the queue and check whether a request is * *preceded* by an earlier, identical request, in the hopes of doing less * copying. But that might change the semantics, if there's an * intervening FORGET_RELATION_FSYNC or FORGET_DATABASE_FSYNC request, so * we do it this way. It would be possible to be even smarter if we made * the code below understand the specific semantics of such requests (it * could blow away preceding entries that would end up being canceled * anyhow), but it's not clear that the extra complexity would buy us * anything. */ for (n = 0; n < CheckpointerShmem->num_requests; n++) { CheckpointerRequest *request; struct CheckpointerSlotMapping *slotmap; bool found; /* * We use the request struct directly as a hashtable key. This * assumes that any padding bytes in the structs are consistently the * same, which should be okay because we zeroed them in * CheckpointerShmemInit. Note also that RelFileNode had better * contain no pad bytes. */ request = &CheckpointerShmem->requests[n]; slotmap = hash_search(htab, request, HASH_ENTER, &found); if (found) { /* Duplicate, so mark the previous occurrence as skippable */ skip_slot[slotmap->slot] = true; num_skipped++; } /* Remember slot containing latest occurrence of this request value */ slotmap->slot = n; } /* Done with the hash table. */ hash_destroy(htab); /* If no duplicates, we're out of luck. */ if (!num_skipped) { pfree(skip_slot); return false; } /* We found some duplicates; remove them. */ preserve_count = 0; for (n = 0; n < CheckpointerShmem->num_requests; n++) { if (skip_slot[n]) continue; CheckpointerShmem->requests[preserve_count++] = CheckpointerShmem->requests[n]; } ereport(DEBUG1, (errmsg("compacted fsync request queue from %d entries to %d entries", CheckpointerShmem->num_requests, preserve_count))); CheckpointerShmem->num_requests = preserve_count; /* Cleanup. */ pfree(skip_slot); return true; } /* * AbsorbFsyncRequests * Retrieve queued fsync requests and pass them to local smgr. * * This is exported because it must be called during CreateCheckPoint; * we have to be sure we have accepted all pending requests just before * we start fsync'ing. Since CreateCheckPoint sometimes runs in * non-checkpointer processes, do nothing if not checkpointer. */ void AbsorbFsyncRequests(void) { CheckpointerRequest *requests = NULL; CheckpointerRequest *request; int n; if (!AmCheckpointerProcess()) return; /* * We have to PANIC if we fail to absorb all the pending requests (eg, * because our hashtable runs out of memory). This is because the system * cannot run safely if we are unable to fsync what we have been told to * fsync. Fortunately, the hashtable is so small that the problem is * quite unlikely to arise in practice. */ START_CRIT_SECTION(); /* * We try to avoid holding the lock for a long time by copying the request * array. */ LWLockAcquire(CheckpointerCommLock, LW_EXCLUSIVE); /* Transfer stats counts into pending pgstats message */ BgWriterStats.m_buf_written_backend += CheckpointerShmem->num_backend_writes; BgWriterStats.m_buf_fsync_backend += CheckpointerShmem->num_backend_fsync; CheckpointerShmem->num_backend_writes = 0; CheckpointerShmem->num_backend_fsync = 0; n = CheckpointerShmem->num_requests; if (n > 0) { requests = (CheckpointerRequest *) palloc(n * sizeof(CheckpointerRequest)); memcpy(requests, CheckpointerShmem->requests, n * sizeof(CheckpointerRequest)); } CheckpointerShmem->num_requests = 0; LWLockRelease(CheckpointerCommLock); for (request = requests; n > 0; request++, n--) RememberFsyncRequest(request->rnode, request->forknum, request->segno); if (requests) pfree(requests); END_CRIT_SECTION(); } /* * Update any shared memory configurations based on config parameters */ static void UpdateSharedMemoryConfig(void) { /* update global shmem state for sync rep */ SyncRepUpdateSyncStandbysDefined(); /* * If full_page_writes has been changed by SIGHUP, we update it in shared * memory and write an XLOG_FPW_CHANGE record. */ UpdateFullPageWrites(); elog(DEBUG2, "checkpointer updated shared memory configuration values"); } /* * FirstCallSinceLastCheckpoint allows a process to take an action once * per checkpoint cycle by asynchronously checking for checkpoint completion. */ bool FirstCallSinceLastCheckpoint(void) { /* use volatile pointer to prevent code rearrangement */ volatile CheckpointerShmemStruct *cps = CheckpointerShmem; static int ckpt_done = 0; int new_done; bool FirstCall = false; SpinLockAcquire(&cps->ckpt_lck); new_done = cps->ckpt_done; SpinLockRelease(&cps->ckpt_lck); if (new_done != ckpt_done) FirstCall = true; ckpt_done = new_done; return FirstCall; }