1/*-------------------------------------------------------------------------
4 * Routines for interprocess signaling
7 * Portions Copyright (c) 1996-2025, PostgreSQL Global Development Group
8 * Portions Copyright (c) 1994, Regents of the University of California
11 * src/backend/storage/ipc/procsignal.c
13 *-------------------------------------------------------------------------
37 * The SIGUSR1 signal is multiplexed to support signaling multiple event
38 * types. The specific reason is communicated via flags in shared memory.
39 * We keep a boolean flag for each possible "reason", so that different
40 * reasons can be signaled to a process concurrently. (However, if the same
41 * reason is signaled more than once nearly simultaneously, the process may
42 * observe it only once.)
44 * Each process that wants to receive signals registers its process ID
45 * in the ProcSignalSlots array. The array is indexed by ProcNumber to make
46 * slot allocation simple, and to avoid having to search the array when you
47 * know the ProcNumber of the process you're signaling. (We do support
48 * signaling without ProcNumber, but it's a bit less efficient.)
50 * The fields in each slot are protected by a spinlock, pss_mutex. pss_pid can
51 * also be read without holding the spinlock, as a quick preliminary check
52 * when searching for a particular PID in the array.
54 * pss_signalFlags are intended to be set in cases where we don't need to
55 * keep track of whether or not the target process has handled the signal,
56 * but sometimes we need confirmation, as when making a global state change
57 * that cannot be considered complete until all backends have taken notice
58 * of it. For such use cases, we set a bit in pss_barrierCheckMask and then
59 * increment the current "barrier generation"; when the new barrier generation
60 * (or greater) appears in the pss_barrierGeneration flag of every process,
61 * we know that the message has been received everywhere.
71 /* Barrier-related fields (not protected by pss_mutex) */
78 * Information that is global to the entire ProcSignal system can be stored
81 * psh_barrierGeneration is the highest barrier generation in existence.
90 * We reserve a slot for each possible ProcNumber, plus one for each
91 * possible auxiliary process type. (This scheme assumes there is not
92 * more than one of any auxiliary process type at a time, except for
95 #define NumProcSignalSlots (MaxBackends + NUM_AUXILIARY_PROCS)
97/* Check whether the relevant type bit is set in the flags. */
98 #define BARRIER_SHOULD_CHECK(flags, type) \
99 (((flags) & (((uint32) 1) << (uint32) (type))) != 0)
101/* Clear the relevant type bit from the flags. */
102 #define BARRIER_CLEAR_BIT(flags, type) \
103 ((flags) &= ~(((uint32) 1) << (uint32) (type)))
113 * ProcSignalShmemSize
114 * Compute space needed for ProcSignal's shared memory
127 * ProcSignalShmemInit
128 * Allocate and initialize ProcSignal's shared memory
139 /* If we're first, initialize. */
163 * Register the current process in the ProcSignal array
169 uint64 barrier_generation;
181 /* Value used for sanity check below */
184 /* Clear out any leftover signal reasons */
188 * Initialize barrier state. Since we're a brand-new process, there
189 * shouldn't be any leftover backend-private state that needs to be
190 * updated. Therefore, we can broadcast the latest barrier generation and
191 * disregard any previously-set check bits.
193 * NB: This only works if this initialization happens early enough in the
194 * startup sequence that we haven't yet cached any state that might need
195 * to be invalidated. That's also why we have a memory barrier here, to be
196 * sure that any later reads of memory happen strictly after this.
203 if (cancel_key_len > 0)
210 /* Spinlock is released, do the check */
211 if (old_pss_pid != 0)
212 elog(
LOG,
"process %d taking over ProcSignal slot %d, but it's not empty",
215 /* Remember slot location for CheckProcSignal */
218 /* Set up to release the slot on process exit */
223 * CleanupProcSignalState
224 * Remove current process from ProcSignal mechanism
226 * This function is called via on_shmem_exit() during backend shutdown.
235 * Clear MyProcSignalSlot, so that a SIGUSR1 received after this point
236 * won't try to access it after it's no longer ours (and perhaps even
237 * after we've unmapped the shared memory segment).
248 * don't ERROR here. We're exiting anyway, and don't want to get into
249 * infinite loop trying to exit
252 elog(
LOG,
"process %d releasing ProcSignal slot %d, but it contains %d",
254 return;
/* XXX better to zero the slot anyway? */
257 /* Mark the slot as unused */
262 * Make this slot look like it's absorbed all possible barriers, so that
263 * no barrier waits block on it.
274 * Send a signal to a Postgres process
276 * Providing procNumber is optional, but it will speed up the operation.
278 * On success (a signal was sent), zero is returned.
279 * On error, -1 is returned, and errno is set (typically to ESRCH or EPERM).
281 * Not to be confused with ProcSendSignal
296 /* Atomically set the proper flag */
307 * procNumber not provided, so search the array using pid. We search
308 * the array back to front so as to reduce search overhead. Passing
309 * INVALID_PROC_NUMBER means that the target is most likely an
310 * auxiliary process, which will have a slot near the end of the
324 /* Atomically set the proper flag */
340 * EmitProcSignalBarrier
341 * Send a signal to every Postgres process
343 * The return value of this function is the barrier "generation" created
344 * by this operation. This value can be passed to WaitForProcSignalBarrier
345 * to wait until it is known that every participant in the ProcSignal
346 * mechanism has absorbed the signal (or started afterwards).
348 * Note that it would be a bad idea to use this for anything that happens
349 * frequently, as interrupting every backend could cause a noticeable
352 * Callers are entitled to assume that this function will not throw ERROR
364 * Note that pg_atomic_fetch_or_u32 has full barrier semantics, so this is
365 * totally ordered with respect to anything the caller did before, and
366 * anything that we do afterwards. (This is also true of the later call to
367 * pg_atomic_add_fetch_u64.)
377 * Increment the generation counter.
383 * Signal all the processes, so that they update their advertised barrier
386 * Concurrency is not a problem here. Backends that have exited don't
387 * matter, and new backends that have joined since we entered this
388 * function must already have current state, since the caller is
389 * responsible for making sure that the relevant state is entirely visible
390 * before calling this function in the first place. We still have to wake
391 * them up - because we can't distinguish between such backends and older
392 * backends that need to update state - but they won't actually need to
406 /* see SendProcSignal for details */
420 * WaitForProcSignalBarrier - wait until it is guaranteed that all changes
421 * requested by a specific call to EmitProcSignalBarrier() have taken effect.
429 "waiting for all backends to process ProcSignalBarrier generation "
439 * It's important that we check only pss_barrierGeneration here and
440 * not pss_barrierCheckMask. Bits in pss_barrierCheckMask get cleared
441 * before the barrier is actually absorbed, but pss_barrierGeneration
442 * is updated only afterward.
445 while (oldval < generation)
449 WAIT_EVENT_PROC_SIGNAL_BARRIER))
451 (
errmsg(
"still waiting for backend with PID %d to accept ProcSignalBarrier",
459 "finished waiting for all backends to process ProcSignalBarrier generation "
464 * The caller is probably calling this function because it wants to read
465 * the shared state or perform further writes to shared state once all
466 * backends are known to have absorbed the barrier. However, the read of
467 * pss_barrierGeneration was performed unlocked; insert a memory barrier
468 * to separate it from whatever follows.
474 * Handle receipt of an interrupt indicating a global barrier event.
476 * All the actual work is deferred to ProcessProcSignalBarrier(), because we
477 * cannot safely access the barrier generation inside the signal handler as
478 * 64bit atomics might use spinlock based emulation, even for reads. As this
479 * routine only gets called when PROCSIG_BARRIER is sent that won't cause a
480 * lot of unnecessary work.
487 /* latch will be set by procsignal_sigusr1_handler */
491 * Perform global barrier related interrupt checking.
493 * Any backend that participates in ProcSignal signaling must arrange to
494 * call this function periodically. It is called from CHECK_FOR_INTERRUPTS(),
495 * which is enough for normal backends, but not necessarily for all types of
496 * background processes.
507 /* Exit quickly if there's no work to do. */
513 * It's not unlikely to process multiple barriers at once, before the
514 * signals for all the barriers have arrived. To avoid unnecessary work in
515 * response to subsequent signals, exit early if we already have processed
521 Assert(local_gen <= shared_gen);
523 if (local_gen == shared_gen)
527 * Get and clear the flags that are set for this backend. Note that
528 * pg_atomic_exchange_u32 is a full barrier, so we're guaranteed that the
529 * read of the barrier generation above happens before we atomically
530 * extract the flags, and that any subsequent state changes happen
533 * NB: In order to avoid race conditions, we must zero
534 * pss_barrierCheckMask first and only afterwards try to do barrier
535 * processing. If we did it in the other order, someone could send us
536 * another barrier of some type right after we called the
537 * barrier-processing function but before we cleared the bit. We would
538 * have no way of knowing that the bit needs to stay set in that case, so
539 * the need to call the barrier-processing function again would just get
540 * forgotten. So instead, we tentatively clear all the bits and then put
541 * back any for which we don't manage to successfully absorb the barrier.
546 * If there are no flags set, then we can skip doing any real work.
547 * Otherwise, establish a PG_TRY block, so that we don't lose track of
548 * which types of barrier processing are needed if an ERROR occurs.
557 * Process each type of barrier. The barrier-processing functions
558 * should normally return true, but may return false if the
559 * barrier can't be absorbed at the current time. This should be
560 * rare, because it's pretty expensive. Every single
561 * CHECK_FOR_INTERRUPTS() will return here until we manage to
562 * absorb the barrier, and that cost will add up in a hurry.
564 * NB: It ought to be OK to call the barrier-processing functions
565 * unconditionally, but it's more efficient to call only the ones
566 * that might need us to do something based on the flags.
571 bool processed =
true;
582 * To avoid an infinite loop, we must always unset the bit in
588 * If we failed to process the barrier, reset the shared bit
589 * so we try again later, and set a flag so that we don't bump
602 * If an ERROR occurred, we'll need to try again later to handle
603 * that barrier type and any others that haven't been handled yet
604 * or weren't successfully absorbed.
612 * If some barrier types were not successfully absorbed, we will have
613 * to try again later.
620 * State changes related to all types of barriers that might have been
621 * emitted have now been handled, so we can update our notion of the
622 * generation to the one we observed before beginning the updates. If
623 * things have changed further, it'll get fixed up when this function is
631 * If it turns out that we couldn't absorb one or more barrier types, either
632 * because the barrier-processing functions returned false or due to an error,
633 * arrange for processing to be retried later.
644 * CheckProcSignal - check to see if a particular reason has been
645 * signaled, and clear the signal flag. Should be called after receiving
656 * Careful here --- don't clear flag if we haven't seen it set.
657 * pss_signalFlags is of type "volatile sig_atomic_t" to allow us to
658 * read it here safely, without holding the spinlock.
671 * procsignal_sigusr1_handler - handle SIGUSR1 signal.
722 * Send a query cancellation signal to backend.
724 * Note: This is called from a backend process before authentication. We
725 * cannot take LWLocks yet, but that's OK; we rely on atomic reads of the
726 * fields in the ProcSignal slots.
738 * See if we have a matching backend. Reading the pss_pid and
739 * pss_cancel_key fields is racy, a backend might die and remove itself
740 * from the array at any time. The probability of the cancellation key
741 * matching wrong process is miniscule, however, so we can live with that.
742 * PIDs are reused too, so sending the signal based on PID is inherently
743 * racy anyway, although OS's avoid reusing PIDs too soon.
753 /* Acquire the spinlock and re-check */
769 /* Found a match; signal that backend to cancel current op */
771 (
errmsg_internal(
"processing cancel request: sending SIGINT to process %d",
775 * If we have setsid(), signal the backend's whole process
779 kill(-backendPID, SIGINT);
781 kill(backendPID, SIGINT);
786 /* Right PID, wrong key: no way, Jose */
788 (
errmsg(
"wrong key in cancel request for process %d",
795 /* No matching backend */
797 (
errmsg(
"PID %d in cancel request did not match any process",
void HandleParallelApplyMessageInterrupt(void)
void HandleNotifyInterrupt(void)
static void pg_atomic_write_u64(volatile pg_atomic_uint64 *ptr, uint64 val)
static uint32 pg_atomic_fetch_or_u32(volatile pg_atomic_uint32 *ptr, uint32 or_)
#define pg_memory_barrier()
static void pg_atomic_init_u32(volatile pg_atomic_uint32 *ptr, uint32 val)
static void pg_atomic_write_u32(volatile pg_atomic_uint32 *ptr, uint32 val)
static uint32 pg_atomic_read_u32(volatile pg_atomic_uint32 *ptr)
static uint64 pg_atomic_add_fetch_u64(volatile pg_atomic_uint64 *ptr, int64 add_)
static uint32 pg_atomic_exchange_u32(volatile pg_atomic_uint32 *ptr, uint32 newval)
static void pg_atomic_init_u64(volatile pg_atomic_uint64 *ptr, uint64 val)
static uint64 pg_atomic_read_u64(volatile pg_atomic_uint64 *ptr)
void HandleParallelMessageInterrupt(void)
#define FLEXIBLE_ARRAY_MEMBER
#define MemSet(start, val, len)
bool ConditionVariableCancelSleep(void)
bool ConditionVariableTimedSleep(ConditionVariable *cv, long timeout, uint32 wait_event_info)
void ConditionVariableBroadcast(ConditionVariable *cv)
void ConditionVariableInit(ConditionVariable *cv)
int errmsg_internal(const char *fmt,...)
int errmsg(const char *fmt,...)
#define ereport(elevel,...)
volatile sig_atomic_t ProcSignalBarrierPending
volatile sig_atomic_t InterruptPending
Assert(PointerIsAligned(start, uint64))
void on_shmem_exit(pg_on_exit_callback function, Datum arg)
void SetLatch(Latch *latch)
void HandleLogMemoryContextInterrupt(void)
static int pg_rightmost_one_pos32(uint32 word)
int timingsafe_bcmp(const void *b1, const void *b2, size_t len)
void HandleRecoveryConflictInterrupt(ProcSignalReason reason)
#define INVALID_PROC_NUMBER
static void CleanupProcSignalState(int status, Datum arg)
int SendProcSignal(pid_t pid, ProcSignalReason reason, ProcNumber procNumber)
void ProcSignalInit(const uint8 *cancel_key, int cancel_key_len)
void ProcSignalShmemInit(void)
#define NumProcSignalSlots
static bool CheckProcSignal(ProcSignalReason reason)
void ProcessProcSignalBarrier(void)
void WaitForProcSignalBarrier(uint64 generation)
NON_EXEC_STATIC ProcSignalHeader * ProcSignal
static void ResetProcSignalBarrierBits(uint32 flags)
void SendCancelRequest(int backendPID, const uint8 *cancel_key, int cancel_key_len)
uint64 EmitProcSignalBarrier(ProcSignalBarrierType type)
Size ProcSignalShmemSize(void)
static void HandleProcSignalBarrierInterrupt(void)
static ProcSignalSlot * MyProcSignalSlot
#define BARRIER_CLEAR_BIT(flags, type)
void procsignal_sigusr1_handler(SIGNAL_ARGS)
@ PROCSIG_PARALLEL_MESSAGE
@ PROCSIG_RECOVERY_CONFLICT_BUFFERPIN
@ PROCSIG_CATCHUP_INTERRUPT
@ PROCSIG_RECOVERY_CONFLICT_LOCK
@ PROCSIG_LOG_MEMORY_CONTEXT
@ PROCSIG_RECOVERY_CONFLICT_LOGICALSLOT
@ PROCSIG_RECOVERY_CONFLICT_DATABASE
@ PROCSIG_WALSND_INIT_STOPPING
@ PROCSIG_PARALLEL_APPLY_MESSAGE
@ PROCSIG_RECOVERY_CONFLICT_SNAPSHOT
@ PROCSIG_NOTIFY_INTERRUPT
@ PROCSIG_RECOVERY_CONFLICT_TABLESPACE
@ PROCSIG_RECOVERY_CONFLICT_STARTUP_DEADLOCK
@ PROCSIGNAL_BARRIER_SMGRRELEASE
#define MAX_CANCEL_KEY_LENGTH
Size add_size(Size s1, Size s2)
Size mul_size(Size s1, Size s2)
void * ShmemInitStruct(const char *name, Size size, bool *foundPtr)
void HandleCatchupInterrupt(void)
bool ProcessBarrierSmgrRelease(void)
#define SpinLockInit(lock)
#define SpinLockRelease(lock)
#define SpinLockAcquire(lock)
uint8 pss_cancel_key[MAX_CANCEL_KEY_LENGTH]
ConditionVariable pss_barrierCV
pg_atomic_uint64 pss_barrierGeneration
volatile sig_atomic_t pss_signalFlags[NUM_PROCSIGNALS]
pg_atomic_uint32 pss_barrierCheckMask
void HandleWalSndInitStopping(void)