#include "postgres.h"
#include <unistd.h>
#include <signal.h>
#include <time.h>
#include <sys/wait.h>
#include <ctype.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <fcntl.h>
#include <sys/param.h>
#include <netdb.h>
#include <limits.h>
#include "access/transam.h"
#include "access/xlog.h"
#include "access/xlogrecovery.h"
#include "catalog/pg_control.h"
#include "common/file_perm.h"
#include "common/ip.h"
#include "common/pg_prng.h"
#include "common/string.h"
#include "lib/ilist.h"
#include "libpq/auth.h"
#include "libpq/libpq.h"
#include "libpq/pqformat.h"
#include "libpq/pqsignal.h"
#include "pg_getopt.h"
#include "pgstat.h"
#include "port/pg_bswap.h"
#include "postmaster/autovacuum.h"
#include "postmaster/auxprocess.h"
#include "postmaster/bgworker_internals.h"
#include "postmaster/fork_process.h"
#include "postmaster/interrupt.h"
#include "postmaster/pgarch.h"
#include "postmaster/postmaster.h"
#include "postmaster/syslogger.h"
#include "replication/logicallauncher.h"
#include "replication/walsender.h"
#include "storage/fd.h"
#include "storage/ipc.h"
#include "storage/pg_shmem.h"
#include "storage/pmsignal.h"
#include "storage/proc.h"
#include "tcop/tcopprot.h"
#include "utils/builtins.h"
#include "utils/datetime.h"
#include "utils/memutils.h"
#include "utils/pidfile.h"
#include "utils/ps_status.h"
#include "utils/queryjumble.h"
#include "utils/timeout.h"
#include "utils/timestamp.h"
#include "utils/varlena.h"

Include dependency graph for postmaster.c:

Data Structures
struct	bkend

Macros
#define	BACKEND_TYPE_NORMAL 0x0001 /* normal backend */

#define	BACKEND_TYPE_AUTOVAC 0x0002 /* autovacuum worker process */

#define	BACKEND_TYPE_WALSND 0x0004 /* walsender process */

#define	BACKEND_TYPE_BGWORKER 0x0008 /* bgworker process */

#define	BACKEND_TYPE_ALL 0x000F /* OR of all the above */

#define	MAXLISTEN 64

#define	NoShutdown 0

#define	SmartShutdown 1

#define	FastShutdown 2

#define	ImmediateShutdown 3

#define	SIGKILL_CHILDREN_AFTER_SECS 5

#define	SignalChildren(sig) SignalSomeChildren(sig, BACKEND_TYPE_ALL)

#define	PgArchStartupAllowed()

#define	StartupDataBase() StartChildProcess(StartupProcess)

#define	StartArchiver() StartChildProcess(ArchiverProcess)

#define	StartBackgroundWriter() StartChildProcess(BgWriterProcess)

#define	StartCheckpointer() StartChildProcess(CheckpointerProcess)

#define	StartWalWriter() StartChildProcess(WalWriterProcess)

#define	StartWalReceiver() StartChildProcess(WalReceiverProcess)

#define	EXIT_STATUS_0(st) ((st) == 0)

#define	EXIT_STATUS_1(st) (WIFEXITED(st) && WEXITSTATUS(st) == 1)

#define	EXIT_STATUS_3(st) (WIFEXITED(st) && WEXITSTATUS(st) == 3)

#define	OPTS_FILE "postmaster.opts"

#define	MAX_BGWORKERS_TO_LAUNCH 100

Typedefs
typedef struct bkend	Backend

Enumerations
enum	StartupStatusEnum { STARTUP_NOT_RUNNING , STARTUP_RUNNING , STARTUP_SIGNALED , STARTUP_CRASHED }

enum	PMState { PM_INIT , PM_STARTUP , PM_RECOVERY , PM_HOT_STANDBY , PM_RUN , PM_STOP_BACKENDS , PM_WAIT_BACKENDS , PM_SHUTDOWN , PM_SHUTDOWN_2 , PM_WAIT_DEAD_END , PM_NO_CHILDREN }

Functions
static void	CloseServerPorts (int status, Datum arg)

static void	unlink_external_pid_file (int status, Datum arg)

static void	getInstallationPaths (const char *argv0)

static void	checkControlFile (void)

static Port *	ConnCreate (int serverFd)

static void	ConnFree (Port *port)

static void	reset_shared (void)

static void	SIGHUP_handler (SIGNAL_ARGS)

static void	pmdie (SIGNAL_ARGS)

static void	reaper (SIGNAL_ARGS)

static void	sigusr1_handler (SIGNAL_ARGS)

static void	process_startup_packet_die (SIGNAL_ARGS)

static void	dummy_handler (SIGNAL_ARGS)

static void	StartupPacketTimeoutHandler (void)

static void	CleanupBackend (int pid, int exitstatus)

static bool	CleanupBackgroundWorker (int pid, int exitstatus)

static void	HandleChildCrash (int pid, int exitstatus, const char *procname)

static void	LogChildExit (int lev, const char *procname, int pid, int exitstatus)

static void	PostmasterStateMachine (void)

static void	BackendInitialize (Port *port)

static void	BackendRun (Port *port) pg_attribute_noreturn()

static void	ExitPostmaster (int status) pg_attribute_noreturn()

static int	ServerLoop (void)

static int	BackendStartup (Port *port)

static int	ProcessStartupPacket (Port *port, bool ssl_done, bool gss_done)

static void	SendNegotiateProtocolVersion (List *unrecognized_protocol_options)

static void	processCancelRequest (Port port, void pkt)

static int	initMasks (fd_set *rmask)

static void	report_fork_failure_to_client (Port *port, int errnum)

static CAC_state	canAcceptConnections (int backend_type)

static bool	RandomCancelKey (int32 *cancel_key)

static void	signal_child (pid_t pid, int signal)

static bool	SignalSomeChildren (int signal, int targets)

static void	TerminateChildren (int signal)

static int	CountChildren (int target)

static bool	assign_backendlist_entry (RegisteredBgWorker *rw)

static void	maybe_start_bgworkers (void)

static bool	CreateOptsFile (int argc, char argv[], char fullprogname)

static pid_t	StartChildProcess (AuxProcType type)

static void	StartAutovacuumWorker (void)

static void	MaybeStartWalReceiver (void)

static void	InitPostmasterDeathWatchHandle (void)

void	PostmasterMain (int argc, char *argv[])

static void	DetermineSleepTime (struct timeval *timeout)

void	ClosePostmasterPorts (bool am_syslogger)

void	InitProcessGlobals (void)

int	MaxLivePostmasterChildren (void)

void	BackgroundWorkerInitializeConnection (const char dbname, const char username, uint32 flags)

void	BackgroundWorkerInitializeConnectionByOid (Oid dboid, Oid useroid, uint32 flags)

void	BackgroundWorkerBlockSignals (void)

void	BackgroundWorkerUnblockSignals (void)

static bool	do_start_bgworker (RegisteredBgWorker *rw)

static bool	bgworker_should_start_now (BgWorkerStartTime start_time)

bool	PostmasterMarkPIDForWorkerNotify (int pid)

Variables
static dlist_head	BackendList = DLIST_STATIC_INIT(BackendList)

BackgroundWorker *	MyBgworkerEntry = NULL

int	PostPortNumber

char *	Unix_socket_directories

char *	ListenAddresses

int	ReservedBackends

static pgsocket	ListenSocket [MAXLISTEN]

static bool	Reinit = true

static int	SendStop = false

bool	EnableSSL = false

int	PreAuthDelay = 0

int	AuthenticationTimeout = 60

bool	log_hostname

bool	Log_connections = false

bool	Db_user_namespace = false

bool	enable_bonjour = false

char *	bonjour_name

bool	restart_after_crash = true

bool	remove_temp_files_after_crash = true

static pid_t	StartupPID = 0

static pid_t	BgWriterPID = 0

static pid_t	CheckpointerPID = 0

static pid_t	WalWriterPID = 0

static pid_t	WalReceiverPID = 0

static pid_t	AutoVacPID = 0

static pid_t	PgArchPID = 0

static pid_t	SysLoggerPID = 0

static StartupStatusEnum	StartupStatus = STARTUP_NOT_RUNNING

static int	Shutdown = NoShutdown

static bool	FatalError = false

static PMState	pmState = PM_INIT

static bool	connsAllowed = true

static time_t	AbortStartTime = 0

static bool	ReachedNormalRunning = false

bool	ClientAuthInProgress = false

bool	redirection_done = false

static volatile sig_atomic_t	start_autovac_launcher = false

static volatile bool	avlauncher_needs_signal = false

static volatile sig_atomic_t	WalReceiverRequested = false

static volatile bool	StartWorkerNeeded = true

static volatile bool	HaveCrashedWorker = false

int	postmaster_alive_fds [2] = {-1, -1}

Macro Definition Documentation

◆ BACKEND_TYPE_ALL

#define BACKEND_TYPE_ALL 0x000F /* OR of all the above */

Definition at line 152 of file postmaster.c.

◆ BACKEND_TYPE_AUTOVAC

#define BACKEND_TYPE_AUTOVAC 0x0002 /* autovacuum worker process */

Definition at line 149 of file postmaster.c.

◆ BACKEND_TYPE_BGWORKER

#define BACKEND_TYPE_BGWORKER 0x0008 /* bgworker process */

Definition at line 151 of file postmaster.c.

◆ BACKEND_TYPE_NORMAL

#define BACKEND_TYPE_NORMAL 0x0001 /* normal backend */

Definition at line 148 of file postmaster.c.

◆ BACKEND_TYPE_WALSND

#define BACKEND_TYPE_WALSND 0x0004 /* walsender process */

Definition at line 150 of file postmaster.c.

◆ EXIT_STATUS_0

#define EXIT_STATUS_0 ( st ) ((st) == 0)

Definition at line 555 of file postmaster.c.

◆ EXIT_STATUS_1

#define EXIT_STATUS_1 ( st ) (WIFEXITED(st) && WEXITSTATUS(st) == 1)

Definition at line 556 of file postmaster.c.

◆ EXIT_STATUS_3

#define EXIT_STATUS_3 ( st ) (WIFEXITED(st) && WEXITSTATUS(st) == 3)

Definition at line 557 of file postmaster.c.

◆ FastShutdown

#define FastShutdown 2

Definition at line 274 of file postmaster.c.

◆ ImmediateShutdown

#define ImmediateShutdown 3

Definition at line 275 of file postmaster.c.

◆ MAX_BGWORKERS_TO_LAUNCH

#define MAX_BGWORKERS_TO_LAUNCH 100

◆ MAXLISTEN

#define MAXLISTEN 64

Definition at line 222 of file postmaster.c.

◆ NoShutdown

#define NoShutdown 0

Definition at line 272 of file postmaster.c.

◆ OPTS_FILE

#define OPTS_FILE "postmaster.opts"

◆ PgArchStartupAllowed

#define PgArchStartupAllowed ( )

Value:

    (((XLogArchivingActive() && pmState == PM_RUN) ||           \
      (XLogArchivingAlways() &&                                   \
       (pmState == PM_RECOVERY || pmState == PM_HOT_STANDBY))) && \
     PgArchCanRestart())

Definition at line 441 of file postmaster.c.

◆ SIGKILL_CHILDREN_AFTER_SECS

#define SIGKILL_CHILDREN_AFTER_SECS 5

Definition at line 354 of file postmaster.c.

◆ SignalChildren

#define SignalChildren ( sig ) SignalSomeChildren(sig, BACKEND_TYPE_ALL)

Definition at line 424 of file postmaster.c.

◆ SmartShutdown

#define SmartShutdown 1

Definition at line 273 of file postmaster.c.

◆ StartArchiver

#define StartArchiver ( ) StartChildProcess(ArchiverProcess)

Definition at line 548 of file postmaster.c.

◆ StartBackgroundWriter

#define StartBackgroundWriter ( ) StartChildProcess(BgWriterProcess)

Definition at line 549 of file postmaster.c.

◆ StartCheckpointer

#define StartCheckpointer ( ) StartChildProcess(CheckpointerProcess)

Definition at line 550 of file postmaster.c.

◆ StartupDataBase

#define StartupDataBase ( ) StartChildProcess(StartupProcess)

Definition at line 547 of file postmaster.c.

◆ StartWalReceiver

#define StartWalReceiver ( ) StartChildProcess(WalReceiverProcess)

Definition at line 552 of file postmaster.c.

◆ StartWalWriter

#define StartWalWriter ( ) StartChildProcess(WalWriterProcess)

Definition at line 551 of file postmaster.c.

Typedef Documentation

◆ Backend

typedef struct bkend Backend

Enumeration Type Documentation

◆ PMState

enum PMState

Enumerator
PM_INIT
PM_STARTUP
PM_RECOVERY
PM_HOT_STANDBY
PM_RUN
PM_STOP_BACKENDS
PM_WAIT_BACKENDS
PM_SHUTDOWN
PM_SHUTDOWN_2
PM_WAIT_DEAD_END
PM_NO_CHILDREN

Definition at line 322 of file postmaster.c.

 {
     PM_INIT,                    /* postmaster starting */
     PM_STARTUP,                 /* waiting for startup subprocess */
     PM_RECOVERY,                /* in archive recovery mode */
     PM_HOT_STANDBY,             /* in hot standby mode */
     PM_RUN,                     /* normal "database is alive" state */
     PM_STOP_BACKENDS,           /* need to stop remaining backends */
     PM_WAIT_BACKENDS,           /* waiting for live backends to exit */
     PM_SHUTDOWN,                /* waiting for checkpointer to do shutdown
                                  * ckpt */
     PM_SHUTDOWN_2,              /* waiting for archiver and walsenders to
                                  * finish */
     PM_WAIT_DEAD_END,           /* waiting for dead_end children to exit */
     PM_NO_CHILDREN              /* all important children have exited */
 } PMState;

◆ StartupStatusEnum

enum StartupStatusEnum

Enumerator
STARTUP_NOT_RUNNING
STARTUP_RUNNING
STARTUP_SIGNALED
STARTUP_CRASHED

Definition at line 261 of file postmaster.c.

 {
     STARTUP_NOT_RUNNING,
     STARTUP_RUNNING,
     STARTUP_SIGNALED,           /* we sent it a SIGQUIT or SIGKILL */
     STARTUP_CRASHED
 } StartupStatusEnum;

Function Documentation

◆ assign_backendlist_entry()

static bool assign_backendlist_entry ( RegisteredBgWorker * rw )

static

Definition at line 5882 of file postmaster.c.

 {
     Backend    *bn;
  
     /*
      * Check that database state allows another connection.  Currently the
      * only possible failure is CAC_TOOMANY, so we just log an error message
      * based on that rather than checking the error code precisely.
      */
     if (canAcceptConnections(BACKEND_TYPE_BGWORKER) != CAC_OK)
     {
         ereport(LOG,
                 (errcode(ERRCODE_CONFIGURATION_LIMIT_EXCEEDED),
                  errmsg("no slot available for new worker process")));
         return false;
     }
  
     /*
      * Compute the cancel key that will be assigned to this session. We
      * probably don't need cancel keys for background workers, but we'd better
      * have something random in the field to prevent unfriendly people from
      * sending cancels to them.
      */
     if (!RandomCancelKey(&MyCancelKey))
     {
         ereport(LOG,
                 (errcode(ERRCODE_INTERNAL_ERROR),
                  errmsg("could not generate random cancel key")));
         return false;
     }
  
     bn = malloc(sizeof(Backend));
     if (bn == NULL)
     {
         ereport(LOG,
                 (errcode(ERRCODE_OUT_OF_MEMORY),
                  errmsg("out of memory")));
         return false;
     }
  
     bn->cancel_key = MyCancelKey;
     bn->child_slot = MyPMChildSlot = AssignPostmasterChildSlot();
     bn->bkend_type = BACKEND_TYPE_BGWORKER;
     bn->dead_end = false;
     bn->bgworker_notify = false;
  
     rw->rw_backend = bn;
     rw->rw_child_slot = bn->child_slot;
  
     return true;
 }

References AssignPostmasterChildSlot(), BACKEND_TYPE_BGWORKER, bkend::bgworker_notify, bkend::bkend_type, CAC_OK, canAcceptConnections(), bkend::cancel_key, bkend::child_slot, bkend::dead_end, ereport, errcode(), errmsg(), LOG, malloc, MyCancelKey, MyPMChildSlot, RandomCancelKey(), RegisteredBgWorker::rw_backend, and RegisteredBgWorker::rw_child_slot.

Referenced by do_start_bgworker().

◆ BackendInitialize()

static void BackendInitialize ( Port * port )

static

Definition at line 4315 of file postmaster.c.

 {
     int         status;
     int         ret;
     char        remote_host[NI_MAXHOST];
     char        remote_port[NI_MAXSERV];
     StringInfoData ps_data;
  
     /* Save port etc. for ps status */
     MyProcPort = port;
  
     /* Tell fd.c about the long-lived FD associated with the port */
     ReserveExternalFD();
  
     /*
      * PreAuthDelay is a debugging aid for investigating problems in the
      * authentication cycle: it can be set in postgresql.conf to allow time to
      * attach to the newly-forked backend with a debugger.  (See also
      * PostAuthDelay, which we allow clients to pass through PGOPTIONS, but it
      * is not honored until after authentication.)
      */
     if (PreAuthDelay > 0)
         pg_usleep(PreAuthDelay * 1000000L);
  
     /* This flag will remain set until InitPostgres finishes authentication */
     ClientAuthInProgress = true;    /* limit visibility of log messages */
  
     /* set these to empty in case they are needed before we set them up */
     port->remote_host = "";
     port->remote_port = "";
  
     /*
      * Initialize libpq and enable reporting of ereport errors to the client.
      * Must do this now because authentication uses libpq to send messages.
      */
     pq_init();                  /* initialize libpq to talk to client */
     whereToSendOutput = DestRemote; /* now safe to ereport to client */
  
     /*
      * We arrange to do _exit(1) if we receive SIGTERM or timeout while trying
      * to collect the startup packet; while SIGQUIT results in _exit(2).
      * Otherwise the postmaster cannot shutdown the database FAST or IMMED
      * cleanly if a buggy client fails to send the packet promptly.
      *
      * Exiting with _exit(1) is only possible because we have not yet touched
      * shared memory; therefore no outside-the-process state needs to get
      * cleaned up.
      */
     pqsignal(SIGTERM, process_startup_packet_die);
     /* SIGQUIT handler was already set up by InitPostmasterChild */
     InitializeTimeouts();       /* establishes SIGALRM handler */
     PG_SETMASK(&StartupBlockSig);
  
     /*
      * Get the remote host name and port for logging and status display.
      */
     remote_host[0] = '\0';
     remote_port[0] = '\0';
     if ((ret = pg_getnameinfo_all(&port->raddr.addr, port->raddr.salen,
                                   remote_host, sizeof(remote_host),
                                   remote_port, sizeof(remote_port),
                                   (log_hostname ? 0 : NI_NUMERICHOST) | NI_NUMERICSERV)) != 0)
         ereport(WARNING,
                 (errmsg_internal("pg_getnameinfo_all() failed: %s",
                                  gai_strerror(ret))));
  
     /*
      * Save remote_host and remote_port in port structure (after this, they
      * will appear in log_line_prefix data for log messages).
      */
     port->remote_host = strdup(remote_host);
     port->remote_port = strdup(remote_port);
  
     /* And now we can issue the Log_connections message, if wanted */
     if (Log_connections)
     {
         if (remote_port[0])
             ereport(LOG,
                     (errmsg("connection received: host=%s port=%s",
                             remote_host,
                             remote_port)));
         else
             ereport(LOG,
                     (errmsg("connection received: host=%s",
                             remote_host)));
     }
  
     /*
      * If we did a reverse lookup to name, we might as well save the results
      * rather than possibly repeating the lookup during authentication.
      *
      * Note that we don't want to specify NI_NAMEREQD above, because then we'd
      * get nothing useful for a client without an rDNS entry.  Therefore, we
      * must check whether we got a numeric IPv4 or IPv6 address, and not save
      * it into remote_hostname if so.  (This test is conservative and might
      * sometimes classify a hostname as numeric, but an error in that
      * direction is safe; it only results in a possible extra lookup.)
      */
     if (log_hostname &&
         ret == 0 &&
         strspn(remote_host, "0123456789.") < strlen(remote_host) &&
         strspn(remote_host, "0123456789ABCDEFabcdef:") < strlen(remote_host))
         port->remote_hostname = strdup(remote_host);
  
     /*
      * Ready to begin client interaction.  We will give up and _exit(1) after
      * a time delay, so that a broken client can't hog a connection
      * indefinitely.  PreAuthDelay and any DNS interactions above don't count
      * against the time limit.
      *
      * Note: AuthenticationTimeout is applied here while waiting for the
      * startup packet, and then again in InitPostgres for the duration of any
      * authentication operations.  So a hostile client could tie up the
      * process for nearly twice AuthenticationTimeout before we kick him off.
      *
      * Note: because PostgresMain will call InitializeTimeouts again, the
      * registration of STARTUP_PACKET_TIMEOUT will be lost.  This is okay
      * since we never use it again after this function.
      */
     RegisterTimeout(STARTUP_PACKET_TIMEOUT, StartupPacketTimeoutHandler);
     enable_timeout_after(STARTUP_PACKET_TIMEOUT, AuthenticationTimeout * 1000);
  
     /*
      * Receive the startup packet (which might turn out to be a cancel request
      * packet).
      */
     status = ProcessStartupPacket(port, false, false);
  
     /*
      * Disable the timeout, and prevent SIGTERM again.
      */
     disable_timeout(STARTUP_PACKET_TIMEOUT, false);
     PG_SETMASK(&BlockSig);
  
     /*
      * As a safety check that nothing in startup has yet performed
      * shared-memory modifications that would need to be undone if we had
      * exited through SIGTERM or timeout above, check that no on_shmem_exit
      * handlers have been registered yet.  (This isn't terribly bulletproof,
      * since someone might misuse an on_proc_exit handler for shmem cleanup,
      * but it's a cheap and helpful check.  We cannot disallow on_proc_exit
      * handlers unfortunately, since pq_init() already registered one.)
      */
     check_on_shmem_exit_lists_are_empty();
  
     /*
      * Stop here if it was bad or a cancel packet.  ProcessStartupPacket
      * already did any appropriate error reporting.
      */
     if (status != STATUS_OK)
         proc_exit(0);
  
     /*
      * Now that we have the user and database name, we can set the process
      * title for ps.  It's good to do this as early as possible in startup.
      */
     initStringInfo(&ps_data);
     if (am_walsender)
         appendStringInfo(&ps_data, "%s ", GetBackendTypeDesc(B_WAL_SENDER));
     appendStringInfo(&ps_data, "%s ", port->user_name);
     if (!am_walsender)
         appendStringInfo(&ps_data, "%s ", port->database_name);
     appendStringInfo(&ps_data, "%s", port->remote_host);
     if (port->remote_port[0] != '\0')
         appendStringInfo(&ps_data, "(%s)", port->remote_port);
  
     init_ps_display(ps_data.data);
     pfree(ps_data.data);
  
     set_ps_display("initializing");
 }

References am_walsender, appendStringInfo(), AuthenticationTimeout, B_WAL_SENDER, BlockSig, check_on_shmem_exit_lists_are_empty(), ClientAuthInProgress, StringInfoData::data, DestRemote, disable_timeout(), enable_timeout_after(), ereport, errmsg(), errmsg_internal(), gai_strerror, GetBackendTypeDesc(), init_ps_display(), InitializeTimeouts(), initStringInfo(), LOG, Log_connections, log_hostname, MyProcPort, NI_MAXHOST, NI_MAXSERV, NI_NUMERICHOST, NI_NUMERICSERV, pfree(), pg_getnameinfo_all(), PG_SETMASK, pg_usleep(), port, pq_init(), pqsignal(), PreAuthDelay, proc_exit(), process_startup_packet_die(), ProcessStartupPacket(), RegisterTimeout(), ReserveExternalFD(), set_ps_display(), STARTUP_PACKET_TIMEOUT, StartupBlockSig, StartupPacketTimeoutHandler(), status(), STATUS_OK, WARNING, and whereToSendOutput.

Referenced by BackendStartup().

◆ BackendRun()

static void BackendRun ( Port * port )

static

Definition at line 4495 of file postmaster.c.

 {
     /*
      * Make sure we aren't in PostmasterContext anymore.  (We can't delete it
      * just yet, though, because InitPostgres will need the HBA data.)
      */
     MemoryContextSwitchTo(TopMemoryContext);
  
     PostgresMain(port->database_name, port->user_name);
 }

References MemoryContextSwitchTo(), port, PostgresMain(), and TopMemoryContext.

Referenced by BackendStartup().

◆ BackendStartup()

static int BackendStartup ( Port * port )

static

Definition at line 4155 of file postmaster.c.

 {
     Backend    *bn;             /* for backend cleanup */
     pid_t       pid;
  
     /*
      * Create backend data structure.  Better before the fork() so we can
      * handle failure cleanly.
      */
     bn = (Backend *) malloc(sizeof(Backend));
     if (!bn)
     {
         ereport(LOG,
                 (errcode(ERRCODE_OUT_OF_MEMORY),
                  errmsg("out of memory")));
         return STATUS_ERROR;
     }
  
     /*
      * Compute the cancel key that will be assigned to this backend. The
      * backend will have its own copy in the forked-off process' value of
      * MyCancelKey, so that it can transmit the key to the frontend.
      */
     if (!RandomCancelKey(&MyCancelKey))
     {
         free(bn);
         ereport(LOG,
                 (errcode(ERRCODE_INTERNAL_ERROR),
                  errmsg("could not generate random cancel key")));
         return STATUS_ERROR;
     }
  
     bn->cancel_key = MyCancelKey;
  
     /* Pass down canAcceptConnections state */
     port->canAcceptConnections = canAcceptConnections(BACKEND_TYPE_NORMAL);
     bn->dead_end = (port->canAcceptConnections != CAC_OK);
  
     /*
      * Unless it's a dead_end child, assign it a child slot number
      */
     if (!bn->dead_end)
         bn->child_slot = MyPMChildSlot = AssignPostmasterChildSlot();
     else
         bn->child_slot = 0;
  
     /* Hasn't asked to be notified about any bgworkers yet */
     bn->bgworker_notify = false;
  
 #ifdef EXEC_BACKEND
     pid = backend_forkexec(port);
 #else                           /* !EXEC_BACKEND */
     pid = fork_process();
     if (pid == 0)               /* child */
     {
         free(bn);
  
         /* Detangle from postmaster */
         InitPostmasterChild();
  
         /* Close the postmaster's sockets */
         ClosePostmasterPorts(false);
  
         /* Perform additional initialization and collect startup packet */
         BackendInitialize(port);
  
         /*
          * Create a per-backend PGPROC struct in shared memory. We must do
          * this before we can use LWLocks. In the !EXEC_BACKEND case (here)
          * this could be delayed a bit further, but EXEC_BACKEND needs to do
          * stuff with LWLocks before PostgresMain(), so we do it here as well
          * for symmetry.
          */
         InitProcess();
  
         /* And run the backend */
         BackendRun(port);
     }
 #endif                          /* EXEC_BACKEND */
  
     if (pid < 0)
     {
         /* in parent, fork failed */
         int         save_errno = errno;
  
         if (!bn->dead_end)
             (void) ReleasePostmasterChildSlot(bn->child_slot);
         free(bn);
         errno = save_errno;
         ereport(LOG,
                 (errmsg("could not fork new process for connection: %m")));
         report_fork_failure_to_client(port, save_errno);
         return STATUS_ERROR;
     }
  
     /* in parent, successful fork */
     ereport(DEBUG2,
             (errmsg_internal("forked new backend, pid=%d socket=%d",
                              (int) pid, (int) port->sock)));
  
     /*
      * Everything's been successful, it's safe to add this backend to our list
      * of backends.
      */
     bn->pid = pid;
     bn->bkend_type = BACKEND_TYPE_NORMAL;   /* Can change later to WALSND */
     dlist_push_head(&BackendList, &bn->elem);
  
 #ifdef EXEC_BACKEND
     if (!bn->dead_end)
         ShmemBackendArrayAdd(bn);
 #endif
  
     return STATUS_OK;
 }

References AssignPostmasterChildSlot(), BACKEND_TYPE_NORMAL, BackendInitialize(), BackendList, BackendRun(), bkend::bgworker_notify, bkend::bkend_type, CAC_OK, canAcceptConnections(), bkend::cancel_key, bkend::child_slot, ClosePostmasterPorts(), bkend::dead_end, DEBUG2, dlist_push_head(), bkend::elem, ereport, errcode(), errmsg(), errmsg_internal(), fork_process(), free, InitPostmasterChild(), InitProcess(), LOG, malloc, MyCancelKey, MyPMChildSlot, bkend::pid, port, RandomCancelKey(), ReleasePostmasterChildSlot(), report_fork_failure_to_client(), STATUS_ERROR, and STATUS_OK.

Referenced by ServerLoop().

◆ BackgroundWorkerBlockSignals()

void BackgroundWorkerBlockSignals ( void )

Definition at line 5706 of file postmaster.c.

 {
     PG_SETMASK(&BlockSig);
 }

References BlockSig, and PG_SETMASK.

◆ BackgroundWorkerInitializeConnection()

void BackgroundWorkerInitializeConnection	(	const char *	dbname,
		const char *	username,
		uint32	flags
	)

Definition at line 5660 of file postmaster.c.

 {
     BackgroundWorker *worker = MyBgworkerEntry;
  
     /* XXX is this the right errcode? */
     if (!(worker->bgw_flags & BGWORKER_BACKEND_DATABASE_CONNECTION))
         ereport(FATAL,
                 (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
                  errmsg("database connection requirement not indicated during registration")));
  
     InitPostgres(dbname, InvalidOid, username, InvalidOid, NULL, (flags & BGWORKER_BYPASS_ALLOWCONN) != 0);
  
     /* it had better not gotten out of "init" mode yet */
     if (!IsInitProcessingMode())
         ereport(ERROR,
                 (errmsg("invalid processing mode in background worker")));
     SetProcessingMode(NormalProcessing);
 }

References BackgroundWorker::bgw_flags, BGWORKER_BACKEND_DATABASE_CONNECTION, BGWORKER_BYPASS_ALLOWCONN, dbname, ereport, errcode(), errmsg(), ERROR, FATAL, InitPostgres(), InvalidOid, IsInitProcessingMode, MyBgworkerEntry, NormalProcessing, SetProcessingMode, and username.

Referenced by ApplyLauncherMain().

◆ BackgroundWorkerInitializeConnectionByOid()

void BackgroundWorkerInitializeConnectionByOid	(	Oid	dboid,
		Oid	useroid,
		uint32	flags
	)

Definition at line 5683 of file postmaster.c.

 {
     BackgroundWorker *worker = MyBgworkerEntry;
  
     /* XXX is this the right errcode? */
     if (!(worker->bgw_flags & BGWORKER_BACKEND_DATABASE_CONNECTION))
         ereport(FATAL,
                 (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
                  errmsg("database connection requirement not indicated during registration")));
  
     InitPostgres(NULL, dboid, NULL, useroid, NULL, (flags & BGWORKER_BYPASS_ALLOWCONN) != 0);
  
     /* it had better not gotten out of "init" mode yet */
     if (!IsInitProcessingMode())
         ereport(ERROR,
                 (errmsg("invalid processing mode in background worker")));
     SetProcessingMode(NormalProcessing);
 }

References BackgroundWorker::bgw_flags, BGWORKER_BACKEND_DATABASE_CONNECTION, BGWORKER_BYPASS_ALLOWCONN, ereport, errcode(), errmsg(), ERROR, FATAL, InitPostgres(), IsInitProcessingMode, MyBgworkerEntry, NormalProcessing, and SetProcessingMode.

Referenced by ApplyWorkerMain(), autoprewarm_database_main(), and ParallelWorkerMain().

◆ BackgroundWorkerUnblockSignals()

void BackgroundWorkerUnblockSignals ( void )

Definition at line 5712 of file postmaster.c.

 {
     PG_SETMASK(&UnBlockSig);
 }

References PG_SETMASK, and UnBlockSig.

Referenced by ApplyLauncherMain(), ApplyWorkerMain(), autoprewarm_database_main(), autoprewarm_main(), ParallelWorkerMain(), StartBackgroundWorker(), and test_shm_mq_main().

◆ bgworker_should_start_now()

static bool bgworker_should_start_now ( BgWorkerStartTime start_time )

static

Definition at line 5840 of file postmaster.c.

 {
     switch (pmState)
     {
         case PM_NO_CHILDREN:
         case PM_WAIT_DEAD_END:
         case PM_SHUTDOWN_2:
         case PM_SHUTDOWN:
         case PM_WAIT_BACKENDS:
         case PM_STOP_BACKENDS:
             break;
  
         case PM_RUN:
             if (start_time == BgWorkerStart_RecoveryFinished)
                 return true;
             /* fall through */
  
         case PM_HOT_STANDBY:
             if (start_time == BgWorkerStart_ConsistentState)
                 return true;
             /* fall through */
  
         case PM_RECOVERY:
         case PM_STARTUP:
         case PM_INIT:
             if (start_time == BgWorkerStart_PostmasterStart)
                 return true;
             /* fall through */
     }
  
     return false;
 }

References BgWorkerStart_ConsistentState, BgWorkerStart_PostmasterStart, BgWorkerStart_RecoveryFinished, PM_HOT_STANDBY, PM_INIT, PM_NO_CHILDREN, PM_RECOVERY, PM_RUN, PM_SHUTDOWN, PM_SHUTDOWN_2, PM_STARTUP, PM_STOP_BACKENDS, PM_WAIT_BACKENDS, PM_WAIT_DEAD_END, pmState, and start_time.

Referenced by maybe_start_bgworkers().

◆ canAcceptConnections()

static CAC_state canAcceptConnections ( int backend_type )

static

Definition at line 2519 of file postmaster.c.

 {
     CAC_state   result = CAC_OK;
  
     /*
      * Can't start backends when in startup/shutdown/inconsistent recovery
      * state.  We treat autovac workers the same as user backends for this
      * purpose.  However, bgworkers are excluded from this test; we expect
      * bgworker_should_start_now() decided whether the DB state allows them.
      */
     if (pmState != PM_RUN && pmState != PM_HOT_STANDBY &&
         backend_type != BACKEND_TYPE_BGWORKER)
     {
         if (Shutdown > NoShutdown)
             return CAC_SHUTDOWN;    /* shutdown is pending */
         else if (!FatalError && pmState == PM_STARTUP)
             return CAC_STARTUP; /* normal startup */
         else if (!FatalError && pmState == PM_RECOVERY)
             return CAC_NOTCONSISTENT;   /* not yet at consistent recovery
                                          * state */
         else
             return CAC_RECOVERY;    /* else must be crash recovery */
     }
  
     /*
      * "Smart shutdown" restrictions are applied only to normal connections,
      * not to autovac workers or bgworkers.
      */
     if (!connsAllowed && backend_type == BACKEND_TYPE_NORMAL)
         return CAC_SHUTDOWN;    /* shutdown is pending */
  
     /*
      * Don't start too many children.
      *
      * We allow more connections here than we can have backends because some
      * might still be authenticating; they might fail auth, or some existing
      * backend might exit before the auth cycle is completed.  The exact
      * MaxBackends limit is enforced when a new backend tries to join the
      * shared-inval backend array.
      *
      * The limit here must match the sizes of the per-child-process arrays;
      * see comments for MaxLivePostmasterChildren().
      */
     if (CountChildren(BACKEND_TYPE_ALL) >= MaxLivePostmasterChildren())
         result = CAC_TOOMANY;
  
     return result;
 }

References BACKEND_TYPE_ALL, BACKEND_TYPE_BGWORKER, BACKEND_TYPE_NORMAL, CAC_NOTCONSISTENT, CAC_OK, CAC_RECOVERY, CAC_SHUTDOWN, CAC_STARTUP, CAC_TOOMANY, connsAllowed, CountChildren(), FatalError, MaxLivePostmasterChildren(), NoShutdown, PM_HOT_STANDBY, PM_RECOVERY, PM_RUN, PM_STARTUP, pmState, and Shutdown.

Referenced by assign_backendlist_entry(), BackendStartup(), and StartAutovacuumWorker().

◆ checkControlFile()

static void checkControlFile ( void )

static

Definition at line 1594 of file postmaster.c.

 {
     char        path[MAXPGPATH];
     FILE       *fp;
  
     snprintf(path, sizeof(path), "%s/global/pg_control", DataDir);
  
     fp = AllocateFile(path, PG_BINARY_R);
     if (fp == NULL)
     {
         write_stderr("%s: could not find the database system\n"
                      "Expected to find it in the directory \"%s\",\n"
                      "but could not open file \"%s\": %s\n",
                      progname, DataDir, path, strerror(errno));
         ExitPostmaster(2);
     }
     FreeFile(fp);
 }

References AllocateFile(), DataDir, ExitPostmaster(), FreeFile(), MAXPGPATH, PG_BINARY_R, progname, snprintf, strerror, and write_stderr.

Referenced by PostmasterMain().

◆ CleanupBackend()

static void CleanupBackend	(	int	pid,
		int	exitstatus
	)

static

Definition at line 3393 of file postmaster.c.

 {
     dlist_mutable_iter iter;
  
     LogChildExit(DEBUG2, _("server process"), pid, exitstatus);
  
     /*
      * If a backend dies in an ugly way then we must signal all other backends
      * to quickdie.  If exit status is zero (normal) or one (FATAL exit), we
      * assume everything is all right and proceed to remove the backend from
      * the active backend list.
      */
  
 #ifdef WIN32
  
     /*
      * On win32, also treat ERROR_WAIT_NO_CHILDREN (128) as nonfatal case,
      * since that sometimes happens under load when the process fails to start
      * properly (long before it starts using shared memory). Microsoft reports
      * it is related to mutex failure:
      * http://archives.postgresql.org/pgsql-hackers/2010-09/msg00790.php
      */
     if (exitstatus == ERROR_WAIT_NO_CHILDREN)
     {
         LogChildExit(LOG, _("server process"), pid, exitstatus);
         exitstatus = 0;
     }
 #endif
  
     if (!EXIT_STATUS_0(exitstatus) && !EXIT_STATUS_1(exitstatus))
     {
         HandleChildCrash(pid, exitstatus, _("server process"));
         return;
     }
  
     dlist_foreach_modify(iter, &BackendList)
     {
         Backend    *bp = dlist_container(Backend, elem, iter.cur);
  
         if (bp->pid == pid)
         {
             if (!bp->dead_end)
             {
                 if (!ReleasePostmasterChildSlot(bp->child_slot))
                 {
                     /*
                      * Uh-oh, the child failed to clean itself up.  Treat as a
                      * crash after all.
                      */
                     HandleChildCrash(pid, exitstatus, _("server process"));
                     return;
                 }
 #ifdef EXEC_BACKEND
                 ShmemBackendArrayRemove(bp);
 #endif
             }
             if (bp->bgworker_notify)
             {
                 /*
                  * This backend may have been slated to receive SIGUSR1 when
                  * some background worker started or stopped.  Cancel those
                  * notifications, as we don't want to signal PIDs that are not
                  * PostgreSQL backends.  This gets skipped in the (probably
                  * very common) case where the backend has never requested any
                  * such notifications.
                  */
                 BackgroundWorkerStopNotifications(bp->pid);
             }
             dlist_delete(iter.cur);
             free(bp);
             break;
         }
     }
 }

References _, BackendList, BackgroundWorkerStopNotifications(), bkend::bgworker_notify, bkend::child_slot, dlist_mutable_iter::cur, bkend::dead_end, DEBUG2, dlist_container, dlist_delete(), dlist_foreach_modify, EXIT_STATUS_0, EXIT_STATUS_1, free, HandleChildCrash(), LOG, LogChildExit(), bkend::pid, and ReleasePostmasterChildSlot().

Referenced by reaper().

◆ CleanupBackgroundWorker()

static bool CleanupBackgroundWorker	(	int	pid,
		int	exitstatus
	)

static

Definition at line 3298 of file postmaster.c.

 {
     char        namebuf[MAXPGPATH];
     slist_mutable_iter iter;
  
     slist_foreach_modify(iter, &BackgroundWorkerList)
     {
         RegisteredBgWorker *rw;
  
         rw = slist_container(RegisteredBgWorker, rw_lnode, iter.cur);
  
         if (rw->rw_pid != pid)
             continue;
  
 #ifdef WIN32
         /* see CleanupBackend */
         if (exitstatus == ERROR_WAIT_NO_CHILDREN)
             exitstatus = 0;
 #endif
  
         snprintf(namebuf, MAXPGPATH, _("background worker \"%s\""),
                  rw->rw_worker.bgw_type);
  
  
         if (!EXIT_STATUS_0(exitstatus))
         {
             /* Record timestamp, so we know when to restart the worker. */
             rw->rw_crashed_at = GetCurrentTimestamp();
         }
         else
         {
             /* Zero exit status means terminate */
             rw->rw_crashed_at = 0;
             rw->rw_terminate = true;
         }
  
         /*
          * Additionally, just like a backend, any exit status other than 0 or
          * 1 is considered a crash and causes a system-wide restart.
          */
         if (!EXIT_STATUS_0(exitstatus) && !EXIT_STATUS_1(exitstatus))
         {
             HandleChildCrash(pid, exitstatus, namebuf);
             return true;
         }
  
         /*
          * We must release the postmaster child slot. If the worker failed to
          * do so, it did not clean up after itself, requiring a crash-restart
          * cycle.
          */
         if (!ReleasePostmasterChildSlot(rw->rw_child_slot))
         {
             HandleChildCrash(pid, exitstatus, namebuf);
             return true;
         }
  
         /* Get it out of the BackendList and clear out remaining data */
         dlist_delete(&rw->rw_backend->elem);
 #ifdef EXEC_BACKEND
         ShmemBackendArrayRemove(rw->rw_backend);
 #endif
  
         /*
          * It's possible that this background worker started some OTHER
          * background worker and asked to be notified when that worker started
          * or stopped.  If so, cancel any notifications destined for the
          * now-dead backend.
          */
         if (rw->rw_backend->bgworker_notify)
             BackgroundWorkerStopNotifications(rw->rw_pid);
         free(rw->rw_backend);
         rw->rw_backend = NULL;
         rw->rw_pid = 0;
         rw->rw_child_slot = 0;
         ReportBackgroundWorkerExit(&iter);  /* report child death */
  
         LogChildExit(EXIT_STATUS_0(exitstatus) ? DEBUG1 : LOG,
                      namebuf, pid, exitstatus);
  
         return true;
     }
  
     return false;
 }

References _, BackgroundWorkerList, BackgroundWorkerStopNotifications(), BackgroundWorker::bgw_type, bkend::bgworker_notify, slist_mutable_iter::cur, DEBUG1, dlist_delete(), bkend::elem, EXIT_STATUS_0, EXIT_STATUS_1, free, GetCurrentTimestamp(), HandleChildCrash(), LOG, LogChildExit(), MAXPGPATH, ReleasePostmasterChildSlot(), ReportBackgroundWorkerExit(), RegisteredBgWorker::rw_backend, RegisteredBgWorker::rw_child_slot, RegisteredBgWorker::rw_crashed_at, RegisteredBgWorker::rw_pid, RegisteredBgWorker::rw_terminate, RegisteredBgWorker::rw_worker, slist_container, slist_foreach_modify, and snprintf.

Referenced by reaper().

◆ ClosePostmasterPorts()

void ClosePostmasterPorts ( bool am_syslogger )

Definition at line 2623 of file postmaster.c.

 {
     int         i;
  
 #ifndef WIN32
  
     /*
      * Close the write end of postmaster death watch pipe. It's important to
      * do this as early as possible, so that if postmaster dies, others won't
      * think that it's still running because we're holding the pipe open.
      */
     if (close(postmaster_alive_fds[POSTMASTER_FD_OWN]) != 0)
         ereport(FATAL,
                 (errcode_for_file_access(),
                  errmsg_internal("could not close postmaster death monitoring pipe in child process: %m")));
     postmaster_alive_fds[POSTMASTER_FD_OWN] = -1;
     /* Notify fd.c that we released one pipe FD. */
     ReleaseExternalFD();
 #endif
  
     /*
      * Close the postmaster's listen sockets.  These aren't tracked by fd.c,
      * so we don't call ReleaseExternalFD() here.
      */
     for (i = 0; i < MAXLISTEN; i++)
     {
         if (ListenSocket[i] != PGINVALID_SOCKET)
         {
             StreamClose(ListenSocket[i]);
             ListenSocket[i] = PGINVALID_SOCKET;
         }
     }
  
     /*
      * If using syslogger, close the read side of the pipe.  We don't bother
      * tracking this in fd.c, either.
      */
     if (!am_syslogger)
     {
 #ifndef WIN32
         if (syslogPipe[0] >= 0)
             close(syslogPipe[0]);
         syslogPipe[0] = -1;
 #else
         if (syslogPipe[0])
             CloseHandle(syslogPipe[0]);
         syslogPipe[0] = 0;
 #endif
     }
  
 #ifdef USE_BONJOUR
     /* If using Bonjour, close the connection to the mDNS daemon */
     if (bonjour_sdref)
         close(DNSServiceRefSockFD(bonjour_sdref));
 #endif
 }

References close, ereport, errcode_for_file_access(), errmsg_internal(), FATAL, i, ListenSocket, MAXLISTEN, PGINVALID_SOCKET, postmaster_alive_fds, POSTMASTER_FD_OWN, ReleaseExternalFD(), StreamClose(), and syslogPipe.

Referenced by BackendStartup(), do_start_bgworker(), StartAutoVacWorker(), StartChildProcess(), and SysLogger_Start().

◆ CloseServerPorts()

static void CloseServerPorts	(	int	status,
		Datum	arg
	)

static

Definition at line 1492 of file postmaster.c.

 {
     int         i;
  
     /*
      * First, explicitly close all the socket FDs.  We used to just let this
      * happen implicitly at postmaster exit, but it's better to close them
      * before we remove the postmaster.pid lockfile; otherwise there's a race
      * condition if a new postmaster wants to re-use the TCP port number.
      */
     for (i = 0; i < MAXLISTEN; i++)
     {
         if (ListenSocket[i] != PGINVALID_SOCKET)
         {
             StreamClose(ListenSocket[i]);
             ListenSocket[i] = PGINVALID_SOCKET;
         }
     }
  
     /*
      * Next, remove any filesystem entries for Unix sockets.  To avoid race
      * conditions against incoming postmasters, this must happen after closing
      * the sockets and before removing lock files.
      */
     RemoveSocketFiles();
  
     /*
      * We don't do anything about socket lock files here; those will be
      * removed in a later on_proc_exit callback.
      */
 }

References i, ListenSocket, MAXLISTEN, PGINVALID_SOCKET, RemoveSocketFiles(), and StreamClose().

Referenced by PostmasterMain().

◆ ConnCreate()

static Port * ConnCreate ( int serverFd )

static

Definition at line 2575 of file postmaster.c.

 {
     Port       *port;
  
     if (!(port = (Port *) calloc(1, sizeof(Port))))
     {
         ereport(LOG,
                 (errcode(ERRCODE_OUT_OF_MEMORY),
                  errmsg("out of memory")));
         ExitPostmaster(1);
     }
  
     if (StreamConnection(serverFd, port) != STATUS_OK)
     {
         if (port->sock != PGINVALID_SOCKET)
             StreamClose(port->sock);
         ConnFree(port);
         return NULL;
     }
  
     return port;
 }

References calloc, ConnFree(), ereport, errcode(), errmsg(), ExitPostmaster(), LOG, PGINVALID_SOCKET, port, STATUS_OK, StreamClose(), and StreamConnection().

Referenced by ServerLoop().

◆ ConnFree()

static void ConnFree ( Port * port )

static

Definition at line 2606 of file postmaster.c.

 {
     free(conn);
 }

References conn, and free.

Referenced by ConnCreate(), and ServerLoop().

◆ CountChildren()

static int CountChildren ( int target )

static

Definition at line 5343 of file postmaster.c.

 {
     dlist_iter  iter;
     int         cnt = 0;
  
     dlist_foreach(iter, &BackendList)
     {
         Backend    *bp = dlist_container(Backend, elem, iter.cur);
  
         if (bp->dead_end)
             continue;
  
         /*
          * Since target == BACKEND_TYPE_ALL is the most common case, we test
          * it first and avoid touching shared memory for every child.
          */
         if (target != BACKEND_TYPE_ALL)
         {
             /*
              * Assign bkend_type for any recently announced WAL Sender
              * processes.
              */
             if (bp->bkend_type == BACKEND_TYPE_NORMAL &&
                 IsPostmasterChildWalSender(bp->child_slot))
                 bp->bkend_type = BACKEND_TYPE_WALSND;
  
             if (!(target & bp->bkend_type))
                 continue;
         }
  
         cnt++;
     }
     return cnt;
 }

References BACKEND_TYPE_ALL, BACKEND_TYPE_NORMAL, BACKEND_TYPE_WALSND, BackendList, bkend::bkend_type, bkend::child_slot, dlist_iter::cur, bkend::dead_end, dlist_container, dlist_foreach, and IsPostmasterChildWalSender().

Referenced by canAcceptConnections(), and PostmasterStateMachine().

◆ CreateOptsFile()

static bool CreateOptsFile	(	int	argc,
		char *	argv[],
		char *	fullprogname
	)

static

Definition at line 5606 of file postmaster.c.

 {
     FILE       *fp;
     int         i;
  
 #define OPTS_FILE   "postmaster.opts"
  
     if ((fp = fopen(OPTS_FILE, "w")) == NULL)
     {
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not create file \"%s\": %m", OPTS_FILE)));
         return false;
     }
  
     fprintf(fp, "%s", fullprogname);
     for (i = 1; i < argc; i++)
         fprintf(fp, " \"%s\"", argv[i]);
     fputs("\n", fp);
  
     if (fclose(fp))
     {
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not write file \"%s\": %m", OPTS_FILE)));
         return false;
     }
  
     return true;
 }

References ereport, errcode_for_file_access(), errmsg(), fprintf, i, LOG, and OPTS_FILE.

Referenced by PostmasterMain().

◆ DetermineSleepTime()

static void DetermineSleepTime ( struct timeval * timeout )

static

Definition at line 1623 of file postmaster.c.

 {
     TimestampTz next_wakeup = 0;
  
     /*
      * Normal case: either there are no background workers at all, or we're in
      * a shutdown sequence (during which we ignore bgworkers altogether).
      */
     if (Shutdown > NoShutdown ||
         (!StartWorkerNeeded && !HaveCrashedWorker))
     {
         if (AbortStartTime != 0)
         {
             /* time left to abort; clamp to 0 in case it already expired */
             timeout->tv_sec = SIGKILL_CHILDREN_AFTER_SECS -
                 (time(NULL) - AbortStartTime);
             timeout->tv_sec = Max(timeout->tv_sec, 0);
             timeout->tv_usec = 0;
         }
         else
         {
             timeout->tv_sec = 60;
             timeout->tv_usec = 0;
         }
         return;
     }
  
     if (StartWorkerNeeded)
     {
         timeout->tv_sec = 0;
         timeout->tv_usec = 0;
         return;
     }
  
     if (HaveCrashedWorker)
     {
         slist_mutable_iter siter;
  
         /*
          * When there are crashed bgworkers, we sleep just long enough that
          * they are restarted when they request to be.  Scan the list to
          * determine the minimum of all wakeup times according to most recent
          * crash time and requested restart interval.
          */
         slist_foreach_modify(siter, &BackgroundWorkerList)
         {
             RegisteredBgWorker *rw;
             TimestampTz this_wakeup;
  
             rw = slist_container(RegisteredBgWorker, rw_lnode, siter.cur);
  
             if (rw->rw_crashed_at == 0)
                 continue;
  
             if (rw->rw_worker.bgw_restart_time == BGW_NEVER_RESTART
                 || rw->rw_terminate)
             {
                 ForgetBackgroundWorker(&siter);
                 continue;
             }
  
             this_wakeup = TimestampTzPlusMilliseconds(rw->rw_crashed_at,
                                                       1000L * rw->rw_worker.bgw_restart_time);
             if (next_wakeup == 0 || this_wakeup < next_wakeup)
                 next_wakeup = this_wakeup;
         }
     }
  
     if (next_wakeup != 0)
     {
         long        secs;
         int         microsecs;
  
         TimestampDifference(GetCurrentTimestamp(), next_wakeup,
                             &secs, &microsecs);
         timeout->tv_sec = secs;
         timeout->tv_usec = microsecs;
  
         /* Ensure we don't exceed one minute */
         if (timeout->tv_sec > 60)
         {
             timeout->tv_sec = 60;
             timeout->tv_usec = 0;
         }
     }
     else
     {
         timeout->tv_sec = 60;
         timeout->tv_usec = 0;
     }
 }

References AbortStartTime, BackgroundWorkerList, BGW_NEVER_RESTART, BackgroundWorker::bgw_restart_time, slist_mutable_iter::cur, ForgetBackgroundWorker(), GetCurrentTimestamp(), HaveCrashedWorker, Max, NoShutdown, RegisteredBgWorker::rw_crashed_at, RegisteredBgWorker::rw_terminate, RegisteredBgWorker::rw_worker, Shutdown, SIGKILL_CHILDREN_AFTER_SECS, slist_container, slist_foreach_modify, StartWorkerNeeded, TimestampDifference(), and TimestampTzPlusMilliseconds.

Referenced by ServerLoop().

◆ do_start_bgworker()

static bool do_start_bgworker ( RegisteredBgWorker * rw )

static

Definition at line 5748 of file postmaster.c.

 {
     pid_t       worker_pid;
  
     Assert(rw->rw_pid == 0);
  
     /*
      * Allocate and assign the Backend element.  Note we must do this before
      * forking, so that we can handle failures (out of memory or child-process
      * slots) cleanly.
      *
      * Treat failure as though the worker had crashed.  That way, the
      * postmaster will wait a bit before attempting to start it again; if we
      * tried again right away, most likely we'd find ourselves hitting the
      * same resource-exhaustion condition.
      */
     if (!assign_backendlist_entry(rw))
     {
         rw->rw_crashed_at = GetCurrentTimestamp();
         return false;
     }
  
     ereport(DEBUG1,
             (errmsg_internal("starting background worker process \"%s\"",
                              rw->rw_worker.bgw_name)));
  
 #ifdef EXEC_BACKEND
     switch ((worker_pid = bgworker_forkexec(rw->rw_shmem_slot)))
 #else
     switch ((worker_pid = fork_process()))
 #endif
     {
         case -1:
             /* in postmaster, fork failed ... */
             ereport(LOG,
                     (errmsg("could not fork worker process: %m")));
             /* undo what assign_backendlist_entry did */
             ReleasePostmasterChildSlot(rw->rw_child_slot);
             rw->rw_child_slot = 0;
             free(rw->rw_backend);
             rw->rw_backend = NULL;
             /* mark entry as crashed, so we'll try again later */
             rw->rw_crashed_at = GetCurrentTimestamp();
             break;
  
 #ifndef EXEC_BACKEND
         case 0:
             /* in postmaster child ... */
             InitPostmasterChild();
  
             /* Close the postmaster's sockets */
             ClosePostmasterPorts(false);
  
             /*
              * Before blowing away PostmasterContext, save this bgworker's
              * data where it can find it.
              */
             MyBgworkerEntry = (BackgroundWorker *)
                 MemoryContextAlloc(TopMemoryContext, sizeof(BackgroundWorker));
             memcpy(MyBgworkerEntry, &rw->rw_worker, sizeof(BackgroundWorker));
  
             /* Release postmaster's working memory context */
             MemoryContextSwitchTo(TopMemoryContext);
             MemoryContextDelete(PostmasterContext);
             PostmasterContext = NULL;
  
             StartBackgroundWorker();
  
             exit(1);            /* should not get here */
             break;
 #endif
         default:
             /* in postmaster, fork successful ... */
             rw->rw_pid = worker_pid;
             rw->rw_backend->pid = rw->rw_pid;
             ReportBackgroundWorkerPID(rw);
             /* add new worker to lists of backends */
             dlist_push_head(&BackendList, &rw->rw_backend->elem);
 #ifdef EXEC_BACKEND
             ShmemBackendArrayAdd(rw->rw_backend);
 #endif
             return true;
     }
  
     return false;
 }

References Assert(), assign_backendlist_entry(), BackendList, BackgroundWorker::bgw_name, ClosePostmasterPorts(), DEBUG1, dlist_push_head(), bkend::elem, ereport, errmsg(), errmsg_internal(), exit(), fork_process(), free, GetCurrentTimestamp(), InitPostmasterChild(), LOG, MemoryContextAlloc(), MemoryContextDelete(), MemoryContextSwitchTo(), MyBgworkerEntry, bkend::pid, PostmasterContext, ReleasePostmasterChildSlot(), ReportBackgroundWorkerPID(), RegisteredBgWorker::rw_backend, RegisteredBgWorker::rw_child_slot, RegisteredBgWorker::rw_crashed_at, RegisteredBgWorker::rw_pid, RegisteredBgWorker::rw_shmem_slot, RegisteredBgWorker::rw_worker, StartBackgroundWorker(), and TopMemoryContext.

Referenced by maybe_start_bgworkers().

◆ dummy_handler()

static void dummy_handler ( SIGNAL_ARGS )

static

Definition at line 5314 of file postmaster.c.

5315 {

5316 }

Referenced by PostmasterMain().

◆ ExitPostmaster()

static void ExitPostmaster ( int status )

static

Definition at line 5093 of file postmaster.c.

 {
 #ifdef HAVE_PTHREAD_IS_THREADED_NP
  
     /*
      * There is no known cause for a postmaster to become multithreaded after
      * startup.  Recheck to account for the possibility of unknown causes.
      * This message uses LOG level, because an unclean shutdown at this point
      * would usually not look much different from a clean shutdown.
      */
     if (pthread_is_threaded_np() != 0)
         ereport(LOG,
                 (errcode(ERRCODE_INTERNAL_ERROR),
                  errmsg_internal("postmaster became multithreaded"),
                  errdetail("Please report this to <%s>.", PACKAGE_BUGREPORT)));
 #endif
  
     /* should cleanup shared memory and kill all backends */
  
     /*
      * Not sure of the semantics here.  When the Postmaster dies, should the
      * backends all be killed? probably not.
      *
      * MUST     -- vadim 05-10-1999
      */
  
     proc_exit(status);
 }

References ereport, errcode(), errdetail(), errmsg_internal(), LOG, proc_exit(), and status().

Referenced by checkControlFile(), ConnCreate(), PostmasterMain(), PostmasterStateMachine(), reaper(), and StartChildProcess().

◆ getInstallationPaths()

static void getInstallationPaths ( const char * argv0 )

static

Definition at line 1540 of file postmaster.c.

 {
     DIR        *pdir;
  
     /* Locate the postgres executable itself */
     if (find_my_exec(argv0, my_exec_path) < 0)
         ereport(FATAL,
                 (errmsg("%s: could not locate my own executable path", argv0)));
  
 #ifdef EXEC_BACKEND
     /* Locate executable backend before we change working directory */
     if (find_other_exec(argv0, "postgres", PG_BACKEND_VERSIONSTR,
                         postgres_exec_path) < 0)
         ereport(FATAL,
                 (errmsg("%s: could not locate matching postgres executable",
                         argv0)));
 #endif
  
     /*
      * Locate the pkglib directory --- this has to be set early in case we try
      * to load any modules from it in response to postgresql.conf entries.
      */
     get_pkglib_path(my_exec_path, pkglib_path);
  
     /*
      * Verify that there's a readable directory there; otherwise the Postgres
      * installation is incomplete or corrupt.  (A typical cause of this
      * failure is that the postgres executable has been moved or hardlinked to
      * some directory that's not a sibling of the installation lib/
      * directory.)
      */
     pdir = AllocateDir(pkglib_path);
     if (pdir == NULL)
         ereport(ERROR,
                 (errcode_for_file_access(),
                  errmsg("could not open directory \"%s\": %m",
                         pkglib_path),
                  errhint("This may indicate an incomplete PostgreSQL installation, or that the file \"%s\" has been moved away from its proper location.",
                          my_exec_path)));
     FreeDir(pdir);
  
     /*
      * XXX is it worth similarly checking the share/ directory?  If the lib/
      * directory is there, then share/ probably is too.
      */
 }

References AllocateDir(), argv0, ereport, errcode_for_file_access(), errhint(), errmsg(), ERROR, FATAL, find_my_exec(), find_other_exec(), FreeDir(), get_pkglib_path(), my_exec_path, PG_BACKEND_VERSIONSTR, and pkglib_path.

Referenced by PostmasterMain().

◆ HandleChildCrash()

static void HandleChildCrash	(	int	pid,
		int	exitstatus,
		const char *	procname
	)

static

Definition at line 3477 of file postmaster.c.

 {
     dlist_mutable_iter iter;
     slist_iter  siter;
     Backend    *bp;
     bool        take_action;
  
     /*
      * We only log messages and send signals if this is the first process
      * crash and we're not doing an immediate shutdown; otherwise, we're only
      * here to update postmaster's idea of live processes.  If we have already
      * signaled children, nonzero exit status is to be expected, so don't
      * clutter log.
      */
     take_action = !FatalError && Shutdown != ImmediateShutdown;
  
     if (take_action)
     {
         LogChildExit(LOG, procname, pid, exitstatus);
         ereport(LOG,
                 (errmsg("terminating any other active server processes")));
         SetQuitSignalReason(PMQUIT_FOR_CRASH);
     }
  
     /* Process background workers. */
     slist_foreach(siter, &BackgroundWorkerList)
     {
         RegisteredBgWorker *rw;
  
         rw = slist_container(RegisteredBgWorker, rw_lnode, siter.cur);
         if (rw->rw_pid == 0)
             continue;           /* not running */
         if (rw->rw_pid == pid)
         {
             /*
              * Found entry for freshly-dead worker, so remove it.
              */
             (void) ReleasePostmasterChildSlot(rw->rw_child_slot);
             dlist_delete(&rw->rw_backend->elem);
 #ifdef EXEC_BACKEND
             ShmemBackendArrayRemove(rw->rw_backend);
 #endif
             free(rw->rw_backend);
             rw->rw_backend = NULL;
             rw->rw_pid = 0;
             rw->rw_child_slot = 0;
             /* don't reset crashed_at */
             /* don't report child stop, either */
             /* Keep looping so we can signal remaining workers */
         }
         else
         {
             /*
              * This worker is still alive.  Unless we did so already, tell it
              * to commit hara-kiri.
              *
              * SIGQUIT is the special signal that says exit without proc_exit
              * and let the user know what's going on. But if SendStop is set
              * (-T on command line), then we send SIGSTOP instead, so that we
              * can get core dumps from all backends by hand.
              */
             if (take_action)
             {
                 ereport(DEBUG2,
                         (errmsg_internal("sending %s to process %d",
                                          (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                          (int) rw->rw_pid)));
                 signal_child(rw->rw_pid, (SendStop ? SIGSTOP : SIGQUIT));
             }
         }
     }
  
     /* Process regular backends */
     dlist_foreach_modify(iter, &BackendList)
     {
         bp = dlist_container(Backend, elem, iter.cur);
  
         if (bp->pid == pid)
         {
             /*
              * Found entry for freshly-dead backend, so remove it.
              */
             if (!bp->dead_end)
             {
                 (void) ReleasePostmasterChildSlot(bp->child_slot);
 #ifdef EXEC_BACKEND
                 ShmemBackendArrayRemove(bp);
 #endif
             }
             dlist_delete(iter.cur);
             free(bp);
             /* Keep looping so we can signal remaining backends */
         }
         else
         {
             /*
              * This backend is still alive.  Unless we did so already, tell it
              * to commit hara-kiri.
              *
              * SIGQUIT is the special signal that says exit without proc_exit
              * and let the user know what's going on. But if SendStop is set
              * (-T on command line), then we send SIGSTOP instead, so that we
              * can get core dumps from all backends by hand.
              *
              * We could exclude dead_end children here, but at least in the
              * SIGSTOP case it seems better to include them.
              *
              * Background workers were already processed above; ignore them
              * here.
              */
             if (bp->bkend_type == BACKEND_TYPE_BGWORKER)
                 continue;
  
             if (take_action)
             {
                 ereport(DEBUG2,
                         (errmsg_internal("sending %s to process %d",
                                          (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                          (int) bp->pid)));
                 signal_child(bp->pid, (SendStop ? SIGSTOP : SIGQUIT));
             }
         }
     }
  
     /* Take care of the startup process too */
     if (pid == StartupPID)
     {
         StartupPID = 0;
         /* Caller adjusts StartupStatus, so don't touch it here */
     }
     else if (StartupPID != 0 && take_action)
     {
         ereport(DEBUG2,
                 (errmsg_internal("sending %s to process %d",
                                  (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                  (int) StartupPID)));
         signal_child(StartupPID, (SendStop ? SIGSTOP : SIGQUIT));
         StartupStatus = STARTUP_SIGNALED;
     }
  
     /* Take care of the bgwriter too */
     if (pid == BgWriterPID)
         BgWriterPID = 0;
     else if (BgWriterPID != 0 && take_action)
     {
         ereport(DEBUG2,
                 (errmsg_internal("sending %s to process %d",
                                  (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                  (int) BgWriterPID)));
         signal_child(BgWriterPID, (SendStop ? SIGSTOP : SIGQUIT));
     }
  
     /* Take care of the checkpointer too */
     if (pid == CheckpointerPID)
         CheckpointerPID = 0;
     else if (CheckpointerPID != 0 && take_action)
     {
         ereport(DEBUG2,
                 (errmsg_internal("sending %s to process %d",
                                  (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                  (int) CheckpointerPID)));
         signal_child(CheckpointerPID, (SendStop ? SIGSTOP : SIGQUIT));
     }
  
     /* Take care of the walwriter too */
     if (pid == WalWriterPID)
         WalWriterPID = 0;
     else if (WalWriterPID != 0 && take_action)
     {
         ereport(DEBUG2,
                 (errmsg_internal("sending %s to process %d",
                                  (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                  (int) WalWriterPID)));
         signal_child(WalWriterPID, (SendStop ? SIGSTOP : SIGQUIT));
     }
  
     /* Take care of the walreceiver too */
     if (pid == WalReceiverPID)
         WalReceiverPID = 0;
     else if (WalReceiverPID != 0 && take_action)
     {
         ereport(DEBUG2,
                 (errmsg_internal("sending %s to process %d",
                                  (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                  (int) WalReceiverPID)));
         signal_child(WalReceiverPID, (SendStop ? SIGSTOP : SIGQUIT));
     }
  
     /* Take care of the autovacuum launcher too */
     if (pid == AutoVacPID)
         AutoVacPID = 0;
     else if (AutoVacPID != 0 && take_action)
     {
         ereport(DEBUG2,
                 (errmsg_internal("sending %s to process %d",
                                  (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                  (int) AutoVacPID)));
         signal_child(AutoVacPID, (SendStop ? SIGSTOP : SIGQUIT));
     }
  
     /* Take care of the archiver too */
     if (pid == PgArchPID)
         PgArchPID = 0;
     else if (PgArchPID != 0 && take_action)
     {
         ereport(DEBUG2,
                 (errmsg_internal("sending %s to process %d",
                                  (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                  (int) PgArchPID)));
         signal_child(PgArchPID, (SendStop ? SIGSTOP : SIGQUIT));
     }
  
     /* We do NOT restart the syslogger */
  
     if (Shutdown != ImmediateShutdown)
         FatalError = true;
  
     /* We now transit into a state of waiting for children to die */
     if (pmState == PM_RECOVERY ||
         pmState == PM_HOT_STANDBY ||
         pmState == PM_RUN ||
         pmState == PM_STOP_BACKENDS ||
         pmState == PM_SHUTDOWN)
         pmState = PM_WAIT_BACKENDS;
  
     /*
      * .. and if this doesn't happen quickly enough, now the clock is ticking
      * for us to kill them without mercy.
      */
     if (AbortStartTime == 0)
         AbortStartTime = time(NULL);
 }

References AbortStartTime, AutoVacPID, BACKEND_TYPE_BGWORKER, BackendList, BackgroundWorkerList, BgWriterPID, bkend::bkend_type, CheckpointerPID, bkend::child_slot, dlist_mutable_iter::cur, slist_iter::cur, bkend::dead_end, DEBUG2, dlist_container, dlist_delete(), dlist_foreach_modify, bkend::elem, ereport, errmsg(), errmsg_internal(), FatalError, free, ImmediateShutdown, LOG, LogChildExit(), PgArchPID, bkend::pid, PM_HOT_STANDBY, PM_RECOVERY, PM_RUN, PM_SHUTDOWN, PM_STOP_BACKENDS, PM_WAIT_BACKENDS, PMQUIT_FOR_CRASH, pmState, ReleasePostmasterChildSlot(), RegisteredBgWorker::rw_backend, RegisteredBgWorker::rw_child_slot, RegisteredBgWorker::rw_pid, SendStop, SetQuitSignalReason(), Shutdown, signal_child(), SIGQUIT, SIGSTOP, slist_container, slist_foreach, STARTUP_SIGNALED, StartupPID, StartupStatus, WalReceiverPID, and WalWriterPID.

Referenced by CleanupBackend(), CleanupBackgroundWorker(), and reaper().

◆ initMasks()

static int initMasks ( fd_set * rmask )

static

Definition at line 1958 of file postmaster.c.

 {
     int         maxsock = -1;
     int         i;
  
     FD_ZERO(rmask);
  
     for (i = 0; i < MAXLISTEN; i++)
     {
         int         fd = ListenSocket[i];
  
         if (fd == PGINVALID_SOCKET)
             break;
         FD_SET(fd, rmask);
  
         if (fd > maxsock)
             maxsock = fd;
     }
  
     return maxsock + 1;
 }

References fd(), i, ListenSocket, MAXLISTEN, and PGINVALID_SOCKET.

Referenced by ServerLoop().

◆ InitPostmasterDeathWatchHandle()

static void InitPostmasterDeathWatchHandle ( void )

static

Definition at line 6541 of file postmaster.c.

 {
 #ifndef WIN32
  
     /*
      * Create a pipe. Postmaster holds the write end of the pipe open
      * (POSTMASTER_FD_OWN), and children hold the read end. Children can pass
      * the read file descriptor to select() to wake up in case postmaster
      * dies, or check for postmaster death with a (read() == 0). Children must
      * close the write end as soon as possible after forking, because EOF
      * won't be signaled in the read end until all processes have closed the
      * write fd. That is taken care of in ClosePostmasterPorts().
      */
     Assert(MyProcPid == PostmasterPid);
     if (pipe(postmaster_alive_fds) < 0)
         ereport(FATAL,
                 (errcode_for_file_access(),
                  errmsg_internal("could not create pipe to monitor postmaster death: %m")));
  
     /* Notify fd.c that we've eaten two FDs for the pipe. */
     ReserveExternalFD();
     ReserveExternalFD();
  
     /*
      * Set O_NONBLOCK to allow testing for the fd's presence with a read()
      * call.
      */
     if (fcntl(postmaster_alive_fds[POSTMASTER_FD_WATCH], F_SETFL, O_NONBLOCK) == -1)
         ereport(FATAL,
                 (errcode_for_socket_access(),
                  errmsg_internal("could not set postmaster death monitoring pipe to nonblocking mode: %m")));
 #else
  
     /*
      * On Windows, we use a process handle for the same purpose.
      */
     if (DuplicateHandle(GetCurrentProcess(),
                         GetCurrentProcess(),
                         GetCurrentProcess(),
                         &PostmasterHandle,
                         0,
                         TRUE,
                         DUPLICATE_SAME_ACCESS) == 0)
         ereport(FATAL,
                 (errmsg_internal("could not duplicate postmaster handle: error code %lu",
                                  GetLastError())));
 #endif                          /* WIN32 */
 }

References Assert(), ereport, errcode_for_file_access(), errcode_for_socket_access(), errmsg_internal(), FATAL, MyProcPid, postmaster_alive_fds, POSTMASTER_FD_WATCH, PostmasterPid, and ReserveExternalFD().

Referenced by PostmasterMain().

◆ InitProcessGlobals()

void InitProcessGlobals ( void )

Definition at line 2687 of file postmaster.c.

 {
     MyProcPid = getpid();
     MyStartTimestamp = GetCurrentTimestamp();
     MyStartTime = timestamptz_to_time_t(MyStartTimestamp);
  
     /*
      * Set a different global seed in every process.  We want something
      * unpredictable, so if possible, use high-quality random bits for the
      * seed.  Otherwise, fall back to a seed based on timestamp and PID.
      */
     if (unlikely(!pg_prng_strong_seed(&pg_global_prng_state)))
     {
         uint64      rseed;
  
         /*
          * Since PIDs and timestamps tend to change more frequently in their
          * least significant bits, shift the timestamp left to allow a larger
          * total number of seeds in a given time period.  Since that would
          * leave only 20 bits of the timestamp that cycle every ~1 second,
          * also mix in some higher bits.
          */
         rseed = ((uint64) MyProcPid) ^
             ((uint64) MyStartTimestamp << 12) ^
             ((uint64) MyStartTimestamp >> 20);
  
         pg_prng_seed(&pg_global_prng_state, rseed);
     }
  
     /*
      * Also make sure that we've set a good seed for random(3).  Use of that
      * is deprecated in core Postgres, but extensions might use it.
      */
 #ifndef WIN32
     srandom(pg_prng_uint32(&pg_global_prng_state));
 #endif
 }

References GetCurrentTimestamp(), MyProcPid, MyStartTime, MyStartTimestamp, pg_global_prng_state, pg_prng_seed(), pg_prng_strong_seed, pg_prng_uint32(), timestamptz_to_time_t(), and unlikely.

Referenced by InitPostmasterChild(), InitStandaloneProcess(), and PostmasterMain().

◆ LogChildExit()

static void LogChildExit	(	int	lev,
		const char *	procname,
		int	pid,
		int	exitstatus
	)

static

Definition at line 3714 of file postmaster.c.

 {
     /*
      * size of activity_buffer is arbitrary, but set equal to default
      * track_activity_query_size
      */
     char        activity_buffer[1024];
     const char *activity = NULL;
  
     if (!EXIT_STATUS_0(exitstatus))
         activity = pgstat_get_crashed_backend_activity(pid,
                                                        activity_buffer,
                                                        sizeof(activity_buffer));
  
     if (WIFEXITED(exitstatus))
         ereport(lev,
  
         /*------
           translator: %s is a noun phrase describing a child process, such as
           "server process" */
                 (errmsg("%s (PID %d) exited with exit code %d",
                         procname, pid, WEXITSTATUS(exitstatus)),
                  activity ? errdetail("Failed process was running: %s", activity) : 0));
     else if (WIFSIGNALED(exitstatus))
     {
 #if defined(WIN32)
         ereport(lev,
  
         /*------
           translator: %s is a noun phrase describing a child process, such as
           "server process" */
                 (errmsg("%s (PID %d) was terminated by exception 0x%X",
                         procname, pid, WTERMSIG(exitstatus)),
                  errhint("See C include file \"ntstatus.h\" for a description of the hexadecimal value."),
                  activity ? errdetail("Failed process was running: %s", activity) : 0));
 #else
         ereport(lev,
  
         /*------
           translator: %s is a noun phrase describing a child process, such as
           "server process" */
                 (errmsg("%s (PID %d) was terminated by signal %d: %s",
                         procname, pid, WTERMSIG(exitstatus),
                         pg_strsignal(WTERMSIG(exitstatus))),
                  activity ? errdetail("Failed process was running: %s", activity) : 0));
 #endif
     }
     else
         ereport(lev,
  
         /*------
           translator: %s is a noun phrase describing a child process, such as
           "server process" */
                 (errmsg("%s (PID %d) exited with unrecognized status %d",
                         procname, pid, exitstatus),
                  activity ? errdetail("Failed process was running: %s", activity) : 0));
 }

References ereport, errdetail(), errhint(), errmsg(), EXIT_STATUS_0, pg_strsignal(), pgstat_get_crashed_backend_activity(), WEXITSTATUS, WIFEXITED, WIFSIGNALED, and WTERMSIG.

Referenced by CleanupBackend(), CleanupBackgroundWorker(), HandleChildCrash(), and reaper().

◆ MaxLivePostmasterChildren()

int MaxLivePostmasterChildren ( void )

Definition at line 5650 of file postmaster.c.

 {
     return 2 * (MaxConnections + autovacuum_max_workers + 1 +
                 max_wal_senders + max_worker_processes);
 }

References autovacuum_max_workers, max_wal_senders, max_worker_processes, and MaxConnections.

Referenced by canAcceptConnections(), PMSignalShmemInit(), PMSignalShmemSize(), and processCancelRequest().

◆ maybe_start_bgworkers()

static void maybe_start_bgworkers ( void )

static

Definition at line 5946 of file postmaster.c.

 {
 #define MAX_BGWORKERS_TO_LAUNCH 100
     int         num_launched = 0;
     TimestampTz now = 0;
     slist_mutable_iter iter;
  
     /*
      * During crash recovery, we have no need to be called until the state
      * transition out of recovery.
      */
     if (FatalError)
     {
         StartWorkerNeeded = false;
         HaveCrashedWorker = false;
         return;
     }
  
     /* Don't need to be called again unless we find a reason for it below */
     StartWorkerNeeded = false;
     HaveCrashedWorker = false;
  
     slist_foreach_modify(iter, &BackgroundWorkerList)
     {
         RegisteredBgWorker *rw;
  
         rw = slist_container(RegisteredBgWorker, rw_lnode, iter.cur);
  
         /* ignore if already running */
         if (rw->rw_pid != 0)
             continue;
  
         /* if marked for death, clean up and remove from list */
         if (rw->rw_terminate)
         {
             ForgetBackgroundWorker(&iter);
             continue;
         }
  
         /*
          * If this worker has crashed previously, maybe it needs to be
          * restarted (unless on registration it specified it doesn't want to
          * be restarted at all).  Check how long ago did a crash last happen.
          * If the last crash is too recent, don't start it right away; let it
          * be restarted once enough time has passed.
          */
         if (rw->rw_crashed_at != 0)
         {
             if (rw->rw_worker.bgw_restart_time == BGW_NEVER_RESTART)
             {
                 int         notify_pid;
  
                 notify_pid = rw->rw_worker.bgw_notify_pid;
  
                 ForgetBackgroundWorker(&iter);
  
                 /* Report worker is gone now. */
                 if (notify_pid != 0)
                     kill(notify_pid, SIGUSR1);
  
                 continue;
             }
  
             /* read system time only when needed */
             if (now == 0)
                 now = GetCurrentTimestamp();
  
             if (!TimestampDifferenceExceeds(rw->rw_crashed_at, now,
                                             rw->rw_worker.bgw_restart_time * 1000))
             {
                 /* Set flag to remember that we have workers to start later */
                 HaveCrashedWorker = true;
                 continue;
             }
         }
  
         if (bgworker_should_start_now(rw->rw_worker.bgw_start_time))
         {
             /* reset crash time before trying to start worker */
             rw->rw_crashed_at = 0;
  
             /*
              * Try to start the worker.
              *
              * On failure, give up processing workers for now, but set
              * StartWorkerNeeded so we'll come back here on the next iteration
              * of ServerLoop to try again.  (We don't want to wait, because
              * there might be additional ready-to-run workers.)  We could set
              * HaveCrashedWorker as well, since this worker is now marked
              * crashed, but there's no need because the next run of this
              * function will do that.
              */
             if (!do_start_bgworker(rw))
             {
                 StartWorkerNeeded = true;
                 return;
             }
  
             /*
              * If we've launched as many workers as allowed, quit, but have
              * ServerLoop call us again to look for additional ready-to-run
              * workers.  There might not be any, but we'll find out the next
              * time we run.
              */
             if (++num_launched >= MAX_BGWORKERS_TO_LAUNCH)
             {
                 StartWorkerNeeded = true;
                 return;
             }
         }
     }
 }

References BackgroundWorkerList, BGW_NEVER_RESTART, BackgroundWorker::bgw_notify_pid, BackgroundWorker::bgw_restart_time, BackgroundWorker::bgw_start_time, bgworker_should_start_now(), slist_mutable_iter::cur, do_start_bgworker(), FatalError, ForgetBackgroundWorker(), GetCurrentTimestamp(), HaveCrashedWorker, kill, MAX_BGWORKERS_TO_LAUNCH, now(), RegisteredBgWorker::rw_crashed_at, RegisteredBgWorker::rw_pid, RegisteredBgWorker::rw_terminate, RegisteredBgWorker::rw_worker, SIGUSR1, slist_container, slist_foreach_modify, StartWorkerNeeded, and TimestampDifferenceExceeds().

Referenced by PostmasterMain(), reaper(), ServerLoop(), and sigusr1_handler().

◆ MaybeStartWalReceiver()

static void MaybeStartWalReceiver ( void )

static

Definition at line 5587 of file postmaster.c.

 {
     if (WalReceiverPID == 0 &&
         (pmState == PM_STARTUP || pmState == PM_RECOVERY ||
          pmState == PM_HOT_STANDBY) &&
         Shutdown <= SmartShutdown)
     {
         WalReceiverPID = StartWalReceiver();
         if (WalReceiverPID != 0)
             WalReceiverRequested = false;
         /* else leave the flag set, so we'll try again later */
     }
 }

References PM_HOT_STANDBY, PM_RECOVERY, PM_STARTUP, pmState, Shutdown, SmartShutdown, StartWalReceiver, WalReceiverPID, and WalReceiverRequested.

Referenced by ServerLoop(), and sigusr1_handler().

◆ pmdie()

static void pmdie ( SIGNAL_ARGS )

static

Definition at line 2827 of file postmaster.c.

 {
     int         save_errno = errno;
  
     /*
      * We rely on the signal mechanism to have blocked all signals ... except
      * on Windows, which lacks sigaction(), so we have to do it manually.
      */
 #ifdef WIN32
     PG_SETMASK(&BlockSig);
 #endif
  
     ereport(DEBUG2,
             (errmsg_internal("postmaster received signal %d",
                              postgres_signal_arg)));
  
     switch (postgres_signal_arg)
     {
         case SIGTERM:
  
             /*
              * Smart Shutdown:
              *
              * Wait for children to end their work, then shut down.
              */
             if (Shutdown >= SmartShutdown)
                 break;
             Shutdown = SmartShutdown;
             ereport(LOG,
                     (errmsg("received smart shutdown request")));
  
             /* Report status */
             AddToDataDirLockFile(LOCK_FILE_LINE_PM_STATUS, PM_STATUS_STOPPING);
 #ifdef USE_SYSTEMD
             sd_notify(0, "STOPPING=1");
 #endif
  
             /*
              * If we reached normal running, we go straight to waiting for
              * client backends to exit.  If already in PM_STOP_BACKENDS or a
              * later state, do not change it.
              */
             if (pmState == PM_RUN || pmState == PM_HOT_STANDBY)
                 connsAllowed = false;
             else if (pmState == PM_STARTUP || pmState == PM_RECOVERY)
             {
                 /* There should be no clients, so proceed to stop children */
                 pmState = PM_STOP_BACKENDS;
             }
  
             /*
              * Now wait for online backup mode to end and backends to exit. If
              * that is already the case, PostmasterStateMachine will take the
              * next step.
              */
             PostmasterStateMachine();
             break;
  
         case SIGINT:
  
             /*
              * Fast Shutdown:
              *
              * Abort all children with SIGTERM (rollback active transactions
              * and exit) and shut down when they are gone.
              */
             if (Shutdown >= FastShutdown)
                 break;
             Shutdown = FastShutdown;
             ereport(LOG,
                     (errmsg("received fast shutdown request")));
  
             /* Report status */
             AddToDataDirLockFile(LOCK_FILE_LINE_PM_STATUS, PM_STATUS_STOPPING);
 #ifdef USE_SYSTEMD
             sd_notify(0, "STOPPING=1");
 #endif
  
             if (pmState == PM_STARTUP || pmState == PM_RECOVERY)
             {
                 /* Just shut down background processes silently */
                 pmState = PM_STOP_BACKENDS;
             }
             else if (pmState == PM_RUN ||
                      pmState == PM_HOT_STANDBY)
             {
                 /* Report that we're about to zap live client sessions */
                 ereport(LOG,
                         (errmsg("aborting any active transactions")));
                 pmState = PM_STOP_BACKENDS;
             }
  
             /*
              * PostmasterStateMachine will issue any necessary signals, or
              * take the next step if no child processes need to be killed.
              */
             PostmasterStateMachine();
             break;
  
         case SIGQUIT:
  
             /*
              * Immediate Shutdown:
              *
              * abort all children with SIGQUIT, wait for them to exit,
              * terminate remaining ones with SIGKILL, then exit without
              * attempt to properly shut down the data base system.
              */
             if (Shutdown >= ImmediateShutdown)
                 break;
             Shutdown = ImmediateShutdown;
             ereport(LOG,
                     (errmsg("received immediate shutdown request")));
  
             /* Report status */
             AddToDataDirLockFile(LOCK_FILE_LINE_PM_STATUS, PM_STATUS_STOPPING);
 #ifdef USE_SYSTEMD
             sd_notify(0, "STOPPING=1");
 #endif
  
             /* tell children to shut down ASAP */
             SetQuitSignalReason(PMQUIT_FOR_STOP);
             TerminateChildren(SIGQUIT);
             pmState = PM_WAIT_BACKENDS;
  
             /* set stopwatch for them to die */
             AbortStartTime = time(NULL);
  
             /*
              * Now wait for backends to exit.  If there are none,
              * PostmasterStateMachine will take the next step.
              */
             PostmasterStateMachine();
             break;
     }
  
 #ifdef WIN32
     PG_SETMASK(&UnBlockSig);
 #endif
  
     errno = save_errno;
 }

References AbortStartTime, AddToDataDirLockFile(), BlockSig, connsAllowed, DEBUG2, ereport, errmsg(), errmsg_internal(), FastShutdown, ImmediateShutdown, LOCK_FILE_LINE_PM_STATUS, LOG, PG_SETMASK, PM_HOT_STANDBY, PM_RECOVERY, PM_RUN, PM_STARTUP, PM_STATUS_STOPPING, PM_STOP_BACKENDS, PM_WAIT_BACKENDS, PMQUIT_FOR_STOP, pmState, PostmasterStateMachine(), SetQuitSignalReason(), Shutdown, SIGQUIT, SmartShutdown, TerminateChildren(), and UnBlockSig.

Referenced by PostmasterMain().

◆ PostmasterMain()

void PostmasterMain	(	int	argc,
		char *	argv[]
	)

Definition at line 574 of file postmaster.c.

 {
     int         opt;
     int         status;
     char       *userDoption = NULL;
     bool        listen_addr_saved = false;
     int         i;
     char       *output_config_variable = NULL;
  
     InitProcessGlobals();
  
     PostmasterPid = MyProcPid;
  
     IsPostmasterEnvironment = true;
  
     /*
      * Start our win32 signal implementation
      */
 #ifdef WIN32
     pgwin32_signal_initialize();
 #endif
  
     /*
      * We should not be creating any files or directories before we check the
      * data directory (see checkDataDir()), but just in case set the umask to
      * the most restrictive (owner-only) permissions.
      *
      * checkDataDir() will reset the umask based on the data directory
      * permissions.
      */
     umask(PG_MODE_MASK_OWNER);
  
     /*
      * By default, palloc() requests in the postmaster will be allocated in
      * the PostmasterContext, which is space that can be recycled by backends.
      * Allocated data that needs to be available to backends should be
      * allocated in TopMemoryContext.
      */
     PostmasterContext = AllocSetContextCreate(TopMemoryContext,
                                               "Postmaster",
                                               ALLOCSET_DEFAULT_SIZES);
     MemoryContextSwitchTo(PostmasterContext);
  
     /* Initialize paths to installation files */
     getInstallationPaths(argv[0]);
  
     /*
      * Set up signal handlers for the postmaster process.
      *
      * In the postmaster, we use pqsignal_pm() rather than pqsignal() (which
      * is used by all child processes and client processes).  That has a
      * couple of special behaviors:
      *
      * 1. Except on Windows, we tell sigaction() to block all signals for the
      * duration of the signal handler.  This is faster than our old approach
      * of blocking/unblocking explicitly in the signal handler, and it should
      * also prevent excessive stack consumption if signals arrive quickly.
      *
      * 2. We do not set the SA_RESTART flag.  This is because signals will be
      * blocked at all times except when ServerLoop is waiting for something to
      * happen, and during that window, we want signals to exit the select(2)
      * wait so that ServerLoop can respond if anything interesting happened.
      * On some platforms, signals marked SA_RESTART would not cause the
      * select() wait to end.
      *
      * Child processes will generally want SA_RESTART, so pqsignal() sets that
      * flag.  We expect children to set up their own handlers before
      * unblocking signals.
      *
      * CAUTION: when changing this list, check for side-effects on the signal
      * handling setup of child processes.  See tcop/postgres.c,
      * bootstrap/bootstrap.c, postmaster/bgwriter.c, postmaster/walwriter.c,
      * postmaster/autovacuum.c, postmaster/pgarch.c, postmaster/syslogger.c,
      * postmaster/bgworker.c and postmaster/checkpointer.c.
      */
     pqinitmask();
     PG_SETMASK(&BlockSig);
  
     pqsignal_pm(SIGHUP, SIGHUP_handler);    /* reread config file and have
                                              * children do same */
     pqsignal_pm(SIGINT, pmdie); /* send SIGTERM and shut down */
     pqsignal_pm(SIGQUIT, pmdie);    /* send SIGQUIT and die */
     pqsignal_pm(SIGTERM, pmdie);    /* wait for children and shut down */
     pqsignal_pm(SIGALRM, SIG_IGN);  /* ignored */
     pqsignal_pm(SIGPIPE, SIG_IGN);  /* ignored */
     pqsignal_pm(SIGUSR1, sigusr1_handler);  /* message from child process */
     pqsignal_pm(SIGUSR2, dummy_handler);    /* unused, reserve for children */
     pqsignal_pm(SIGCHLD, reaper);   /* handle child termination */
  
 #ifdef SIGURG
  
     /*
      * Ignore SIGURG for now.  Child processes may change this (see
      * InitializeLatchSupport), but they will not receive any such signals
      * until they wait on a latch.
      */
     pqsignal_pm(SIGURG, SIG_IGN);   /* ignored */
 #endif
  
     /*
      * No other place in Postgres should touch SIGTTIN/SIGTTOU handling.  We
      * ignore those signals in a postmaster environment, so that there is no
      * risk of a child process freezing up due to writing to stderr.  But for
      * a standalone backend, their default handling is reasonable.  Hence, all
      * child processes should just allow the inherited settings to stand.
      */
 #ifdef SIGTTIN
     pqsignal_pm(SIGTTIN, SIG_IGN);  /* ignored */
 #endif
 #ifdef SIGTTOU
     pqsignal_pm(SIGTTOU, SIG_IGN);  /* ignored */
 #endif
  
     /* ignore SIGXFSZ, so that ulimit violations work like disk full */
 #ifdef SIGXFSZ
     pqsignal_pm(SIGXFSZ, SIG_IGN);  /* ignored */
 #endif
  
     /*
      * Options setup
      */
     InitializeGUCOptions();
  
     opterr = 1;
  
     /*
      * Parse command-line options.  CAUTION: keep this in sync with
      * tcop/postgres.c (the option sets should not conflict) and with the
      * common help() function in main/main.c.
      */
     while ((opt = getopt(argc, argv, "B:bc:C:D:d:EeFf:h:ijk:lN:nOPp:r:S:sTt:W:-:")) != -1)
     {
         switch (opt)
         {
             case 'B':
                 SetConfigOption("shared_buffers", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'b':
                 /* Undocumented flag used for binary upgrades */
                 IsBinaryUpgrade = true;
                 break;
  
             case 'C':
                 output_config_variable = strdup(optarg);
                 break;
  
             case 'D':
                 userDoption = strdup(optarg);
                 break;
  
             case 'd':
                 set_debug_options(atoi(optarg), PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'E':
                 SetConfigOption("log_statement", "all", PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'e':
                 SetConfigOption("datestyle", "euro", PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'F':
                 SetConfigOption("fsync", "false", PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'f':
                 if (!set_plan_disabling_options(optarg, PGC_POSTMASTER, PGC_S_ARGV))
                 {
                     write_stderr("%s: invalid argument for option -f: \"%s\"\n",
                                  progname, optarg);
                     ExitPostmaster(1);
                 }
                 break;
  
             case 'h':
                 SetConfigOption("listen_addresses", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'i':
                 SetConfigOption("listen_addresses", "*", PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'j':
                 /* only used by interactive backend */
                 break;
  
             case 'k':
                 SetConfigOption("unix_socket_directories", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'l':
                 SetConfigOption("ssl", "true", PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'N':
                 SetConfigOption("max_connections", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'n':
                 /* Don't reinit shared mem after abnormal exit */
                 Reinit = false;
                 break;
  
             case 'O':
                 SetConfigOption("allow_system_table_mods", "true", PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'P':
                 SetConfigOption("ignore_system_indexes", "true", PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'p':
                 SetConfigOption("port", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'r':
                 /* only used by single-user backend */
                 break;
  
             case 'S':
                 SetConfigOption("work_mem", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 's':
                 SetConfigOption("log_statement_stats", "true", PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'T':
  
                 /*
                  * In the event that some backend dumps core, send SIGSTOP,
                  * rather than SIGQUIT, to all its peers.  This lets the wily
                  * post_hacker collect core dumps from everyone.
                  */
                 SendStop = true;
                 break;
  
             case 't':
                 {
                     const char *tmp = get_stats_option_name(optarg);
  
                     if (tmp)
                     {
                         SetConfigOption(tmp, "true", PGC_POSTMASTER, PGC_S_ARGV);
                     }
                     else
                     {
                         write_stderr("%s: invalid argument for option -t: \"%s\"\n",
                                      progname, optarg);
                         ExitPostmaster(1);
                     }
                     break;
                 }
  
             case 'W':
                 SetConfigOption("post_auth_delay", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                 break;
  
             case 'c':
             case '-':
                 {
                     char       *name,
                                *value;
  
                     ParseLongOption(optarg, &name, &value);
                     if (!value)
                     {
                         if (opt == '-')
                             ereport(ERROR,
                                     (errcode(ERRCODE_SYNTAX_ERROR),
                                      errmsg("--%s requires a value",
                                             optarg)));
                         else
                             ereport(ERROR,
                                     (errcode(ERRCODE_SYNTAX_ERROR),
                                      errmsg("-c %s requires a value",
                                             optarg)));
                     }
  
                     SetConfigOption(name, value, PGC_POSTMASTER, PGC_S_ARGV);
                     free(name);
                     free(value);
                     break;
                 }
  
             default:
                 write_stderr("Try \"%s --help\" for more information.\n",
                              progname);
                 ExitPostmaster(1);
         }
     }
  
     /*
      * Postmaster accepts no non-option switch arguments.
      */
     if (optind < argc)
     {
         write_stderr("%s: invalid argument: \"%s\"\n",
                      progname, argv[optind]);
         write_stderr("Try \"%s --help\" for more information.\n",
                      progname);
         ExitPostmaster(1);
     }
  
     /*
      * Locate the proper configuration files and data directory, and read
      * postgresql.conf for the first time.
      */
     if (!SelectConfigFiles(userDoption, progname))
         ExitPostmaster(2);
  
     if (output_config_variable != NULL)
     {
         /*
          * If this is a runtime-computed GUC, it hasn't yet been initialized,
          * and the present value is not useful.  However, this is a convenient
          * place to print the value for most GUCs because it is safe to run
          * postmaster startup to this point even if the server is already
          * running.  For the handful of runtime-computed GUCs that we cannot
          * provide meaningful values for yet, we wait until later in
          * postmaster startup to print the value.  We won't be able to use -C
          * on running servers for those GUCs, but using this option now would
          * lead to incorrect results for them.
          */
         int         flags = GetConfigOptionFlags(output_config_variable, true);
  
         if ((flags & GUC_RUNTIME_COMPUTED) == 0)
         {
             /*
              * "-C guc" was specified, so print GUC's value and exit.  No
              * extra permission check is needed because the user is reading
              * inside the data dir.
              */
             const char *config_val = GetConfigOption(output_config_variable,
                                                      false, false);
  
             puts(config_val ? config_val : "");
             ExitPostmaster(0);
         }
  
         /*
          * A runtime-computed GUC will be printed later on.  As we initialize
          * a server startup sequence, silence any log messages that may show
          * up in the output generated.  FATAL and more severe messages are
          * useful to show, even if one would only expect at least PANIC.  LOG
          * entries are hidden.
          */
         SetConfigOption("log_min_messages", "FATAL", PGC_SUSET,
                         PGC_S_OVERRIDE);
     }
  
     /* Verify that DataDir looks reasonable */
     checkDataDir();
  
     /* Check that pg_control exists */
     checkControlFile();
  
     /* And switch working directory into it */
     ChangeToDataDir();
  
     /*
      * Check for invalid combinations of GUC settings.
      */
     if (ReservedBackends >= MaxConnections)
     {
         write_stderr("%s: superuser_reserved_connections (%d) must be less than max_connections (%d)\n",
                      progname,
                      ReservedBackends, MaxConnections);
         ExitPostmaster(1);
     }
     if (XLogArchiveMode > ARCHIVE_MODE_OFF && wal_level == WAL_LEVEL_MINIMAL)
         ereport(ERROR,
                 (errmsg("WAL archival cannot be enabled when wal_level is \"minimal\"")));
     if (max_wal_senders > 0 && wal_level == WAL_LEVEL_MINIMAL)
         ereport(ERROR,
                 (errmsg("WAL streaming (max_wal_senders > 0) requires wal_level \"replica\" or \"logical\"")));
  
     /*
      * Other one-time internal sanity checks can go here, if they are fast.
      * (Put any slow processing further down, after postmaster.pid creation.)
      */
     if (!CheckDateTokenTables())
     {
         write_stderr("%s: invalid datetoken tables, please fix\n", progname);
         ExitPostmaster(1);
     }
  
     /*
      * Now that we are done processing the postmaster arguments, reset
      * getopt(3) library so that it will work correctly in subprocesses.
      */
     optind = 1;
 #ifdef HAVE_INT_OPTRESET
     optreset = 1;               /* some systems need this too */
 #endif
  
     /* For debugging: display postmaster environment */
     {
         extern char **environ;
         char      **p;
  
         ereport(DEBUG3,
                 (errmsg_internal("%s: PostmasterMain: initial environment dump:",
                                  progname)));
         ereport(DEBUG3,
                 (errmsg_internal("-----------------------------------------")));
         for (p = environ; *p; ++p)
             ereport(DEBUG3,
                     (errmsg_internal("\t%s", *p)));
         ereport(DEBUG3,
                 (errmsg_internal("-----------------------------------------")));
     }
  
     /*
      * Create lockfile for data directory.
      *
      * We want to do this before we try to grab the input sockets, because the
      * data directory interlock is more reliable than the socket-file
      * interlock (thanks to whoever decided to put socket files in /tmp :-().
      * For the same reason, it's best to grab the TCP socket(s) before the
      * Unix socket(s).
      *
      * Also note that this internally sets up the on_proc_exit function that
      * is responsible for removing both data directory and socket lockfiles;
      * so it must happen before opening sockets so that at exit, the socket
      * lockfiles go away after CloseServerPorts runs.
      */
     CreateDataDirLockFile(true);
  
     /*
      * Read the control file (for error checking and config info).
      *
      * Since we verify the control file's CRC, this has a useful side effect
      * on machines where we need a run-time test for CRC support instructions.
      * The postmaster will do the test once at startup, and then its child
      * processes will inherit the correct function pointer and not need to
      * repeat the test.
      */
     LocalProcessControlFile(false);
  
     /*
      * Register the apply launcher.  It's probably a good idea to call this
      * before any modules had a chance to take the background worker slots.
      */
     ApplyLauncherRegister();
  
     /*
      * process any libraries that should be preloaded at postmaster start
      */
     process_shared_preload_libraries();
  
     /*
      * Initialize SSL library, if specified.
      */
 #ifdef USE_SSL
     if (EnableSSL)
     {
         (void) secure_initialize(true);
         LoadedSSL = true;
     }
 #endif
  
     /*
      * Now that loadable modules have had their chance to alter any GUCs,
      * calculate MaxBackends.
      */
     InitializeMaxBackends();
  
     /*
      * Give preloaded libraries a chance to request additional shared memory.
      */
     process_shmem_requests();
  
     /*
      * Now that loadable modules have had their chance to request additional
      * shared memory, determine the value of any runtime-computed GUCs that
      * depend on the amount of shared memory required.
      */
     InitializeShmemGUCs();
  
     /*
      * Now that modules have been loaded, we can process any custom resource
      * managers specified in the wal_consistency_checking GUC.
      */
     InitializeWalConsistencyChecking();
  
     /*
      * If -C was specified with a runtime-computed GUC, we held off printing
      * the value earlier, as the GUC was not yet initialized.  We handle -C
      * for most GUCs before we lock the data directory so that the option may
      * be used on a running server.  However, a handful of GUCs are runtime-
      * computed and do not have meaningful values until after locking the data
      * directory, and we cannot safely calculate their values earlier on a
      * running server.  At this point, such GUCs should be properly
      * initialized, and we haven't yet set up shared memory, so this is a good
      * time to handle the -C option for these special GUCs.
      */
     if (output_config_variable != NULL)
     {
         const char *config_val = GetConfigOption(output_config_variable,
                                                  false, false);
  
         puts(config_val ? config_val : "");
         ExitPostmaster(0);
     }
  
     /*
      * Set up shared memory and semaphores.
      */
     reset_shared();
  
     /*
      * Estimate number of openable files.  This must happen after setting up
      * semaphores, because on some platforms semaphores count as open files.
      */
     set_max_safe_fds();
  
     /*
      * Set reference point for stack-depth checking.
      */
     (void) set_stack_base();
  
     /*
      * Initialize pipe (or process handle on Windows) that allows children to
      * wake up from sleep on postmaster death.
      */
     InitPostmasterDeathWatchHandle();
  
 #ifdef WIN32
  
     /*
      * Initialize I/O completion port used to deliver list of dead children.
      */
     win32ChildQueue = CreateIoCompletionPort(INVALID_HANDLE_VALUE, NULL, 0, 1);
     if (win32ChildQueue == NULL)
         ereport(FATAL,
                 (errmsg("could not create I/O completion port for child queue")));
 #endif
  
 #ifdef EXEC_BACKEND
     /* Write out nondefault GUC settings for child processes to use */
     write_nondefault_variables(PGC_POSTMASTER);
  
     /*
      * Clean out the temp directory used to transmit parameters to child
      * processes (see internal_forkexec, below).  We must do this before
      * launching any child processes, else we have a race condition: we could
      * remove a parameter file before the child can read it.  It should be
      * safe to do so now, because we verified earlier that there are no
      * conflicting Postgres processes in this data directory.
      */
     RemovePgTempFilesInDir(PG_TEMP_FILES_DIR, true, false);
 #endif
  
     /*
      * Forcibly remove the files signaling a standby promotion request.
      * Otherwise, the existence of those files triggers a promotion too early,
      * whether a user wants that or not.
      *
      * This removal of files is usually unnecessary because they can exist
      * only during a few moments during a standby promotion. However there is
      * a race condition: if pg_ctl promote is executed and creates the files
      * during a promotion, the files can stay around even after the server is
      * brought up to be the primary.  Then, if a new standby starts by using
      * the backup taken from the new primary, the files can exist at server
      * startup and must be removed in order to avoid an unexpected promotion.
      *
      * Note that promotion signal files need to be removed before the startup
      * process is invoked. Because, after that, they can be used by
      * postmaster's SIGUSR1 signal handler.
      */
     RemovePromoteSignalFiles();
  
     /* Do the same for logrotate signal file */
     RemoveLogrotateSignalFiles();
  
     /* Remove any outdated file holding the current log filenames. */
     if (unlink(LOG_METAINFO_DATAFILE) < 0 && errno != ENOENT)
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not remove file \"%s\": %m",
                         LOG_METAINFO_DATAFILE)));
  
     /*
      * If enabled, start up syslogger collection subprocess
      */
     SysLoggerPID = SysLogger_Start();
  
     /*
      * Reset whereToSendOutput from DestDebug (its starting state) to
      * DestNone. This stops ereport from sending log messages to stderr unless
      * Log_destination permits.  We don't do this until the postmaster is
      * fully launched, since startup failures may as well be reported to
      * stderr.
      *
      * If we are in fact disabling logging to stderr, first emit a log message
      * saying so, to provide a breadcrumb trail for users who may not remember
      * that their logging is configured to go somewhere else.
      */
     if (!(Log_destination & LOG_DESTINATION_STDERR))
         ereport(LOG,
                 (errmsg("ending log output to stderr"),
                  errhint("Future log output will go to log destination \"%s\".",
                          Log_destination_string)));
  
     whereToSendOutput = DestNone;
  
     /*
      * Report server startup in log.  While we could emit this much earlier,
      * it seems best to do so after starting the log collector, if we intend
      * to use one.
      */
     ereport(LOG,
             (errmsg("starting %s", PG_VERSION_STR)));
  
     /*
      * Establish input sockets.
      *
      * First, mark them all closed, and set up an on_proc_exit function that's
      * charged with closing the sockets again at postmaster shutdown.
      */
     for (i = 0; i < MAXLISTEN; i++)
         ListenSocket[i] = PGINVALID_SOCKET;
  
     on_proc_exit(CloseServerPorts, 0);
  
     if (ListenAddresses)
     {
         char       *rawstring;
         List       *elemlist;
         ListCell   *l;
         int         success = 0;
  
         /* Need a modifiable copy of ListenAddresses */
         rawstring = pstrdup(ListenAddresses);
  
         /* Parse string into list of hostnames */
         if (!SplitGUCList(rawstring, ',', &elemlist))
         {
             /* syntax error in list */
             ereport(FATAL,
                     (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                      errmsg("invalid list syntax in parameter \"%s\"",
                             "listen_addresses")));
         }
  
         foreach(l, elemlist)
         {
             char       *curhost = (char *) lfirst(l);
  
             if (strcmp(curhost, "*") == 0)
                 status = StreamServerPort(AF_UNSPEC, NULL,
                                           (unsigned short) PostPortNumber,
                                           NULL,
                                           ListenSocket, MAXLISTEN);
             else
                 status = StreamServerPort(AF_UNSPEC, curhost,
                                           (unsigned short) PostPortNumber,
                                           NULL,
                                           ListenSocket, MAXLISTEN);
  
             if (status == STATUS_OK)
             {
                 success++;
                 /* record the first successful host addr in lockfile */
                 if (!listen_addr_saved)
                 {
                     AddToDataDirLockFile(LOCK_FILE_LINE_LISTEN_ADDR, curhost);
                     listen_addr_saved = true;
                 }
             }
             else
                 ereport(WARNING,
                         (errmsg("could not create listen socket for \"%s\"",
                                 curhost)));
         }
  
         if (!success && elemlist != NIL)
             ereport(FATAL,
                     (errmsg("could not create any TCP/IP sockets")));
  
         list_free(elemlist);
         pfree(rawstring);
     }
  
 #ifdef USE_BONJOUR
     /* Register for Bonjour only if we opened TCP socket(s) */
     if (enable_bonjour && ListenSocket[0] != PGINVALID_SOCKET)
     {
         DNSServiceErrorType err;
  
         /*
          * We pass 0 for interface_index, which will result in registering on
          * all "applicable" interfaces.  It's not entirely clear from the
          * DNS-SD docs whether this would be appropriate if we have bound to
          * just a subset of the available network interfaces.
          */
         err = DNSServiceRegister(&bonjour_sdref,
                                  0,
                                  0,
                                  bonjour_name,
                                  "_postgresql._tcp.",
                                  NULL,
                                  NULL,
                                  pg_hton16(PostPortNumber),
                                  0,
                                  NULL,
                                  NULL,
                                  NULL);
         if (err != kDNSServiceErr_NoError)
             ereport(LOG,
                     (errmsg("DNSServiceRegister() failed: error code %ld",
                             (long) err)));
  
         /*
          * We don't bother to read the mDNS daemon's reply, and we expect that
          * it will automatically terminate our registration when the socket is
          * closed at postmaster termination.  So there's nothing more to be
          * done here.  However, the bonjour_sdref is kept around so that
          * forked children can close their copies of the socket.
          */
     }
 #endif
  
 #ifdef HAVE_UNIX_SOCKETS
     if (Unix_socket_directories)
     {
         char       *rawstring;
         List       *elemlist;
         ListCell   *l;
         int         success = 0;
  
         /* Need a modifiable copy of Unix_socket_directories */
         rawstring = pstrdup(Unix_socket_directories);
  
         /* Parse string into list of directories */
         if (!SplitDirectoriesString(rawstring, ',', &elemlist))
         {
             /* syntax error in list */
             ereport(FATAL,
                     (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                      errmsg("invalid list syntax in parameter \"%s\"",
                             "unix_socket_directories")));
         }
  
         foreach(l, elemlist)
         {
             char       *socketdir = (char *) lfirst(l);
  
             status = StreamServerPort(AF_UNIX, NULL,
                                       (unsigned short) PostPortNumber,
                                       socketdir,
                                       ListenSocket, MAXLISTEN);
  
             if (status == STATUS_OK)
             {
                 success++;
                 /* record the first successful Unix socket in lockfile */
                 if (success == 1)
                     AddToDataDirLockFile(LOCK_FILE_LINE_SOCKET_DIR, socketdir);
             }
             else
                 ereport(WARNING,
                         (errmsg("could not create Unix-domain socket in directory \"%s\"",
                                 socketdir)));
         }
  
         if (!success && elemlist != NIL)
             ereport(FATAL,
                     (errmsg("could not create any Unix-domain sockets")));
  
         list_free_deep(elemlist);
         pfree(rawstring);
     }
 #endif
  
     /*
      * check that we have some socket to listen on
      */
     if (ListenSocket[0] == PGINVALID_SOCKET)
         ereport(FATAL,
                 (errmsg("no socket created for listening")));
  
     /*
      * If no valid TCP ports, write an empty line for listen address,
      * indicating the Unix socket must be used.  Note that this line is not
      * added to the lock file until there is a socket backing it.
      */
     if (!listen_addr_saved)
         AddToDataDirLockFile(LOCK_FILE_LINE_LISTEN_ADDR, "");
  
     /*
      * Record postmaster options.  We delay this till now to avoid recording
      * bogus options (eg, unusable port number).
      */
     if (!CreateOptsFile(argc, argv, my_exec_path))
         ExitPostmaster(1);
  
     /*
      * Write the external PID file if requested
      */
     if (external_pid_file)
     {
         FILE       *fpidfile = fopen(external_pid_file, "w");
  
         if (fpidfile)
         {
             fprintf(fpidfile, "%d\n", MyProcPid);
             fclose(fpidfile);
  
             /* Make PID file world readable */
             if (chmod(external_pid_file, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) != 0)
                 write_stderr("%s: could not change permissions of external PID file \"%s\": %s\n",
                              progname, external_pid_file, strerror(errno));
         }
         else
             write_stderr("%s: could not write external PID file \"%s\": %s\n",
                          progname, external_pid_file, strerror(errno));
  
         on_proc_exit(unlink_external_pid_file, 0);
     }
  
     /*
      * Remove old temporary files.  At this point there can be no other
      * Postgres processes running in this directory, so this should be safe.
      */
     RemovePgTempFiles();
  
     /*
      * Initialize the autovacuum subsystem (again, no process start yet)
      */
     autovac_init();
  
     /*
      * Load configuration files for client authentication.
      */
     if (!load_hba())
     {
         /*
          * It makes no sense to continue if we fail to load the HBA file,
          * since there is no way to connect to the database in this case.
          */
         ereport(FATAL,
                 (errmsg("could not load pg_hba.conf")));
     }
     if (!load_ident())
     {
         /*
          * We can start up without the IDENT file, although it means that you
          * cannot log in using any of the authentication methods that need a
          * user name mapping. load_ident() already logged the details of error
          * to the log.
          */
     }
  
 #ifdef HAVE_PTHREAD_IS_THREADED_NP
  
     /*
      * On macOS, libintl replaces setlocale() with a version that calls
      * CFLocaleCopyCurrent() when its second argument is "" and every relevant
      * environment variable is unset or empty.  CFLocaleCopyCurrent() makes
      * the process multithreaded.  The postmaster calls sigprocmask() and
      * calls fork() without an immediate exec(), both of which have undefined
      * behavior in a multithreaded program.  A multithreaded postmaster is the
      * normal case on Windows, which offers neither fork() nor sigprocmask().
      */
     if (pthread_is_threaded_np() != 0)
         ereport(FATAL,
                 (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
                  errmsg("postmaster became multithreaded during startup"),
                  errhint("Set the LC_ALL environment variable to a valid locale.")));
 #endif
  
     /*
      * Remember postmaster startup time
      */
     PgStartTime = GetCurrentTimestamp();
  
     /*
      * Report postmaster status in the postmaster.pid file, to allow pg_ctl to
      * see what's happening.
      */
     AddToDataDirLockFile(LOCK_FILE_LINE_PM_STATUS, PM_STATUS_STARTING);
  
     /* Start bgwriter and checkpointer so they can help with recovery */
     if (CheckpointerPID == 0)
         CheckpointerPID = StartCheckpointer();
     if (BgWriterPID == 0)
         BgWriterPID = StartBackgroundWriter();
  
     /*
      * We're ready to rock and roll...
      */
     StartupPID = StartupDataBase();
     Assert(StartupPID != 0);
     StartupStatus = STARTUP_RUNNING;
     pmState = PM_STARTUP;
  
     /* Some workers may be scheduled to start now */
     maybe_start_bgworkers();
  
     status = ServerLoop();
  
     /*
      * ServerLoop probably shouldn't ever return, but if it does, close down.
      */
     ExitPostmaster(status != STATUS_OK);
  
     abort();                    /* not reached */
 }

References AddToDataDirLockFile(), ALLOCSET_DEFAULT_SIZES, AllocSetContextCreate, ApplyLauncherRegister(), ARCHIVE_MODE_OFF, Assert(), autovac_init(), BgWriterPID, BlockSig, bonjour_name, ChangeToDataDir(), checkControlFile(), checkDataDir(), CheckDateTokenTables(), CheckpointerPID, CloseServerPorts(), CreateDataDirLockFile(), CreateOptsFile(), DEBUG3, DestNone, dummy_handler(), enable_bonjour, EnableSSL, environ, ereport, errcode(), errcode_for_file_access(), errhint(), errmsg(), errmsg_internal(), ERROR, ExitPostmaster(), external_pid_file, FATAL, fprintf, free, get_stats_option_name(), GetConfigOption(), GetConfigOptionFlags(), GetCurrentTimestamp(), getInstallationPaths(), getopt(), GUC_RUNTIME_COMPUTED, i, InitializeGUCOptions(), InitializeMaxBackends(), InitializeShmemGUCs(), InitializeWalConsistencyChecking(), InitPostmasterDeathWatchHandle(), InitProcessGlobals(), IsBinaryUpgrade, IsPostmasterEnvironment, lfirst, list_free(), list_free_deep(), ListenAddresses, ListenSocket, load_hba(), load_ident(), LocalProcessControlFile(), LOCK_FILE_LINE_LISTEN_ADDR, LOCK_FILE_LINE_PM_STATUS, LOCK_FILE_LINE_SOCKET_DIR, LOG, Log_destination, LOG_DESTINATION_STDERR, Log_destination_string, LOG_METAINFO_DATAFILE, max_wal_senders, MaxConnections, MAXLISTEN, maybe_start_bgworkers(), MemoryContextSwitchTo(), my_exec_path, MyProcPid, name, NIL, on_proc_exit(), optarg, opterr, optind, ParseLongOption(), pfree(), pg_hton16, PG_MODE_MASK_OWNER, PG_SETMASK, PG_TEMP_FILES_DIR, PGC_POSTMASTER, PGC_S_ARGV, PGC_S_OVERRIDE, PGC_SUSET, PGINVALID_SOCKET, PgStartTime, pgwin32_signal_initialize(), PM_STARTUP, PM_STATUS_STARTING, pmdie(), pmState, PostmasterContext, PostmasterPid, PostPortNumber, pqinitmask(), pqsignal_pm(), process_shared_preload_libraries(), process_shmem_requests(), progname, pstrdup(), reaper(), Reinit, RemoveLogrotateSignalFiles(), RemovePgTempFiles(), RemovePgTempFilesInDir(), RemovePromoteSignalFiles(), ReservedBackends, reset_shared(), S_IRGRP, S_IROTH, S_IRUSR, S_IWUSR, secure_initialize(), SelectConfigFiles(), SendStop, ServerLoop(), set_debug_options(), set_max_safe_fds(), set_plan_disabling_options(), set_stack_base(), SetConfigOption(), SIG_IGN, SIGALRM, SIGCHLD, SIGHUP, SIGHUP_handler(), SIGPIPE, SIGQUIT, SIGUSR1, sigusr1_handler(), SIGUSR2, SplitDirectoriesString(), SplitGUCList(), StartBackgroundWriter, StartCheckpointer, STARTUP_RUNNING, StartupDataBase, StartupPID, StartupStatus, status(), STATUS_OK, StreamServerPort(), strerror, success, SysLogger_Start(), SysLoggerPID, TopMemoryContext, Unix_socket_directories, unlink_external_pid_file(), userDoption, value, wal_level, WAL_LEVEL_MINIMAL, WARNING, whereToSendOutput, write_stderr, and XLogArchiveMode.

Referenced by main().

◆ PostmasterMarkPIDForWorkerNotify()

bool PostmasterMarkPIDForWorkerNotify ( int pid )

Definition at line 6065 of file postmaster.c.

 {
     dlist_iter  iter;
     Backend    *bp;
  
     dlist_foreach(iter, &BackendList)
     {
         bp = dlist_container(Backend, elem, iter.cur);
         if (bp->pid == pid)
         {
             bp->bgworker_notify = true;
             return true;
         }
     }
     return false;
 }

References BackendList, bkend::bgworker_notify, dlist_iter::cur, dlist_container, dlist_foreach, and bkend::pid.

Referenced by BackgroundWorkerStateChange().

◆ PostmasterStateMachine()

static void PostmasterStateMachine ( void )

static

Definition at line 3779 of file postmaster.c.

 {
     /* If we're doing a smart shutdown, try to advance that state. */
     if (pmState == PM_RUN || pmState == PM_HOT_STANDBY)
     {
         if (!connsAllowed)
         {
             /*
              * This state ends when we have no normal client backends running.
              * Then we're ready to stop other children.
              */
             if (CountChildren(BACKEND_TYPE_NORMAL) == 0)
                 pmState = PM_STOP_BACKENDS;
         }
     }
  
     /*
      * If we're ready to do so, signal child processes to shut down.  (This
      * isn't a persistent state, but treating it as a distinct pmState allows
      * us to share this code across multiple shutdown code paths.)
      */
     if (pmState == PM_STOP_BACKENDS)
     {
         /*
          * Forget any pending requests for background workers, since we're no
          * longer willing to launch any new workers.  (If additional requests
          * arrive, BackgroundWorkerStateChange will reject them.)
          */
         ForgetUnstartedBackgroundWorkers();
  
         /* Signal all backend children except walsenders */
         SignalSomeChildren(SIGTERM,
                            BACKEND_TYPE_ALL - BACKEND_TYPE_WALSND);
         /* and the autovac launcher too */
         if (AutoVacPID != 0)
             signal_child(AutoVacPID, SIGTERM);
         /* and the bgwriter too */
         if (BgWriterPID != 0)
             signal_child(BgWriterPID, SIGTERM);
         /* and the walwriter too */
         if (WalWriterPID != 0)
             signal_child(WalWriterPID, SIGTERM);
         /* If we're in recovery, also stop startup and walreceiver procs */
         if (StartupPID != 0)
             signal_child(StartupPID, SIGTERM);
         if (WalReceiverPID != 0)
             signal_child(WalReceiverPID, SIGTERM);
         /* checkpointer, archiver, stats, and syslogger may continue for now */
  
         /* Now transition to PM_WAIT_BACKENDS state to wait for them to die */
         pmState = PM_WAIT_BACKENDS;
     }
  
     /*
      * If we are in a state-machine state that implies waiting for backends to
      * exit, see if they're all gone, and change state if so.
      */
     if (pmState == PM_WAIT_BACKENDS)
     {
         /*
          * PM_WAIT_BACKENDS state ends when we have no regular backends
          * (including autovac workers), no bgworkers (including unconnected
          * ones), and no walwriter, autovac launcher or bgwriter.  If we are
          * doing crash recovery or an immediate shutdown then we expect the
          * checkpointer to exit as well, otherwise not. The stats and
          * syslogger processes are disregarded since they are not connected to
          * shared memory; we also disregard dead_end children here. Walsenders
          * and archiver are also disregarded, they will be terminated later
          * after writing the checkpoint record.
          */
         if (CountChildren(BACKEND_TYPE_ALL - BACKEND_TYPE_WALSND) == 0 &&
             StartupPID == 0 &&
             WalReceiverPID == 0 &&
             BgWriterPID == 0 &&
             (CheckpointerPID == 0 ||
              (!FatalError && Shutdown < ImmediateShutdown)) &&
             WalWriterPID == 0 &&
             AutoVacPID == 0)
         {
             if (Shutdown >= ImmediateShutdown || FatalError)
             {
                 /*
                  * Start waiting for dead_end children to die.  This state
                  * change causes ServerLoop to stop creating new ones.
                  */
                 pmState = PM_WAIT_DEAD_END;
  
                 /*
                  * We already SIGQUIT'd the archiver and stats processes, if
                  * any, when we started immediate shutdown or entered
                  * FatalError state.
                  */
             }
             else
             {
                 /*
                  * If we get here, we are proceeding with normal shutdown. All
                  * the regular children are gone, and it's time to tell the
                  * checkpointer to do a shutdown checkpoint.
                  */
                 Assert(Shutdown > NoShutdown);
                 /* Start the checkpointer if not running */
                 if (CheckpointerPID == 0)
                     CheckpointerPID = StartCheckpointer();
                 /* And tell it to shut down */
                 if (CheckpointerPID != 0)
                 {
                     signal_child(CheckpointerPID, SIGUSR2);
                     pmState = PM_SHUTDOWN;
                 }
                 else
                 {
                     /*
                      * If we failed to fork a checkpointer, just shut down.
                      * Any required cleanup will happen at next restart. We
                      * set FatalError so that an "abnormal shutdown" message
                      * gets logged when we exit.
                      */
                     FatalError = true;
                     pmState = PM_WAIT_DEAD_END;
  
                     /* Kill the walsenders and archiver too */
                     SignalChildren(SIGQUIT);
                     if (PgArchPID != 0)
                         signal_child(PgArchPID, SIGQUIT);
                 }
             }
         }
     }
  
     if (pmState == PM_SHUTDOWN_2)
     {
         /*
          * PM_SHUTDOWN_2 state ends when there's no other children than
          * dead_end children left. There shouldn't be any regular backends
          * left by now anyway; what we're really waiting for is walsenders and
          * archiver.
          */
         if (PgArchPID == 0 && CountChildren(BACKEND_TYPE_ALL) == 0)
         {
             pmState = PM_WAIT_DEAD_END;
         }
     }
  
     if (pmState == PM_WAIT_DEAD_END)
     {
         /*
          * PM_WAIT_DEAD_END state ends when the BackendList is entirely empty
          * (ie, no dead_end children remain), and the archiver is gone too.
          *
          * The reason we wait for those two is to protect them against a new
          * postmaster starting conflicting subprocesses; this isn't an
          * ironclad protection, but it at least helps in the
          * shutdown-and-immediately-restart scenario.  Note that they have
          * already been sent appropriate shutdown signals, either during a
          * normal state transition leading up to PM_WAIT_DEAD_END, or during
          * FatalError processing.
          */
         if (dlist_is_empty(&BackendList) && PgArchPID == 0)
         {
             /* These other guys should be dead already */
             Assert(StartupPID == 0);
             Assert(WalReceiverPID == 0);
             Assert(BgWriterPID == 0);
             Assert(CheckpointerPID == 0);
             Assert(WalWriterPID == 0);
             Assert(AutoVacPID == 0);
             /* syslogger is not considered here */
             pmState = PM_NO_CHILDREN;
         }
     }
  
     /*
      * If we've been told to shut down, we exit as soon as there are no
      * remaining children.  If there was a crash, cleanup will occur at the
      * next startup.  (Before PostgreSQL 8.3, we tried to recover from the
      * crash before exiting, but that seems unwise if we are quitting because
      * we got SIGTERM from init --- there may well not be time for recovery
      * before init decides to SIGKILL us.)
      *
      * Note that the syslogger continues to run.  It will exit when it sees
      * EOF on its input pipe, which happens when there are no more upstream
      * processes.
      */
     if (Shutdown > NoShutdown && pmState == PM_NO_CHILDREN)
     {
         if (FatalError)
         {
             ereport(LOG, (errmsg("abnormal database system shutdown")));
             ExitPostmaster(1);
         }
         else
         {
             /*
              * Normal exit from the postmaster is here.  We don't need to log
              * anything here, since the UnlinkLockFiles proc_exit callback
              * will do so, and that should be the last user-visible action.
              */
             ExitPostmaster(0);
         }
     }
  
     /*
      * If the startup process failed, or the user does not want an automatic
      * restart after backend crashes, wait for all non-syslogger children to
      * exit, and then exit postmaster.  We don't try to reinitialize when the
      * startup process fails, because more than likely it will just fail again
      * and we will keep trying forever.
      */
     if (pmState == PM_NO_CHILDREN)
     {
         if (StartupStatus == STARTUP_CRASHED)
         {
             ereport(LOG,
                     (errmsg("shutting down due to startup process failure")));
             ExitPostmaster(1);
         }
         if (!restart_after_crash)
         {
             ereport(LOG,
                     (errmsg("shutting down because restart_after_crash is off")));
             ExitPostmaster(1);
         }
     }
  
     /*
      * If we need to recover from a crash, wait for all non-syslogger children
      * to exit, then reset shmem and StartupDataBase.
      */
     if (FatalError && pmState == PM_NO_CHILDREN)
     {
         ereport(LOG,
                 (errmsg("all server processes terminated; reinitializing")));
  
         /* remove leftover temporary files after a crash */
         if (remove_temp_files_after_crash)
             RemovePgTempFiles();
  
         /* allow background workers to immediately restart */
         ResetBackgroundWorkerCrashTimes();
  
         shmem_exit(1);
  
         /* re-read control file into local memory */
         LocalProcessControlFile(true);
  
         reset_shared();
  
         StartupPID = StartupDataBase();
         Assert(StartupPID != 0);
         StartupStatus = STARTUP_RUNNING;
         pmState = PM_STARTUP;
         /* crash recovery started, reset SIGKILL flag */
         AbortStartTime = 0;
     }
 }

References AbortStartTime, Assert(), AutoVacPID, BACKEND_TYPE_ALL, BACKEND_TYPE_NORMAL, BACKEND_TYPE_WALSND, BackendList, BgWriterPID, CheckpointerPID, connsAllowed, CountChildren(), dlist_is_empty(), ereport, errmsg(), ExitPostmaster(), FatalError, ForgetUnstartedBackgroundWorkers(), ImmediateShutdown, LocalProcessControlFile(), LOG, NoShutdown, PgArchPID, PM_HOT_STANDBY, PM_NO_CHILDREN, PM_RUN, PM_SHUTDOWN, PM_SHUTDOWN_2, PM_STARTUP, PM_STOP_BACKENDS, PM_WAIT_BACKENDS, PM_WAIT_DEAD_END, pmState, remove_temp_files_after_crash, RemovePgTempFiles(), reset_shared(), ResetBackgroundWorkerCrashTimes(), restart_after_crash, shmem_exit(), Shutdown, signal_child(), SignalChildren, SignalSomeChildren(), SIGQUIT, SIGUSR2, StartCheckpointer, STARTUP_CRASHED, STARTUP_RUNNING, StartupDataBase, StartupPID, StartupStatus, WalReceiverPID, and WalWriterPID.

Referenced by pmdie(), reaper(), and sigusr1_handler().

◆ process_startup_packet_die()

static void process_startup_packet_die ( SIGNAL_ARGS )

static

Definition at line 5299 of file postmaster.c.

 {
     _exit(1);
 }

Referenced by BackendInitialize().

◆ processCancelRequest()

static void processCancelRequest	(	Port *	port,
		void *	pkt
	)

static

Definition at line 2453 of file postmaster.c.

 {
     CancelRequestPacket *canc = (CancelRequestPacket *) pkt;
     int         backendPID;
     int32       cancelAuthCode;
     Backend    *bp;
  
 #ifndef EXEC_BACKEND
     dlist_iter  iter;
 #else
     int         i;
 #endif
  
     backendPID = (int) pg_ntoh32(canc->backendPID);
     cancelAuthCode = (int32) pg_ntoh32(canc->cancelAuthCode);
  
     /*
      * See if we have a matching backend.  In the EXEC_BACKEND case, we can no
      * longer access the postmaster's own backend list, and must rely on the
      * duplicate array in shared memory.
      */
 #ifndef EXEC_BACKEND
     dlist_foreach(iter, &BackendList)
     {
         bp = dlist_container(Backend, elem, iter.cur);
 #else
     for (i = MaxLivePostmasterChildren() - 1; i >= 0; i--)
     {
         bp = (Backend *) &ShmemBackendArray[i];
 #endif
         if (bp->pid == backendPID)
         {
             if (bp->cancel_key == cancelAuthCode)
             {
                 /* Found a match; signal that backend to cancel current op */
                 ereport(DEBUG2,
                         (errmsg_internal("processing cancel request: sending SIGINT to process %d",
                                          backendPID)));
                 signal_child(bp->pid, SIGINT);
             }
             else
                 /* Right PID, wrong key: no way, Jose */
                 ereport(LOG,
                         (errmsg("wrong key in cancel request for process %d",
                                 backendPID)));
             return;
         }
 #ifndef EXEC_BACKEND            /* make GNU Emacs 26.1 see brace balance */
     }
 #else
     }
 #endif
  
     /* No matching backend */
     ereport(LOG,
             (errmsg("PID %d in cancel request did not match any process",
                     backendPID)));
 }

References BackendList, CancelRequestPacket::backendPID, bkend::cancel_key, CancelRequestPacket::cancelAuthCode, dlist_iter::cur, DEBUG2, dlist_container, dlist_foreach, ereport, errmsg(), errmsg_internal(), i, LOG, MaxLivePostmasterChildren(), pg_ntoh32, bkend::pid, and signal_child().

Referenced by ProcessStartupPacket().

◆ ProcessStartupPacket()

static int ProcessStartupPacket	(	Port *	port,
		bool	ssl_done,
		bool	gss_done
	)

static

Definition at line 2000 of file postmaster.c.

 {
     int32       len;
     char       *buf;
     ProtocolVersion proto;
     MemoryContext oldcontext;
  
     pq_startmsgread();
  
     /*
      * Grab the first byte of the length word separately, so that we can tell
      * whether we have no data at all or an incomplete packet.  (This might
      * sound inefficient, but it's not really, because of buffering in
      * pqcomm.c.)
      */
     if (pq_getbytes((char *) &len, 1) == EOF)
     {
         /*
          * If we get no data at all, don't clutter the log with a complaint;
          * such cases often occur for legitimate reasons.  An example is that
          * we might be here after responding to NEGOTIATE_SSL_CODE, and if the
          * client didn't like our response, it'll probably just drop the
          * connection.  Service-monitoring software also often just opens and
          * closes a connection without sending anything.  (So do port
          * scanners, which may be less benign, but it's not really our job to
          * notice those.)
          */
         return STATUS_ERROR;
     }
  
     if (pq_getbytes(((char *) &len) + 1, 3) == EOF)
     {
         /* Got a partial length word, so bleat about that */
         if (!ssl_done && !gss_done)
             ereport(COMMERROR,
                     (errcode(ERRCODE_PROTOCOL_VIOLATION),
                      errmsg("incomplete startup packet")));
         return STATUS_ERROR;
     }
  
     len = pg_ntoh32(len);
     len -= 4;
  
     if (len < (int32) sizeof(ProtocolVersion) ||
         len > MAX_STARTUP_PACKET_LENGTH)
     {
         ereport(COMMERROR,
                 (errcode(ERRCODE_PROTOCOL_VIOLATION),
                  errmsg("invalid length of startup packet")));
         return STATUS_ERROR;
     }
  
     /*
      * Allocate space to hold the startup packet, plus one extra byte that's
      * initialized to be zero.  This ensures we will have null termination of
      * all strings inside the packet.
      */
     buf = palloc(len + 1);
     buf[len] = '\0';
  
     if (pq_getbytes(buf, len) == EOF)
     {
         ereport(COMMERROR,
                 (errcode(ERRCODE_PROTOCOL_VIOLATION),
                  errmsg("incomplete startup packet")));
         return STATUS_ERROR;
     }
     pq_endmsgread();
  
     /*
      * The first field is either a protocol version number or a special
      * request code.
      */
     port->proto = proto = pg_ntoh32(*((ProtocolVersion *) buf));
  
     if (proto == CANCEL_REQUEST_CODE)
     {
         processCancelRequest(port, buf);
         /* Not really an error, but we don't want to proceed further */
         return STATUS_ERROR;
     }
  
     if (proto == NEGOTIATE_SSL_CODE && !ssl_done)
     {
         char        SSLok;
  
 #ifdef USE_SSL
         /* No SSL when disabled or on Unix sockets */
         if (!LoadedSSL || port->laddr.addr.ss_family == AF_UNIX)
             SSLok = 'N';
         else
             SSLok = 'S';        /* Support for SSL */
 #else
         SSLok = 'N';            /* No support for SSL */
 #endif
  
 retry1:
         if (send(port->sock, &SSLok, 1, 0) != 1)
         {
             if (errno == EINTR)
                 goto retry1;    /* if interrupted, just retry */
             ereport(COMMERROR,
                     (errcode_for_socket_access(),
                      errmsg("failed to send SSL negotiation response: %m")));
             return STATUS_ERROR;    /* close the connection */
         }
  
 #ifdef USE_SSL
         if (SSLok == 'S' && secure_open_server(port) == -1)
             return STATUS_ERROR;
 #endif
  
         /*
          * At this point we should have no data already buffered.  If we do,
          * it was received before we performed the SSL handshake, so it wasn't
          * encrypted and indeed may have been injected by a man-in-the-middle.
          * We report this case to the client.
          */
         if (pq_buffer_has_data())
             ereport(FATAL,
                     (errcode(ERRCODE_PROTOCOL_VIOLATION),
                      errmsg("received unencrypted data after SSL request"),
                      errdetail("This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
  
         /*
          * regular startup packet, cancel, etc packet should follow, but not
          * another SSL negotiation request, and a GSS request should only
          * follow if SSL was rejected (client may negotiate in either order)
          */
         return ProcessStartupPacket(port, true, SSLok == 'S');
     }
     else if (proto == NEGOTIATE_GSS_CODE && !gss_done)
     {
         char        GSSok = 'N';
  
 #ifdef ENABLE_GSS
         /* No GSSAPI encryption when on Unix socket */
         if (port->laddr.addr.ss_family != AF_UNIX)
             GSSok = 'G';
 #endif
  
         while (send(port->sock, &GSSok, 1, 0) != 1)
         {
             if (errno == EINTR)
                 continue;
             ereport(COMMERROR,
                     (errcode_for_socket_access(),
                      errmsg("failed to send GSSAPI negotiation response: %m")));
             return STATUS_ERROR;    /* close the connection */
         }
  
 #ifdef ENABLE_GSS
         if (GSSok == 'G' && secure_open_gssapi(port) == -1)
             return STATUS_ERROR;
 #endif
  
         /*
          * At this point we should have no data already buffered.  If we do,
          * it was received before we performed the GSS handshake, so it wasn't
          * encrypted and indeed may have been injected by a man-in-the-middle.
          * We report this case to the client.
          */
         if (pq_buffer_has_data())
             ereport(FATAL,
                     (errcode(ERRCODE_PROTOCOL_VIOLATION),
                      errmsg("received unencrypted data after GSSAPI encryption request"),
                      errdetail("This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
  
         /*
          * regular startup packet, cancel, etc packet should follow, but not
          * another GSS negotiation request, and an SSL request should only
          * follow if GSS was rejected (client may negotiate in either order)
          */
         return ProcessStartupPacket(port, GSSok == 'G', true);
     }
  
     /* Could add additional special packet types here */
  
     /*
      * Set FrontendProtocol now so that ereport() knows what format to send if
      * we fail during startup.
      */
     FrontendProtocol = proto;
  
     /* Check that the major protocol version is in range. */
     if (PG_PROTOCOL_MAJOR(proto) < PG_PROTOCOL_MAJOR(PG_PROTOCOL_EARLIEST) ||
         PG_PROTOCOL_MAJOR(proto) > PG_PROTOCOL_MAJOR(PG_PROTOCOL_LATEST))
         ereport(FATAL,
                 (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
                  errmsg("unsupported frontend protocol %u.%u: server supports %u.0 to %u.%u",
                         PG_PROTOCOL_MAJOR(proto), PG_PROTOCOL_MINOR(proto),
                         PG_PROTOCOL_MAJOR(PG_PROTOCOL_EARLIEST),
                         PG_PROTOCOL_MAJOR(PG_PROTOCOL_LATEST),
                         PG_PROTOCOL_MINOR(PG_PROTOCOL_LATEST))));
  
     /*
      * Now fetch parameters out of startup packet and save them into the Port
      * structure.  All data structures attached to the Port struct must be
      * allocated in TopMemoryContext so that they will remain available in a
      * running backend (even after PostmasterContext is destroyed).  We need
      * not worry about leaking this storage on failure, since we aren't in the
      * postmaster process anymore.
      */
     oldcontext = MemoryContextSwitchTo(TopMemoryContext);
  
     /* Handle protocol version 3 startup packet */
     {
         int32       offset = sizeof(ProtocolVersion);
         List       *unrecognized_protocol_options = NIL;
  
         /*
          * Scan packet body for name/option pairs.  We can assume any string
          * beginning within the packet body is null-terminated, thanks to
          * zeroing extra byte above.
          */
         port->guc_options = NIL;
  
         while (offset < len)
         {
             char       *nameptr = buf + offset;
             int32       valoffset;
             char       *valptr;
  
             if (*nameptr == '\0')
                 break;          /* found packet terminator */
             valoffset = offset + strlen(nameptr) + 1;
             if (valoffset >= len)
                 break;          /* missing value, will complain below */
             valptr = buf + valoffset;
  
             if (strcmp(nameptr, "database") == 0)
                 port->database_name = pstrdup(valptr);
             else if (strcmp(nameptr, "user") == 0)
                 port->user_name = pstrdup(valptr);
             else if (strcmp(nameptr, "options") == 0)
                 port->cmdline_options = pstrdup(valptr);
             else if (strcmp(nameptr, "replication") == 0)
             {
                 /*
                  * Due to backward compatibility concerns the replication
                  * parameter is a hybrid beast which allows the value to be
                  * either boolean or the string 'database'. The latter
                  * connects to a specific database which is e.g. required for
                  * logical decoding while.
                  */
                 if (strcmp(valptr, "database") == 0)
                 {
                     am_walsender = true;
                     am_db_walsender = true;
                 }
                 else if (!parse_bool(valptr, &am_walsender))
                     ereport(FATAL,
                             (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                              errmsg("invalid value for parameter \"%s\": \"%s\"",
                                     "replication",
                                     valptr),
                              errhint("Valid values are: \"false\", 0, \"true\", 1, \"database\".")));
             }
             else if (strncmp(nameptr, "_pq_.", 5) == 0)
             {
                 /*
                  * Any option beginning with _pq_. is reserved for use as a
                  * protocol-level option, but at present no such options are
                  * defined.
                  */
                 unrecognized_protocol_options =
                     lappend(unrecognized_protocol_options, pstrdup(nameptr));
             }
             else
             {
                 /* Assume it's a generic GUC option */
                 port->guc_options = lappend(port->guc_options,
                                             pstrdup(nameptr));
                 port->guc_options = lappend(port->guc_options,
                                             pstrdup(valptr));
  
                 /*
                  * Copy application_name to port if we come across it.  This
                  * is done so we can log the application_name in the
                  * connection authorization message.  Note that the GUC would
                  * be used but we haven't gone through GUC setup yet.
                  */
                 if (strcmp(nameptr, "application_name") == 0)
                 {
                     char       *tmp_app_name = pstrdup(valptr);
  
                     pg_clean_ascii(tmp_app_name);
  
                     port->application_name = tmp_app_name;
                 }
             }
             offset = valoffset + strlen(valptr) + 1;
         }
  
         /*
          * If we didn't find a packet terminator exactly at the end of the
          * given packet length, complain.
          */
         if (offset != len - 1)
             ereport(FATAL,
                     (errcode(ERRCODE_PROTOCOL_VIOLATION),
                      errmsg("invalid startup packet layout: expected terminator as last byte")));
  
         /*
          * If the client requested a newer protocol version or if the client
          * requested any protocol options we didn't recognize, let them know
          * the newest minor protocol version we do support and the names of
          * any unrecognized options.
          */
         if (PG_PROTOCOL_MINOR(proto) > PG_PROTOCOL_MINOR(PG_PROTOCOL_LATEST) ||
             unrecognized_protocol_options != NIL)
             SendNegotiateProtocolVersion(unrecognized_protocol_options);
     }
  
     /* Check a user name was given. */
     if (port->user_name == NULL || port->user_name[0] == '\0')
         ereport(FATAL,
                 (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
                  errmsg("no PostgreSQL user name specified in startup packet")));
  
     /* The database defaults to the user name. */
     if (port->database_name == NULL || port->database_name[0] == '\0')
         port->database_name = pstrdup(port->user_name);
  
     if (Db_user_namespace)
     {
         /*
          * If user@, it is a global user, remove '@'. We only want to do this
          * if there is an '@' at the end and no earlier in the user string or
          * they may fake as a local user of another database attaching to this
          * database.
          */
         if (strchr(port->user_name, '@') ==
             port->user_name + strlen(port->user_name) - 1)
             *strchr(port->user_name, '@') = '\0';
         else
         {
             /* Append '@' and dbname */
             port->user_name = psprintf("%s@%s", port->user_name, port->database_name);
         }
     }
  
     /*
      * Truncate given database and user names to length of a Postgres name.
      * This avoids lookup failures when overlength names are given.
      */
     if (strlen(port->database_name) >= NAMEDATALEN)
         port->database_name[NAMEDATALEN - 1] = '\0';
     if (strlen(port->user_name) >= NAMEDATALEN)
         port->user_name[NAMEDATALEN - 1] = '\0';
  
     if (am_walsender)
         MyBackendType = B_WAL_SENDER;
     else
         MyBackendType = B_BACKEND;
  
     /*
      * Normal walsender backends, e.g. for streaming replication, are not
      * connected to a particular database. But walsenders used for logical
      * replication need to connect to a specific database. We allow streaming
      * replication commands to be issued even if connected to a database as it
      * can make sense to first make a basebackup and then stream changes
      * starting from that.
      */
     if (am_walsender && !am_db_walsender)
         port->database_name[0] = '\0';
  
     /*
      * Done putting stuff in TopMemoryContext.
      */
     MemoryContextSwitchTo(oldcontext);
  
     /*
      * If we're going to reject the connection due to database state, say so
      * now instead of wasting cycles on an authentication exchange. (This also
      * allows a pg_ping utility to be written.)
      */
     switch (port->canAcceptConnections)
     {
         case CAC_STARTUP:
             ereport(FATAL,
                     (errcode(ERRCODE_CANNOT_CONNECT_NOW),
                      errmsg("the database system is starting up")));
             break;
         case CAC_NOTCONSISTENT:
             if (EnableHotStandby)
                 ereport(FATAL,
                         (errcode(ERRCODE_CANNOT_CONNECT_NOW),
                          errmsg("the database system is not yet accepting connections"),
                          errdetail("Consistent recovery state has not been yet reached.")));
             else
                 ereport(FATAL,
                         (errcode(ERRCODE_CANNOT_CONNECT_NOW),
                          errmsg("the database system is not accepting connections"),
                          errdetail("Hot standby mode is disabled.")));
             break;
         case CAC_SHUTDOWN:
             ereport(FATAL,
                     (errcode(ERRCODE_CANNOT_CONNECT_NOW),
                      errmsg("the database system is shutting down")));
             break;
         case CAC_RECOVERY:
             ereport(FATAL,
                     (errcode(ERRCODE_CANNOT_CONNECT_NOW),
                      errmsg("the database system is in recovery mode")));
             break;
         case CAC_TOOMANY:
             ereport(FATAL,
                     (errcode(ERRCODE_TOO_MANY_CONNECTIONS),
                      errmsg("sorry, too many clients already")));
             break;
         case CAC_OK:
             break;
     }
  
     return STATUS_OK;
 }

References am_db_walsender, am_walsender, B_BACKEND, B_WAL_SENDER, buf, CAC_NOTCONSISTENT, CAC_OK, CAC_RECOVERY, CAC_SHUTDOWN, CAC_STARTUP, CAC_TOOMANY, CANCEL_REQUEST_CODE, COMMERROR, Db_user_namespace, EINTR, EnableHotStandby, ereport, errcode(), ERRCODE_CANNOT_CONNECT_NOW, errcode_for_socket_access(), errdetail(), errhint(), errmsg(), FATAL, FrontendProtocol, lappend(), len, MAX_STARTUP_PACKET_LENGTH, MemoryContextSwitchTo(), MyBackendType, NAMEDATALEN, NEGOTIATE_GSS_CODE, NEGOTIATE_SSL_CODE, NIL, palloc(), parse_bool(), pg_clean_ascii(), pg_ntoh32, PG_PROTOCOL_EARLIEST, PG_PROTOCOL_LATEST, PG_PROTOCOL_MAJOR, PG_PROTOCOL_MINOR, port, pq_buffer_has_data(), pq_endmsgread(), pq_getbytes(), pq_startmsgread(), processCancelRequest(), psprintf(), pstrdup(), secure_open_gssapi(), secure_open_server(), send, SendNegotiateProtocolVersion(), STATUS_ERROR, STATUS_OK, and TopMemoryContext.

Referenced by BackendInitialize().

◆ RandomCancelKey()

static bool RandomCancelKey ( int32 * cancel_key )

static

Definition at line 5333 of file postmaster.c.

 {
     return pg_strong_random(cancel_key, sizeof(int32));
 }

References pg_strong_random().

Referenced by assign_backendlist_entry(), BackendStartup(), and StartAutovacuumWorker().

◆ reaper()

static void reaper ( SIGNAL_ARGS )

static

Definition at line 2974 of file postmaster.c.

 {
     int         save_errno = errno;
     int         pid;            /* process id of dead child process */
     int         exitstatus;     /* its exit status */
  
     /*
      * We rely on the signal mechanism to have blocked all signals ... except
      * on Windows, which lacks sigaction(), so we have to do it manually.
      */
 #ifdef WIN32
     PG_SETMASK(&BlockSig);
 #endif
  
     ereport(DEBUG4,
             (errmsg_internal("reaping dead processes")));
  
     while ((pid = waitpid(-1, &exitstatus, WNOHANG)) > 0)
     {
         /*
          * Check if this child was a startup process.
          */
         if (pid == StartupPID)
         {
             StartupPID = 0;
  
             /*
              * Startup process exited in response to a shutdown request (or it
              * completed normally regardless of the shutdown request).
              */
             if (Shutdown > NoShutdown &&
                 (EXIT_STATUS_0(exitstatus) || EXIT_STATUS_1(exitstatus)))
             {
                 StartupStatus = STARTUP_NOT_RUNNING;
                 pmState = PM_WAIT_BACKENDS;
                 /* PostmasterStateMachine logic does the rest */
                 continue;
             }
  
             if (EXIT_STATUS_3(exitstatus))
             {
                 ereport(LOG,
                         (errmsg("shutdown at recovery target")));
                 StartupStatus = STARTUP_NOT_RUNNING;
                 Shutdown = Max(Shutdown, SmartShutdown);
                 TerminateChildren(SIGTERM);
                 pmState = PM_WAIT_BACKENDS;
                 /* PostmasterStateMachine logic does the rest */
                 continue;
             }
  
             /*
              * Unexpected exit of startup process (including FATAL exit)
              * during PM_STARTUP is treated as catastrophic. There are no
              * other processes running yet, so we can just exit.
              */
             if (pmState == PM_STARTUP &&
                 StartupStatus != STARTUP_SIGNALED &&
                 !EXIT_STATUS_0(exitstatus))
             {
                 LogChildExit(LOG, _("startup process"),
                              pid, exitstatus);
                 ereport(LOG,
                         (errmsg("aborting startup due to startup process failure")));
                 ExitPostmaster(1);
             }
  
             /*
              * After PM_STARTUP, any unexpected exit (including FATAL exit) of
              * the startup process is catastrophic, so kill other children,
              * and set StartupStatus so we don't try to reinitialize after
              * they're gone.  Exception: if StartupStatus is STARTUP_SIGNALED,
              * then we previously sent the startup process a SIGQUIT; so
              * that's probably the reason it died, and we do want to try to
              * restart in that case.
              *
              * This stanza also handles the case where we sent a SIGQUIT
              * during PM_STARTUP due to some dead_end child crashing: in that
              * situation, if the startup process dies on the SIGQUIT, we need
              * to transition to PM_WAIT_BACKENDS state which will allow
              * PostmasterStateMachine to restart the startup process.  (On the
              * other hand, the startup process might complete normally, if we
              * were too late with the SIGQUIT.  In that case we'll fall
              * through and commence normal operations.)
              */
             if (!EXIT_STATUS_0(exitstatus))
             {
                 if (StartupStatus == STARTUP_SIGNALED)
                 {
                     StartupStatus = STARTUP_NOT_RUNNING;
                     if (pmState == PM_STARTUP)
                         pmState = PM_WAIT_BACKENDS;
                 }
                 else
                     StartupStatus = STARTUP_CRASHED;
                 HandleChildCrash(pid, exitstatus,
                                  _("startup process"));
                 continue;
             }
  
             /*
              * Startup succeeded, commence normal operations
              */
             StartupStatus = STARTUP_NOT_RUNNING;
             FatalError = false;
             AbortStartTime = 0;
             ReachedNormalRunning = true;
             pmState = PM_RUN;
             connsAllowed = true;
  
             /*
              * Crank up the background tasks, if we didn't do that already
              * when we entered consistent recovery state.  It doesn't matter
              * if this fails, we'll just try again later.
              */
             if (CheckpointerPID == 0)
                 CheckpointerPID = StartCheckpointer();
             if (BgWriterPID == 0)
                 BgWriterPID = StartBackgroundWriter();
             if (WalWriterPID == 0)
                 WalWriterPID = StartWalWriter();
  
             /*
              * Likewise, start other special children as needed.  In a restart
              * situation, some of them may be alive already.
              */
             if (!IsBinaryUpgrade && AutoVacuumingActive() && AutoVacPID == 0)
                 AutoVacPID = StartAutoVacLauncher();
             if (PgArchStartupAllowed() && PgArchPID == 0)
                 PgArchPID = StartArchiver();
  
             /* workers may be scheduled to start now */
             maybe_start_bgworkers();
  
             /* at this point we are really open for business */
             ereport(LOG,
                     (errmsg("database system is ready to accept connections")));
  
             /* Report status */
             AddToDataDirLockFile(LOCK_FILE_LINE_PM_STATUS, PM_STATUS_READY);
 #ifdef USE_SYSTEMD
             sd_notify(0, "READY=1");
 #endif
  
             continue;
         }
  
         /*
          * Was it the bgwriter?  Normal exit can be ignored; we'll start a new
          * one at the next iteration of the postmaster's main loop, if
          * necessary.  Any other exit condition is treated as a crash.
          */
         if (pid == BgWriterPID)
         {
             BgWriterPID = 0;
             if (!EXIT_STATUS_0(exitstatus))
                 HandleChildCrash(pid, exitstatus,
                                  _("background writer process"));
             continue;
         }
  
         /*
          * Was it the checkpointer?
          */
         if (pid == CheckpointerPID)
         {
             CheckpointerPID = 0;
             if (EXIT_STATUS_0(exitstatus) && pmState == PM_SHUTDOWN)
             {
                 /*
                  * OK, we saw normal exit of the checkpointer after it's been
                  * told to shut down.  We expect that it wrote a shutdown
                  * checkpoint.  (If for some reason it didn't, recovery will
                  * occur on next postmaster start.)
                  *
                  * At this point we should have no normal backend children
                  * left (else we'd not be in PM_SHUTDOWN state) but we might
                  * have dead_end children to wait for.
                  *
                  * If we have an archiver subprocess, tell it to do a last
                  * archive cycle and quit. Likewise, if we have walsender
                  * processes, tell them to send any remaining WAL and quit.
                  */
                 Assert(Shutdown > NoShutdown);
  
                 /* Waken archiver for the last time */
                 if (PgArchPID != 0)
                     signal_child(PgArchPID, SIGUSR2);
  
                 /*
                  * Waken walsenders for the last time. No regular backends
                  * should be around anymore.
                  */
                 SignalChildren(SIGUSR2);
  
                 pmState = PM_SHUTDOWN_2;
             }
             else
             {
                 /*
                  * Any unexpected exit of the checkpointer (including FATAL
                  * exit) is treated as a crash.
                  */
                 HandleChildCrash(pid, exitstatus,
                                  _("checkpointer process"));
             }
  
             continue;
         }
  
         /*
          * Was it the wal writer?  Normal exit can be ignored; we'll start a
          * new one at the next iteration of the postmaster's main loop, if
          * necessary.  Any other exit condition is treated as a crash.
          */
         if (pid == WalWriterPID)
         {
             WalWriterPID = 0;
             if (!EXIT_STATUS_0(exitstatus))
                 HandleChildCrash(pid, exitstatus,
                                  _("WAL writer process"));
             continue;
         }
  
         /*
          * Was it the wal receiver?  If exit status is zero (normal) or one
          * (FATAL exit), we assume everything is all right just like normal
          * backends.  (If we need a new wal receiver, we'll start one at the
          * next iteration of the postmaster's main loop.)
          */
         if (pid == WalReceiverPID)
         {
             WalReceiverPID = 0;
             if (!EXIT_STATUS_0(exitstatus) && !EXIT_STATUS_1(exitstatus))
                 HandleChildCrash(pid, exitstatus,
                                  _("WAL receiver process"));
             continue;
         }
  
         /*
          * Was it the autovacuum launcher?  Normal exit can be ignored; we'll
          * start a new one at the next iteration of the postmaster's main
          * loop, if necessary.  Any other exit condition is treated as a
          * crash.
          */
         if (pid == AutoVacPID)
         {
             AutoVacPID = 0;
             if (!EXIT_STATUS_0(exitstatus))
                 HandleChildCrash(pid, exitstatus,
                                  _("autovacuum launcher process"));
             continue;
         }
  
         /*
          * Was it the archiver?  If exit status is zero (normal) or one (FATAL
          * exit), we assume everything is all right just like normal backends
          * and just try to restart a new one so that we immediately retry
          * archiving remaining files. (If fail, we'll try again in future
          * cycles of the postmaster's main loop.) Unless we were waiting for
          * it to shut down; don't restart it in that case, and
          * PostmasterStateMachine() will advance to the next shutdown step.
          */
         if (pid == PgArchPID)
         {
             PgArchPID = 0;
             if (!EXIT_STATUS_0(exitstatus) && !EXIT_STATUS_1(exitstatus))
                 HandleChildCrash(pid, exitstatus,
                                  _("archiver process"));
             if (PgArchStartupAllowed())
                 PgArchPID = StartArchiver();
             continue;
         }
  
         /* Was it the system logger?  If so, try to start a new one */
         if (pid == SysLoggerPID)
         {
             SysLoggerPID = 0;
        

Data Structures

Macros

Typedefs

Enumerations

Functions

Variables

Macro Definition Documentation

◆ BACKEND_TYPE_ALL

◆ BACKEND_TYPE_AUTOVAC

◆ BACKEND_TYPE_BGWORKER

◆ BACKEND_TYPE_NORMAL

◆ BACKEND_TYPE_WALSND

◆ EXIT_STATUS_0

◆ EXIT_STATUS_1

◆ EXIT_STATUS_3

◆ FastShutdown

◆ ImmediateShutdown

◆ MAX_BGWORKERS_TO_LAUNCH

◆ MAXLISTEN

◆ NoShutdown

◆ OPTS_FILE

◆ PgArchStartupAllowed

◆ SIGKILL_CHILDREN_AFTER_SECS

◆ SignalChildren

◆ SmartShutdown

◆ StartArchiver

◆ StartBackgroundWriter

◆ StartCheckpointer

◆ StartupDataBase

◆ StartWalReceiver

◆ StartWalWriter

Typedef Documentation

◆ Backend

Enumeration Type Documentation

◆ PMState

◆ StartupStatusEnum

Function Documentation

◆ assign_backendlist_entry()

◆ BackendInitialize()

◆ BackendRun()

◆ BackendStartup()

◆ BackgroundWorkerBlockSignals()

◆ BackgroundWorkerInitializeConnection()

◆ BackgroundWorkerInitializeConnectionByOid()

◆ BackgroundWorkerUnblockSignals()

◆ bgworker_should_start_now()

◆ canAcceptConnections()

◆ checkControlFile()

◆ CleanupBackend()

◆ CleanupBackgroundWorker()

◆ ClosePostmasterPorts()

◆ CloseServerPorts()

◆ ConnCreate()

◆ ConnFree()

◆ CountChildren()

◆ CreateOptsFile()

◆ DetermineSleepTime()

◆ do_start_bgworker()

◆ dummy_handler()

◆ ExitPostmaster()

◆ getInstallationPaths()

◆ HandleChildCrash()

◆ initMasks()

◆ InitPostmasterDeathWatchHandle()

◆ InitProcessGlobals()

◆ LogChildExit()

◆ MaxLivePostmasterChildren()

◆ maybe_start_bgworkers()

◆ MaybeStartWalReceiver()

◆ pmdie()

◆ PostmasterMain()

◆ PostmasterMarkPIDForWorkerNotify()

◆ PostmasterStateMachine()

◆ process_startup_packet_die()

◆ processCancelRequest()

◆ ProcessStartupPacket()

◆ RandomCancelKey()

◆ reaper()