postmaster.c File Reference

#include "postgres.h"
#include <unistd.h>
#include <signal.h>
#include <time.h>
#include <sys/wait.h>
#include <ctype.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <fcntl.h>
#include <sys/param.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <limits.h>
#include "access/transam.h"
#include "access/xlog.h"
#include "bootstrap/bootstrap.h"
#include "catalog/pg_control.h"
#include "common/ip.h"
#include "lib/ilist.h"
#include "libpq/auth.h"
#include "libpq/libpq.h"
#include "libpq/pqsignal.h"
#include "miscadmin.h"
#include "pg_getopt.h"
#include "pgstat.h"
#include "postmaster/autovacuum.h"
#include "postmaster/bgworker_internals.h"
#include "postmaster/fork_process.h"
#include "postmaster/pgarch.h"
#include "postmaster/postmaster.h"
#include "postmaster/syslogger.h"
#include "replication/logicallauncher.h"
#include "replication/walsender.h"
#include "storage/fd.h"
#include "storage/ipc.h"
#include "storage/pg_shmem.h"
#include "storage/pmsignal.h"
#include "storage/proc.h"
#include "tcop/tcopprot.h"
#include "utils/builtins.h"
#include "utils/datetime.h"
#include "utils/dynamic_loader.h"
#include "utils/memutils.h"
#include "utils/ps_status.h"
#include "utils/timeout.h"
#include "utils/varlena.h"

Include dependency graph for postmaster.c:

Go to the source code of this file.

Data Structures
struct	bkend

Macros
#define	BACKEND_TYPE_NORMAL   0x0001 /* normal backend */
#define	BACKEND_TYPE_AUTOVAC   0x0002 /* autovacuum worker process */
#define	BACKEND_TYPE_WALSND   0x0004 /* walsender process */
#define	BACKEND_TYPE_BGWORKER   0x0008 /* bgworker process */
#define	BACKEND_TYPE_ALL   0x000F /* OR of all the above */
#define	BACKEND_TYPE_WORKER   (BACKEND_TYPE_AUTOVAC | BACKEND_TYPE_BGWORKER)
#define	MAXLISTEN   64
#define	NoShutdown   0
#define	SmartShutdown   1
#define	FastShutdown   2
#define	ImmediateShutdown   3
#define	SIGKILL_CHILDREN_AFTER_SECS   5
#define	SignalChildren(sig)   SignalSomeChildren(sig, BACKEND_TYPE_ALL)
#define	PgArchStartupAllowed()
#define	StartupDataBase()   StartChildProcess(StartupProcess)
#define	StartBackgroundWriter()   StartChildProcess(BgWriterProcess)
#define	StartCheckpointer()   StartChildProcess(CheckpointerProcess)
#define	StartWalWriter()   StartChildProcess(WalWriterProcess)
#define	StartWalReceiver()   StartChildProcess(WalReceiverProcess)
#define	EXIT_STATUS_0(st)   ((st) == 0)
#define	EXIT_STATUS_1(st)   (WIFEXITED(st) && WEXITSTATUS(st) == 1)
#define	EXIT_STATUS_3(st)   (WIFEXITED(st) && WEXITSTATUS(st) == 3)
#define	OPTS_FILE   "postmaster.opts"
#define	MAX_BGWORKERS_TO_LAUNCH   100

Typedefs
typedef struct bkend	Backend

Enumerations
enum	StartupStatusEnum { STARTUP_NOT_RUNNING, STARTUP_RUNNING, STARTUP_SIGNALED, STARTUP_CRASHED }
enum	PMState {   PM_INIT, PM_STARTUP, PM_RECOVERY, PM_HOT_STANDBY,   PM_RUN, PM_WAIT_BACKUP, PM_WAIT_READONLY, PM_WAIT_BACKENDS,   PM_SHUTDOWN, PM_SHUTDOWN_2, PM_WAIT_DEAD_END, PM_NO_CHILDREN }

Functions
static void	CloseServerPorts (int status, Datum arg)
static void	unlink_external_pid_file (int status, Datum arg)
static void	getInstallationPaths (const char *argv0)
static void	checkDataDir (void)
static Port *	ConnCreate (int serverFd)
static void	ConnFree (Port *port)
static void	reset_shared (int port)
static void	SIGHUP_handler (SIGNAL_ARGS)
static void	pmdie (SIGNAL_ARGS)
static void	reaper (SIGNAL_ARGS)
static void	sigusr1_handler (SIGNAL_ARGS)
static void	startup_die (SIGNAL_ARGS)
static void	dummy_handler (SIGNAL_ARGS)
static void	StartupPacketTimeoutHandler (void)
static void	CleanupBackend (int pid, int exitstatus)
static bool	CleanupBackgroundWorker (int pid, int exitstatus)
static void	HandleChildCrash (int pid, int exitstatus, const char *procname)
static void	LogChildExit (int lev, const char *procname, int pid, int exitstatus)
static void	PostmasterStateMachine (void)
static void	BackendInitialize (Port *port)
static void	BackendRun (Port *port) pg_attribute_noreturn()
static void	ExitPostmaster (int status) pg_attribute_noreturn()
static int	ServerLoop (void)
static int	BackendStartup (Port *port)
static int	ProcessStartupPacket (Port *port, bool SSLdone)
static void	processCancelRequest (Port *port, void *pkt)
static int	initMasks (fd_set *rmask)
static void	report_fork_failure_to_client (Port *port, int errnum)
static CAC_state	canAcceptConnections (void)
static bool	RandomCancelKey (int32 *cancel_key)
static void	signal_child (pid_t pid, int signal)
static bool	SignalSomeChildren (int signal, int targets)
static void	TerminateChildren (int signal)
static int	CountChildren (int target)
static bool	assign_backendlist_entry (RegisteredBgWorker *rw)
static void	maybe_start_bgworkers (void)
static bool	CreateOptsFile (int argc, char *argv[], char *fullprogname)
static pid_t	StartChildProcess (AuxProcType type)
static void	StartAutovacuumWorker (void)
static void	InitPostmasterDeathWatchHandle (void)
void	PostmasterMain (int argc, char *argv[])
static void	DetermineSleepTime (struct timeval *timeout)
void	ClosePostmasterPorts (bool am_syslogger)
int	MaxLivePostmasterChildren (void)
void	BackgroundWorkerInitializeConnection (char *dbname, char *username)
void	BackgroundWorkerInitializeConnectionByOid (Oid dboid, Oid useroid)
void	BackgroundWorkerBlockSignals (void)
void	BackgroundWorkerUnblockSignals (void)
static bool	do_start_bgworker (RegisteredBgWorker *rw)
static bool	bgworker_should_start_now (BgWorkerStartTime start_time)
bool	PostmasterMarkPIDForWorkerNotify (int pid)

Variables
static dlist_head	BackendList = DLIST_STATIC_INIT(BackendList)
BackgroundWorker *	MyBgworkerEntry = NULL
int	PostPortNumber
char *	Unix_socket_directories
char *	ListenAddresses
int	ReservedBackends
static pgsocket	ListenSocket [MAXLISTEN]
static char	ExtraOptions [MAXPGPATH]
static bool	Reinit = true
static int	SendStop = false
bool	EnableSSL = false
int	PreAuthDelay = 0
int	AuthenticationTimeout = 60
bool	log_hostname
bool	Log_connections = false
bool	Db_user_namespace = false
bool	enable_bonjour = false
char *	bonjour_name
bool	restart_after_crash = true
static pid_t	StartupPID = 0
static pid_t	BgWriterPID = 0
static pid_t	CheckpointerPID = 0
static pid_t	WalWriterPID = 0
static pid_t	WalReceiverPID = 0
static pid_t	AutoVacPID = 0
static pid_t	PgArchPID = 0
static pid_t	PgStatPID = 0
static pid_t	SysLoggerPID = 0
static StartupStatusEnum	StartupStatus = STARTUP_NOT_RUNNING
static int	Shutdown = NoShutdown
static bool	FatalError = false
static PMState	pmState = PM_INIT
static time_t	AbortStartTime = 0
static bool	ReachedNormalRunning = false
bool	ClientAuthInProgress = false
bool	redirection_done = false
static volatile sig_atomic_t	start_autovac_launcher = false
static volatile bool	avlauncher_needs_signal = false
static volatile bool	StartWorkerNeeded = true
static volatile bool	HaveCrashedWorker = false
static unsigned int	random_seed = 0
static struct timeval	random_start_time
int	postmaster_alive_fds [2] = {-1, -1}

Macro Definition Documentation

#define BACKEND_TYPE_ALL   0x000F /* OR of all the above */

Definition at line 146 of file postmaster.c.

Referenced by canAcceptConnections(), CountChildren(), PostmasterStateMachine(), and SignalSomeChildren().

#define BACKEND_TYPE_AUTOVAC   0x0002 /* autovacuum worker process */

Definition at line 143 of file postmaster.c.

Referenced by pmdie(), and StartAutovacuumWorker().

#define BACKEND_TYPE_BGWORKER   0x0008 /* bgworker process */

Definition at line 145 of file postmaster.c.

Referenced by assign_backendlist_entry(), HandleChildCrash(), and pmdie().

#define BACKEND_TYPE_NORMAL   0x0001 /* normal backend */

Definition at line 142 of file postmaster.c.

Referenced by BackendStartup(), CountChildren(), pmdie(), PostmasterStateMachine(), and SignalSomeChildren().

#define BACKEND_TYPE_WALSND   0x0004 /* walsender process */

Definition at line 144 of file postmaster.c.

Referenced by CountChildren(), and SignalSomeChildren().

#define BACKEND_TYPE_WORKER   (BACKEND_TYPE_AUTOVAC | BACKEND_TYPE_BGWORKER)

Definition at line 148 of file postmaster.c.

Referenced by PostmasterStateMachine().

#define EXIT_STATUS_0

(

st

)

((st) == 0)

Definition at line 549 of file postmaster.c.

Referenced by CleanupBackend(), CleanupBackgroundWorker(), LogChildExit(), and reaper().

#define EXIT_STATUS_1

(

st

)

(WIFEXITED(st) && WEXITSTATUS(st) == 1)

Definition at line 550 of file postmaster.c.

Referenced by CleanupBackend(), CleanupBackgroundWorker(), and reaper().

#define EXIT_STATUS_3

(

st

)

(WIFEXITED(st) && WEXITSTATUS(st) == 3)

Definition at line 551 of file postmaster.c.

Referenced by reaper().

#define FastShutdown   2

Definition at line 271 of file postmaster.c.

Referenced by pmdie().

#define ImmediateShutdown   3

Definition at line 272 of file postmaster.c.

Referenced by HandleChildCrash(), pmdie(), PostmasterStateMachine(), and ServerLoop().

#define MAX_BGWORKERS_TO_LAUNCH   100

Referenced by maybe_start_bgworkers().

#define MAXLISTEN   64

Definition at line 214 of file postmaster.c.

Referenced by ClosePostmasterPorts(), CloseServerPorts(), initMasks(), PostmasterMain(), and ServerLoop().

#define NoShutdown   0

Definition at line 269 of file postmaster.c.

Referenced by canAcceptConnections(), DetermineSleepTime(), PostmasterStateMachine(), reaper(), and sigusr1_handler().

#define OPTS_FILE   "postmaster.opts"

Referenced by CreateOptsFile().

#define PgArchStartupAllowed

(

)

Value:

((XLogArchivingActive() && pmState == PM_RUN) ||    \
     (XLogArchivingAlways() &&  \
      (pmState == PM_RECOVERY || pmState == PM_HOT_STANDBY)))

Definition at line 437 of file postmaster.c.

Referenced by reaper(), and ServerLoop().

#define SIGKILL_CHILDREN_AFTER_SECS   5

Definition at line 345 of file postmaster.c.

Referenced by DetermineSleepTime(), and ServerLoop().

#define SignalChildren

(

sig

)

SignalSomeChildren(sig, BACKEND_TYPE_ALL)

Definition at line 421 of file postmaster.c.

Referenced by PostmasterStateMachine(), reaper(), SIGHUP_handler(), and TerminateChildren().

#define SmartShutdown   1

Definition at line 270 of file postmaster.c.

Referenced by pmdie(), reaper(), and SIGHUP_handler().

#define StartBackgroundWriter

(

)

StartChildProcess(BgWriterProcess)

Definition at line 543 of file postmaster.c.

Referenced by reaper(), ServerLoop(), and sigusr1_handler().

#define StartCheckpointer

(

)

StartChildProcess(CheckpointerProcess)

Definition at line 544 of file postmaster.c.

Referenced by PostmasterStateMachine(), reaper(), ServerLoop(), and sigusr1_handler().

#define StartupDataBase

(

)

StartChildProcess(StartupProcess)

Definition at line 542 of file postmaster.c.

Referenced by PostmasterMain(), and PostmasterStateMachine().

#define StartWalReceiver

(

)

StartChildProcess(WalReceiverProcess)

Definition at line 546 of file postmaster.c.

Referenced by sigusr1_handler().

#define StartWalWriter

(

)

StartChildProcess(WalWriterProcess)

Definition at line 545 of file postmaster.c.

Referenced by reaper(), and ServerLoop().

Typedef Documentation

typedef struct bkend Backend

Enumeration Type Documentation

enum PMState

Enumerator
PM_INIT
PM_STARTUP
PM_RECOVERY
PM_HOT_STANDBY
PM_RUN
PM_WAIT_BACKUP
PM_WAIT_READONLY
PM_WAIT_BACKENDS
PM_SHUTDOWN
PM_SHUTDOWN_2
PM_WAIT_DEAD_END
PM_NO_CHILDREN

Definition at line 320 of file postmaster.c.

{
    PM_INIT,                    /* postmaster starting */
    PM_STARTUP,                 /* waiting for startup subprocess */
    PM_RECOVERY,                /* in archive recovery mode */
    PM_HOT_STANDBY,             /* in hot standby mode */
    PM_RUN,                     /* normal "database is alive" state */
    PM_WAIT_BACKUP,             /* waiting for online backup mode to end */
    PM_WAIT_READONLY,           /* waiting for read only backends to exit */
    PM_WAIT_BACKENDS,           /* waiting for live backends to exit */
    PM_SHUTDOWN,                /* waiting for checkpointer to do shutdown
                                 * ckpt */
    PM_SHUTDOWN_2,              /* waiting for archiver and walsenders to
                                 * finish */
    PM_WAIT_DEAD_END,           /* waiting for dead_end children to exit */
    PM_NO_CHILDREN              /* all important children have exited */
} PMState;

enum StartupStatusEnum

Enumerator
STARTUP_NOT_RUNNING
STARTUP_RUNNING
STARTUP_SIGNALED
STARTUP_CRASHED

Definition at line 258 of file postmaster.c.

{
    STARTUP_NOT_RUNNING,
    STARTUP_RUNNING,
    STARTUP_SIGNALED,           /* we sent it a SIGQUIT or SIGKILL */
    STARTUP_CRASHED
} StartupStatusEnum;

Function Documentation

static bool assign_backendlist_entry ( RegisteredBgWorker *  rw )

static

Definition at line 5689 of file postmaster.c.

References AssignPostmasterChildSlot(), BACKEND_TYPE_BGWORKER, bkend::bgworker_notify, bkend::bkend_type, bkend::cancel_key, bkend::child_slot, bkend::dead_end, ereport, errcode(), errmsg(), LOG, malloc, MyCancelKey, MyPMChildSlot, NULL, RandomCancelKey(), RegisteredBgWorker::rw_backend, and RegisteredBgWorker::rw_child_slot.

Referenced by do_start_bgworker().

{
    Backend    *bn;

    /*
     * Compute the cancel key that will be assigned to this session. We
     * probably don't need cancel keys for background workers, but we'd better
     * have something random in the field to prevent unfriendly people from
     * sending cancels to them.
     */
    if (!RandomCancelKey(&MyCancelKey))
    {
        ereport(LOG,
                (errcode(ERRCODE_INTERNAL_ERROR),
                 errmsg("could not generate random cancel key")));
        return false;
    }

    bn = malloc(sizeof(Backend));
    if (bn == NULL)
    {
        ereport(LOG,
                (errcode(ERRCODE_OUT_OF_MEMORY),
                 errmsg("out of memory")));
        return false;
    }

    bn->cancel_key = MyCancelKey;
    bn->child_slot = MyPMChildSlot = AssignPostmasterChildSlot();
    bn->bkend_type = BACKEND_TYPE_BGWORKER;
    bn->dead_end = false;
    bn->bgworker_notify = false;

    rw->rw_backend = bn;
    rw->rw_child_slot = bn->child_slot;

    return true;
}

static void BackendInitialize ( Port *  port )

static

Definition at line 4084 of file postmaster.c.

References SockAddr::addr, am_walsender, AuthenticationTimeout, BlockSig, ClientAuthInProgress, Port::database_name, DestRemote, disable_timeout(), enable_timeout_after(), ereport, errmsg(), errmsg_internal(), gai_strerror, GetCurrentTimestamp(), init_ps_display(), InitializeTimeouts(), LOG, Log_connections, log_hostname, MyProcPort, MyStartTime, NI_MAXHOST, NI_MAXSERV, NI_NUMERICHOST, NI_NUMERICSERV, pg_getnameinfo_all(), PG_SETMASK, pg_usleep(), port, pq_init(), pqsignal(), PreAuthDelay, proc_exit(), ProcessStartupPacket(), Port::raddr, RegisterTimeout(), Port::remote_host, Port::remote_hostname, Port::remote_port, SockAddr::salen, Port::SessionStartTime, SIGQUIT, snprintf(), startup_die(), STARTUP_PACKET_TIMEOUT, StartupBlockSig, StartupPacketTimeoutHandler(), status(), STATUS_OK, timestamptz_to_time_t(), update_process_title, Port::user_name, WARNING, and whereToSendOutput.

Referenced by BackendStartup().

{
    int         status;
    int         ret;
    char        remote_host[NI_MAXHOST];
    char        remote_port[NI_MAXSERV];
    char        remote_ps_data[NI_MAXHOST];

    /* Save port etc. for ps status */
    MyProcPort = port;

    /*
     * PreAuthDelay is a debugging aid for investigating problems in the
     * authentication cycle: it can be set in postgresql.conf to allow time to
     * attach to the newly-forked backend with a debugger.  (See also
     * PostAuthDelay, which we allow clients to pass through PGOPTIONS, but it
     * is not honored until after authentication.)
     */
    if (PreAuthDelay > 0)
        pg_usleep(PreAuthDelay * 1000000L);

    /* This flag will remain set until InitPostgres finishes authentication */
    ClientAuthInProgress = true;    /* limit visibility of log messages */

    /* save process start time */
    port->SessionStartTime = GetCurrentTimestamp();
    MyStartTime = timestamptz_to_time_t(port->SessionStartTime);

    /* set these to empty in case they are needed before we set them up */
    port->remote_host = "";
    port->remote_port = "";

    /*
     * Initialize libpq and enable reporting of ereport errors to the client.
     * Must do this now because authentication uses libpq to send messages.
     */
    pq_init();                  /* initialize libpq to talk to client */
    whereToSendOutput = DestRemote; /* now safe to ereport to client */

    /*
     * We arrange for a simple exit(1) if we receive SIGTERM or SIGQUIT or
     * timeout while trying to collect the startup packet.  Otherwise the
     * postmaster cannot shutdown the database FAST or IMMED cleanly if a
     * buggy client fails to send the packet promptly.  XXX it follows that
     * the remainder of this function must tolerate losing control at any
     * instant.  Likewise, any pg_on_exit_callback registered before or during
     * this function must be prepared to execute at any instant between here
     * and the end of this function.  Furthermore, affected callbacks execute
     * partially or not at all when a second exit-inducing signal arrives
     * after proc_exit_prepare() decrements on_proc_exit_index.  (Thanks to
     * that mechanic, callbacks need not anticipate more than one call.)  This
     * is fragile; it ought to instead follow the norm of handling interrupts
     * at selected, safe opportunities.
     */
    pqsignal(SIGTERM, startup_die);
    pqsignal(SIGQUIT, startup_die);
    InitializeTimeouts();       /* establishes SIGALRM handler */
    PG_SETMASK(&StartupBlockSig);

    /*
     * Get the remote host name and port for logging and status display.
     */
    remote_host[0] = '\0';
    remote_port[0] = '\0';
    if ((ret = pg_getnameinfo_all(&port->raddr.addr, port->raddr.salen,
                                  remote_host, sizeof(remote_host),
                                  remote_port, sizeof(remote_port),
                                  (log_hostname ? 0 : NI_NUMERICHOST) | NI_NUMERICSERV)) != 0)
        ereport(WARNING,
                (errmsg_internal("pg_getnameinfo_all() failed: %s",
                                 gai_strerror(ret))));
    if (remote_port[0] == '\0')
        snprintf(remote_ps_data, sizeof(remote_ps_data), "%s", remote_host);
    else
        snprintf(remote_ps_data, sizeof(remote_ps_data), "%s(%s)", remote_host, remote_port);

    /*
     * Save remote_host and remote_port in port structure (after this, they
     * will appear in log_line_prefix data for log messages).
     */
    port->remote_host = strdup(remote_host);
    port->remote_port = strdup(remote_port);

    /* And now we can issue the Log_connections message, if wanted */
    if (Log_connections)
    {
        if (remote_port[0])
            ereport(LOG,
                    (errmsg("connection received: host=%s port=%s",
                            remote_host,
                            remote_port)));
        else
            ereport(LOG,
                    (errmsg("connection received: host=%s",
                            remote_host)));
    }

    /*
     * If we did a reverse lookup to name, we might as well save the results
     * rather than possibly repeating the lookup during authentication.
     *
     * Note that we don't want to specify NI_NAMEREQD above, because then we'd
     * get nothing useful for a client without an rDNS entry.  Therefore, we
     * must check whether we got a numeric IPv4 or IPv6 address, and not save
     * it into remote_hostname if so.  (This test is conservative and might
     * sometimes classify a hostname as numeric, but an error in that
     * direction is safe; it only results in a possible extra lookup.)
     */
    if (log_hostname &&
        ret == 0 &&
        strspn(remote_host, "0123456789.") < strlen(remote_host) &&
        strspn(remote_host, "0123456789ABCDEFabcdef:") < strlen(remote_host))
        port->remote_hostname = strdup(remote_host);

    /*
     * Ready to begin client interaction.  We will give up and exit(1) after a
     * time delay, so that a broken client can't hog a connection
     * indefinitely.  PreAuthDelay and any DNS interactions above don't count
     * against the time limit.
     *
     * Note: AuthenticationTimeout is applied here while waiting for the
     * startup packet, and then again in InitPostgres for the duration of any
     * authentication operations.  So a hostile client could tie up the
     * process for nearly twice AuthenticationTimeout before we kick him off.
     *
     * Note: because PostgresMain will call InitializeTimeouts again, the
     * registration of STARTUP_PACKET_TIMEOUT will be lost.  This is okay
     * since we never use it again after this function.
     */
    RegisterTimeout(STARTUP_PACKET_TIMEOUT, StartupPacketTimeoutHandler);
    enable_timeout_after(STARTUP_PACKET_TIMEOUT, AuthenticationTimeout * 1000);

    /*
     * Receive the startup packet (which might turn out to be a cancel request
     * packet).
     */
    status = ProcessStartupPacket(port, false);

    /*
     * Stop here if it was bad or a cancel packet.  ProcessStartupPacket
     * already did any appropriate error reporting.
     */
    if (status != STATUS_OK)
        proc_exit(0);

    /*
     * Now that we have the user and database name, we can set the process
     * title for ps.  It's good to do this as early as possible in startup.
     *
     * For a walsender, the ps display is set in the following form:
     *
     * postgres: wal sender process <user> <host> <activity>
     *
     * To achieve that, we pass "wal sender process" as username and username
     * as dbname to init_ps_display(). XXX: should add a new variant of
     * init_ps_display() to avoid abusing the parameters like this.
     */
    if (am_walsender)
        init_ps_display("wal sender process", port->user_name, remote_ps_data,
                        update_process_title ? "authentication" : "");
    else
        init_ps_display(port->user_name, port->database_name, remote_ps_data,
                        update_process_title ? "authentication" : "");

    /*
     * Disable the timeout, and prevent SIGTERM/SIGQUIT again.
     */
    disable_timeout(STARTUP_PACKET_TIMEOUT, false);
    PG_SETMASK(&BlockSig);
}

static void BackendRun ( Port *  port )

static

Definition at line 4264 of file postmaster.c.

References Assert, av, Port::database_name, DEBUG3, ereport, errmsg_internal(), ExtraOptions, i, MemoryContextAlloc(), MemoryContextSwitchTo(), MyProcPid, NULL, pg_split_opts(), PostgresMain(), progname, random_seed, random_start_time, Port::SessionStartTime, srandom(), TimestampDifference(), TopMemoryContext, and Port::user_name.

Referenced by BackendStartup().

{
    char      **av;
    int         maxac;
    int         ac;
    long        secs;
    int         usecs;
    int         i;

    /*
     * Don't want backend to be able to see the postmaster random number
     * generator state.  We have to clobber the static random_seed *and* start
     * a new random sequence in the random() library function.
     */
#ifndef HAVE_STRONG_RANDOM
    random_seed = 0;
    random_start_time.tv_usec = 0;
#endif
    /* slightly hacky way to convert timestamptz into integers */
    TimestampDifference(0, port->SessionStartTime, &secs, &usecs);
    srandom((unsigned int) (MyProcPid ^ (usecs << 12) ^ secs));

    /*
     * Now, build the argv vector that will be given to PostgresMain.
     *
     * The maximum possible number of commandline arguments that could come
     * from ExtraOptions is (strlen(ExtraOptions) + 1) / 2; see
     * pg_split_opts().
     */
    maxac = 2;                  /* for fixed args supplied below */
    maxac += (strlen(ExtraOptions) + 1) / 2;

    av = (char **) MemoryContextAlloc(TopMemoryContext,
                                      maxac * sizeof(char *));
    ac = 0;

    av[ac++] = "postgres";

    /*
     * Pass any backend switches specified with -o on the postmaster's own
     * command line.  We assume these are secure.
     */
    pg_split_opts(av, &ac, ExtraOptions);

    av[ac] = NULL;

    Assert(ac < maxac);

    /*
     * Debug: print arguments being passed to backend
     */
    ereport(DEBUG3,
            (errmsg_internal("%s child[%d]: starting with (",
                             progname, (int) getpid())));
    for (i = 0; i < ac; ++i)
        ereport(DEBUG3,
                (errmsg_internal("\t%s", av[i])));
    ereport(DEBUG3,
            (errmsg_internal(")")));

    /*
     * Make sure we aren't in PostmasterContext anymore.  (We can't delete it
     * just yet, though, because InitPostgres will need the HBA data.)
     */
    MemoryContextSwitchTo(TopMemoryContext);

    PostgresMain(ac, av, port->database_name, port->user_name);
}

static int BackendStartup ( Port *  port )

static

Definition at line 3934 of file postmaster.c.

References AssignPostmasterChildSlot(), BACKEND_TYPE_NORMAL, BackendInitialize(), BackendRun(), bkend::bgworker_notify, bkend::bkend_type, CAC_OK, CAC_WAITBACKUP, Port::canAcceptConnections, canAcceptConnections(), bkend::cancel_key, bkend::child_slot, ClosePostmasterPorts(), bkend::dead_end, DEBUG2, dlist_push_head(), bkend::elem, ereport, errcode(), errmsg(), errmsg_internal(), fork_process(), free, InitPostmasterChild(), LOG, malloc, MyCancelKey, MyPMChildSlot, bkend::pid, RandomCancelKey(), ReleasePostmasterChildSlot(), report_fork_failure_to_client(), Port::sock, STATUS_ERROR, and STATUS_OK.

Referenced by ServerLoop().

{
    Backend    *bn;             /* for backend cleanup */
    pid_t       pid;

    /*
     * Create backend data structure.  Better before the fork() so we can
     * handle failure cleanly.
     */
    bn = (Backend *) malloc(sizeof(Backend));
    if (!bn)
    {
        ereport(LOG,
                (errcode(ERRCODE_OUT_OF_MEMORY),
                 errmsg("out of memory")));
        return STATUS_ERROR;
    }

    /*
     * Compute the cancel key that will be assigned to this backend. The
     * backend will have its own copy in the forked-off process' value of
     * MyCancelKey, so that it can transmit the key to the frontend.
     */
    if (!RandomCancelKey(&MyCancelKey))
    {
        free(bn);
        ereport(LOG,
                (errcode(ERRCODE_INTERNAL_ERROR),
                 errmsg("could not generate random cancel key")));
        return STATUS_ERROR;
    }

    bn->cancel_key = MyCancelKey;

    /* Pass down canAcceptConnections state */
    port->canAcceptConnections = canAcceptConnections();
    bn->dead_end = (port->canAcceptConnections != CAC_OK &&
                    port->canAcceptConnections != CAC_WAITBACKUP);

    /*
     * Unless it's a dead_end child, assign it a child slot number
     */
    if (!bn->dead_end)
        bn->child_slot = MyPMChildSlot = AssignPostmasterChildSlot();
    else
        bn->child_slot = 0;

    /* Hasn't asked to be notified about any bgworkers yet */
    bn->bgworker_notify = false;

#ifdef EXEC_BACKEND
    pid = backend_forkexec(port);
#else                           /* !EXEC_BACKEND */
    pid = fork_process();
    if (pid == 0)               /* child */
    {
        free(bn);

        /* Detangle from postmaster */
        InitPostmasterChild();

        /* Close the postmaster's sockets */
        ClosePostmasterPorts(false);

        /* Perform additional initialization and collect startup packet */
        BackendInitialize(port);

        /* And run the backend */
        BackendRun(port);
    }
#endif                          /* EXEC_BACKEND */

    if (pid < 0)
    {
        /* in parent, fork failed */
        int         save_errno = errno;

        if (!bn->dead_end)
            (void) ReleasePostmasterChildSlot(bn->child_slot);
        free(bn);
        errno = save_errno;
        ereport(LOG,
                (errmsg("could not fork new process for connection: %m")));
        report_fork_failure_to_client(port, save_errno);
        return STATUS_ERROR;
    }

    /* in parent, successful fork */
    ereport(DEBUG2,
            (errmsg_internal("forked new backend, pid=%d socket=%d",
                             (int) pid, (int) port->sock)));

    /*
     * Everything's been successful, it's safe to add this backend to our list
     * of backends.
     */
    bn->pid = pid;
    bn->bkend_type = BACKEND_TYPE_NORMAL;   /* Can change later to WALSND */
    dlist_push_head(&BackendList, &bn->elem);

#ifdef EXEC_BACKEND
    if (!bn->dead_end)
        ShmemBackendArrayAdd(bn);
#endif

    return STATUS_OK;
}

void BackgroundWorkerBlockSignals

(

void

)

Definition at line 5512 of file postmaster.c.

References BlockSig, and PG_SETMASK.

{
    PG_SETMASK(&BlockSig);
}

void BackgroundWorkerInitializeConnection	(	char *	dbname,
		char *	username
	)

Definition at line 5466 of file postmaster.c.

References BackgroundWorker::bgw_flags, BGWORKER_BACKEND_DATABASE_CONNECTION, ereport, errcode(), errmsg(), ERROR, FATAL, InitPostgres(), InvalidOid, IsInitProcessingMode, MyBgworkerEntry, NormalProcessing, NULL, and SetProcessingMode.

Referenced by ApplyLauncherMain().

{
    BackgroundWorker *worker = MyBgworkerEntry;

    /* XXX is this the right errcode? */
    if (!(worker->bgw_flags & BGWORKER_BACKEND_DATABASE_CONNECTION))
        ereport(FATAL,
                (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
                 errmsg("database connection requirement not indicated during registration")));

    InitPostgres(dbname, InvalidOid, username, InvalidOid, NULL);

    /* it had better not gotten out of "init" mode yet */
    if (!IsInitProcessingMode())
        ereport(ERROR,
                (errmsg("invalid processing mode in background worker")));
    SetProcessingMode(NormalProcessing);
}

void BackgroundWorkerInitializeConnectionByOid	(	Oid	dboid,
		Oid	useroid
	)

Definition at line 5489 of file postmaster.c.

References BackgroundWorker::bgw_flags, BGWORKER_BACKEND_DATABASE_CONNECTION, ereport, errcode(), errmsg(), ERROR, FATAL, InitPostgres(), IsInitProcessingMode, MyBgworkerEntry, NormalProcessing, NULL, and SetProcessingMode.

Referenced by ApplyWorkerMain(), and ParallelWorkerMain().

{
    BackgroundWorker *worker = MyBgworkerEntry;

    /* XXX is this the right errcode? */
    if (!(worker->bgw_flags & BGWORKER_BACKEND_DATABASE_CONNECTION))
        ereport(FATAL,
                (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
                 errmsg("database connection requirement not indicated during registration")));

    InitPostgres(NULL, dboid, NULL, useroid, NULL);

    /* it had better not gotten out of "init" mode yet */
    if (!IsInitProcessingMode())
        ereport(ERROR,
                (errmsg("invalid processing mode in background worker")));
    SetProcessingMode(NormalProcessing);
}

void BackgroundWorkerUnblockSignals

(

void

)

Definition at line 5518 of file postmaster.c.

References PG_SETMASK, and UnBlockSig.

Referenced by ApplyLauncherMain(), ApplyWorkerMain(), ParallelWorkerMain(), and test_shm_mq_main().

{
    PG_SETMASK(&UnBlockSig);
}

static bool bgworker_should_start_now ( BgWorkerStartTime  start_time )

static

Definition at line 5645 of file postmaster.c.

References BgWorkerStart_ConsistentState, BgWorkerStart_PostmasterStart, BgWorkerStart_RecoveryFinished, PM_HOT_STANDBY, PM_INIT, PM_NO_CHILDREN, PM_RECOVERY, PM_RUN, PM_SHUTDOWN, PM_SHUTDOWN_2, PM_STARTUP, PM_WAIT_BACKENDS, PM_WAIT_BACKUP, PM_WAIT_DEAD_END, PM_WAIT_READONLY, and pmState.

Referenced by maybe_start_bgworkers().

{
    switch (pmState)
    {
        case PM_NO_CHILDREN:
        case PM_WAIT_DEAD_END:
        case PM_SHUTDOWN_2:
        case PM_SHUTDOWN:
        case PM_WAIT_BACKENDS:
        case PM_WAIT_READONLY:
        case PM_WAIT_BACKUP:
            break;

        case PM_RUN:
            if (start_time == BgWorkerStart_RecoveryFinished)
                return true;
            /* fall through */

        case PM_HOT_STANDBY:
            if (start_time == BgWorkerStart_ConsistentState)
                return true;
            /* fall through */

        case PM_RECOVERY:
        case PM_STARTUP:
        case PM_INIT:
            if (start_time == BgWorkerStart_PostmasterStart)
                return true;
            /* fall through */

    }

    return false;
}

static CAC_state canAcceptConnections ( void  )

static

Definition at line 2312 of file postmaster.c.

References BACKEND_TYPE_ALL, CAC_OK, CAC_RECOVERY, CAC_SHUTDOWN, CAC_STARTUP, CAC_TOOMANY, CAC_WAITBACKUP, CountChildren(), FatalError, MaxLivePostmasterChildren(), NoShutdown, PM_HOT_STANDBY, PM_RECOVERY, PM_RUN, PM_STARTUP, PM_WAIT_BACKUP, pmState, result, and Shutdown.

Referenced by BackendStartup(), and StartAutovacuumWorker().

{
    CAC_state   result = CAC_OK;

    /*
     * Can't start backends when in startup/shutdown/inconsistent recovery
     * state.
     *
     * In state PM_WAIT_BACKUP only superusers can connect (this must be
     * allowed so that a superuser can end online backup mode); we return
     * CAC_WAITBACKUP code to indicate that this must be checked later. Note
     * that neither CAC_OK nor CAC_WAITBACKUP can safely be returned until we
     * have checked for too many children.
     */
    if (pmState != PM_RUN)
    {
        if (pmState == PM_WAIT_BACKUP)
            result = CAC_WAITBACKUP;    /* allow superusers only */
        else if (Shutdown > NoShutdown)
            return CAC_SHUTDOWN;    /* shutdown is pending */
        else if (!FatalError &&
                 (pmState == PM_STARTUP ||
                  pmState == PM_RECOVERY))
            return CAC_STARTUP; /* normal startup */
        else if (!FatalError &&
                 pmState == PM_HOT_STANDBY)
            result = CAC_OK;    /* connection OK during hot standby */
        else
            return CAC_RECOVERY;    /* else must be crash recovery */
    }

    /*
     * Don't start too many children.
     *
     * We allow more connections than we can have backends here because some
     * might still be authenticating; they might fail auth, or some existing
     * backend might exit before the auth cycle is completed. The exact
     * MaxBackends limit is enforced when a new backend tries to join the
     * shared-inval backend array.
     *
     * The limit here must match the sizes of the per-child-process arrays;
     * see comments for MaxLivePostmasterChildren().
     */
    if (CountChildren(BACKEND_TYPE_ALL) >= MaxLivePostmasterChildren())
        result = CAC_TOOMANY;

    return result;
}

static void checkDataDir ( void  )

static

Definition at line 1464 of file postmaster.c.

References AllocateFile(), Assert, DataDir, ereport, errcode(), errcode_for_file_access(), errdetail(), errhint(), errmsg(), ExitPostmaster(), FATAL, FreeFile(), MAXPGPATH, NULL, PG_BINARY_R, progname, S_IRWXG, S_IRWXO, snprintf(), strerror(), ValidatePgVersion(), and write_stderr.

Referenced by PostmasterMain().

{
    char        path[MAXPGPATH];
    FILE       *fp;
    struct stat stat_buf;

    Assert(DataDir);

    if (stat(DataDir, &stat_buf) != 0)
    {
        if (errno == ENOENT)
            ereport(FATAL,
                    (errcode_for_file_access(),
                     errmsg("data directory \"%s\" does not exist",
                            DataDir)));
        else
            ereport(FATAL,
                    (errcode_for_file_access(),
                     errmsg("could not read permissions of directory \"%s\": %m",
                            DataDir)));
    }

    /* eventual chdir would fail anyway, but let's test ... */
    if (!S_ISDIR(stat_buf.st_mode))
        ereport(FATAL,
                (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
                 errmsg("specified data directory \"%s\" is not a directory",
                        DataDir)));

    /*
     * Check that the directory belongs to my userid; if not, reject.
     *
     * This check is an essential part of the interlock that prevents two
     * postmasters from starting in the same directory (see CreateLockFile()).
     * Do not remove or weaken it.
     *
     * XXX can we safely enable this check on Windows?
     */
#if !defined(WIN32) && !defined(__CYGWIN__)
    if (stat_buf.st_uid != geteuid())
        ereport(FATAL,
                (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
                 errmsg("data directory \"%s\" has wrong ownership",
                        DataDir),
                 errhint("The server must be started by the user that owns the data directory.")));
#endif

    /*
     * Check if the directory has group or world access.  If so, reject.
     *
     * It would be possible to allow weaker constraints (for example, allow
     * group access) but we cannot make a general assumption that that is
     * okay; for example there are platforms where nearly all users
     * customarily belong to the same group.  Perhaps this test should be
     * configurable.
     *
     * XXX temporarily suppress check when on Windows, because there may not
     * be proper support for Unix-y file permissions.  Need to think of a
     * reasonable check to apply on Windows.
     */
#if !defined(WIN32) && !defined(__CYGWIN__)
    if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))
        ereport(FATAL,
                (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
                 errmsg("data directory \"%s\" has group or world access",
                        DataDir),
                 errdetail("Permissions should be u=rwx (0700).")));
#endif

    /* Look for PG_VERSION before looking for pg_control */
    ValidatePgVersion(DataDir);

    snprintf(path, sizeof(path), "%s/global/pg_control", DataDir);

    fp = AllocateFile(path, PG_BINARY_R);
    if (fp == NULL)
    {
        write_stderr("%s: could not find the database system\n"
                     "Expected to find it in the directory \"%s\",\n"
                     "but could not open file \"%s\": %s\n",
                     progname, DataDir, path, strerror(errno));
        ExitPostmaster(2);
    }
    FreeFile(fp);
}

static void CleanupBackend ( int  pid, int  exitstatus  )

static

Definition at line 3168 of file postmaster.c.

References _, BackgroundWorkerStopNotifications(), bkend::bgworker_notify, bkend::child_slot, dlist_mutable_iter::cur, bkend::dead_end, DEBUG2, dlist_container, dlist_delete(), dlist_foreach_modify, EXIT_STATUS_0, EXIT_STATUS_1, free, HandleChildCrash(), LOG, LogChildExit(), bkend::pid, and ReleasePostmasterChildSlot().

Referenced by reaper().

{
    dlist_mutable_iter iter;

    LogChildExit(DEBUG2, _("server process"), pid, exitstatus);

    /*
     * If a backend dies in an ugly way then we must signal all other backends
     * to quickdie.  If exit status is zero (normal) or one (FATAL exit), we
     * assume everything is all right and proceed to remove the backend from
     * the active backend list.
     */

#ifdef WIN32

    /*
     * On win32, also treat ERROR_WAIT_NO_CHILDREN (128) as nonfatal case,
     * since that sometimes happens under load when the process fails to start
     * properly (long before it starts using shared memory). Microsoft reports
     * it is related to mutex failure:
     * http://archives.postgresql.org/pgsql-hackers/2010-09/msg00790.php
     */
    if (exitstatus == ERROR_WAIT_NO_CHILDREN)
    {
        LogChildExit(LOG, _("server process"), pid, exitstatus);
        exitstatus = 0;
    }
#endif

    if (!EXIT_STATUS_0(exitstatus) && !EXIT_STATUS_1(exitstatus))
    {
        HandleChildCrash(pid, exitstatus, _("server process"));
        return;
    }

    dlist_foreach_modify(iter, &BackendList)
    {
        Backend    *bp = dlist_container(Backend, elem, iter.cur);

        if (bp->pid == pid)
        {
            if (!bp->dead_end)
            {
                if (!ReleasePostmasterChildSlot(bp->child_slot))
                {
                    /*
                     * Uh-oh, the child failed to clean itself up.  Treat as a
                     * crash after all.
                     */
                    HandleChildCrash(pid, exitstatus, _("server process"));
                    return;
                }
#ifdef EXEC_BACKEND
                ShmemBackendArrayRemove(bp);
#endif
            }
            if (bp->bgworker_notify)
            {
                /*
                 * This backend may have been slated to receive SIGUSR1 when
                 * some background worker started or stopped.  Cancel those
                 * notifications, as we don't want to signal PIDs that are not
                 * PostgreSQL backends.  This gets skipped in the (probably
                 * very common) case where the backend has never requested any
                 * such notifications.
                 */
                BackgroundWorkerStopNotifications(bp->pid);
            }
            dlist_delete(iter.cur);
            free(bp);
            break;
        }
    }
}

static bool CleanupBackgroundWorker ( int  pid, int  exitstatus  )

static

Definition at line 3069 of file postmaster.c.

References _, BackgroundWorkerList, BackgroundWorkerStopNotifications(), BackgroundWorker::bgw_flags, BackgroundWorker::bgw_name, bkend::bgworker_notify, BGWORKER_SHMEM_ACCESS, slist_mutable_iter::cur, DEBUG1, dlist_delete(), bkend::elem, EXIT_STATUS_0, EXIT_STATUS_1, free, GetCurrentTimestamp(), HandleChildCrash(), LOG, LogChildExit(), MAXPGPATH, NULL, ReleasePostmasterChildSlot(), ReportBackgroundWorkerExit(), RegisteredBgWorker::rw_backend, RegisteredBgWorker::rw_child_slot, RegisteredBgWorker::rw_crashed_at, RegisteredBgWorker::rw_pid, RegisteredBgWorker::rw_terminate, RegisteredBgWorker::rw_worker, slist_container, slist_foreach_modify, and snprintf().

Referenced by reaper().

{
    char        namebuf[MAXPGPATH];
    slist_mutable_iter iter;

    slist_foreach_modify(iter, &BackgroundWorkerList)
    {
        RegisteredBgWorker *rw;

        rw = slist_container(RegisteredBgWorker, rw_lnode, iter.cur);

        if (rw->rw_pid != pid)
            continue;

#ifdef WIN32
        /* see CleanupBackend */
        if (exitstatus == ERROR_WAIT_NO_CHILDREN)
            exitstatus = 0;
#endif

        snprintf(namebuf, MAXPGPATH, "%s: %s", _("worker process"),
                 rw->rw_worker.bgw_name);

        if (!EXIT_STATUS_0(exitstatus))
        {
            /* Record timestamp, so we know when to restart the worker. */
            rw->rw_crashed_at = GetCurrentTimestamp();
        }
        else
        {
            /* Zero exit status means terminate */
            rw->rw_crashed_at = 0;
            rw->rw_terminate = true;
        }

        /*
         * Additionally, for shared-memory-connected workers, just like a
         * backend, any exit status other than 0 or 1 is considered a crash
         * and causes a system-wide restart.
         */
        if ((rw->rw_worker.bgw_flags & BGWORKER_SHMEM_ACCESS) != 0)
        {
            if (!EXIT_STATUS_0(exitstatus) && !EXIT_STATUS_1(exitstatus))
            {
                HandleChildCrash(pid, exitstatus, namebuf);
                return true;
            }
        }

        /*
         * We must release the postmaster child slot whether this worker is
         * connected to shared memory or not, but we only treat it as a crash
         * if it is in fact connected.
         */
        if (!ReleasePostmasterChildSlot(rw->rw_child_slot) &&
            (rw->rw_worker.bgw_flags & BGWORKER_SHMEM_ACCESS) != 0)
        {
            HandleChildCrash(pid, exitstatus, namebuf);
            return true;
        }

        /* Get it out of the BackendList and clear out remaining data */
        dlist_delete(&rw->rw_backend->elem);
#ifdef EXEC_BACKEND
        ShmemBackendArrayRemove(rw->rw_backend);
#endif

        /*
         * It's possible that this background worker started some OTHER
         * background worker and asked to be notified when that worker started
         * or stopped.  If so, cancel any notifications destined for the
         * now-dead backend.
         */
        if (rw->rw_backend->bgworker_notify)
            BackgroundWorkerStopNotifications(rw->rw_pid);
        free(rw->rw_backend);
        rw->rw_backend = NULL;
        rw->rw_pid = 0;
        rw->rw_child_slot = 0;
        ReportBackgroundWorkerExit(&iter);  /* report child death */

        LogChildExit(EXIT_STATUS_0(exitstatus) ? DEBUG1 : LOG,
                     namebuf, pid, exitstatus);

        return true;
    }

    return false;
}

void ClosePostmasterPorts

(

bool

am_syslogger

)

Definition at line 2434 of file postmaster.c.

References close, ereport, errcode_for_file_access(), errmsg_internal(), FATAL, i, ListenSocket, MAXLISTEN, PGINVALID_SOCKET, postmaster_alive_fds, POSTMASTER_FD_OWN, StreamClose(), and syslogPipe.

Referenced by BackendStartup(), do_start_bgworker(), pgarch_start(), pgstat_start(), StartAutoVacLauncher(), StartAutoVacWorker(), StartChildProcess(), and SysLogger_Start().

{
    int         i;

#ifndef WIN32

    /*
     * Close the write end of postmaster death watch pipe. It's important to
     * do this as early as possible, so that if postmaster dies, others won't
     * think that it's still running because we're holding the pipe open.
     */
    if (close(postmaster_alive_fds[POSTMASTER_FD_OWN]))
        ereport(FATAL,
                (errcode_for_file_access(),
                 errmsg_internal("could not close postmaster death monitoring pipe in child process: %m")));
    postmaster_alive_fds[POSTMASTER_FD_OWN] = -1;
#endif

    /* Close the listen sockets */
    for (i = 0; i < MAXLISTEN; i++)
    {
        if (ListenSocket[i] != PGINVALID_SOCKET)
        {
            StreamClose(ListenSocket[i]);
            ListenSocket[i] = PGINVALID_SOCKET;
        }
    }

    /* If using syslogger, close the read side of the pipe */
    if (!am_syslogger)
    {
#ifndef WIN32
        if (syslogPipe[0] >= 0)
            close(syslogPipe[0]);
        syslogPipe[0] = -1;
#else
        if (syslogPipe[0])
            CloseHandle(syslogPipe[0]);
        syslogPipe[0] = 0;
#endif
    }

#ifdef USE_BONJOUR
    /* If using Bonjour, close the connection to the mDNS daemon */
    if (bonjour_sdref)
        close(DNSServiceRefSockFD(bonjour_sdref));
#endif
}

static void CloseServerPorts ( int  status, Datum  arg  )

static

Definition at line 1365 of file postmaster.c.

References i, ListenSocket, MAXLISTEN, PGINVALID_SOCKET, RemoveSocketFiles(), and StreamClose().

Referenced by PostmasterMain().

{
    int         i;

    /*
     * First, explicitly close all the socket FDs.  We used to just let this
     * happen implicitly at postmaster exit, but it's better to close them
     * before we remove the postmaster.pid lockfile; otherwise there's a race
     * condition if a new postmaster wants to re-use the TCP port number.
     */
    for (i = 0; i < MAXLISTEN; i++)
    {
        if (ListenSocket[i] != PGINVALID_SOCKET)
        {
            StreamClose(ListenSocket[i]);
            ListenSocket[i] = PGINVALID_SOCKET;
        }
    }

    /*
     * Next, remove any filesystem entries for Unix sockets.  To avoid race
     * conditions against incoming postmasters, this must happen after closing
     * the sockets and before removing lock files.
     */
    RemoveSocketFiles();

    /*
     * We don't do anything about socket lock files here; those will be
     * removed in a later on_proc_exit callback.
     */
}

static Port * ConnCreate ( int  serverFd )

static

Definition at line 2368 of file postmaster.c.

References calloc, ConnFree(), ereport, errcode(), errmsg(), ExitPostmaster(), Port::gss, LOG, NULL, PGINVALID_SOCKET, port, Port::sock, STATUS_OK, StreamClose(), and StreamConnection().

Referenced by ServerLoop().

{
    Port       *port;

    if (!(port = (Port *) calloc(1, sizeof(Port))))
    {
        ereport(LOG,
                (errcode(ERRCODE_OUT_OF_MEMORY),
                 errmsg("out of memory")));
        ExitPostmaster(1);
    }

    if (StreamConnection(serverFd, port) != STATUS_OK)
    {
        if (port->sock != PGINVALID_SOCKET)
            StreamClose(port->sock);
        ConnFree(port);
        return NULL;
    }

    /*
     * Allocate GSSAPI specific state struct
     */
#ifndef EXEC_BACKEND
#if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
    port->gss = (pg_gssinfo *) calloc(1, sizeof(pg_gssinfo));
    if (!port->gss)
    {
        ereport(LOG,
                (errcode(ERRCODE_OUT_OF_MEMORY),
                 errmsg("out of memory")));
        ExitPostmaster(1);
    }
#endif
#endif

    return port;
}

static void ConnFree ( Port *  port )

static

Definition at line 2412 of file postmaster.c.

References free, Port::gss, and secure_close().

Referenced by ConnCreate(), and ServerLoop().

{
#ifdef USE_SSL
    secure_close(conn);
#endif
    if (conn->gss)
        free(conn->gss);
    free(conn);
}

static int CountChildren ( int  target )

static

Definition at line 5184 of file postmaster.c.

References BACKEND_TYPE_ALL, BACKEND_TYPE_NORMAL, BACKEND_TYPE_WALSND, bkend::bkend_type, bkend::child_slot, dlist_iter::cur, bkend::dead_end, dlist_container, dlist_foreach, and IsPostmasterChildWalSender().

Referenced by canAcceptConnections(), and PostmasterStateMachine().

{
    dlist_iter  iter;
    int         cnt = 0;

    dlist_foreach(iter, &BackendList)
    {
        Backend    *bp = dlist_container(Backend, elem, iter.cur);

        if (bp->dead_end)
            continue;

        /*
         * Since target == BACKEND_TYPE_ALL is the most common case, we test
         * it first and avoid touching shared memory for every child.
         */
        if (target != BACKEND_TYPE_ALL)
        {
            /*
             * Assign bkend_type for any recently announced WAL Sender
             * processes.
             */
            if (bp->bkend_type == BACKEND_TYPE_NORMAL &&
                IsPostmasterChildWalSender(bp->child_slot))
                bp->bkend_type = BACKEND_TYPE_WALSND;

            if (!(target & bp->bkend_type))
                continue;
        }

        cnt++;
    }
    return cnt;
}

static bool CreateOptsFile ( int  argc, char *  argv[], char *  fullprogname  )

static

Definition at line 5416 of file postmaster.c.

References elog, i, LOG, NULL, and OPTS_FILE.

Referenced by PostmasterMain().

{
    FILE       *fp;
    int         i;

#define OPTS_FILE   "postmaster.opts"

    if ((fp = fopen(OPTS_FILE, "w")) == NULL)
    {
        elog(LOG, "could not create file \"%s\": %m", OPTS_FILE);
        return false;
    }

    fprintf(fp, "%s", fullprogname);
    for (i = 1; i < argc; i++)
        fprintf(fp, " \"%s\"", argv[i]);
    fputs("\n", fp);

    if (fclose(fp))
    {
        elog(LOG, "could not write file \"%s\": %m", OPTS_FILE);
        return false;
    }

    return true;
}

static void DetermineSleepTime ( struct timeval *  timeout )

static

Definition at line 1560 of file postmaster.c.

References AbortStartTime, BackgroundWorkerList, BGW_NEVER_RESTART, BackgroundWorker::bgw_restart_time, slist_mutable_iter::cur, ForgetBackgroundWorker(), GetCurrentTimestamp(), HaveCrashedWorker, Max, NoShutdown, NULL, RegisteredBgWorker::rw_crashed_at, RegisteredBgWorker::rw_terminate, RegisteredBgWorker::rw_worker, Shutdown, SIGKILL_CHILDREN_AFTER_SECS, slist_container, slist_foreach_modify, StartWorkerNeeded, TimestampDifference(), and TimestampTzPlusMilliseconds.

Referenced by ServerLoop().

{
    TimestampTz next_wakeup = 0;

    /*
     * Normal case: either there are no background workers at all, or we're in
     * a shutdown sequence (during which we ignore bgworkers altogether).
     */
    if (Shutdown > NoShutdown ||
        (!StartWorkerNeeded && !HaveCrashedWorker))
    {
        if (AbortStartTime != 0)
        {
            /* time left to abort; clamp to 0 in case it already expired */
            timeout->tv_sec = SIGKILL_CHILDREN_AFTER_SECS -
                (time(NULL) - AbortStartTime);
            timeout->tv_sec = Max(timeout->tv_sec, 0);
            timeout->tv_usec = 0;
        }
        else
        {
            timeout->tv_sec = 60;
            timeout->tv_usec = 0;
        }
        return;
    }

    if (StartWorkerNeeded)
    {
        timeout->tv_sec = 0;
        timeout->tv_usec = 0;
        return;
    }

    if (HaveCrashedWorker)
    {
        slist_mutable_iter siter;

        /*
         * When there are crashed bgworkers, we sleep just long enough that
         * they are restarted when they request to be.  Scan the list to
         * determine the minimum of all wakeup times according to most recent
         * crash time and requested restart interval.
         */
        slist_foreach_modify(siter, &BackgroundWorkerList)
        {
            RegisteredBgWorker *rw;
            TimestampTz this_wakeup;

            rw = slist_container(RegisteredBgWorker, rw_lnode, siter.cur);

            if (rw->rw_crashed_at == 0)
                continue;

            if (rw->rw_worker.bgw_restart_time == BGW_NEVER_RESTART
                || rw->rw_terminate)
            {
                ForgetBackgroundWorker(&siter);
                continue;
            }

            this_wakeup = TimestampTzPlusMilliseconds(rw->rw_crashed_at,
                                                      1000L * rw->rw_worker.bgw_restart_time);
            if (next_wakeup == 0 || this_wakeup < next_wakeup)
                next_wakeup = this_wakeup;
        }
    }

    if (next_wakeup != 0)
    {
        long        secs;
        int         microsecs;

        TimestampDifference(GetCurrentTimestamp(), next_wakeup,
                            &secs, &microsecs);
        timeout->tv_sec = secs;
        timeout->tv_usec = microsecs;

        /* Ensure we don't exceed one minute */
        if (timeout->tv_sec > 60)
        {
            timeout->tv_sec = 60;
            timeout->tv_usec = 0;
        }
    }
    else
    {
        timeout->tv_sec = 60;
        timeout->tv_usec = 0;
    }
}

static bool do_start_bgworker ( RegisteredBgWorker *  rw )

static

Definition at line 5554 of file postmaster.c.

References Assert, assign_backendlist_entry(), BackgroundWorker::bgw_name, ClosePostmasterPorts(), DEBUG1, dlist_push_head(), bkend::elem, ereport, errmsg(), fork_process(), free, GetCurrentTimestamp(), InitPostmasterChild(), LOG, MemoryContextAlloc(), MemoryContextDelete(), MemoryContextSwitchTo(), NULL, bkend::pid, PostmasterContext, ReleasePostmasterChildSlot(), ReportBackgroundWorkerPID(), RegisteredBgWorker::rw_backend, RegisteredBgWorker::rw_child_slot, RegisteredBgWorker::rw_crashed_at, RegisteredBgWorker::rw_pid, RegisteredBgWorker::rw_shmem_slot, RegisteredBgWorker::rw_worker, StartBackgroundWorker(), and TopMemoryContext.

Referenced by maybe_start_bgworkers().

{
    pid_t       worker_pid;

    Assert(rw->rw_pid == 0);

    /*
     * Allocate and assign the Backend element.  Note we must do this before
     * forking, so that we can handle out of memory properly.
     *
     * Treat failure as though the worker had crashed.  That way, the
     * postmaster will wait a bit before attempting to start it again; if it
     * tried again right away, most likely it'd find itself repeating the
     * out-of-memory or fork failure condition.
     */
    if (!assign_backendlist_entry(rw))
    {
        rw->rw_crashed_at = GetCurrentTimestamp();
        return false;
    }

    ereport(DEBUG1,
            (errmsg("starting background worker process \"%s\"",
                    rw->rw_worker.bgw_name)));

#ifdef EXEC_BACKEND
    switch ((worker_pid = bgworker_forkexec(rw->rw_shmem_slot)))
#else
    switch ((worker_pid = fork_process()))
#endif
    {
        case -1:
            /* in postmaster, fork failed ... */
            ereport(LOG,
                    (errmsg("could not fork worker process: %m")));
            /* undo what assign_backendlist_entry did */
            ReleasePostmasterChildSlot(rw->rw_child_slot);
            rw->rw_child_slot = 0;
            free(rw->rw_backend);
            rw->rw_backend = NULL;
            /* mark entry as crashed, so we'll try again later */
            rw->rw_crashed_at = GetCurrentTimestamp();
            break;

#ifndef EXEC_BACKEND
        case 0:
            /* in postmaster child ... */
            InitPostmasterChild();

            /* Close the postmaster's sockets */
            ClosePostmasterPorts(false);

            /*
             * Before blowing away PostmasterContext, save this bgworker's
             * data where it can find it.
             */
            MyBgworkerEntry = (BackgroundWorker *)
                MemoryContextAlloc(TopMemoryContext, sizeof(BackgroundWorker));
            memcpy(MyBgworkerEntry, &rw->rw_worker, sizeof(BackgroundWorker));

            /* Release postmaster's working memory context */
            MemoryContextSwitchTo(TopMemoryContext);
            MemoryContextDelete(PostmasterContext);
            PostmasterContext = NULL;

            StartBackgroundWorker();

            exit(1);            /* should not get here */
            break;
#endif
        default:
            /* in postmaster, fork successful ... */
            rw->rw_pid = worker_pid;
            rw->rw_backend->pid = rw->rw_pid;
            ReportBackgroundWorkerPID(rw);
            /* add new worker to lists of backends */
            dlist_push_head(&BackendList, &rw->rw_backend->elem);
#ifdef EXEC_BACKEND
            ShmemBackendArrayAdd(rw->rw_backend);
#endif
            return true;
    }

    return false;
}

static void dummy_handler ( SIGNAL_ARGS  )

static

Definition at line 5124 of file postmaster.c.

Referenced by PostmasterMain().

{
}

static void ExitPostmaster ( int  status )

static

Definition at line 4923 of file postmaster.c.

References ereport, errcode(), errdetail(), errmsg_internal(), LOG, and proc_exit().

Referenced by checkDataDir(), ConnCreate(), PostmasterMain(), PostmasterStateMachine(), reaper(), and StartChildProcess().

{
#ifdef HAVE_PTHREAD_IS_THREADED_NP

    /*
     * There is no known cause for a postmaster to become multithreaded after
     * startup.  Recheck to account for the possibility of unknown causes.
     * This message uses LOG level, because an unclean shutdown at this point
     * would usually not look much different from a clean shutdown.
     */
    if (pthread_is_threaded_np() != 0)
        ereport(LOG,
                (errcode(ERRCODE_INTERNAL_ERROR),
                 errmsg_internal("postmaster became multithreaded"),
                 errdetail("Please report this to <pgsql-bugs@postgresql.org>.")));
#endif

    /* should cleanup shared memory and kill all backends */

    /*
     * Not sure of the semantics here.  When the Postmaster dies, should the
     * backends all be killed? probably not.
     *
     * MUST     -- vadim 05-10-1999
     */

    proc_exit(status);
}

static void getInstallationPaths ( const char *  argv0 )

static

Definition at line 1413 of file postmaster.c.

References AllocateDir(), elog, ereport, errcode_for_file_access(), errhint(), errmsg(), ERROR, FATAL, find_my_exec(), find_other_exec(), FreeDir(), get_pkglib_path(), my_exec_path, NULL, PG_BACKEND_VERSIONSTR, and pkglib_path.

Referenced by PostmasterMain().

{
    DIR        *pdir;

    /* Locate the postgres executable itself */
    if (find_my_exec(argv0, my_exec_path) < 0)
        elog(FATAL, "%s: could not locate my own executable path", argv0);

#ifdef EXEC_BACKEND
    /* Locate executable backend before we change working directory */
    if (find_other_exec(argv0, "postgres", PG_BACKEND_VERSIONSTR,
                        postgres_exec_path) < 0)
        ereport(FATAL,
                (errmsg("%s: could not locate matching postgres executable",
                        argv0)));
#endif

    /*
     * Locate the pkglib directory --- this has to be set early in case we try
     * to load any modules from it in response to postgresql.conf entries.
     */
    get_pkglib_path(my_exec_path, pkglib_path);

    /*
     * Verify that there's a readable directory there; otherwise the Postgres
     * installation is incomplete or corrupt.  (A typical cause of this
     * failure is that the postgres executable has been moved or hardlinked to
     * some directory that's not a sibling of the installation lib/
     * directory.)
     */
    pdir = AllocateDir(pkglib_path);
    if (pdir == NULL)
        ereport(ERROR,
                (errcode_for_file_access(),
                 errmsg("could not open directory \"%s\": %m",
                        pkglib_path),
                 errhint("This may indicate an incomplete PostgreSQL installation, or that the file \"%s\" has been moved away from its proper location.",
                         my_exec_path)));
    FreeDir(pdir);

    /*
     * XXX is it worth similarly checking the share/ directory?  If the lib/
     * directory is there, then share/ probably is too.
     */
}

static void HandleChildCrash ( int  pid, int  exitstatus, const char *  procname  )

static

Definition at line 3252 of file postmaster.c.

References AbortStartTime, allow_immediate_pgstat_restart(), AutoVacPID, BACKEND_TYPE_BGWORKER, BackgroundWorkerList, BgWriterPID, bkend::bkend_type, CheckpointerPID, bkend::child_slot, dlist_mutable_iter::cur, slist_iter::cur, bkend::dead_end, DEBUG2, dlist_container, dlist_delete(), dlist_foreach_modify, bkend::elem, ereport, errmsg(), errmsg_internal(), FatalError, free, ImmediateShutdown, LOG, LogChildExit(), NULL, PgArchPID, PgStatPID, bkend::pid, PM_HOT_STANDBY, PM_RECOVERY, PM_RUN, PM_SHUTDOWN, PM_WAIT_BACKENDS, PM_WAIT_BACKUP, PM_WAIT_READONLY, pmState, ReleasePostmasterChildSlot(), RegisteredBgWorker::rw_backend, RegisteredBgWorker::rw_child_slot, RegisteredBgWorker::rw_pid, SendStop, Shutdown, signal_child(), SIGQUIT, SIGSTOP, slist_container, slist_foreach, STARTUP_CRASHED, STARTUP_SIGNALED, StartupPID, StartupStatus, WalReceiverPID, and WalWriterPID.

Referenced by CleanupBackend(), CleanupBackgroundWorker(), and reaper().

{
    dlist_mutable_iter iter;
    slist_iter  siter;
    Backend    *bp;
    bool        take_action;

    /*
     * We only log messages and send signals if this is the first process
     * crash and we're not doing an immediate shutdown; otherwise, we're only
     * here to update postmaster's idea of live processes.  If we have already
     * signalled children, nonzero exit status is to be expected, so don't
     * clutter log.
     */
    take_action = !FatalError && Shutdown != ImmediateShutdown;

    if (take_action)
    {
        LogChildExit(LOG, procname, pid, exitstatus);
        ereport(LOG,
                (errmsg("terminating any other active server processes")));
    }

    /* Process background workers. */
    slist_foreach(siter, &BackgroundWorkerList)
    {
        RegisteredBgWorker *rw;

        rw = slist_container(RegisteredBgWorker, rw_lnode, siter.cur);
        if (rw->rw_pid == 0)
            continue;           /* not running */
        if (rw->rw_pid == pid)
        {
            /*
             * Found entry for freshly-dead worker, so remove it.
             */
            (void) ReleasePostmasterChildSlot(rw->rw_child_slot);
            dlist_delete(&rw->rw_backend->elem);
#ifdef EXEC_BACKEND
            ShmemBackendArrayRemove(rw->rw_backend);
#endif
            free(rw->rw_backend);
            rw->rw_backend = NULL;
            rw->rw_pid = 0;
            rw->rw_child_slot = 0;
            /* don't reset crashed_at */
            /* don't report child stop, either */
            /* Keep looping so we can signal remaining workers */
        }
        else
        {
            /*
             * This worker is still alive.  Unless we did so already, tell it
             * to commit hara-kiri.
             *
             * SIGQUIT is the special signal that says exit without proc_exit
             * and let the user know what's going on. But if SendStop is set
             * (-s on command line), then we send SIGSTOP instead, so that we
             * can get core dumps from all backends by hand.
             */
            if (take_action)
            {
                ereport(DEBUG2,
                        (errmsg_internal("sending %s to process %d",
                                         (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                         (int) rw->rw_pid)));
                signal_child(rw->rw_pid, (SendStop ? SIGSTOP : SIGQUIT));
            }
        }
    }

    /* Process regular backends */
    dlist_foreach_modify(iter, &BackendList)
    {
        bp = dlist_container(Backend, elem, iter.cur);

        if (bp->pid == pid)
        {
            /*
             * Found entry for freshly-dead backend, so remove it.
             */
            if (!bp->dead_end)
            {
                (void) ReleasePostmasterChildSlot(bp->child_slot);
#ifdef EXEC_BACKEND
                ShmemBackendArrayRemove(bp);
#endif
            }
            dlist_delete(iter.cur);
            free(bp);
            /* Keep looping so we can signal remaining backends */
        }
        else
        {
            /*
             * This backend is still alive.  Unless we did so already, tell it
             * to commit hara-kiri.
             *
             * SIGQUIT is the special signal that says exit without proc_exit
             * and let the user know what's going on. But if SendStop is set
             * (-s on command line), then we send SIGSTOP instead, so that we
             * can get core dumps from all backends by hand.
             *
             * We could exclude dead_end children here, but at least in the
             * SIGSTOP case it seems better to include them.
             *
             * Background workers were already processed above; ignore them
             * here.
             */
            if (bp->bkend_type == BACKEND_TYPE_BGWORKER)
                continue;

            if (take_action)
            {
                ereport(DEBUG2,
                        (errmsg_internal("sending %s to process %d",
                                         (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                         (int) bp->pid)));
                signal_child(bp->pid, (SendStop ? SIGSTOP : SIGQUIT));
            }
        }
    }

    /* Take care of the startup process too */
    if (pid == StartupPID)
    {
        StartupPID = 0;
        StartupStatus = STARTUP_CRASHED;
    }
    else if (StartupPID != 0 && take_action)
    {
        ereport(DEBUG2,
                (errmsg_internal("sending %s to process %d",
                                 (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                 (int) StartupPID)));
        signal_child(StartupPID, (SendStop ? SIGSTOP : SIGQUIT));
        StartupStatus = STARTUP_SIGNALED;
    }

    /* Take care of the bgwriter too */
    if (pid == BgWriterPID)
        BgWriterPID = 0;
    else if (BgWriterPID != 0 && take_action)
    {
        ereport(DEBUG2,
                (errmsg_internal("sending %s to process %d",
                                 (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                 (int) BgWriterPID)));
        signal_child(BgWriterPID, (SendStop ? SIGSTOP : SIGQUIT));
    }

    /* Take care of the checkpointer too */
    if (pid == CheckpointerPID)
        CheckpointerPID = 0;
    else if (CheckpointerPID != 0 && take_action)
    {
        ereport(DEBUG2,
                (errmsg_internal("sending %s to process %d",
                                 (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                 (int) CheckpointerPID)));
        signal_child(CheckpointerPID, (SendStop ? SIGSTOP : SIGQUIT));
    }

    /* Take care of the walwriter too */
    if (pid == WalWriterPID)
        WalWriterPID = 0;
    else if (WalWriterPID != 0 && take_action)
    {
        ereport(DEBUG2,
                (errmsg_internal("sending %s to process %d",
                                 (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                 (int) WalWriterPID)));
        signal_child(WalWriterPID, (SendStop ? SIGSTOP : SIGQUIT));
    }

    /* Take care of the walreceiver too */
    if (pid == WalReceiverPID)
        WalReceiverPID = 0;
    else if (WalReceiverPID != 0 && take_action)
    {
        ereport(DEBUG2,
                (errmsg_internal("sending %s to process %d",
                                 (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                 (int) WalReceiverPID)));
        signal_child(WalReceiverPID, (SendStop ? SIGSTOP : SIGQUIT));
    }

    /* Take care of the autovacuum launcher too */
    if (pid == AutoVacPID)
        AutoVacPID = 0;
    else if (AutoVacPID != 0 && take_action)
    {
        ereport(DEBUG2,
                (errmsg_internal("sending %s to process %d",
                                 (SendStop ? "SIGSTOP" : "SIGQUIT"),
                                 (int) AutoVacPID)));
        signal_child(AutoVacPID, (SendStop ? SIGSTOP : SIGQUIT));
    }

    /*
     * Force a power-cycle of the pgarch process too.  (This isn't absolutely
     * necessary, but it seems like a good idea for robustness, and it
     * simplifies the state-machine logic in the case where a shutdown request
     * arrives during crash processing.)
     */
    if (PgArchPID != 0 && take_action)
    {
        ereport(DEBUG2,
                (errmsg_internal("sending %s to process %d",
                                 "SIGQUIT",
                                 (int) PgArchPID)));
        signal_child(PgArchPID, SIGQUIT);
    }

    /*
     * Force a power-cycle of the pgstat process too.  (This isn't absolutely
     * necessary, but it seems like a good idea for robustness, and it
     * simplifies the state-machine logic in the case where a shutdown request
     * arrives during crash processing.)
     */
    if (PgStatPID != 0 && take_action)
    {
        ereport(DEBUG2,
                (errmsg_internal("sending %s to process %d",
                                 "SIGQUIT",
                                 (int) PgStatPID)));
        signal_child(PgStatPID, SIGQUIT);
        allow_immediate_pgstat_restart();
    }

    /* We do NOT restart the syslogger */

    if (Shutdown != ImmediateShutdown)
        FatalError = true;

    /* We now transit into a state of waiting for children to die */
    if (pmState == PM_RECOVERY ||
        pmState == PM_HOT_STANDBY ||
        pmState == PM_RUN ||
        pmState == PM_WAIT_BACKUP ||
        pmState == PM_WAIT_READONLY ||
        pmState == PM_SHUTDOWN)
        pmState = PM_WAIT_BACKENDS;

    /*
     * .. and if this doesn't happen quickly enough, now the clock is ticking
     * for us to kill them without mercy.
     */
    if (AbortStartTime == 0)
        AbortStartTime = time(NULL);
}

static int initMasks ( fd_set *  rmask )

static

Definition at line 1894 of file postmaster.c.

References fd(), i, ListenSocket, MAXLISTEN, and PGINVALID_SOCKET.

Referenced by ServerLoop().

{
    int         maxsock = -1;
    int         i;

    FD_ZERO(rmask);

    for (i = 0; i < MAXLISTEN; i++)
    {
        int         fd = ListenSocket[i];

        if (fd == PGINVALID_SOCKET)
            break;
        FD_SET(fd, rmask);

        if (fd > maxsock)
            maxsock = fd;
    }

    return maxsock + 1;
}

static void InitPostmasterDeathWatchHandle ( void  )

static

Definition at line 6314 of file postmaster.c.

References Assert, ereport, errcode_for_file_access(), errcode_for_socket_access(), errmsg_internal(), FATAL, MyProcPid, postmaster_alive_fds, POSTMASTER_FD_WATCH, PostmasterPid, and TRUE.

Referenced by PostmasterMain().

{
#ifndef WIN32

    /*
     * Create a pipe. Postmaster holds the write end of the pipe open
     * (POSTMASTER_FD_OWN), and children hold the read end. Children can pass
     * the read file descriptor to select() to wake up in case postmaster
     * dies, or check for postmaster death with a (read() == 0). Children must
     * close the write end as soon as possible after forking, because EOF
     * won't be signaled in the read end until all processes have closed the
     * write fd. That is taken care of in ClosePostmasterPorts().
     */
    Assert(MyProcPid == PostmasterPid);
    if (pipe(postmaster_alive_fds) < 0)
        ereport(FATAL,
                (errcode_for_file_access(),
                 errmsg_internal("could not create pipe to monitor postmaster death: %m")));

    /*
     * Set O_NONBLOCK to allow testing for the fd's presence with a read()
     * call.
     */
    if (fcntl(postmaster_alive_fds[POSTMASTER_FD_WATCH], F_SETFL, O_NONBLOCK) == -1)
        ereport(FATAL,
                (errcode_for_socket_access(),
                 errmsg_internal("could not set postmaster death monitoring pipe to nonblocking mode: %m")));
#else

    /*
     * On Windows, we use a process handle for the same purpose.
     */
    if (DuplicateHandle(GetCurrentProcess(),
                        GetCurrentProcess(),
                        GetCurrentProcess(),
                        &PostmasterHandle,
                        0,
                        TRUE,
                        DUPLICATE_SAME_ACCESS) == 0)
        ereport(FATAL,
                (errmsg_internal("could not duplicate postmaster handle: error code %lu",
                                 GetLastError())));
#endif                          /* WIN32 */
}

static void LogChildExit ( int  lev, const char *  procname, int  pid, int  exitstatus  )

static

Definition at line 3508 of file postmaster.c.

References ereport, errdetail(), errhint(), errmsg(), EXIT_STATUS_0, NULL, pgstat_get_crashed_backend_activity(), WEXITSTATUS, WIFEXITED, WIFSIGNALED, and WTERMSIG.

Referenced by CleanupBackend(), CleanupBackgroundWorker(), HandleChildCrash(), and reaper().

{
    /*
     * size of activity_buffer is arbitrary, but set equal to default
     * track_activity_query_size
     */
    char        activity_buffer[1024];
    const char *activity = NULL;

    if (!EXIT_STATUS_0(exitstatus))
        activity = pgstat_get_crashed_backend_activity(pid,
                                                       activity_buffer,
                                                       sizeof(activity_buffer));

    if (WIFEXITED(exitstatus))
        ereport(lev,

        /*------
          translator: %s is a noun phrase describing a child process, such as
          "server process" */
                (errmsg("%s (PID %d) exited with exit code %d",
                        procname, pid, WEXITSTATUS(exitstatus)),
                 activity ? errdetail("Failed process was running: %s", activity) : 0));
    else if (WIFSIGNALED(exitstatus))
#if defined(WIN32)
        ereport(lev,

        /*------
          translator: %s is a noun phrase describing a child process, such as
          "server process" */
                (errmsg("%s (PID %d) was terminated by exception 0x%X",
                        procname, pid, WTERMSIG(exitstatus)),
                 errhint("See C include file \"ntstatus.h\" for a description of the hexadecimal value."),
                 activity ? errdetail("Failed process was running: %s", activity) : 0));
#elif defined(HAVE_DECL_SYS_SIGLIST) && HAVE_DECL_SYS_SIGLIST
        ereport(lev,

        /*------
          translator: %s is a noun phrase describing a child process, such as
          "server process" */
                (errmsg("%s (PID %d) was terminated by signal %d: %s",
                        procname, pid, WTERMSIG(exitstatus),
                        WTERMSIG(exitstatus) < NSIG ?
                        sys_siglist[WTERMSIG(exitstatus)] : "(unknown)"),
                 activity ? errdetail("Failed process was running: %s", activity) : 0));
#else
        ereport(lev,

        /*------
          translator: %s is a noun phrase describing a child process, such as
          "server process" */
                (errmsg("%s (PID %d) was terminated by signal %d",
                        procname, pid, WTERMSIG(exitstatus)),
                 activity ? errdetail("Failed process was running: %s", activity) : 0));
#endif
    else
        ereport(lev,

        /*------
          translator: %s is a noun phrase describing a child process, such as
          "server process" */
                (errmsg("%s (PID %d) exited with unrecognized status %d",
                        procname, pid, exitstatus),
                 activity ? errdetail("Failed process was running: %s", activity) : 0));
}

int MaxLivePostmasterChildren

(

void

)

Definition at line 5456 of file postmaster.c.

References autovacuum_max_workers, max_worker_processes, and MaxConnections.

Referenced by canAcceptConnections(), PMSignalShmemInit(), PMSignalShmemSize(), and processCancelRequest().

{
    return 2 * (MaxConnections + autovacuum_max_workers + 1 +
                max_worker_processes);
}

static void maybe_start_bgworkers ( void  )

static

Definition at line 5740 of file postmaster.c.

References BackgroundWorkerList, BGW_NEVER_RESTART, BackgroundWorker::bgw_restart_time, BackgroundWorker::bgw_start_time, bgworker_should_start_now(), slist_mutable_iter::cur, do_start_bgworker(), FatalError, ForgetBackgroundWorker(), GetCurrentTimestamp(), HaveCrashedWorker, MAX_BGWORKERS_TO_LAUNCH, now(), RegisteredBgWorker::rw_crashed_at, RegisteredBgWorker::rw_pid, RegisteredBgWorker::rw_terminate, RegisteredBgWorker::rw_worker, slist_container, slist_foreach_modify, StartWorkerNeeded, and TimestampDifferenceExceeds().

Referenced by PostmasterMain(), reaper(), ServerLoop(), and sigusr1_handler().

{
#define MAX_BGWORKERS_TO_LAUNCH 100
    int         num_launched = 0;
    TimestampTz now = 0;
    slist_mutable_iter iter;

    /*
     * During crash recovery, we have no need to be called until the state
     * transition out of recovery.
     */
    if (FatalError)
    {
        StartWorkerNeeded = false;
        HaveCrashedWorker = false;
        return;
    }

    /* Don't need to be called again unless we find a reason for it below */
    StartWorkerNeeded = false;
    HaveCrashedWorker = false;

    slist_foreach_modify(iter, &BackgroundWorkerList)
    {
        RegisteredBgWorker *rw;

        rw = slist_container(RegisteredBgWorker, rw_lnode, iter.cur);

        /* ignore if already running */
        if (rw->rw_pid != 0)
            continue;

        /* if marked for death, clean up and remove from list */
        if (rw->rw_terminate)
        {
            ForgetBackgroundWorker(&iter);
            continue;
        }

        /*
         * If this worker has crashed previously, maybe it needs to be
         * restarted (unless on registration it specified it doesn't want to
         * be restarted at all).  Check how long ago did a crash last happen.
         * If the last crash is too recent, don't start it right away; let it
         * be restarted once enough time has passed.
         */
        if (rw->rw_crashed_at != 0)
        {
            if (rw->rw_worker.bgw_restart_time == BGW_NEVER_RESTART)
            {
                ForgetBackgroundWorker(&iter);
                continue;
            }

            /* read system time only when needed */
            if (now == 0)
                now = GetCurrentTimestamp();

            if (!TimestampDifferenceExceeds(rw->rw_crashed_at, now,
                                            rw->rw_worker.bgw_restart_time * 1000))
            {
                /* Set flag to remember that we have workers to start later */
                HaveCrashedWorker = true;
                continue;
            }
        }

        if (bgworker_should_start_now(rw->rw_worker.bgw_start_time))
        {
            /* reset crash time before trying to start worker */
            rw->rw_crashed_at = 0;

            /*
             * Try to start the worker.
             *
             * On failure, give up processing workers for now, but set
             * StartWorkerNeeded so we'll come back here on the next iteration
             * of ServerLoop to try again.  (We don't want to wait, because
             * there might be additional ready-to-run workers.)  We could set
             * HaveCrashedWorker as well, since this worker is now marked
             * crashed, but there's no need because the next run of this
             * function will do that.
             */
            if (!do_start_bgworker(rw))
            {
                StartWorkerNeeded = true;
                return;
            }

            /*
             * If we've launched as many workers as allowed, quit, but have
             * ServerLoop call us again to look for additional ready-to-run
             * workers.  There might not be any, but we'll find out the next
             * time we run.
             */
            if (++num_launched >= MAX_BGWORKERS_TO_LAUNCH)
            {
                StartWorkerNeeded = true;
                return;
            }
        }
    }
}

static void pmdie ( SIGNAL_ARGS  )

static

Definition at line 2579 of file postmaster.c.

References AbortStartTime, AutoVacPID, BACKEND_TYPE_AUTOVAC, BACKEND_TYPE_BGWORKER, BACKEND_TYPE_NORMAL, BgWriterPID, BlockSig, DEBUG2, ereport, errmsg(), errmsg_internal(), FastShutdown, ImmediateShutdown, LOG, NULL, PG_SETMASK, PM_HOT_STANDBY, PM_RECOVERY, PM_RUN, PM_STARTUP, PM_WAIT_BACKENDS, PM_WAIT_BACKUP, PM_WAIT_READONLY, pmState, PostmasterStateMachine(), Shutdown, signal_child(), SignalSomeChildren(), SIGQUIT, SmartShutdown, StartupPID, TerminateChildren(), UnBlockSig, WalReceiverPID, and WalWriterPID.

Referenced by PostmasterMain().

{
    int         save_errno = errno;

    PG_SETMASK(&BlockSig);

    ereport(DEBUG2,
            (errmsg_internal("postmaster received signal %d",
                             postgres_signal_arg)));

    switch (postgres_signal_arg)
    {
        case SIGTERM:

            /*
             * Smart Shutdown:
             *
             * Wait for children to end their work, then shut down.
             */
            if (Shutdown >= SmartShutdown)
                break;
            Shutdown = SmartShutdown;
            ereport(LOG,
                    (errmsg("received smart shutdown request")));
#ifdef USE_SYSTEMD
            sd_notify(0, "STOPPING=1");
#endif

            if (pmState == PM_RUN || pmState == PM_RECOVERY ||
                pmState == PM_HOT_STANDBY || pmState == PM_STARTUP)
            {
                /* autovac workers are told to shut down immediately */
                /* and bgworkers too; does this need tweaking? */
                SignalSomeChildren(SIGTERM,
                                   BACKEND_TYPE_AUTOVAC | BACKEND_TYPE_BGWORKER);
                /* and the autovac launcher too */
                if (AutoVacPID != 0)
                    signal_child(AutoVacPID, SIGTERM);
                /* and the bgwriter too */
                if (BgWriterPID != 0)
                    signal_child(BgWriterPID, SIGTERM);
                /* and the walwriter too */
                if (WalWriterPID != 0)
                    signal_child(WalWriterPID, SIGTERM);

                /*
                 * If we're in recovery, we can't kill the startup process
                 * right away, because at present doing so does not release
                 * its locks.  We might want to change this in a future
                 * release.  For the time being, the PM_WAIT_READONLY state
                 * indicates that we're waiting for the regular (read only)
                 * backends to die off; once they do, we'll kill the startup
                 * and walreceiver processes.
                 */
                pmState = (pmState == PM_RUN) ?
                    PM_WAIT_BACKUP : PM_WAIT_READONLY;
            }

            /*
             * Now wait for online backup mode to end and backends to exit. If
             * that is already the case, PostmasterStateMachine will take the
             * next step.
             */
            PostmasterStateMachine();
            break;

        case SIGINT:

            /*
             * Fast Shutdown:
             *
             * Abort all children with SIGTERM (rollback active transactions
             * and exit) and shut down when they are gone.
             */
            if (Shutdown >= FastShutdown)
                break;
            Shutdown = FastShutdown;
            ereport(LOG,
                    (errmsg("received fast shutdown request")));
#ifdef USE_SYSTEMD
            sd_notify(0, "STOPPING=1");
#endif

            if (StartupPID != 0)
                signal_child(StartupPID, SIGTERM);
            if (BgWriterPID != 0)
                signal_child(BgWriterPID, SIGTERM);
            if (WalReceiverPID != 0)
                signal_child(WalReceiverPID, SIGTERM);
            if (pmState == PM_RECOVERY)
            {
                SignalSomeChildren(SIGTERM, BACKEND_TYPE_BGWORKER);

                /*
                 * Only startup, bgwriter, walreceiver, possibly bgworkers,
                 * and/or checkpointer should be active in this state; we just
                 * signaled the first four, and we don't want to kill
                 * checkpointer yet.
                 */
                pmState = PM_WAIT_BACKENDS;
            }
            else if (pmState == PM_RUN ||
                     pmState == PM_WAIT_BACKUP ||
                     pmState == PM_WAIT_READONLY ||
                     pmState == PM_WAIT_BACKENDS ||
                     pmState == PM_HOT_STANDBY)
            {
                ereport(LOG,
                        (errmsg("aborting any active transactions")));
                /* shut down all backends and workers */
                SignalSomeChildren(SIGTERM,
                                   BACKEND_TYPE_NORMAL | BACKEND_TYPE_AUTOVAC |
                                   BACKEND_TYPE_BGWORKER);
                /* and the autovac launcher too */
                if (AutoVacPID != 0)
                    signal_child(AutoVacPID, SIGTERM);
                /* and the walwriter too */
                if (WalWriterPID != 0)
                    signal_child(WalWriterPID, SIGTERM);
                pmState = PM_WAIT_BACKENDS;
            }

            /*
             * Now wait for backends to exit.  If there are none,
             * PostmasterStateMachine will take the next step.
             */
            PostmasterStateMachine();
            break;

        case SIGQUIT:

            /*
             * Immediate Shutdown:
             *
             * abort all children with SIGQUIT, wait for them to exit,
             * terminate remaining ones with SIGKILL, then exit without
             * attempt to properly shut down the data base system.
             */
            if (Shutdown >= ImmediateShutdown)
                break;
            Shutdown = ImmediateShutdown;
            ereport(LOG,
                    (errmsg("received immediate shutdown request")));
#ifdef USE_SYSTEMD
            sd_notify(0, "STOPPING=1");
#endif

            TerminateChildren(SIGQUIT);
            pmState = PM_WAIT_BACKENDS;

            /* set stopwatch for them to die */
            AbortStartTime = time(NULL);

            /*
             * Now wait for backends to exit.  If there are none,
             * PostmasterStateMachine will take the next step.
             */
            PostmasterStateMachine();
            break;
    }

    PG_SETMASK(&UnBlockSig);

    errno = save_errno;
}

void PostmasterMain	(	int	argc,
		char *	argv[]
	)

Definition at line 568 of file postmaster.c.

References AddToDataDirLockFile(), ALLOCSET_DEFAULT_SIZES, AllocSetContextCreate(), ApplyLauncherRegister(), ARCHIVE_MODE_OFF, Assert, autovac_init(), BlockSig, bonjour_name, ChangeToDataDir(), checkDataDir(), CheckDateTokenTables(), CloseServerPorts(), CreateDataDirLockFile(), CreateOptsFile(), DEBUG3, DestNone, dummy_handler(), elog, enable_bonjour, EnableSSL, environ, ereport, errcode(), errcode_for_file_access(), errhint(), errmsg(), errmsg_internal(), ERROR, ExitPostmaster(), external_pid_file, ExtraOptions, FATAL, free, get_stats_option_name(), GetConfigOption(), GetCurrentTimestamp(), getInstallationPaths(), getopt(), gettimeofday(), i, InitializeGUCOptions(), InitializeMaxBackends(), InitPostmasterDeathWatchHandle(), IsBinaryUpgrade, IsPostmasterEnvironment, lfirst, list_free(), list_free_deep(), ListenAddresses, ListenSocket, load_hba(), load_ident(), LOCK_FILE_LINE_LISTEN_ADDR, LOCK_FILE_LINE_SOCKET_DIR, LOG, Log_destination, LOG_DESTINATION_STDERR, Log_destination_string, LOG_METAINFO_DATAFILE, max_wal_senders, MaxConnections, MAXLISTEN, maybe_start_bgworkers(), MemoryContextSwitchTo(), my_exec_path, MyProcPid, MyStartTime, name, NIL, NULL, on_proc_exit(), optarg, opterr, optind, ParseLongOption(), pfree(), PG_SETMASK, PGC_POSTMASTER, PGC_S_ARGV, PGINVALID_SOCKET, PgStartTime, pgstat_init(), PM_STARTUP, pmdie(), pmState, PostmasterContext, PostmasterPid, PostPortNumber, pqinitmask(), pqsignal(), pqsignal_no_restart(), process_shared_preload_libraries(), progname, pstrdup(), random_start_time, reaper(), Reinit, RemovePgTempFiles(), RemovePromoteSignalFiles(), ReservedBackends, reset_shared(), S_IRGRP, S_IROTH, S_IRWXG, S_IRWXO, secure_initialize(), SelectConfigFiles(), SendStop, ServerLoop(), set_debug_options(), set_max_safe_fds(), set_plan_disabling_options(), set_stack_base(), SetConfigOption(), SIG_IGN, SIGALRM, SIGCHLD, SIGHUP, SIGHUP_handler(), SIGPIPE, SIGQUIT, SIGTTIN, SIGTTOU, SIGUSR1, sigusr1_handler(), SIGUSR2, snprintf(), SplitDirectoriesString(), SplitIdentifierString(), srandom(), STARTUP_RUNNING, StartupDataBase, StartupPID, StartupStatus, status(), STATUS_OK, StreamServerPort(), strerror(), success, SysLogger_Start(), SysLoggerPID, TopMemoryContext, Unix_socket_directories, unlink(), unlink_external_pid_file(), userDoption, value, wal_level, WAL_LEVEL_MINIMAL, WARNING, whereToSendOutput, write_stderr, and XLogArchiveMode.

Referenced by main().

{
    int         opt;
    int         status;
    char       *userDoption = NULL;
    bool        listen_addr_saved = false;
    int         i;
    char       *output_config_variable = NULL;

    MyProcPid = PostmasterPid = getpid();

    MyStartTime = time(NULL);

    IsPostmasterEnvironment = true;

    /*
     * for security, no dir or file created can be group or other accessible
     */
    umask(S_IRWXG | S_IRWXO);

    /*
     * Initialize random(3) so we don't get the same values in every run.
     *
     * Note: the seed is pretty predictable from externally-visible facts such
     * as postmaster start time, so avoid using random() for security-critical
     * random values during postmaster startup.  At the time of first
     * connection, PostmasterRandom will select a hopefully-more-random seed.
     */
    srandom((unsigned int) (MyProcPid ^ MyStartTime));

    /*
     * By default, palloc() requests in the postmaster will be allocated in
     * the PostmasterContext, which is space that can be recycled by backends.
     * Allocated data that needs to be available to backends should be
     * allocated in TopMemoryContext.
     */
    PostmasterContext = AllocSetContextCreate(TopMemoryContext,
                                              "Postmaster",
                                              ALLOCSET_DEFAULT_SIZES);
    MemoryContextSwitchTo(PostmasterContext);

    /* Initialize paths to installation files */
    getInstallationPaths(argv[0]);

    /*
     * Set up signal handlers for the postmaster process.
     *
     * In the postmaster, we want to install non-ignored handlers *without*
     * SA_RESTART.  This is because they'll be blocked at all times except
     * when ServerLoop is waiting for something to happen, and during that
     * window, we want signals to exit the select(2) wait so that ServerLoop
     * can respond if anything interesting happened.  On some platforms,
     * signals marked SA_RESTART would not cause the select() wait to end.
     * Child processes will generally want SA_RESTART, but we expect them to
     * set up their own handlers before unblocking signals.
     *
     * CAUTION: when changing this list, check for side-effects on the signal
     * handling setup of child processes.  See tcop/postgres.c,
     * bootstrap/bootstrap.c, postmaster/bgwriter.c, postmaster/walwriter.c,
     * postmaster/autovacuum.c, postmaster/pgarch.c, postmaster/pgstat.c,
     * postmaster/syslogger.c, postmaster/bgworker.c and
     * postmaster/checkpointer.c.
     */
    pqinitmask();
    PG_SETMASK(&BlockSig);

    pqsignal_no_restart(SIGHUP, SIGHUP_handler);    /* reread config file and
                                                     * have children do same */
    pqsignal_no_restart(SIGINT, pmdie); /* send SIGTERM and shut down */
    pqsignal_no_restart(SIGQUIT, pmdie);    /* send SIGQUIT and die */
    pqsignal_no_restart(SIGTERM, pmdie);    /* wait for children and shut down */
    pqsignal(SIGALRM, SIG_IGN); /* ignored */
    pqsignal(SIGPIPE, SIG_IGN); /* ignored */
    pqsignal_no_restart(SIGUSR1, sigusr1_handler);  /* message from child
                                                     * process */
    pqsignal_no_restart(SIGUSR2, dummy_handler);    /* unused, reserve for
                                                     * children */
    pqsignal_no_restart(SIGCHLD, reaper);   /* handle child termination */
    pqsignal(SIGTTIN, SIG_IGN); /* ignored */
    pqsignal(SIGTTOU, SIG_IGN); /* ignored */
    /* ignore SIGXFSZ, so that ulimit violations work like disk full */
#ifdef SIGXFSZ
    pqsignal(SIGXFSZ, SIG_IGN); /* ignored */
#endif

    /*
     * Options setup
     */
    InitializeGUCOptions();

    opterr = 1;

    /*
     * Parse command-line options.  CAUTION: keep this in sync with
     * tcop/postgres.c (the option sets should not conflict) and with the
     * common help() function in main/main.c.
     */
    while ((opt = getopt(argc, argv, "B:bc:C:D:d:EeFf:h:ijk:lN:nOo:Pp:r:S:sTt:W:-:")) != -1)
    {
        switch (opt)
        {
            case 'B':
                SetConfigOption("shared_buffers", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'b':
                /* Undocumented flag used for binary upgrades */
                IsBinaryUpgrade = true;
                break;

            case 'C':
                output_config_variable = strdup(optarg);
                break;

            case 'D':
                userDoption = strdup(optarg);
                break;

            case 'd':
                set_debug_options(atoi(optarg), PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'E':
                SetConfigOption("log_statement", "all", PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'e':
                SetConfigOption("datestyle", "euro", PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'F':
                SetConfigOption("fsync", "false", PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'f':
                if (!set_plan_disabling_options(optarg, PGC_POSTMASTER, PGC_S_ARGV))
                {
                    write_stderr("%s: invalid argument for option -f: \"%s\"\n",
                                 progname, optarg);
                    ExitPostmaster(1);
                }
                break;

            case 'h':
                SetConfigOption("listen_addresses", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'i':
                SetConfigOption("listen_addresses", "*", PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'j':
                /* only used by interactive backend */
                break;

            case 'k':
                SetConfigOption("unix_socket_directories", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'l':
                SetConfigOption("ssl", "true", PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'N':
                SetConfigOption("max_connections", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'n':
                /* Don't reinit shared mem after abnormal exit */
                Reinit = false;
                break;

            case 'O':
                SetConfigOption("allow_system_table_mods", "true", PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'o':
                /* Other options to pass to the backend on the command line */
                snprintf(ExtraOptions + strlen(ExtraOptions),
                         sizeof(ExtraOptions) - strlen(ExtraOptions),
                         " %s", optarg);
                break;

            case 'P':
                SetConfigOption("ignore_system_indexes", "true", PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'p':
                SetConfigOption("port", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'r':
                /* only used by single-user backend */
                break;

            case 'S':
                SetConfigOption("work_mem", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 's':
                SetConfigOption("log_statement_stats", "true", PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'T':

                /*
                 * In the event that some backend dumps core, send SIGSTOP,
                 * rather than SIGQUIT, to all its peers.  This lets the wily
                 * post_hacker collect core dumps from everyone.
                 */
                SendStop = true;
                break;

            case 't':
                {
                    const char *tmp = get_stats_option_name(optarg);

                    if (tmp)
                    {
                        SetConfigOption(tmp, "true", PGC_POSTMASTER, PGC_S_ARGV);
                    }
                    else
                    {
                        write_stderr("%s: invalid argument for option -t: \"%s\"\n",
                                     progname, optarg);
                        ExitPostmaster(1);
                    }
                    break;
                }

            case 'W':
                SetConfigOption("post_auth_delay", optarg, PGC_POSTMASTER, PGC_S_ARGV);
                break;

            case 'c':
            case '-':
                {
                    char       *name,
                               *value;

                    ParseLongOption(optarg, &name, &value);
                    if (!value)
                    {
                        if (opt == '-')
                            ereport(ERROR,
                                    (errcode(ERRCODE_SYNTAX_ERROR),
                                     errmsg("--%s requires a value",
                                            optarg)));
                        else
                            ereport(ERROR,
                                    (errcode(ERRCODE_SYNTAX_ERROR),
                                     errmsg("-c %s requires a value",
                                            optarg)));
                    }

                    SetConfigOption(name, value, PGC_POSTMASTER, PGC_S_ARGV);
                    free(name);
                    if (value)
                        free(value);
                    break;
                }

            default:
                write_stderr("Try \"%s --help\" for more information.\n",
                             progname);
                ExitPostmaster(1);
        }
    }

    /*
     * Postmaster accepts no non-option switch arguments.
     */
    if (optind < argc)
    {
        write_stderr("%s: invalid argument: \"%s\"\n",
                     progname, argv[optind]);
        write_stderr("Try \"%s --help\" for more information.\n",
                     progname);
        ExitPostmaster(1);
    }

    /*
     * Locate the proper configuration files and data directory, and read
     * postgresql.conf for the first time.
     */
    if (!SelectConfigFiles(userDoption, progname))
        ExitPostmaster(2);

    if (output_config_variable != NULL)
    {
        /*
         * "-C guc" was specified, so print GUC's value and exit.  No extra
         * permission check is needed because the user is reading inside the
         * data dir.
         */
        const char *config_val = GetConfigOption(output_config_variable,
                                                 false, false);

        puts(config_val ? config_val : "");
        ExitPostmaster(0);
    }

    /* Verify that DataDir looks reasonable */
    checkDataDir();

    /* And switch working directory into it */
    ChangeToDataDir();

    /*
     * Check for invalid combinations of GUC settings.
     */
    if (ReservedBackends >= MaxConnections)
    {
        write_stderr("%s: superuser_reserved_connections must be less than max_connections\n", progname);
        ExitPostmaster(1);
    }
    if (max_wal_senders >= MaxConnections)
    {
        write_stderr("%s: max_wal_senders must be less than max_connections\n", progname);
        ExitPostmaster(1);
    }
    if (XLogArchiveMode > ARCHIVE_MODE_OFF && wal_level == WAL_LEVEL_MINIMAL)
        ereport(ERROR,
                (errmsg("WAL archival cannot be enabled when wal_level is \"minimal\"")));
    if (max_wal_senders > 0 && wal_level == WAL_LEVEL_MINIMAL)
        ereport(ERROR,
                (errmsg("WAL streaming (max_wal_senders > 0) requires wal_level \"replica\" or \"logical\"")));

    /*
     * Other one-time internal sanity checks can go here, if they are fast.
     * (Put any slow processing further down, after postmaster.pid creation.)
     */
    if (!CheckDateTokenTables())
    {
        write_stderr("%s: invalid datetoken tables, please fix\n", progname);
        ExitPostmaster(1);
    }

    /*
     * Now that we are done processing the postmaster arguments, reset
     * getopt(3) library so that it will work correctly in subprocesses.
     */
    optind = 1;
#ifdef HAVE_INT_OPTRESET
    optreset = 1;               /* some systems need this too */
#endif

    /* For debugging: display postmaster environment */
    {
        extern char **environ;
        char      **p;

        ereport(DEBUG3,
                (errmsg_internal("%s: PostmasterMain: initial environment dump:",
                                 progname)));
        ereport(DEBUG3,
                (errmsg_internal("-----------------------------------------")));
        for (p = environ; *p; ++p)
            ereport(DEBUG3,
                    (errmsg_internal("\t%s", *p)));
        ereport(DEBUG3,
                (errmsg_internal("-----------------------------------------")));
    }

    /*
     * Create lockfile for data directory.
     *
     * We want to do this before we try to grab the input sockets, because the
     * data directory interlock is more reliable than the socket-file
     * interlock (thanks to whoever decided to put socket files in /tmp :-().
     * For the same reason, it's best to grab the TCP socket(s) before the
     * Unix socket(s).
     *
     * Also note that this internally sets up the on_proc_exit function that
     * is responsible for removing both data directory and socket lockfiles;
     * so it must happen before opening sockets so that at exit, the socket
     * lockfiles go away after CloseServerPorts runs.
     */
    CreateDataDirLockFile(true);

    /*
     * Initialize SSL library, if specified.
     */
#ifdef USE_SSL
    if (EnableSSL)
    {
        (void) secure_initialize(true);
        LoadedSSL = true;
    }
#endif

    /*
     * Register the apply launcher.  Since it registers a background worker,
     * it needs to be called before InitializeMaxBackends(), and it's probably
     * a good idea to call it before any modules had chance to take the
     * background worker slots.
     */
    ApplyLauncherRegister();

    /*
     * process any libraries that should be preloaded at postmaster start
     */
    process_shared_preload_libraries();

    /*
     * Now that loadable modules have had their chance to register background
     * workers, calculate MaxBackends.
     */
    InitializeMaxBackends();

    /*
     * Establish input sockets.
     *
     * First, mark them all closed, and set up an on_proc_exit function that's
     * charged with closing the sockets again at postmaster shutdown.
     */
    for (i = 0; i < MAXLISTEN; i++)
        ListenSocket[i] = PGINVALID_SOCKET;

    on_proc_exit(CloseServerPorts, 0);

    if (ListenAddresses)
    {
        char       *rawstring;
        List       *elemlist;
        ListCell   *l;
        int         success = 0;

        /* Need a modifiable copy of ListenAddresses */
        rawstring = pstrdup(ListenAddresses);

        /* Parse string into list of hostnames */
        if (!SplitIdentifierString(rawstring, ',', &elemlist))
        {
            /* syntax error in list */
            ereport(FATAL,
                    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                     errmsg("invalid list syntax in parameter \"%s\"",
                            "listen_addresses")));
        }

        foreach(l, elemlist)
        {
            char       *curhost = (char *) lfirst(l);

            if (strcmp(curhost, "*") == 0)
                status = StreamServerPort(AF_UNSPEC, NULL,
                                          (unsigned short) PostPortNumber,
                                          NULL,
                                          ListenSocket, MAXLISTEN);
            else
                status = StreamServerPort(AF_UNSPEC, curhost,
                                          (unsigned short) PostPortNumber,
                                          NULL,
                                          ListenSocket, MAXLISTEN);

            if (status == STATUS_OK)
            {
                success++;
                /* record the first successful host addr in lockfile */
                if (!listen_addr_saved)
                {
                    AddToDataDirLockFile(LOCK_FILE_LINE_LISTEN_ADDR, curhost);
                    listen_addr_saved = true;
                }
            }
            else
                ereport(WARNING,
                        (errmsg("could not create listen socket for \"%s\"",
                                curhost)));
        }

        if (!success && elemlist != NIL)
            ereport(FATAL,
                    (errmsg("could not create any TCP/IP sockets")));

        list_free(elemlist);
        pfree(rawstring);
    }

#ifdef USE_BONJOUR
    /* Register for Bonjour only if we opened TCP socket(s) */
    if (enable_bonjour && ListenSocket[0] != PGINVALID_SOCKET)
    {
        DNSServiceErrorType err;

        /*
         * We pass 0 for interface_index, which will result in registering on
         * all "applicable" interfaces.  It's not entirely clear from the
         * DNS-SD docs whether this would be appropriate if we have bound to
         * just a subset of the available network interfaces.
         */
        err = DNSServiceRegister(&bonjour_sdref,
                                 0,
                                 0,
                                 bonjour_name,
                                 "_postgresql._tcp.",
                                 NULL,
                                 NULL,
                                 htons(PostPortNumber),
                                 0,
                                 NULL,
                                 NULL,
                                 NULL);
        if (err != kDNSServiceErr_NoError)
            elog(LOG, "DNSServiceRegister() failed: error code %ld",
                 (long) err);

        /*
         * We don't bother to read the mDNS daemon's reply, and we expect that
         * it will automatically terminate our registration when the socket is
         * closed at postmaster termination.  So there's nothing more to be
         * done here.  However, the bonjour_sdref is kept around so that
         * forked children can close their copies of the socket.
         */
    }
#endif

#ifdef HAVE_UNIX_SOCKETS
    if (Unix_socket_directories)
    {
        char       *rawstring;
        List       *elemlist;
        ListCell   *l;
        int         success = 0;

        /* Need a modifiable copy of Unix_socket_directories */
        rawstring = pstrdup(Unix_socket_directories);

        /* Parse string into list of directories */
        if (!SplitDirectoriesString(rawstring, ',', &elemlist))
        {
            /* syntax error in list */
            ereport(FATAL,
                    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                     errmsg("invalid list syntax in parameter \"%s\"",
                            "unix_socket_directories")));
        }

        foreach(l, elemlist)
        {
            char       *socketdir = (char *) lfirst(l);

            status = StreamServerPort(AF_UNIX, NULL,
                                      (unsigned short) PostPortNumber,
                                      socketdir,
                                      ListenSocket, MAXLISTEN);

            if (status == STATUS_OK)
            {
                success++;
                /* record the first successful Unix socket in lockfile */
                if (success == 1)
                    AddToDataDirLockFile(LOCK_FILE_LINE_SOCKET_DIR, socketdir);
            }
            else
                ereport(WARNING,
                        (errmsg("could not create Unix-domain socket in directory \"%s\"",
                                socketdir)));
        }

        if (!success && elemlist != NIL)
            ereport(FATAL,
                    (errmsg("could not create any Unix-domain sockets")));

        list_free_deep(elemlist);
        pfree(rawstring);
    }
#endif

    /*
     * check that we have some socket to listen on
     */
    if (ListenSocket[0] == PGINVALID_SOCKET)
        ereport(FATAL,
                (errmsg("no socket created for listening")));

    /*
     * If no valid TCP ports, write an empty line for listen address,
     * indicating the Unix socket must be used.  Note that this line is not
     * added to the lock file until there is a socket backing it.
     */
    if (!listen_addr_saved)
        AddToDataDirLockFile(LOCK_FILE_LINE_LISTEN_ADDR, "");

    /*
     * Set up shared memory and semaphores.
     */
    reset_shared(PostPortNumber);

    /*
     * Estimate number of openable files.  This must happen after setting up
     * semaphores, because on some platforms semaphores count as open files.
     */
    set_max_safe_fds();

    /*
     * Set reference point for stack-depth checking.
     */
    set_stack_base();

    /*
     * Initialize pipe (or process handle on Windows) that allows children to
     * wake up from sleep on postmaster death.
     */
    InitPostmasterDeathWatchHandle();

#ifdef WIN32

    /*
     * Initialize I/O completion port used to deliver list of dead children.
     */
    win32ChildQueue = CreateIoCompletionPort(INVALID_HANDLE_VALUE, NULL, 0, 1);
    if (win32ChildQueue == NULL)
        ereport(FATAL,
                (errmsg("could not create I/O completion port for child queue")));
#endif

    /*
     * Record postmaster options.  We delay this till now to avoid recording
     * bogus options (eg, NBuffers too high for available memory).
     */
    if (!CreateOptsFile(argc, argv, my_exec_path))
        ExitPostmaster(1);

#ifdef EXEC_BACKEND
    /* Write out nondefault GUC settings for child processes to use */
    write_nondefault_variables(PGC_POSTMASTER);
#endif

    /*
     * Write the external PID file if requested
     */
    if (external_pid_file)
    {
        FILE       *fpidfile = fopen(external_pid_file, "w");

        if (fpidfile)
        {
            fprintf(fpidfile, "%d\n", MyProcPid);
            fclose(fpidfile);

            /* Make PID file world readable */
            if (chmod(external_pid_file, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) != 0)
                write_stderr("%s: could not change permissions of external PID file \"%s\": %s\n",
                             progname, external_pid_file, strerror(errno));
        }
        else
            write_stderr("%s: could not write external PID file \"%s\": %s\n",
                         progname, external_pid_file, strerror(errno));

        on_proc_exit(unlink_external_pid_file, 0);
    }

    /*
     * Remove old temporary files.  At this point there can be no other
     * Postgres processes running in this directory, so this should be safe.
     */
    RemovePgTempFiles();

    /*
     * Forcibly remove the files signaling a standby promotion request.
     * Otherwise, the existence of those files triggers a promotion too early,
     * whether a user wants that or not.
     *
     * This removal of files is usually unnecessary because they can exist
     * only during a few moments during a standby promotion. However there is
     * a race condition: if pg_ctl promote is executed and creates the files
     * during a promotion, the files can stay around even after the server is
     * brought up to new master. Then, if new standby starts by using the
     * backup taken from that master, the files can exist at the server
     * startup and should be removed in order to avoid an unexpected
     * promotion.
     *
     * Note that promotion signal files need to be removed before the startup
     * process is invoked. Because, after that, they can be used by
     * postmaster's SIGUSR1 signal handler.
     */
    RemovePromoteSignalFiles();

    /* Remove any outdated file holding the current log filenames. */
    if (unlink(LOG_METAINFO_DATAFILE) < 0 && errno != ENOENT)
        ereport(LOG,
                (errcode_for_file_access(),
                 errmsg("could not remove file \"%s\": %m",
                        LOG_METAINFO_DATAFILE)));

    /*
     * If enabled, start up syslogger collection subprocess
     */
    SysLoggerPID = SysLogger_Start();

    /*
     * Reset whereToSendOutput from DestDebug (its starting state) to
     * DestNone. This stops ereport from sending log messages to stderr unless
     * Log_destination permits.  We don't do this until the postmaster is
     * fully launched, since startup failures may as well be reported to
     * stderr.
     *
     * If we are in fact disabling logging to stderr, first emit a log message
     * saying so, to provide a breadcrumb trail for users who may not remember
     * that their logging is configured to go somewhere else.
     */
    if (!(Log_destination & LOG_DESTINATION_STDERR))
        ereport(LOG,
                (errmsg("ending log output to stderr"),
                 errhint("Future log output will go to log destination \"%s\".",
                         Log_destination_string)));

    whereToSendOutput = DestNone;

    /*
     * Initialize stats collection subsystem (this does NOT start the
     * collector process!)
     */
    pgstat_init();

    /*
     * Initialize the autovacuum subsystem (again, no process start yet)
     */
    autovac_init();

    /*
     * Load configuration files for client authentication.
     */
    if (!load_hba())
    {
        /*
         * It makes no sense to continue if we fail to load the HBA file,
         * since there is no way to connect to the database in this case.
         */
        ereport(FATAL,
                (errmsg("could not load pg_hba.conf")));
    }
    if (!load_ident())
    {
        /*
         * We can start up without the IDENT file, although it means that you
         * cannot log in using any of the authentication methods that need a
         * user name mapping. load_ident() already logged the details of error
         * to the log.
         */
    }

#ifdef HAVE_PTHREAD_IS_THREADED_NP

    /*
     * On macOS, libintl replaces setlocale() with a version that calls
     * CFLocaleCopyCurrent() when its second argument is "" and every relevant
     * environment variable is unset or empty.  CFLocaleCopyCurrent() makes
     * the process multithreaded.  The postmaster calls sigprocmask() and
     * calls fork() without an immediate exec(), both of which have undefined
     * behavior in a multithreaded program.  A multithreaded postmaster is the
     * normal case on Windows, which offers neither fork() nor sigprocmask().
     */
    if (pthread_is_threaded_np() != 0)
        ereport(FATAL,
                (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
                 errmsg("postmaster became multithreaded during startup"),
                 errhint("Set the LC_ALL environment variable to a valid locale.")));
#endif

    /*
     * Remember postmaster startup time
     */
    PgStartTime = GetCurrentTimestamp();
#ifndef HAVE_STRONG_RANDOM
    /* RandomCancelKey wants its own copy */
    gettimeofday(&random_start_time, NULL);
#endif

    /*
     * We're ready to rock and roll...
     */
    StartupPID = StartupDataBase();
    Assert(StartupPID != 0);
    StartupStatus = STARTUP_RUNNING;
    pmState = PM_STARTUP;

    /* Some workers may be scheduled to start now */
    maybe_start_bgworkers();

    status = ServerLoop();

    /*
     * ServerLoop probably shouldn't ever return, but if it does, close down.
     */
    ExitPostmaster(status != STATUS_OK);

    abort();                    /* not reached */
}

bool PostmasterMarkPIDForWorkerNotify

(

int

pid

)

Definition at line 5850 of file postmaster.c.

References bkend::bgworker_notify, dlist_iter::cur, dlist_container, dlist_foreach, and bkend::pid.

Referenced by BackgroundWorkerStateChange().

{
    dlist_iter  iter;
    Backend    *bp;

    dlist_foreach(iter, &BackendList)
    {
        bp = dlist_container(Backend, elem, iter.cur);
        if (bp->pid == pid)
        {
            bp->bgworker_notify = true;
            return true;
        }
    }
    return false;
}

static void PostmasterStateMachine ( void  )

static

Definition at line 3581 of file postmaster.c.

References AbortStartTime, Assert, AutoVacPID, BACKEND_TYPE_ALL, BACKEND_TYPE_NORMAL, BACKEND_TYPE_WORKER, BackupInProgress(), BgWriterPID, CancelBackup(), CheckpointerPID, CountChildren(), dlist_is_empty(), ereport, errmsg(), ExitPostmaster(), FatalError, ImmediateShutdown, LOG, NoShutdown, PgArchPID, PgStatPID, PM_NO_CHILDREN, PM_SHUTDOWN, PM_SHUTDOWN_2, PM_STARTUP, PM_WAIT_BACKENDS, PM_WAIT_BACKUP, PM_WAIT_DEAD_END, PM_WAIT_READONLY, pmState, PostPortNumber, ReachedNormalRunning, reset_shared(), ResetBackgroundWorkerCrashTimes(), restart_after_crash, shmem_exit(), Shutdown, signal_child(), SignalChildren, SIGQUIT, SIGUSR2, StartCheckpointer, STARTUP_CRASHED, STARTUP_RUNNING, StartupDataBase, StartupPID, StartupStatus, WalReceiverPID, and WalWriterPID.

Referenced by pmdie(), reaper(), and sigusr1_handler().

{
    if (pmState == PM_WAIT_BACKUP)
    {
        /*
         * PM_WAIT_BACKUP state ends when online backup mode is not active.
         */
        if (!BackupInProgress())
            pmState = PM_WAIT_BACKENDS;
    }

    if (pmState == PM_WAIT_READONLY)
    {
        /*
         * PM_WAIT_READONLY state ends when we have no regular backends that
         * have been started during recovery.  We kill the startup and
         * walreceiver processes and transition to PM_WAIT_BACKENDS.  Ideally,
         * we might like to kill these processes first and then wait for
         * backends to die off, but that doesn't work at present because
         * killing the startup process doesn't release its locks.
         */
        if (CountChildren(BACKEND_TYPE_NORMAL) == 0)
        {
            if (StartupPID != 0)
                signal_child(StartupPID, SIGTERM);
            if (WalReceiverPID != 0)
                signal_child(WalReceiverPID, SIGTERM);
            pmState = PM_WAIT_BACKENDS;
        }
    }

    /*
     * If we are in a state-machine state that implies waiting for backends to
     * exit, see if they're all gone, and change state if so.
     */
    if (pmState == PM_WAIT_BACKENDS)
    {
        /*
         * PM_WAIT_BACKENDS state ends when we have no regular backends
         * (including autovac workers), no bgworkers (including unconnected
         * ones), and no walwriter, autovac launcher or bgwriter.  If we are
         * doing crash recovery or an immediate shutdown then we expect the
         * checkpointer to exit as well, otherwise not. The archiver, stats,
         * and syslogger processes are disregarded since they are not
         * connected to shared memory; we also disregard dead_end children
         * here. Walsenders are also disregarded, they will be terminated
         * later after writing the checkpoint record, like the archiver
         * process.
         */
        if (CountChildren(BACKEND_TYPE_NORMAL | BACKEND_TYPE_WORKER) == 0 &&
            StartupPID == 0 &&
            WalReceiverPID == 0 &&
            BgWriterPID == 0 &&
            (CheckpointerPID == 0 ||
             (!FatalError && Shutdown < ImmediateShutdown)) &&
            WalWriterPID == 0 &&
            AutoVacPID == 0)
        {
            if (Shutdown >= ImmediateShutdown || FatalError)
            {
                /*
                 * Start waiting for dead_end children to die.  This state
                 * change causes ServerLoop to stop creating new ones.
                 */
                pmState = PM_WAIT_DEAD_END;

                /*
                 * We already SIGQUIT'd the archiver and stats processes, if
                 * any, when we started immediate shutdown or entered
                 * FatalError state.
                 */
            }
            else
            {
                /*
                 * If we get here, we are proceeding with normal shutdown. All
                 * the regular children are gone, and it's time to tell the
                 * checkpointer to do a shutdown checkpoint.
                 */
                Assert(Shutdown > NoShutdown);
                /* Start the checkpointer if not running */
                if (CheckpointerPID == 0)
                    CheckpointerPID = StartCheckpointer();
                /* And tell it to shut down */
                if (CheckpointerPID != 0)
                {
                    signal_child(CheckpointerPID, SIGUSR2);
                    pmState = PM_SHUTDOWN;
                }
                else
                {
                    /*
                     * If we failed to fork a checkpointer, just shut down.
                     * Any required cleanup will happen at next restart. We
                     * set FatalError so that an "abnormal shutdown" message
                     * gets logged when we exit.
                     */
                    FatalError = true;
                    pmState = PM_WAIT_DEAD_END;

                    /* Kill the walsenders, archiver and stats collector too */
                    SignalChildren(SIGQUIT);
                    if (PgArchPID != 0)
                        signal_child(PgArchPID, SIGQUIT);
                    if (PgStatPID != 0)
                        signal_child(PgStatPID, SIGQUIT);
                }
            }
        }
    }

    if (pmState == PM_SHUTDOWN_2)
    {
        /*
         * PM_SHUTDOWN_2 state ends when there's no other children than
         * dead_end children left. There shouldn't be any regular backends
         * left by now anyway; what we're really waiting for is walsenders and
         * archiver.
         *
         * Walreceiver should normally be dead by now, but not when a fast
         * shutdown is performed during recovery.
         */
        if (PgArchPID == 0 && CountChildren(BACKEND_TYPE_ALL) == 0 &&
            WalReceiverPID == 0)
        {
            pmState = PM_WAIT_DEAD_END;
        }
    }

    if (pmState == PM_WAIT_DEAD_END)
    {
        /*
         * PM_WAIT_DEAD_END state ends when the BackendList is entirely empty
         * (ie, no dead_end children remain), and the archiver and stats
         * collector are gone too.
         *
         * The reason we wait for those two is to protect them against a new
         * postmaster starting conflicting subprocesses; this isn't an
         * ironclad protection, but it at least helps in the
         * shutdown-and-immediately-restart scenario.  Note that they have
         * already been sent appropriate shutdown signals, either during a
         * normal state transition leading up to PM_WAIT_DEAD_END, or during
         * FatalError processing.
         */
        if (dlist_is_empty(&BackendList) &&
            PgArchPID == 0 && PgStatPID == 0)
        {
            /* These other guys should be dead already */
            Assert(StartupPID == 0);
            Assert(WalReceiverPID == 0);
            Assert(BgWriterPID == 0);
            Assert(CheckpointerPID == 0);
            Assert(WalWriterPID == 0);
            Assert(AutoVacPID == 0);
            /* syslogger is not considered here */
            pmState = PM_NO_CHILDREN;
        }
    }

    /*
     * If we've been told to shut down, we exit as soon as there are no
     * remaining children.  If there was a crash, cleanup will occur at the
     * next startup.  (Before PostgreSQL 8.3, we tried to recover from the
     * crash before exiting, but that seems unwise if we are quitting because
     * we got SIGTERM from init --- there may well not be time for recovery
     * before init decides to SIGKILL us.)
     *
     * Note that the syslogger continues to run.  It will exit when it sees
     * EOF on its input pipe, which happens when there are no more upstream
     * processes.
     */
    if (Shutdown > NoShutdown && pmState == PM_NO_CHILDREN)
    {
        if (FatalError)
        {
            ereport(LOG, (errmsg("abnormal database system shutdown")));
            ExitPostmaster(1);
        }
        else
        {
            /*
             * Terminate exclusive backup mode to avoid recovery after a clean
             * fast shutdown.  Since an exclusive backup can only be taken
             * during normal running (and not, for example, while running
             * under Hot Standby) it only makes sense to do this if we reached
             * normal running. If we're still in recovery, the backup file is
             * one we're recovering *from*, and we must keep it around so that
             * recovery restarts from the right place.
             */
            if (ReachedNormalRunning)
                CancelBackup();

            /* Normal exit from the postmaster is here */
            ExitPostmaster(0);
        }
    }

    /*
     * If the startup process failed, or the user does not want an automatic
     * restart after backend crashes, wait for all non-syslogger children to
     * exit, and then exit postmaster.  We don't try to reinitialize when the
     * startup process fails, because more than likely it will just fail again
     * and we will keep trying forever.
     */
    if (pmState == PM_NO_CHILDREN &&
        (StartupStatus == STARTUP_CRASHED || !restart_after_crash))
        ExitPostmaster(1);

    /*
     * If we need to recover from a crash, wait for all non-syslogger children
     * to exit, then reset shmem and StartupDataBase.
     */
    if (FatalError && pmState == PM_NO_CHILDREN)
    {
        ereport(LOG,
                (errmsg("all server processes terminated; reinitializing")));

        /* allow background workers to immediately restart */
        ResetBackgroundWorkerCrashTimes();

        shmem_exit(1);
        reset_shared(PostPortNumber);

        StartupPID = StartupDataBase();
        Assert(StartupPID != 0);
        StartupStatus = STARTUP_RUNNING;
        pmState = PM_STARTUP;
        /* crash recovery started, reset SIGKILL flag */
        AbortStartTime = 0;
    }
}

static void processCancelRequest ( Port *  port, void *  pkt  )

static

Definition at line 2253 of file postmaster.c.

References CancelRequestPacket::backendPID, bkend::cancel_key, CancelRequestPacket::cancelAuthCode, dlist_iter::cur, DEBUG2, dlist_container, dlist_foreach, ereport, errmsg(), errmsg_internal(), i, LOG, MaxLivePostmasterChildren(), bkend::pid, and signal_child().

Referenced by ProcessStartupPacket().

{
    CancelRequestPacket *canc = (CancelRequestPacket *) pkt;
    int         backendPID;
    int32       cancelAuthCode;
    Backend    *bp;

#ifndef EXEC_BACKEND
    dlist_iter  iter;
#else
    int         i;
#endif

    backendPID = (int) ntohl(canc->backendPID);
    cancelAuthCode = (int32) ntohl(canc->cancelAuthCode);

    /*
     * See if we have a matching backend.  In the EXEC_BACKEND case, we can no
     * longer access the postmaster's own backend list, and must rely on the
     * duplicate array in shared memory.
     */
#ifndef EXEC_BACKEND
    dlist_foreach(iter, &BackendList)
    {
        bp = dlist_container(Backend, elem, iter.cur);
#else
    for (i = MaxLivePostmasterChildren() - 1; i >= 0; i--)
    {
        bp = (Backend *) &ShmemBackendArray[i];
#endif
        if (bp->pid == backendPID)
        {
            if (bp->cancel_key == cancelAuthCode)
            {
                /* Found a match; signal that backend to cancel current op */
                ereport(DEBUG2,
                        (errmsg_internal("processing cancel request: sending SIGINT to process %d",
                                         backendPID)));
                signal_child(bp->pid, SIGINT);
            }
            else
                /* Right PID, wrong key: no way, Jose */
                ereport(LOG,
                        (errmsg("wrong key in cancel request for process %d",
                                backendPID)));
            return;
        }
    }

    /* No matching backend */
    ereport(LOG,
            (errmsg("PID %d in cancel request did not match any process",
                    backendPID)));
}

static int ProcessStartupPacket ( Port *  port, bool  SSLdone  )

static

Definition at line 1929 of file postmaster.c.

References SockAddr::addr, am_db_walsender, am_walsender, buf, CAC_OK, CAC_RECOVERY, CAC_SHUTDOWN, CAC_STARTUP, CAC_TOOMANY, CAC_WAITBACKUP, Port::canAcceptConnections, CANCEL_REQUEST_CODE, Port::cmdline_options, COMMERROR, StartupPacket::database, Port::database_name, Db_user_namespace, EINTR, ereport, errcode(), ERRCODE_CANNOT_CONNECT_NOW, errcode_for_socket_access(), errhint(), errmsg(), FATAL, FrontendProtocol, Port::guc_options, IS_AF_UNIX, Port::laddr, lappend(), MAX_STARTUP_PACKET_LENGTH, MemoryContextSwitchTo(), NAMEDATALEN, NEGOTIATE_SSL_CODE, NIL, NULL, StartupPacket::options, palloc0(), parse_bool(), PG_PROTOCOL_EARLIEST, PG_PROTOCOL_LATEST, PG_PROTOCOL_MAJOR, PG_PROTOCOL_MINOR, pq_endmsgread(), pq_getbytes(), pq_startmsgread(), processCancelRequest(), Port::proto, psprintf(), pstrdup(), secure_open_server(), send, Port::sock, STATUS_ERROR, STATUS_OK, TopMemoryContext, StartupPacket::user, and Port::user_name.

Referenced by BackendInitialize().

{
    int32       len;
    void       *buf;
    ProtocolVersion proto;
    MemoryContext oldcontext;

    pq_startmsgread();
    if (pq_getbytes((char *) &len, 4) == EOF)
    {
        /*
         * EOF after SSLdone probably means the client didn't like our
         * response to NEGOTIATE_SSL_CODE.  That's not an error condition, so
         * don't clutter the log with a complaint.
         */
        if (!SSLdone)
            ereport(COMMERROR,
                    (errcode(ERRCODE_PROTOCOL_VIOLATION),
                     errmsg("incomplete startup packet")));
        return STATUS_ERROR;
    }

    len = ntohl(len);
    len -= 4;

    if (len < (int32) sizeof(ProtocolVersion) ||
        len > MAX_STARTUP_PACKET_LENGTH)
    {
        ereport(COMMERROR,
                (errcode(ERRCODE_PROTOCOL_VIOLATION),
                 errmsg("invalid length of startup packet")));
        return STATUS_ERROR;
    }

    /*
     * Allocate at least the size of an old-style startup packet, plus one
     * extra byte, and make sure all are zeroes.  This ensures we will have
     * null termination of all strings, in both fixed- and variable-length
     * packet layouts.
     */
    if (len <= (int32) sizeof(StartupPacket))
        buf = palloc0(sizeof(StartupPacket) + 1);
    else
        buf = palloc0(len + 1);

    if (pq_getbytes(buf, len) == EOF)
    {
        ereport(COMMERROR,
                (errcode(ERRCODE_PROTOCOL_VIOLATION),
                 errmsg("incomplete startup packet")));
        return STATUS_ERROR;
    }
    pq_endmsgread();

    /*
     * The first field is either a protocol version number or a special
     * request code.
     */
    port->proto = proto = ntohl(*((ProtocolVersion *) buf));

    if (proto == CANCEL_REQUEST_CODE)
    {
        processCancelRequest(port, buf);
        /* Not really an error, but we don't want to proceed further */
        return STATUS_ERROR;
    }

    if (proto == NEGOTIATE_SSL_CODE && !SSLdone)
    {
        char        SSLok;

#ifdef USE_SSL
        /* No SSL when disabled or on Unix sockets */
        if (!LoadedSSL || IS_AF_UNIX(port->laddr.addr.ss_family))
            SSLok = 'N';
        else
            SSLok = 'S';        /* Support for SSL */
#else
        SSLok = 'N';            /* No support for SSL */
#endif

retry1:
        if (send(port->sock, &SSLok, 1, 0) != 1)
        {
            if (errno == EINTR)
                goto retry1;    /* if interrupted, just retry */
            ereport(COMMERROR,
                    (errcode_for_socket_access(),
                     errmsg("failed to send SSL negotiation response: %m")));
            return STATUS_ERROR;    /* close the connection */
        }

#ifdef USE_SSL
        if (SSLok == 'S' && secure_open_server(port) == -1)
            return STATUS_ERROR;
#endif
        /* regular startup packet, cancel, etc packet should follow... */
        /* but not another SSL negotiation request */
        return ProcessStartupPacket(port, true);
    }

    /* Could add additional special packet types here */

    /*
     * Set FrontendProtocol now so that ereport() knows what format to send if
     * we fail during startup.
     */
    FrontendProtocol = proto;

    /* Check we can handle the protocol the frontend is using. */

    if (PG_PROTOCOL_MAJOR(proto) < PG_PROTOCOL_MAJOR(PG_PROTOCOL_EARLIEST) ||
        PG_PROTOCOL_MAJOR(proto) > PG_PROTOCOL_MAJOR(PG_PROTOCOL_LATEST) ||
        (PG_PROTOCOL_MAJOR(proto) == PG_PROTOCOL_MAJOR(PG_PROTOCOL_LATEST) &&
         PG_PROTOCOL_MINOR(proto) > PG_PROTOCOL_MINOR(PG_PROTOCOL_LATEST)))
        ereport(FATAL,
                (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
                 errmsg("unsupported frontend protocol %u.%u: server supports %u.0 to %u.%u",
                        PG_PROTOCOL_MAJOR(proto), PG_PROTOCOL_MINOR(proto),
                        PG_PROTOCOL_MAJOR(PG_PROTOCOL_EARLIEST),
                        PG_PROTOCOL_MAJOR(PG_PROTOCOL_LATEST),
                        PG_PROTOCOL_MINOR(PG_PROTOCOL_LATEST))));

    /*
     * Now fetch parameters out of startup packet and save them into the Port
     * structure.  All data structures attached to the Port struct must be
     * allocated in TopMemoryContext so that they will remain available in a
     * running backend (even after PostmasterContext is destroyed).  We need
     * not worry about leaking this storage on failure, since we aren't in the
     * postmaster process anymore.
     */
    oldcontext = MemoryContextSwitchTo(TopMemoryContext);

    if (PG_PROTOCOL_MAJOR(proto) >= 3)
    {
        int32       offset = sizeof(ProtocolVersion);

        /*
         * Scan packet body for name/option pairs.  We can assume any string
         * beginning within the packet body is null-terminated, thanks to
         * zeroing extra byte above.