PostgreSQL Source Code  git master
sysv_shmem.c
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * sysv_shmem.c
4  * Implement shared memory using SysV facilities
5  *
6  * These routines used to be a fairly thin layer on top of SysV shared
7  * memory functionality. With the addition of anonymous-shmem logic,
8  * they're a bit fatter now. We still require a SysV shmem block to
9  * exist, though, because mmap'd shmem provides no way to find out how
10  * many processes are attached, which we need for interlocking purposes.
11  *
12  * Portions Copyright (c) 1996-2022, PostgreSQL Global Development Group
13  * Portions Copyright (c) 1994, Regents of the University of California
14  *
15  * IDENTIFICATION
16  * src/backend/port/sysv_shmem.c
17  *
18  *-------------------------------------------------------------------------
19  */
20 #include "postgres.h"
21 
22 #include <signal.h>
23 #include <unistd.h>
24 #include <sys/file.h>
25 #include <sys/mman.h>
26 #include <sys/stat.h>
27 #ifdef HAVE_SYS_IPC_H
28 #include <sys/ipc.h>
29 #endif
30 #ifdef HAVE_SYS_SHM_H
31 #include <sys/shm.h>
32 #endif
33 
34 #include "miscadmin.h"
35 #include "port/pg_bitutils.h"
36 #include "portability/mem.h"
37 #include "storage/dsm.h"
38 #include "storage/fd.h"
39 #include "storage/ipc.h"
40 #include "storage/pg_shmem.h"
41 #include "utils/guc.h"
42 #include "utils/pidfile.h"
43 
44 
45 /*
46  * As of PostgreSQL 9.3, we normally allocate only a very small amount of
47  * System V shared memory, and only for the purposes of providing an
48  * interlock to protect the data directory. The real shared memory block
49  * is allocated using mmap(). This works around the problem that many
50  * systems have very low limits on the amount of System V shared memory
51  * that can be allocated. Even a limit of a few megabytes will be enough
52  * to run many copies of PostgreSQL without needing to adjust system settings.
53  *
54  * We assume that no one will attempt to run PostgreSQL 9.3 or later on
55  * systems that are ancient enough that anonymous shared memory is not
56  * supported, such as pre-2.4 versions of Linux. If that turns out to be
57  * false, we might need to add compile and/or run-time tests here and do this
58  * only if the running kernel supports it.
59  *
60  * However, we must always disable this logic in the EXEC_BACKEND case, and
61  * fall back to the old method of allocating the entire segment using System V
62  * shared memory, because there's no way to attach an anonymous mmap'd segment
63  * to a process after exec(). Since EXEC_BACKEND is intended only for
64  * developer use, this shouldn't be a big problem. Because of this, we do
65  * not worry about supporting anonymous shmem in the EXEC_BACKEND cases below.
66  *
67  * As of PostgreSQL 12, we regained the ability to use a large System V shared
68  * memory region even in non-EXEC_BACKEND builds, if shared_memory_type is set
69  * to sysv (though this is not the default).
70  */
71 
72 
73 typedef key_t IpcMemoryKey; /* shared memory key passed to shmget(2) */
74 typedef int IpcMemoryId; /* shared memory ID returned by shmget(2) */
75 
76 /*
77  * How does a given IpcMemoryId relate to this PostgreSQL process?
78  *
79  * One could recycle unattached segments of different data directories if we
80  * distinguished that case from other SHMSTATE_FOREIGN cases. Doing so would
81  * cause us to visit less of the key space, making us less likely to detect a
82  * SHMSTATE_ATTACHED key. It would also complicate the concurrency analysis,
83  * in that postmasters of different data directories could simultaneously
84  * attempt to recycle a given key. We'll waste keys longer in some cases, but
85  * avoiding the problems of the alternative justifies that loss.
86  */
87 typedef enum
88 {
89  SHMSTATE_ANALYSIS_FAILURE, /* unexpected failure to analyze the ID */
90  SHMSTATE_ATTACHED, /* pertinent to DataDir, has attached PIDs */
91  SHMSTATE_ENOENT, /* no segment of that ID */
92  SHMSTATE_FOREIGN, /* exists, but not pertinent to DataDir */
93  SHMSTATE_UNATTACHED /* pertinent to DataDir, no attached PIDs */
95 
96 
97 unsigned long UsedShmemSegID = 0;
98 void *UsedShmemSegAddr = NULL;
99 
101 static void *AnonymousShmem = NULL;
102 
103 static void *InternalIpcMemoryCreate(IpcMemoryKey memKey, Size size);
104 static void IpcMemoryDetach(int status, Datum shmaddr);
105 static void IpcMemoryDelete(int status, Datum shmId);
107  void *attachAt,
108  PGShmemHeader **addr);
109 
110 
111 /*
112  * InternalIpcMemoryCreate(memKey, size)
113  *
114  * Attempt to create a new shared memory segment with the specified key.
115  * Will fail (return NULL) if such a segment already exists. If successful,
116  * attach the segment to the current process and return its attached address.
117  * On success, callbacks are registered with on_shmem_exit to detach and
118  * delete the segment when on_shmem_exit is called.
119  *
120  * If we fail with a failure code other than collision-with-existing-segment,
121  * print out an error and abort. Other types of errors are not recoverable.
122  */
123 static void *
125 {
126  IpcMemoryId shmid;
127  void *requestedAddress = NULL;
128  void *memAddress;
129 
130  /*
131  * Normally we just pass requestedAddress = NULL to shmat(), allowing the
132  * system to choose where the segment gets mapped. But in an EXEC_BACKEND
133  * build, it's possible for whatever is chosen in the postmaster to not
134  * work for backends, due to variations in address space layout. As a
135  * rather klugy workaround, allow the user to specify the address to use
136  * via setting the environment variable PG_SHMEM_ADDR. (If this were of
137  * interest for anything except debugging, we'd probably create a cleaner
138  * and better-documented way to set it, such as a GUC.)
139  */
140 #ifdef EXEC_BACKEND
141  {
142  char *pg_shmem_addr = getenv("PG_SHMEM_ADDR");
143 
144  if (pg_shmem_addr)
145  requestedAddress = (void *) strtoul(pg_shmem_addr, NULL, 0);
146  else
147  {
148 #if defined(__darwin__) && SIZEOF_VOID_P == 8
149  /*
150  * Provide a default value that is believed to avoid problems with
151  * ASLR on the current macOS release.
152  */
153  requestedAddress = (void *) 0x80000000000;
154 #endif
155  }
156  }
157 #endif
158 
159  shmid = shmget(memKey, size, IPC_CREAT | IPC_EXCL | IPCProtection);
160 
161  if (shmid < 0)
162  {
163  int shmget_errno = errno;
164 
165  /*
166  * Fail quietly if error indicates a collision with existing segment.
167  * One would expect EEXIST, given that we said IPC_EXCL, but perhaps
168  * we could get a permission violation instead? Also, EIDRM might
169  * occur if an old seg is slated for destruction but not gone yet.
170  */
171  if (shmget_errno == EEXIST || shmget_errno == EACCES
172 #ifdef EIDRM
173  || shmget_errno == EIDRM
174 #endif
175  )
176  return NULL;
177 
178  /*
179  * Some BSD-derived kernels are known to return EINVAL, not EEXIST, if
180  * there is an existing segment but it's smaller than "size" (this is
181  * a result of poorly-thought-out ordering of error tests). To
182  * distinguish between collision and invalid size in such cases, we
183  * make a second try with size = 0. These kernels do not test size
184  * against SHMMIN in the preexisting-segment case, so we will not get
185  * EINVAL a second time if there is such a segment.
186  */
187  if (shmget_errno == EINVAL)
188  {
189  shmid = shmget(memKey, 0, IPC_CREAT | IPC_EXCL | IPCProtection);
190 
191  if (shmid < 0)
192  {
193  /* As above, fail quietly if we verify a collision */
194  if (errno == EEXIST || errno == EACCES
195 #ifdef EIDRM
196  || errno == EIDRM
197 #endif
198  )
199  return NULL;
200  /* Otherwise, fall through to report the original error */
201  }
202  else
203  {
204  /*
205  * On most platforms we cannot get here because SHMMIN is
206  * greater than zero. However, if we do succeed in creating a
207  * zero-size segment, free it and then fall through to report
208  * the original error.
209  */
210  if (shmctl(shmid, IPC_RMID, NULL) < 0)
211  elog(LOG, "shmctl(%d, %d, 0) failed: %m",
212  (int) shmid, IPC_RMID);
213  }
214  }
215 
216  /*
217  * Else complain and abort.
218  *
219  * Note: at this point EINVAL should mean that either SHMMIN or SHMMAX
220  * is violated. SHMALL violation might be reported as either ENOMEM
221  * (BSDen) or ENOSPC (Linux); the Single Unix Spec fails to say which
222  * it should be. SHMMNI violation is ENOSPC, per spec. Just plain
223  * not-enough-RAM is ENOMEM.
224  */
225  errno = shmget_errno;
226  ereport(FATAL,
227  (errmsg("could not create shared memory segment: %m"),
228  errdetail("Failed system call was shmget(key=%lu, size=%zu, 0%o).",
229  (unsigned long) memKey, size,
231  (shmget_errno == EINVAL) ?
232  errhint("This error usually means that PostgreSQL's request for a shared memory "
233  "segment exceeded your kernel's SHMMAX parameter, or possibly that "
234  "it is less than "
235  "your kernel's SHMMIN parameter.\n"
236  "The PostgreSQL documentation contains more information about shared "
237  "memory configuration.") : 0,
238  (shmget_errno == ENOMEM) ?
239  errhint("This error usually means that PostgreSQL's request for a shared "
240  "memory segment exceeded your kernel's SHMALL parameter. You might need "
241  "to reconfigure the kernel with larger SHMALL.\n"
242  "The PostgreSQL documentation contains more information about shared "
243  "memory configuration.") : 0,
244  (shmget_errno == ENOSPC) ?
245  errhint("This error does *not* mean that you have run out of disk space. "
246  "It occurs either if all available shared memory IDs have been taken, "
247  "in which case you need to raise the SHMMNI parameter in your kernel, "
248  "or because the system's overall limit for shared memory has been "
249  "reached.\n"
250  "The PostgreSQL documentation contains more information about shared "
251  "memory configuration.") : 0));
252  }
253 
254  /* Register on-exit routine to delete the new segment */
256 
257  /* OK, should be able to attach to the segment */
258  memAddress = shmat(shmid, requestedAddress, PG_SHMAT_FLAGS);
259 
260  if (memAddress == (void *) -1)
261  elog(FATAL, "shmat(id=%d, addr=%p, flags=0x%x) failed: %m",
262  shmid, requestedAddress, PG_SHMAT_FLAGS);
263 
264  /* Register on-exit routine to detach new segment before deleting */
266 
267  /*
268  * Store shmem key and ID in data directory lockfile. Format to try to
269  * keep it the same length always (trailing junk in the lockfile won't
270  * hurt, but might confuse humans).
271  */
272  {
273  char line[64];
274 
275  sprintf(line, "%9lu %9lu",
276  (unsigned long) memKey, (unsigned long) shmid);
278  }
279 
280  return memAddress;
281 }
282 
283 /****************************************************************************/
284 /* IpcMemoryDetach(status, shmaddr) removes a shared memory segment */
285 /* from process' address space */
286 /* (called as an on_shmem_exit callback, hence funny argument list) */
287 /****************************************************************************/
288 static void
290 {
291  /* Detach System V shared memory block. */
292  if (shmdt((void *) DatumGetPointer(shmaddr)) < 0)
293  elog(LOG, "shmdt(%p) failed: %m", DatumGetPointer(shmaddr));
294 }
295 
296 /****************************************************************************/
297 /* IpcMemoryDelete(status, shmId) deletes a shared memory segment */
298 /* (called as an on_shmem_exit callback, hence funny argument list) */
299 /****************************************************************************/
300 static void
302 {
303  if (shmctl(DatumGetInt32(shmId), IPC_RMID, NULL) < 0)
304  elog(LOG, "shmctl(%d, %d, 0) failed: %m",
305  DatumGetInt32(shmId), IPC_RMID);
306 }
307 
308 /*
309  * PGSharedMemoryIsInUse
310  *
311  * Is a previously-existing shmem segment still existing and in use?
312  *
313  * The point of this exercise is to detect the case where a prior postmaster
314  * crashed, but it left child backends that are still running. Therefore
315  * we only care about shmem segments that are associated with the intended
316  * DataDir. This is an important consideration since accidental matches of
317  * shmem segment IDs are reasonably common.
318  */
319 bool
320 PGSharedMemoryIsInUse(unsigned long id1, unsigned long id2)
321 {
322  PGShmemHeader *memAddress;
324 
325  state = PGSharedMemoryAttach((IpcMemoryId) id2, NULL, &memAddress);
326  if (memAddress && shmdt((void *) memAddress) < 0)
327  elog(LOG, "shmdt(%p) failed: %m", memAddress);
328  switch (state)
329  {
330  case SHMSTATE_ENOENT:
331  case SHMSTATE_FOREIGN:
332  case SHMSTATE_UNATTACHED:
333  return false;
335  case SHMSTATE_ATTACHED:
336  return true;
337  }
338  return true;
339 }
340 
341 /*
342  * Test for a segment with id shmId; see comment at IpcMemoryState.
343  *
344  * If the segment exists, we'll attempt to attach to it, using attachAt
345  * if that's not NULL (but it's best to pass NULL if possible).
346  *
347  * *addr is set to the segment memory address if we attached to it, else NULL.
348  */
349 static IpcMemoryState
351  void *attachAt,
352  PGShmemHeader **addr)
353 {
354  struct shmid_ds shmStat;
355  struct stat statbuf;
356  PGShmemHeader *hdr;
357 
358  *addr = NULL;
359 
360  /*
361  * First, try to stat the shm segment ID, to see if it exists at all.
362  */
363  if (shmctl(shmId, IPC_STAT, &shmStat) < 0)
364  {
365  /*
366  * EINVAL actually has multiple possible causes documented in the
367  * shmctl man page, but we assume it must mean the segment no longer
368  * exists.
369  */
370  if (errno == EINVAL)
371  return SHMSTATE_ENOENT;
372 
373  /*
374  * EACCES implies we have no read permission, which means it is not a
375  * Postgres shmem segment (or at least, not one that is relevant to
376  * our data directory).
377  */
378  if (errno == EACCES)
379  return SHMSTATE_FOREIGN;
380 
381  /*
382  * Some Linux kernel versions (in fact, all of them as of July 2007)
383  * sometimes return EIDRM when EINVAL is correct. The Linux kernel
384  * actually does not have any internal state that would justify
385  * returning EIDRM, so we can get away with assuming that EIDRM is
386  * equivalent to EINVAL on that platform.
387  */
388 #ifdef HAVE_LINUX_EIDRM_BUG
389  if (errno == EIDRM)
390  return SHMSTATE_ENOENT;
391 #endif
392 
393  /*
394  * Otherwise, we had better assume that the segment is in use. The
395  * only likely case is (non-Linux, assumed spec-compliant) EIDRM,
396  * which implies that the segment has been IPC_RMID'd but there are
397  * still processes attached to it.
398  */
400  }
401 
402  /*
403  * Try to attach to the segment and see if it matches our data directory.
404  * This avoids any risk of duplicate-shmem-key conflicts on machines that
405  * are running several postmasters under the same userid.
406  *
407  * (When we're called from PGSharedMemoryCreate, this stat call is
408  * duplicative; but since this isn't a high-traffic case it's not worth
409  * trying to optimize.)
410  */
411  if (stat(DataDir, &statbuf) < 0)
412  return SHMSTATE_ANALYSIS_FAILURE; /* can't stat; be conservative */
413 
414  hdr = (PGShmemHeader *) shmat(shmId, attachAt, PG_SHMAT_FLAGS);
415  if (hdr == (PGShmemHeader *) -1)
416  {
417  /*
418  * Attachment failed. The cases we're interested in are the same as
419  * for the shmctl() call above. In particular, note that the owning
420  * postmaster could have terminated and removed the segment between
421  * shmctl() and shmat().
422  *
423  * If attachAt isn't NULL, it's possible that EINVAL reflects a
424  * problem with that address not a vanished segment, so it's best to
425  * pass NULL when probing for conflicting segments.
426  */
427  if (errno == EINVAL)
428  return SHMSTATE_ENOENT; /* segment disappeared */
429  if (errno == EACCES)
430  return SHMSTATE_FOREIGN; /* must be non-Postgres */
431 #ifdef HAVE_LINUX_EIDRM_BUG
432  if (errno == EIDRM)
433  return SHMSTATE_ENOENT; /* segment disappeared */
434 #endif
435  /* Otherwise, be conservative. */
437  }
438  *addr = hdr;
439 
440  if (hdr->magic != PGShmemMagic ||
441  hdr->device != statbuf.st_dev ||
442  hdr->inode != statbuf.st_ino)
443  {
444  /*
445  * It's either not a Postgres segment, or not one for my data
446  * directory.
447  */
448  return SHMSTATE_FOREIGN;
449  }
450 
451  /*
452  * It does match our data directory, so now test whether any processes are
453  * still attached to it. (We are, now, but the shm_nattch result is from
454  * before we attached to it.)
455  */
456  return shmStat.shm_nattch == 0 ? SHMSTATE_UNATTACHED : SHMSTATE_ATTACHED;
457 }
458 
459 /*
460  * Identify the huge page size to use, and compute the related mmap flags.
461  *
462  * Some Linux kernel versions have a bug causing mmap() to fail on requests
463  * that are not a multiple of the hugepage size. Versions without that bug
464  * instead silently round the request up to the next hugepage multiple ---
465  * and then munmap() fails when we give it a size different from that.
466  * So we have to round our request up to a multiple of the actual hugepage
467  * size to avoid trouble.
468  *
469  * Doing the round-up ourselves also lets us make use of the extra memory,
470  * rather than just wasting it. Currently, we just increase the available
471  * space recorded in the shmem header, which will make the extra usable for
472  * purposes such as additional locktable entries. Someday, for very large
473  * hugepage sizes, we might want to think about more invasive strategies,
474  * such as increasing shared_buffers to absorb the extra space.
475  *
476  * Returns the (real, assumed or config provided) page size into
477  * *hugepagesize, and the hugepage-related mmap flags to use into
478  * *mmap_flags if requested by the caller. If huge pages are not supported,
479  * *hugepagesize and *mmap_flags are set to 0.
480  */
481 void
482 GetHugePageSize(Size *hugepagesize, int *mmap_flags)
483 {
484 #ifdef MAP_HUGETLB
485 
486  Size default_hugepagesize = 0;
487  Size hugepagesize_local = 0;
488  int mmap_flags_local = 0;
489 
490  /*
491  * System-dependent code to find out the default huge page size.
492  *
493  * On Linux, read /proc/meminfo looking for a line like "Hugepagesize:
494  * nnnn kB". Ignore any failures, falling back to the preset default.
495  */
496 #ifdef __linux__
497 
498  {
499  FILE *fp = AllocateFile("/proc/meminfo", "r");
500  char buf[128];
501  unsigned int sz;
502  char ch;
503 
504  if (fp)
505  {
506  while (fgets(buf, sizeof(buf), fp))
507  {
508  if (sscanf(buf, "Hugepagesize: %u %c", &sz, &ch) == 2)
509  {
510  if (ch == 'k')
511  {
512  default_hugepagesize = sz * (Size) 1024;
513  break;
514  }
515  /* We could accept other units besides kB, if needed */
516  }
517  }
518  FreeFile(fp);
519  }
520  }
521 #endif /* __linux__ */
522 
523  if (huge_page_size != 0)
524  {
525  /* If huge page size is requested explicitly, use that. */
526  hugepagesize_local = (Size) huge_page_size * 1024;
527  }
528  else if (default_hugepagesize != 0)
529  {
530  /* Otherwise use the system default, if we have it. */
531  hugepagesize_local = default_hugepagesize;
532  }
533  else
534  {
535  /*
536  * If we fail to find out the system's default huge page size, or no
537  * huge page size is requested explicitly, assume it is 2MB. This will
538  * work fine when the actual size is less. If it's more, we might get
539  * mmap() or munmap() failures due to unaligned requests; but at this
540  * writing, there are no reports of any non-Linux systems being picky
541  * about that.
542  */
543  hugepagesize_local = 2 * 1024 * 1024;
544  }
545 
546  mmap_flags_local = MAP_HUGETLB;
547 
548  /*
549  * On recent enough Linux, also include the explicit page size, if
550  * necessary.
551  */
552 #if defined(MAP_HUGE_MASK) && defined(MAP_HUGE_SHIFT)
553  if (hugepagesize_local != default_hugepagesize)
554  {
555  int shift = pg_ceil_log2_64(hugepagesize_local);
556 
557  mmap_flags_local |= (shift & MAP_HUGE_MASK) << MAP_HUGE_SHIFT;
558  }
559 #endif
560 
561  /* assign the results found */
562  if (mmap_flags)
563  *mmap_flags = mmap_flags_local;
564  if (hugepagesize)
565  *hugepagesize = hugepagesize_local;
566 
567 #else
568 
569  if (hugepagesize)
570  *hugepagesize = 0;
571  if (mmap_flags)
572  *mmap_flags = 0;
573 
574 #endif /* MAP_HUGETLB */
575 }
576 
577 /*
578  * Creates an anonymous mmap()ed shared memory segment.
579  *
580  * Pass the requested size in *size. This function will modify *size to the
581  * actual size of the allocation, if it ends up allocating a segment that is
582  * larger than requested.
583  */
584 static void *
586 {
587  Size allocsize = *size;
588  void *ptr = MAP_FAILED;
589  int mmap_errno = 0;
590 
591 #ifndef MAP_HUGETLB
592  /* PGSharedMemoryCreate should have dealt with this case */
594 #else
596  {
597  /*
598  * Round up the request size to a suitable large value.
599  */
600  Size hugepagesize;
601  int mmap_flags;
602 
603  GetHugePageSize(&hugepagesize, &mmap_flags);
604 
605  if (allocsize % hugepagesize != 0)
606  allocsize += hugepagesize - (allocsize % hugepagesize);
607 
608  ptr = mmap(NULL, allocsize, PROT_READ | PROT_WRITE,
609  PG_MMAP_FLAGS | mmap_flags, -1, 0);
610  mmap_errno = errno;
611  if (huge_pages == HUGE_PAGES_TRY && ptr == MAP_FAILED)
612  elog(DEBUG1, "mmap(%zu) with MAP_HUGETLB failed, huge pages disabled: %m",
613  allocsize);
614  }
615 #endif
616 
617  if (ptr == MAP_FAILED && huge_pages != HUGE_PAGES_ON)
618  {
619  /*
620  * Use the original size, not the rounded-up value, when falling back
621  * to non-huge pages.
622  */
623  allocsize = *size;
624  ptr = mmap(NULL, allocsize, PROT_READ | PROT_WRITE,
625  PG_MMAP_FLAGS, -1, 0);
626  mmap_errno = errno;
627  }
628 
629  if (ptr == MAP_FAILED)
630  {
631  errno = mmap_errno;
632  ereport(FATAL,
633  (errmsg("could not map anonymous shared memory: %m"),
634  (mmap_errno == ENOMEM) ?
635  errhint("This error usually means that PostgreSQL's request "
636  "for a shared memory segment exceeded available memory, "
637  "swap space, or huge pages. To reduce the request size "
638  "(currently %zu bytes), reduce PostgreSQL's shared "
639  "memory usage, perhaps by reducing shared_buffers or "
640  "max_connections.",
641  allocsize) : 0));
642  }
643 
644  *size = allocsize;
645  return ptr;
646 }
647 
648 /*
649  * AnonymousShmemDetach --- detach from an anonymous mmap'd block
650  * (called as an on_shmem_exit callback, hence funny argument list)
651  */
652 static void
654 {
655  /* Release anonymous shared memory block, if any. */
656  if (AnonymousShmem != NULL)
657  {
658  if (munmap(AnonymousShmem, AnonymousShmemSize) < 0)
659  elog(LOG, "munmap(%p, %zu) failed: %m",
661  AnonymousShmem = NULL;
662  }
663 }
664 
665 /*
666  * PGSharedMemoryCreate
667  *
668  * Create a shared memory segment of the given size and initialize its
669  * standard header. Also, register an on_shmem_exit callback to release
670  * the storage.
671  *
672  * Dead Postgres segments pertinent to this DataDir are recycled if found, but
673  * we do not fail upon collision with foreign shmem segments. The idea here
674  * is to detect and re-use keys that may have been assigned by a crashed
675  * postmaster or backend.
676  */
679  PGShmemHeader **shim)
680 {
681  IpcMemoryKey NextShmemSegID;
682  void *memAddress;
683  PGShmemHeader *hdr;
684  struct stat statbuf;
685  Size sysvsize;
686 
687  /*
688  * We use the data directory's ID info (inode and device numbers) to
689  * positively identify shmem segments associated with this data dir, and
690  * also as seeds for searching for a free shmem key.
691  */
692  if (stat(DataDir, &statbuf) < 0)
693  ereport(FATAL,
695  errmsg("could not stat data directory \"%s\": %m",
696  DataDir)));
697 
698  /* Complain if hugepages demanded but we can't possibly support them */
699 #if !defined(MAP_HUGETLB)
700  if (huge_pages == HUGE_PAGES_ON)
701  ereport(ERROR,
702  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
703  errmsg("huge pages not supported on this platform")));
704 #endif
705 
706  /* For now, we don't support huge pages in SysV memory */
708  ereport(ERROR,
709  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
710  errmsg("huge pages not supported with the current shared_memory_type setting")));
711 
712  /* Room for a header? */
713  Assert(size > MAXALIGN(sizeof(PGShmemHeader)));
714 
716  {
718  AnonymousShmemSize = size;
719 
720  /* Register on-exit routine to unmap the anonymous segment */
722 
723  /* Now we need only allocate a minimal-sized SysV shmem block. */
724  sysvsize = sizeof(PGShmemHeader);
725  }
726  else
727  sysvsize = size;
728 
729  /*
730  * Loop till we find a free IPC key. Trust CreateDataDirLockFile() to
731  * ensure no more than one postmaster per data directory can enter this
732  * loop simultaneously. (CreateDataDirLockFile() does not entirely ensure
733  * that, but prefer fixing it over coping here.)
734  */
735  NextShmemSegID = statbuf.st_ino;
736 
737  for (;;)
738  {
739  IpcMemoryId shmid;
740  PGShmemHeader *oldhdr;
742 
743  /* Try to create new segment */
744  memAddress = InternalIpcMemoryCreate(NextShmemSegID, sysvsize);
745  if (memAddress)
746  break; /* successful create and attach */
747 
748  /* Check shared memory and possibly remove and recreate */
749 
750  /*
751  * shmget() failure is typically EACCES, hence SHMSTATE_FOREIGN.
752  * ENOENT, a narrow possibility, implies SHMSTATE_ENOENT, but one can
753  * safely treat SHMSTATE_ENOENT like SHMSTATE_FOREIGN.
754  */
755  shmid = shmget(NextShmemSegID, sizeof(PGShmemHeader), 0);
756  if (shmid < 0)
757  {
758  oldhdr = NULL;
760  }
761  else
762  state = PGSharedMemoryAttach(shmid, NULL, &oldhdr);
763 
764  switch (state)
765  {
767  case SHMSTATE_ATTACHED:
768  ereport(FATAL,
769  (errcode(ERRCODE_LOCK_FILE_EXISTS),
770  errmsg("pre-existing shared memory block (key %lu, ID %lu) is still in use",
771  (unsigned long) NextShmemSegID,
772  (unsigned long) shmid),
773  errhint("Terminate any old server processes associated with data directory \"%s\".",
774  DataDir)));
775  break;
776  case SHMSTATE_ENOENT:
777 
778  /*
779  * To our surprise, some other process deleted since our last
780  * InternalIpcMemoryCreate(). Moments earlier, we would have
781  * seen SHMSTATE_FOREIGN. Try that same ID again.
782  */
783  elog(LOG,
784  "shared memory block (key %lu, ID %lu) deleted during startup",
785  (unsigned long) NextShmemSegID,
786  (unsigned long) shmid);
787  break;
788  case SHMSTATE_FOREIGN:
789  NextShmemSegID++;
790  break;
791  case SHMSTATE_UNATTACHED:
792 
793  /*
794  * The segment pertains to DataDir, and every process that had
795  * used it has died or detached. Zap it, if possible, and any
796  * associated dynamic shared memory segments, as well. This
797  * shouldn't fail, but if it does, assume the segment belongs
798  * to someone else after all, and try the next candidate.
799  * Otherwise, try again to create the segment. That may fail
800  * if some other process creates the same shmem key before we
801  * do, in which case we'll try the next key.
802  */
803  if (oldhdr->dsm_control != 0)
805  if (shmctl(shmid, IPC_RMID, NULL) < 0)
806  NextShmemSegID++;
807  break;
808  }
809 
810  if (oldhdr && shmdt((void *) oldhdr) < 0)
811  elog(LOG, "shmdt(%p) failed: %m", oldhdr);
812  }
813 
814  /* Initialize new segment. */
815  hdr = (PGShmemHeader *) memAddress;
816  hdr->creatorPID = getpid();
817  hdr->magic = PGShmemMagic;
818  hdr->dsm_control = 0;
819 
820  /* Fill in the data directory ID info, too */
821  hdr->device = statbuf.st_dev;
822  hdr->inode = statbuf.st_ino;
823 
824  /*
825  * Initialize space allocation status for segment.
826  */
827  hdr->totalsize = size;
828  hdr->freeoffset = MAXALIGN(sizeof(PGShmemHeader));
829  *shim = hdr;
830 
831  /* Save info for possible future use */
832  UsedShmemSegAddr = memAddress;
833  UsedShmemSegID = (unsigned long) NextShmemSegID;
834 
835  /*
836  * If AnonymousShmem is NULL here, then we're not using anonymous shared
837  * memory, and should return a pointer to the System V shared memory
838  * block. Otherwise, the System V shared memory block is only a shim, and
839  * we must return a pointer to the real block.
840  */
841  if (AnonymousShmem == NULL)
842  return hdr;
843  memcpy(AnonymousShmem, hdr, sizeof(PGShmemHeader));
844  return (PGShmemHeader *) AnonymousShmem;
845 }
846 
847 #ifdef EXEC_BACKEND
848 
849 /*
850  * PGSharedMemoryReAttach
851  *
852  * This is called during startup of a postmaster child process to re-attach to
853  * an already existing shared memory segment. This is needed only in the
854  * EXEC_BACKEND case; otherwise postmaster children inherit the shared memory
855  * segment attachment via fork().
856  *
857  * UsedShmemSegID and UsedShmemSegAddr are implicit parameters to this
858  * routine. The caller must have already restored them to the postmaster's
859  * values.
860  */
861 void
863 {
864  IpcMemoryId shmid;
865  PGShmemHeader *hdr;
867  void *origUsedShmemSegAddr = UsedShmemSegAddr;
868 
869  Assert(UsedShmemSegAddr != NULL);
871 
872 #ifdef __CYGWIN__
873  /* cygipc (currently) appears to not detach on exec. */
875  UsedShmemSegAddr = origUsedShmemSegAddr;
876 #endif
877 
878  elog(DEBUG3, "attaching to %p", UsedShmemSegAddr);
879  shmid = shmget(UsedShmemSegID, sizeof(PGShmemHeader), 0);
880  if (shmid < 0)
882  else
884  if (state != SHMSTATE_ATTACHED)
885  elog(FATAL, "could not reattach to shared memory (key=%d, addr=%p): %m",
887  if (hdr != origUsedShmemSegAddr)
888  elog(FATAL, "reattaching to shared memory returned unexpected address (got %p, expected %p)",
889  hdr, origUsedShmemSegAddr);
890  dsm_set_control_handle(hdr->dsm_control);
891 
892  UsedShmemSegAddr = hdr; /* probably redundant */
893 }
894 
895 /*
896  * PGSharedMemoryNoReAttach
897  *
898  * This is called during startup of a postmaster child process when we choose
899  * *not* to re-attach to the existing shared memory segment. We must clean up
900  * to leave things in the appropriate state. This is not used in the non
901  * EXEC_BACKEND case, either.
902  *
903  * The child process startup logic might or might not call PGSharedMemoryDetach
904  * after this; make sure that it will be a no-op if called.
905  *
906  * UsedShmemSegID and UsedShmemSegAddr are implicit parameters to this
907  * routine. The caller must have already restored them to the postmaster's
908  * values.
909  */
910 void
912 {
913  Assert(UsedShmemSegAddr != NULL);
915 
916 #ifdef __CYGWIN__
917  /* cygipc (currently) appears to not detach on exec. */
919 #endif
920 
921  /* For cleanliness, reset UsedShmemSegAddr to show we're not attached. */
922  UsedShmemSegAddr = NULL;
923  /* And the same for UsedShmemSegID. */
924  UsedShmemSegID = 0;
925 }
926 
927 #endif /* EXEC_BACKEND */
928 
929 /*
930  * PGSharedMemoryDetach
931  *
932  * Detach from the shared memory segment, if still attached. This is not
933  * intended to be called explicitly by the process that originally created the
934  * segment (it will have on_shmem_exit callback(s) registered to do that).
935  * Rather, this is for subprocesses that have inherited an attachment and want
936  * to get rid of it.
937  *
938  * UsedShmemSegID and UsedShmemSegAddr are implicit parameters to this
939  * routine, also AnonymousShmem and AnonymousShmemSize.
940  */
941 void
943 {
944  if (UsedShmemSegAddr != NULL)
945  {
946  if ((shmdt(UsedShmemSegAddr) < 0)
947 #if defined(EXEC_BACKEND) && defined(__CYGWIN__)
948  /* Work-around for cygipc exec bug */
949  && shmdt(NULL) < 0
950 #endif
951  )
952  elog(LOG, "shmdt(%p) failed: %m", UsedShmemSegAddr);
953  UsedShmemSegAddr = NULL;
954  }
955 
956  if (AnonymousShmem != NULL)
957  {
958  if (munmap(AnonymousShmem, AnonymousShmemSize) < 0)
959  elog(LOG, "munmap(%p, %zu) failed: %m",
961  AnonymousShmem = NULL;
962  }
963 }
#define MAXALIGN(LEN)
Definition: c.h:757
size_t Size
Definition: c.h:540
void dsm_cleanup_using_control_segment(dsm_handle old_control_handle)
Definition: dsm.c:212
int errcode_for_file_access(void)
Definition: elog.c:716
int errdetail(const char *fmt,...)
Definition: elog.c:1037
int errhint(const char *fmt,...)
Definition: elog.c:1151
int errcode(int sqlerrcode)
Definition: elog.c:693
int errmsg(const char *fmt,...)
Definition: elog.c:904
#define LOG
Definition: elog.h:25
#define DEBUG3
Definition: elog.h:22
#define FATAL
Definition: elog.h:35
#define DEBUG1
Definition: elog.h:24
#define ERROR
Definition: elog.h:33
#define elog(elevel,...)
Definition: elog.h:218
#define ereport(elevel,...)
Definition: elog.h:143
FILE * AllocateFile(const char *name, const char *mode)
Definition: fd.c:2461
int FreeFile(FILE *file)
Definition: fd.c:2660
bool IsUnderPostmaster
Definition: globals.c:113
char * DataDir
Definition: globals.c:66
int huge_pages
Definition: guc.c:680
int huge_page_size
Definition: guc.c:681
void on_shmem_exit(pg_on_exit_callback function, Datum arg)
Definition: ipc.c:361
int shared_memory_type
Definition: ipci.c:53
Assert(fmt[strlen(fmt) - 1] !='\n')
#define PG_MMAP_FLAGS
Definition: mem.h:41
#define PG_SHMAT_FLAGS
Definition: mem.h:20
#define MAP_FAILED
Definition: mem.h:45
void AddToDataDirLockFile(int target_line, const char *str)
Definition: miscinit.c:1351
void * arg
static uint64 pg_ceil_log2_64(uint64 num)
Definition: pg_bitutils.h:242
static void static void status(const char *fmt,...) pg_attribute_printf(1
Definition: pg_regress.c:229
@ HUGE_PAGES_ON
Definition: pg_shmem.h:53
@ HUGE_PAGES_TRY
Definition: pg_shmem.h:54
#define PGShmemMagic
Definition: pg_shmem.h:32
@ SHMEM_TYPE_MMAP
Definition: pg_shmem.h:62
struct PGShmemHeader PGShmemHeader
static char * buf
Definition: pg_test_fsync.c:67
#define LOCK_FILE_LINE_SHMEM_KEY
Definition: pidfile.h:43
#define sprintf
Definition: port.h:227
#define IPCProtection
Definition: posix_sema.c:59
uintptr_t Datum
Definition: postgres.h:411
#define DatumGetPointer(X)
Definition: postgres.h:593
#define DatumGetInt32(X)
Definition: postgres.h:516
#define Int32GetDatum(X)
Definition: postgres.h:523
#define PointerGetDatum(X)
Definition: postgres.h:600
dsm_handle dsm_control
Definition: pg_shmem.h:36
ino_t inode
Definition: pg_shmem.h:40
Size freeoffset
Definition: pg_shmem.h:35
pid_t creatorPID
Definition: pg_shmem.h:33
dev_t device
Definition: pg_shmem.h:39
int32 magic
Definition: pg_shmem.h:31
Size totalsize
Definition: pg_shmem.h:34
_dev_t st_dev
Definition: win32_port.h:266
_ino_t st_ino
Definition: win32_port.h:267
Definition: regguts.h:318
static void AnonymousShmemDetach(int status, Datum arg)
Definition: sysv_shmem.c:653
PGShmemHeader * PGSharedMemoryCreate(Size size, PGShmemHeader **shim)
Definition: sysv_shmem.c:678
void PGSharedMemoryDetach(void)
Definition: sysv_shmem.c:942
static void * CreateAnonymousSegment(Size *size)
Definition: sysv_shmem.c:585
int IpcMemoryId
Definition: sysv_shmem.c:74
IpcMemoryState
Definition: sysv_shmem.c:88
@ SHMSTATE_ATTACHED
Definition: sysv_shmem.c:90
@ SHMSTATE_UNATTACHED
Definition: sysv_shmem.c:93
@ SHMSTATE_FOREIGN
Definition: sysv_shmem.c:92
@ SHMSTATE_ENOENT
Definition: sysv_shmem.c:91
@ SHMSTATE_ANALYSIS_FAILURE
Definition: sysv_shmem.c:89
static Size AnonymousShmemSize
Definition: sysv_shmem.c:100
key_t IpcMemoryKey
Definition: sysv_shmem.c:73
unsigned long UsedShmemSegID
Definition: sysv_shmem.c:97
static void * InternalIpcMemoryCreate(IpcMemoryKey memKey, Size size)
Definition: sysv_shmem.c:124
void GetHugePageSize(Size *hugepagesize, int *mmap_flags)
Definition: sysv_shmem.c:482
void * UsedShmemSegAddr
Definition: sysv_shmem.c:98
bool PGSharedMemoryIsInUse(unsigned long id1, unsigned long id2)
Definition: sysv_shmem.c:320
static void IpcMemoryDetach(int status, Datum shmaddr)
Definition: sysv_shmem.c:289
static IpcMemoryState PGSharedMemoryAttach(IpcMemoryId shmId, void *attachAt, PGShmemHeader **addr)
Definition: sysv_shmem.c:350
static void * AnonymousShmem
Definition: sysv_shmem.c:101
static void IpcMemoryDelete(int status, Datum shmId)
Definition: sysv_shmem.c:301
#define stat
Definition: win32_port.h:283
#define IPC_STAT
Definition: win32_port.h:99
#define IPC_RMID
Definition: win32_port.h:94
long key_t
Definition: win32_port.h:247
#define IPC_EXCL
Definition: win32_port.h:96
#define IPC_CREAT
Definition: win32_port.h:95
#define EIDRM
Definition: win32_port.h:103
void PGSharedMemoryReAttach(void)
Definition: win32_shmem.c:409
void PGSharedMemoryNoReAttach(void)
Definition: win32_shmem.c:457