1 /*-------------------------------------------------------------------------
4 * routines to manage per-process shared memory data structure
6 * Portions Copyright (c) 1996-2010, PostgreSQL Global Development Group
7 * Portions Copyright (c) 1994, Regents of the University of California
11 * $PostgreSQL: pgsql/src/backend/storage/lmgr/proc.c,v 1.211 2010/01/02 16:57:52 momjian Exp $
13 *-------------------------------------------------------------------------
17 * ProcSleep(), ProcWakeup(),
18 * ProcQueueAlloc() -- create a shm queue for sleeping processes
19 * ProcQueueInit() -- create a queue without allocing memory
21 * Waiting for a lock causes the backend to be put to sleep. Whoever releases
22 * the lock wakes the process up again (and gives it an error code so it knows
23 * whether it was awoken on an error condition).
27 * ProcReleaseLocks -- frees the locks associated with current transaction
29 * ProcKill -- destroys the shared memory state (and locks)
30 * associated with the process.
38 #include "access/transam.h"
39 #include "access/xact.h"
40 #include "miscadmin.h"
41 #include "postmaster/autovacuum.h"
42 #include "storage/ipc.h"
43 #include "storage/lmgr.h"
44 #include "storage/pmsignal.h"
45 #include "storage/proc.h"
46 #include "storage/procarray.h"
47 #include "storage/spin.h"
51 int DeadlockTimeout = 1000;
52 int StatementTimeout = 0;
53 bool log_lock_waits = false;
55 /* Pointer to this process's PGPROC struct, if any */
56 PGPROC *MyProc = NULL;
59 * This spinlock protects the freelist of recycled PGPROC structures.
60 * We cannot use an LWLock because the LWLock manager depends on already
61 * having a PGPROC and a wait semaphore! But these structures are touched
62 * relatively infrequently (only at backend startup or shutdown) and not for
63 * very long, so a spinlock is okay.
65 NON_EXEC_STATIC slock_t *ProcStructLock = NULL;
67 /* Pointers to shared-memory structures */
68 NON_EXEC_STATIC PROC_HDR *ProcGlobal = NULL;
69 NON_EXEC_STATIC PGPROC *AuxiliaryProcs = NULL;
71 /* If we are waiting for a lock, this points to the associated LOCALLOCK */
72 static LOCALLOCK *lockAwaited = NULL;
74 /* Mark these volatile because they can be changed by signal handler */
75 static volatile bool statement_timeout_active = false;
76 static volatile bool deadlock_timeout_active = false;
77 static volatile DeadLockState deadlock_state = DS_NOT_YET_CHECKED;
78 volatile bool cancel_from_timeout = false;
80 /* timeout_start_time is set when log_lock_waits is true */
81 static TimestampTz timeout_start_time;
83 /* statement_fin_time is valid only if statement_timeout_active is true */
84 static TimestampTz statement_fin_time;
87 static void RemoveProcFromArray(int code, Datum arg);
88 static void ProcKill(int code, Datum arg);
89 static void AuxiliaryProcKill(int code, Datum arg);
90 static bool CheckStatementTimeout(void);
94 * Report shared-memory space needed by InitProcGlobal.
97 ProcGlobalShmemSize(void)
102 size = add_size(size, sizeof(PROC_HDR));
104 size = add_size(size, mul_size(NUM_AUXILIARY_PROCS, sizeof(PGPROC)));
105 /* MyProcs, including autovacuum workers and launcher */
106 size = add_size(size, mul_size(MaxBackends, sizeof(PGPROC)));
108 size = add_size(size, sizeof(slock_t));
114 * Report number of semaphores needed by InitProcGlobal.
117 ProcGlobalSemas(void)
120 * We need a sema per backend (including autovacuum), plus one for each
123 return MaxBackends + NUM_AUXILIARY_PROCS;
128 * Initialize the global process table during postmaster or standalone
131 * We also create all the per-process semaphores we will need to support
132 * the requested number of backends. We used to allocate semaphores
133 * only when backends were actually started up, but that is bad because
134 * it lets Postgres fail under load --- a lot of Unix systems are
135 * (mis)configured with small limits on the number of semaphores, and
136 * running out when trying to start another backend is a common failure.
137 * So, now we grab enough semaphores to support the desired max number
138 * of backends immediately at initialization --- if the sysadmin has set
139 * MaxConnections or autovacuum_max_workers higher than his kernel will
140 * support, he'll find out sooner rather than later.
142 * Another reason for creating semaphores here is that the semaphore
143 * implementation typically requires us to create semaphores in the
144 * postmaster, not in backends.
146 * Note: this is NOT called by individual backends under a postmaster,
147 * not even in the EXEC_BACKEND case. The ProcGlobal and AuxiliaryProcs
148 * pointers must be propagated specially for EXEC_BACKEND operation.
157 /* Create the ProcGlobal shared structure */
158 ProcGlobal = (PROC_HDR *)
159 ShmemInitStruct("Proc Header", sizeof(PROC_HDR), &found);
163 * Create the PGPROC structures for auxiliary (bgwriter) processes, too.
164 * These do not get linked into the freeProcs list.
166 AuxiliaryProcs = (PGPROC *)
167 ShmemInitStruct("AuxiliaryProcs", NUM_AUXILIARY_PROCS * sizeof(PGPROC),
172 * Initialize the data structures.
174 ProcGlobal->freeProcs = NULL;
175 ProcGlobal->autovacFreeProcs = NULL;
177 ProcGlobal->spins_per_delay = DEFAULT_SPINS_PER_DELAY;
180 * Pre-create the PGPROC structures and create a semaphore for each.
182 procs = (PGPROC *) ShmemAlloc((MaxConnections) * sizeof(PGPROC));
185 (errcode(ERRCODE_OUT_OF_MEMORY),
186 errmsg("out of shared memory")));
187 MemSet(procs, 0, MaxConnections * sizeof(PGPROC));
188 for (i = 0; i < MaxConnections; i++)
190 PGSemaphoreCreate(&(procs[i].sem));
191 procs[i].links.next = (SHM_QUEUE *) ProcGlobal->freeProcs;
192 ProcGlobal->freeProcs = &procs[i];
196 * Likewise for the PGPROCs reserved for autovacuum.
198 * Note: the "+1" here accounts for the autovac launcher
200 procs = (PGPROC *) ShmemAlloc((autovacuum_max_workers + 1) * sizeof(PGPROC));
203 (errcode(ERRCODE_OUT_OF_MEMORY),
204 errmsg("out of shared memory")));
205 MemSet(procs, 0, (autovacuum_max_workers + 1) * sizeof(PGPROC));
206 for (i = 0; i < autovacuum_max_workers + 1; i++)
208 PGSemaphoreCreate(&(procs[i].sem));
209 procs[i].links.next = (SHM_QUEUE *) ProcGlobal->autovacFreeProcs;
210 ProcGlobal->autovacFreeProcs = &procs[i];
214 * And auxiliary procs.
216 MemSet(AuxiliaryProcs, 0, NUM_AUXILIARY_PROCS * sizeof(PGPROC));
217 for (i = 0; i < NUM_AUXILIARY_PROCS; i++)
219 AuxiliaryProcs[i].pid = 0; /* marks auxiliary proc as not in use */
220 PGSemaphoreCreate(&(AuxiliaryProcs[i].sem));
223 /* Create ProcStructLock spinlock, too */
224 ProcStructLock = (slock_t *) ShmemAlloc(sizeof(slock_t));
225 SpinLockInit(ProcStructLock);
229 * InitProcess -- initialize a per-process data structure for this backend
234 /* use volatile pointer to prevent code rearrangement */
235 volatile PROC_HDR *procglobal = ProcGlobal;
239 * ProcGlobal should be set up already (if we are a backend, we inherit
240 * this by fork() or EXEC_BACKEND mechanism from the postmaster).
242 if (procglobal == NULL)
243 elog(PANIC, "proc header uninitialized");
246 elog(ERROR, "you already exist");
249 * Try to get a proc struct from the free list. If this fails, we must be
250 * out of PGPROC structures (not to mention semaphores).
252 * While we are holding the ProcStructLock, also copy the current shared
253 * estimate of spins_per_delay to local storage.
255 SpinLockAcquire(ProcStructLock);
257 set_spins_per_delay(procglobal->spins_per_delay);
259 if (IsAnyAutoVacuumProcess())
260 MyProc = procglobal->autovacFreeProcs;
262 MyProc = procglobal->freeProcs;
266 if (IsAnyAutoVacuumProcess())
267 procglobal->autovacFreeProcs = (PGPROC *) MyProc->links.next;
269 procglobal->freeProcs = (PGPROC *) MyProc->links.next;
270 SpinLockRelease(ProcStructLock);
275 * If we reach here, all the PGPROCs are in use. This is one of the
276 * possible places to detect "too many backends", so give the standard
277 * error message. XXX do we need to give a different failure message
278 * in the autovacuum case?
280 SpinLockRelease(ProcStructLock);
282 (errcode(ERRCODE_TOO_MANY_CONNECTIONS),
283 errmsg("sorry, too many clients already")));
287 * Now that we have a PGPROC, mark ourselves as an active postmaster
288 * child; this is so that the postmaster can detect it if we exit without
289 * cleaning up. (XXX autovac launcher currently doesn't participate in
290 * this; it probably should.)
292 if (IsUnderPostmaster && !IsAutoVacuumLauncherProcess())
293 MarkPostmasterChildActive();
296 * Initialize all fields of MyProc, except for the semaphore which was
297 * prepared for us by InitProcGlobal.
299 SHMQueueElemInit(&(MyProc->links));
300 MyProc->waitStatus = STATUS_OK;
301 MyProc->lxid = InvalidLocalTransactionId;
302 MyProc->xid = InvalidTransactionId;
303 MyProc->xmin = InvalidTransactionId;
304 MyProc->pid = MyProcPid;
305 /* backendId, databaseId and roleId will be filled in later */
306 MyProc->backendId = InvalidBackendId;
307 MyProc->databaseId = InvalidOid;
308 MyProc->roleId = InvalidOid;
309 MyProc->inCommit = false;
310 MyProc->vacuumFlags = 0;
311 /* NB -- autovac launcher intentionally does not set IS_AUTOVACUUM */
312 if (IsAutoVacuumWorkerProcess())
313 MyProc->vacuumFlags |= PROC_IS_AUTOVACUUM;
314 MyProc->lwWaiting = false;
315 MyProc->lwExclusive = false;
316 MyProc->lwWaitLink = NULL;
317 MyProc->waitLock = NULL;
318 MyProc->waitProcLock = NULL;
319 for (i = 0; i < NUM_LOCK_PARTITIONS; i++)
320 SHMQueueInit(&(MyProc->myProcLocks[i]));
321 MyProc->recoveryConflictMode = 0;
324 * We might be reusing a semaphore that belonged to a failed process. So
325 * be careful and reinitialize its value here. (This is not strictly
326 * necessary anymore, but seems like a good idea for cleanliness.)
328 PGSemaphoreReset(&MyProc->sem);
331 * Arrange to clean up at backend exit.
333 on_shmem_exit(ProcKill, 0);
336 * Now that we have a PGPROC, we could try to acquire locks, so initialize
337 * the deadlock checker.
339 InitDeadLockChecking();
343 * InitProcessPhase2 -- make MyProc visible in the shared ProcArray.
345 * This is separate from InitProcess because we can't acquire LWLocks until
346 * we've created a PGPROC, but in the EXEC_BACKEND case ProcArrayAdd won't
347 * work until after we've done CreateSharedMemoryAndSemaphores.
350 InitProcessPhase2(void)
352 Assert(MyProc != NULL);
355 * Add our PGPROC to the PGPROC array in shared memory.
357 ProcArrayAdd(MyProc);
360 * Arrange to clean that up at backend exit.
362 on_shmem_exit(RemoveProcFromArray, 0);
366 * InitAuxiliaryProcess -- create a per-auxiliary-process data structure
368 * This is called by bgwriter and similar processes so that they will have a
369 * MyProc value that's real enough to let them wait for LWLocks. The PGPROC
370 * and sema that are assigned are one of the extra ones created during
373 * Auxiliary processes are presently not expected to wait for real (lockmgr)
374 * locks, so we need not set up the deadlock checker. They are never added
375 * to the ProcArray or the sinval messaging mechanism, either. They also
376 * don't get a VXID assigned, since this is only useful when we actually
377 * hold lockmgr locks.
379 * Startup process however uses locks but never waits for them in the
380 * normal backend sense. Startup process also takes part in sinval messaging
381 * as a sendOnly process, so never reads messages from sinval queue. So
382 * Startup process does have a VXID and does show up in pg_locks.
385 InitAuxiliaryProcess(void)
392 * ProcGlobal should be set up already (if we are a backend, we inherit
393 * this by fork() or EXEC_BACKEND mechanism from the postmaster).
395 if (ProcGlobal == NULL || AuxiliaryProcs == NULL)
396 elog(PANIC, "proc header uninitialized");
399 elog(ERROR, "you already exist");
402 * We use the ProcStructLock to protect assignment and releasing of
403 * AuxiliaryProcs entries.
405 * While we are holding the ProcStructLock, also copy the current shared
406 * estimate of spins_per_delay to local storage.
408 SpinLockAcquire(ProcStructLock);
410 set_spins_per_delay(ProcGlobal->spins_per_delay);
413 * Find a free auxproc ... *big* trouble if there isn't one ...
415 for (proctype = 0; proctype < NUM_AUXILIARY_PROCS; proctype++)
417 auxproc = &AuxiliaryProcs[proctype];
418 if (auxproc->pid == 0)
421 if (proctype >= NUM_AUXILIARY_PROCS)
423 SpinLockRelease(ProcStructLock);
424 elog(FATAL, "all AuxiliaryProcs are in use");
427 /* Mark auxiliary proc as in use by me */
428 /* use volatile pointer to prevent code rearrangement */
429 ((volatile PGPROC *) auxproc)->pid = MyProcPid;
433 SpinLockRelease(ProcStructLock);
436 * Initialize all fields of MyProc, except for the semaphore which was
437 * prepared for us by InitProcGlobal.
439 SHMQueueElemInit(&(MyProc->links));
440 MyProc->waitStatus = STATUS_OK;
441 MyProc->lxid = InvalidLocalTransactionId;
442 MyProc->xid = InvalidTransactionId;
443 MyProc->xmin = InvalidTransactionId;
444 MyProc->backendId = InvalidBackendId;
445 MyProc->databaseId = InvalidOid;
446 MyProc->roleId = InvalidOid;
447 MyProc->inCommit = false;
448 MyProc->vacuumFlags = 0;
449 MyProc->lwWaiting = false;
450 MyProc->lwExclusive = false;
451 MyProc->lwWaitLink = NULL;
452 MyProc->waitLock = NULL;
453 MyProc->waitProcLock = NULL;
454 for (i = 0; i < NUM_LOCK_PARTITIONS; i++)
455 SHMQueueInit(&(MyProc->myProcLocks[i]));
458 * We might be reusing a semaphore that belonged to a failed process. So
459 * be careful and reinitialize its value here. (This is not strictly
460 * necessary anymore, but seems like a good idea for cleanliness.)
462 PGSemaphoreReset(&MyProc->sem);
465 * Arrange to clean up at process exit.
467 on_shmem_exit(AuxiliaryProcKill, Int32GetDatum(proctype));
471 * Record the PID and PGPROC structures for the Startup process, for use in
472 * ProcSendSignal(). See comments there for further explanation.
475 PublishStartupProcessInformation(void)
477 /* use volatile pointer to prevent code rearrangement */
478 volatile PROC_HDR *procglobal = ProcGlobal;
480 SpinLockAcquire(ProcStructLock);
482 procglobal->startupProc = MyProc;
483 procglobal->startupProcPid = MyProcPid;
485 SpinLockRelease(ProcStructLock);
489 * Check whether there are at least N free PGPROC objects.
491 * Note: this is designed on the assumption that N will generally be small.
494 HaveNFreeProcs(int n)
498 /* use volatile pointer to prevent code rearrangement */
499 volatile PROC_HDR *procglobal = ProcGlobal;
501 SpinLockAcquire(ProcStructLock);
503 proc = procglobal->freeProcs;
505 while (n > 0 && proc != NULL)
507 proc = (PGPROC *) proc->links.next;
511 SpinLockRelease(ProcStructLock);
517 * Cancel any pending wait for lock, when aborting a transaction.
519 * (Normally, this would only happen if we accept a cancel/die
520 * interrupt while waiting; but an ereport(ERROR) while waiting is
521 * within the realm of possibility, too.)
526 LWLockId partitionLock;
528 /* Nothing to do if we weren't waiting for a lock */
529 if (lockAwaited == NULL)
532 /* Turn off the deadlock timer, if it's still running (see ProcSleep) */
533 disable_sig_alarm(false);
535 /* Unlink myself from the wait queue, if on it (might not be anymore!) */
536 partitionLock = LockHashPartitionLock(lockAwaited->hashcode);
537 LWLockAcquire(partitionLock, LW_EXCLUSIVE);
539 if (MyProc->links.next != NULL)
541 /* We could not have been granted the lock yet */
542 RemoveFromWaitQueue(MyProc, lockAwaited->hashcode);
547 * Somebody kicked us off the lock queue already. Perhaps they
548 * granted us the lock, or perhaps they detected a deadlock. If they
549 * did grant us the lock, we'd better remember it in our local lock
552 if (MyProc->waitStatus == STATUS_OK)
558 LWLockRelease(partitionLock);
561 * We used to do PGSemaphoreReset() here to ensure that our proc's wait
562 * semaphore is reset to zero. This prevented a leftover wakeup signal
563 * from remaining in the semaphore if someone else had granted us the lock
564 * we wanted before we were able to remove ourselves from the wait-list.
565 * However, now that ProcSleep loops until waitStatus changes, a leftover
566 * wakeup signal isn't harmful, and it seems not worth expending cycles to
567 * get rid of a signal that most likely isn't there.
573 * ProcReleaseLocks() -- release locks associated with current transaction
574 * at main transaction commit or abort
576 * At main transaction commit, we release all locks except session locks.
577 * At main transaction abort, we release all locks including session locks;
578 * this lets us clean up after a VACUUM FULL failure.
580 * At subtransaction commit, we don't release any locks (so this func is not
581 * needed at all); we will defer the releasing to the parent transaction.
582 * At subtransaction abort, we release all locks held by the subtransaction;
583 * this is implemented by retail releasing of the locks under control of
584 * the ResourceOwner mechanism.
586 * Note that user locks are not released in any case.
589 ProcReleaseLocks(bool isCommit)
593 /* If waiting, get off wait queue (should only be needed after error) */
596 LockReleaseAll(DEFAULT_LOCKMETHOD, !isCommit);
601 * RemoveProcFromArray() -- Remove this process from the shared ProcArray.
604 RemoveProcFromArray(int code, Datum arg)
606 Assert(MyProc != NULL);
607 ProcArrayRemove(MyProc, InvalidTransactionId);
611 * ProcKill() -- Destroy the per-proc data structure for
612 * this process. Release any of its held LW locks.
615 ProcKill(int code, Datum arg)
617 /* use volatile pointer to prevent code rearrangement */
618 volatile PROC_HDR *procglobal = ProcGlobal;
620 Assert(MyProc != NULL);
623 * Release any LW locks I am holding. There really shouldn't be any, but
624 * it's cheap to check again before we cut the knees off the LWLock
625 * facility by releasing our PGPROC ...
629 SpinLockAcquire(ProcStructLock);
631 /* Return PGPROC structure (and semaphore) to appropriate freelist */
632 if (IsAnyAutoVacuumProcess())
634 MyProc->links.next = (SHM_QUEUE *) procglobal->autovacFreeProcs;
635 procglobal->autovacFreeProcs = MyProc;
639 MyProc->links.next = (SHM_QUEUE *) procglobal->freeProcs;
640 procglobal->freeProcs = MyProc;
643 /* PGPROC struct isn't mine anymore */
646 /* Update shared estimate of spins_per_delay */
647 procglobal->spins_per_delay = update_spins_per_delay(procglobal->spins_per_delay);
649 SpinLockRelease(ProcStructLock);
652 * This process is no longer present in shared memory in any meaningful
653 * way, so tell the postmaster we've cleaned up acceptably well.
654 * (XXX autovac launcher should be included here someday)
656 if (IsUnderPostmaster && !IsAutoVacuumLauncherProcess())
657 MarkPostmasterChildInactive();
659 /* wake autovac launcher if needed -- see comments in FreeWorkerInfo */
660 if (AutovacuumLauncherPid != 0)
661 kill(AutovacuumLauncherPid, SIGUSR2);
665 * AuxiliaryProcKill() -- Cut-down version of ProcKill for auxiliary
666 * processes (bgwriter, etc). The PGPROC and sema are not released, only
667 * marked as not-in-use.
670 AuxiliaryProcKill(int code, Datum arg)
672 int proctype = DatumGetInt32(arg);
675 Assert(proctype >= 0 && proctype < NUM_AUXILIARY_PROCS);
677 auxproc = &AuxiliaryProcs[proctype];
679 Assert(MyProc == auxproc);
681 /* Release any LW locks I am holding (see notes above) */
684 SpinLockAcquire(ProcStructLock);
686 /* Mark auxiliary proc no longer in use */
689 /* PGPROC struct isn't mine anymore */
692 /* Update shared estimate of spins_per_delay */
693 ProcGlobal->spins_per_delay = update_spins_per_delay(ProcGlobal->spins_per_delay);
695 SpinLockRelease(ProcStructLock);
700 * ProcQueue package: routines for putting processes to sleep
705 * ProcQueueAlloc -- alloc/attach to a shared memory process queue
707 * Returns: a pointer to the queue or NULL
708 * Side Effects: Initializes the queue if we allocated one
712 ProcQueueAlloc(char *name)
715 PROC_QUEUE *queue = (PROC_QUEUE *)
716 ShmemInitStruct(name, sizeof(PROC_QUEUE), &found);
721 ProcQueueInit(queue);
727 * ProcQueueInit -- initialize a shared memory process queue
730 ProcQueueInit(PROC_QUEUE *queue)
732 SHMQueueInit(&(queue->links));
738 * ProcSleep -- put a process to sleep on the specified lock
740 * Caller must have set MyProc->heldLocks to reflect locks already held
741 * on the lockable object by this process (under all XIDs).
743 * The lock table's partition lock must be held at entry, and will be held
746 * Result: STATUS_OK if we acquired the lock, STATUS_ERROR if not (deadlock).
748 * ASSUME: that no one will fiddle with the queue until after
749 * we release the partition lock.
751 * NOTES: The process queue is now a priority queue for locking.
753 * P() on the semaphore should put us to sleep. The process
754 * semaphore is normally zero, so when we try to acquire it, we sleep.
757 ProcSleep(LOCALLOCK *locallock, LockMethod lockMethodTable)
759 LOCKMODE lockmode = locallock->tag.mode;
760 LOCK *lock = locallock->lock;
761 PROCLOCK *proclock = locallock->proclock;
762 uint32 hashcode = locallock->hashcode;
763 LWLockId partitionLock = LockHashPartitionLock(hashcode);
764 PROC_QUEUE *waitQueue = &(lock->waitProcs);
765 LOCKMASK myHeldLocks = MyProc->heldLocks;
766 bool early_deadlock = false;
767 bool allow_autovacuum_cancel = true;
773 * Determine where to add myself in the wait queue.
775 * Normally I should go at the end of the queue. However, if I already
776 * hold locks that conflict with the request of any previous waiter, put
777 * myself in the queue just in front of the first such waiter. This is not
778 * a necessary step, since deadlock detection would move me to before that
779 * waiter anyway; but it's relatively cheap to detect such a conflict
780 * immediately, and avoid delaying till deadlock timeout.
782 * Special case: if I find I should go in front of some waiter, check to
783 * see if I conflict with already-held locks or the requests before that
784 * waiter. If not, then just grant myself the requested lock immediately.
785 * This is the same as the test for immediate grant in LockAcquire, except
786 * we are only considering the part of the wait queue before my insertion
789 if (myHeldLocks != 0)
791 LOCKMASK aheadRequests = 0;
793 proc = (PGPROC *) waitQueue->links.next;
794 for (i = 0; i < waitQueue->size; i++)
796 /* Must he wait for me? */
797 if (lockMethodTable->conflictTab[proc->waitLockMode] & myHeldLocks)
799 /* Must I wait for him ? */
800 if (lockMethodTable->conflictTab[lockmode] & proc->heldLocks)
803 * Yes, so we have a deadlock. Easiest way to clean up
804 * correctly is to call RemoveFromWaitQueue(), but we
805 * can't do that until we are *on* the wait queue. So, set
806 * a flag to check below, and break out of loop. Also,
807 * record deadlock info for later message.
809 RememberSimpleDeadLock(MyProc, lockmode, lock, proc);
810 early_deadlock = true;
813 /* I must go before this waiter. Check special case. */
814 if ((lockMethodTable->conflictTab[lockmode] & aheadRequests) == 0 &&
815 LockCheckConflicts(lockMethodTable,
819 MyProc) == STATUS_OK)
821 /* Skip the wait and just grant myself the lock. */
822 GrantLock(lock, proclock, lockmode);
826 /* Break out of loop to put myself before him */
829 /* Nope, so advance to next waiter */
830 aheadRequests |= LOCKBIT_ON(proc->waitLockMode);
831 proc = (PGPROC *) proc->links.next;
835 * If we fall out of loop normally, proc points to waitQueue head, so
836 * we will insert at tail of queue as desired.
841 /* I hold no locks, so I can't push in front of anyone. */
842 proc = (PGPROC *) &(waitQueue->links);
846 * Insert self into queue, ahead of the given proc (or at tail of queue).
848 SHMQueueInsertBefore(&(proc->links), &(MyProc->links));
851 lock->waitMask |= LOCKBIT_ON(lockmode);
853 /* Set up wait information in PGPROC object, too */
854 MyProc->waitLock = lock;
855 MyProc->waitProcLock = proclock;
856 MyProc->waitLockMode = lockmode;
858 MyProc->waitStatus = STATUS_WAITING;
861 * If we detected deadlock, give up without waiting. This must agree with
862 * CheckDeadLock's recovery code, except that we shouldn't release the
863 * semaphore since we haven't tried to lock it yet.
867 RemoveFromWaitQueue(MyProc, hashcode);
871 /* mark that we are waiting for a lock */
872 lockAwaited = locallock;
875 * Release the lock table's partition lock.
877 * NOTE: this may also cause us to exit critical-section state, possibly
878 * allowing a cancel/die interrupt to be accepted. This is OK because we
879 * have recorded the fact that we are waiting for a lock, and so
880 * LockWaitCancel will clean up if cancel/die happens.
882 LWLockRelease(partitionLock);
884 /* Reset deadlock_state before enabling the signal handler */
885 deadlock_state = DS_NOT_YET_CHECKED;
888 * Set timer so we can wake up after awhile and check for a deadlock. If a
889 * deadlock is detected, the handler releases the process's semaphore and
890 * sets MyProc->waitStatus = STATUS_ERROR, allowing us to know that we
891 * must report failure rather than success.
893 * By delaying the check until we've waited for a bit, we can avoid
894 * running the rather expensive deadlock-check code in most cases.
896 if (!enable_sig_alarm(DeadlockTimeout, false))
897 elog(FATAL, "could not set timer for process wakeup");
900 * If someone wakes us between LWLockRelease and PGSemaphoreLock,
901 * PGSemaphoreLock will not block. The wakeup is "saved" by the semaphore
902 * implementation. While this is normally good, there are cases where a
903 * saved wakeup might be leftover from a previous operation (for example,
904 * we aborted ProcWaitForSignal just before someone did ProcSendSignal).
905 * So, loop to wait again if the waitStatus shows we haven't been granted
906 * nor denied the lock yet.
908 * We pass interruptOK = true, which eliminates a window in which
909 * cancel/die interrupts would be held off undesirably. This is a promise
910 * that we don't mind losing control to a cancel/die interrupt here. We
911 * don't, because we have no shared-state-change work to do after being
912 * granted the lock (the grantor did it all). We do have to worry about
913 * updating the locallock table, but if we lose control to an error,
914 * LockWaitCancel will fix that up.
918 PGSemaphoreLock(&MyProc->sem, true);
921 * waitStatus could change from STATUS_WAITING to something else
922 * asynchronously. Read it just once per loop to prevent surprising
923 * behavior (such as missing log messages).
925 myWaitStatus = MyProc->waitStatus;
928 * If we are not deadlocked, but are waiting on an autovacuum-induced
929 * task, send a signal to interrupt it.
931 if (deadlock_state == DS_BLOCKED_BY_AUTOVACUUM && allow_autovacuum_cancel)
933 PGPROC *autovac = GetBlockingAutoVacuumPgproc();
935 LWLockAcquire(ProcArrayLock, LW_EXCLUSIVE);
938 * Only do it if the worker is not working to protect against Xid
941 if ((autovac != NULL) &&
942 (autovac->vacuumFlags & PROC_IS_AUTOVACUUM) &&
943 !(autovac->vacuumFlags & PROC_VACUUM_FOR_WRAPAROUND))
945 int pid = autovac->pid;
947 elog(DEBUG2, "sending cancel to blocking autovacuum pid = %d",
950 /* don't hold the lock across the kill() syscall */
951 LWLockRelease(ProcArrayLock);
953 /* send the autovacuum worker Back to Old Kent Road */
954 if (kill(pid, SIGINT) < 0)
956 /* Just a warning to allow multiple callers */
958 (errmsg("could not send signal to process %d: %m",
963 LWLockRelease(ProcArrayLock);
965 /* prevent signal from being resent more than once */
966 allow_autovacuum_cancel = false;
970 * If awoken after the deadlock check interrupt has run, and
971 * log_lock_waits is on, then report about the wait.
973 if (log_lock_waits && deadlock_state != DS_NOT_YET_CHECKED)
976 const char *modename;
981 initStringInfo(&buf);
982 DescribeLockTag(&buf, &locallock->tag.lock);
983 modename = GetLockmodeName(locallock->tag.lock.locktag_lockmethodid,
985 TimestampDifference(timeout_start_time, GetCurrentTimestamp(),
987 msecs = secs * 1000 + usecs / 1000;
988 usecs = usecs % 1000;
990 if (deadlock_state == DS_SOFT_DEADLOCK)
992 (errmsg("process %d avoided deadlock for %s on %s by rearranging queue order after %ld.%03d ms",
993 MyProcPid, modename, buf.data, msecs, usecs)));
994 else if (deadlock_state == DS_HARD_DEADLOCK)
997 * This message is a bit redundant with the error that will be
998 * reported subsequently, but in some cases the error report
999 * might not make it to the log (eg, if it's caught by an
1000 * exception handler), and we want to ensure all long-wait
1001 * events get logged.
1004 (errmsg("process %d detected deadlock while waiting for %s on %s after %ld.%03d ms",
1005 MyProcPid, modename, buf.data, msecs, usecs)));
1008 if (myWaitStatus == STATUS_WAITING)
1010 (errmsg("process %d still waiting for %s on %s after %ld.%03d ms",
1011 MyProcPid, modename, buf.data, msecs, usecs)));
1012 else if (myWaitStatus == STATUS_OK)
1014 (errmsg("process %d acquired %s on %s after %ld.%03d ms",
1015 MyProcPid, modename, buf.data, msecs, usecs)));
1018 Assert(myWaitStatus == STATUS_ERROR);
1021 * Currently, the deadlock checker always kicks its own
1022 * process, which means that we'll only see STATUS_ERROR when
1023 * deadlock_state == DS_HARD_DEADLOCK, and there's no need to
1024 * print redundant messages. But for completeness and
1025 * future-proofing, print a message if it looks like someone
1026 * else kicked us off the lock.
1028 if (deadlock_state != DS_HARD_DEADLOCK)
1030 (errmsg("process %d failed to acquire %s on %s after %ld.%03d ms",
1031 MyProcPid, modename, buf.data, msecs, usecs)));
1035 * At this point we might still need to wait for the lock. Reset
1036 * state so we don't print the above messages again.
1038 deadlock_state = DS_NO_DEADLOCK;
1042 } while (myWaitStatus == STATUS_WAITING);
1045 * Disable the timer, if it's still running
1047 if (!disable_sig_alarm(false))
1048 elog(FATAL, "could not disable timer for process wakeup");
1051 * Re-acquire the lock table's partition lock. We have to do this to hold
1052 * off cancel/die interrupts before we can mess with lockAwaited (else we
1053 * might have a missed or duplicated locallock update).
1055 LWLockAcquire(partitionLock, LW_EXCLUSIVE);
1058 * We no longer want LockWaitCancel to do anything.
1063 * If we got the lock, be sure to remember it in the locallock table.
1065 if (MyProc->waitStatus == STATUS_OK)
1069 * We don't have to do anything else, because the awaker did all the
1070 * necessary update of the lock table and MyProc.
1072 return MyProc->waitStatus;
1077 * ProcWakeup -- wake up a process by releasing its private semaphore.
1079 * Also remove the process from the wait queue and set its links invalid.
1080 * RETURN: the next process in the wait queue.
1082 * The appropriate lock partition lock must be held by caller.
1084 * XXX: presently, this code is only used for the "success" case, and only
1085 * works correctly for that case. To clean up in failure case, would need
1086 * to twiddle the lock's request counts too --- see RemoveFromWaitQueue.
1087 * Hence, in practice the waitStatus parameter must be STATUS_OK.
1090 ProcWakeup(PGPROC *proc, int waitStatus)
1094 /* Proc should be sleeping ... */
1095 if (proc->links.prev == NULL ||
1096 proc->links.next == NULL)
1098 Assert(proc->waitStatus == STATUS_WAITING);
1100 /* Save next process before we zap the list link */
1101 retProc = (PGPROC *) proc->links.next;
1103 /* Remove process from wait queue */
1104 SHMQueueDelete(&(proc->links));
1105 (proc->waitLock->waitProcs.size)--;
1107 /* Clean up process' state and pass it the ok/fail signal */
1108 proc->waitLock = NULL;
1109 proc->waitProcLock = NULL;
1110 proc->waitStatus = waitStatus;
1113 PGSemaphoreUnlock(&proc->sem);
1119 * ProcLockWakeup -- routine for waking up processes when a lock is
1120 * released (or a prior waiter is aborted). Scan all waiters
1121 * for lock, waken any that are no longer blocked.
1123 * The appropriate lock partition lock must be held by caller.
1126 ProcLockWakeup(LockMethod lockMethodTable, LOCK *lock)
1128 PROC_QUEUE *waitQueue = &(lock->waitProcs);
1129 int queue_size = waitQueue->size;
1131 LOCKMASK aheadRequests = 0;
1133 Assert(queue_size >= 0);
1135 if (queue_size == 0)
1138 proc = (PGPROC *) waitQueue->links.next;
1140 while (queue_size-- > 0)
1142 LOCKMODE lockmode = proc->waitLockMode;
1145 * Waken if (a) doesn't conflict with requests of earlier waiters, and
1146 * (b) doesn't conflict with already-held locks.
1148 if ((lockMethodTable->conflictTab[lockmode] & aheadRequests) == 0 &&
1149 LockCheckConflicts(lockMethodTable,
1156 GrantLock(lock, proc->waitProcLock, lockmode);
1157 proc = ProcWakeup(proc, STATUS_OK);
1160 * ProcWakeup removes proc from the lock's waiting process queue
1161 * and returns the next proc in chain; don't use proc's next-link,
1162 * because it's been cleared.
1168 * Cannot wake this guy. Remember his request for later checks.
1170 aheadRequests |= LOCKBIT_ON(lockmode);
1171 proc = (PGPROC *) proc->links.next;
1175 Assert(waitQueue->size >= 0);
1181 * We only get to this routine if we got SIGALRM after DeadlockTimeout
1182 * while waiting for a lock to be released by some other process. Look
1183 * to see if there's a deadlock; if not, just return and continue waiting.
1184 * (But signal ProcSleep to log a message, if log_lock_waits is true.)
1185 * If we have a real deadlock, remove ourselves from the lock's wait queue
1186 * and signal an error to ProcSleep.
1188 * NB: this is run inside a signal handler, so be very wary about what is done
1189 * here or in called routines.
1197 * Acquire exclusive lock on the entire shared lock data structures. Must
1198 * grab LWLocks in partition-number order to avoid LWLock deadlock.
1200 * Note that the deadlock check interrupt had better not be enabled
1201 * anywhere that this process itself holds lock partition locks, else this
1202 * will wait forever. Also note that LWLockAcquire creates a critical
1203 * section, so that this routine cannot be interrupted by cancel/die
1206 for (i = 0; i < NUM_LOCK_PARTITIONS; i++)
1207 LWLockAcquire(FirstLockMgrLock + i, LW_EXCLUSIVE);
1210 * Check to see if we've been awoken by anyone in the interim.
1212 * If we have, we can return and resume our transaction -- happy day.
1213 * Before we are awoken the process releasing the lock grants it to us so
1214 * we know that we don't have to wait anymore.
1216 * We check by looking to see if we've been unlinked from the wait queue.
1217 * This is quicker than checking our semaphore's state, since no kernel
1218 * call is needed, and it is safe because we hold the lock partition lock.
1220 if (MyProc->links.prev == NULL ||
1221 MyProc->links.next == NULL)
1225 if (Debug_deadlocks)
1229 /* Run the deadlock check, and set deadlock_state for use by ProcSleep */
1230 deadlock_state = DeadLockCheck(MyProc);
1232 if (deadlock_state == DS_HARD_DEADLOCK)
1235 * Oops. We have a deadlock.
1237 * Get this process out of wait state. (Note: we could do this more
1238 * efficiently by relying on lockAwaited, but use this coding to
1239 * preserve the flexibility to kill some other transaction than the
1240 * one detecting the deadlock.)
1242 * RemoveFromWaitQueue sets MyProc->waitStatus to STATUS_ERROR, so
1243 * ProcSleep will report an error after we return from the signal
1246 Assert(MyProc->waitLock != NULL);
1247 RemoveFromWaitQueue(MyProc, LockTagHashCode(&(MyProc->waitLock->tag)));
1250 * Unlock my semaphore so that the interrupted ProcSleep() call can
1253 PGSemaphoreUnlock(&MyProc->sem);
1256 * We're done here. Transaction abort caused by the error that
1257 * ProcSleep will raise will cause any other locks we hold to be
1258 * released, thus allowing other processes to wake up; we don't need
1259 * to do that here. NOTE: an exception is that releasing locks we
1260 * hold doesn't consider the possibility of waiters that were blocked
1261 * behind us on the lock we just failed to get, and might now be
1262 * wakable because we're not in front of them anymore. However,
1263 * RemoveFromWaitQueue took care of waking up any such processes.
1266 else if (log_lock_waits || deadlock_state == DS_BLOCKED_BY_AUTOVACUUM)
1269 * Unlock my semaphore so that the interrupted ProcSleep() call can
1270 * print the log message (we daren't do it here because we are inside
1271 * a signal handler). It will then sleep again until someone releases
1274 * If blocked by autovacuum, this wakeup will enable ProcSleep to send
1275 * the cancelling signal to the autovacuum worker.
1277 PGSemaphoreUnlock(&MyProc->sem);
1281 * And release locks. We do this in reverse order for two reasons: (1)
1282 * Anyone else who needs more than one of the locks will be trying to lock
1283 * them in increasing order; we don't want to release the other process
1284 * until it can get all the locks it needs. (2) This avoids O(N^2)
1285 * behavior inside LWLockRelease.
1288 for (i = NUM_LOCK_PARTITIONS; --i >= 0;)
1289 LWLockRelease(FirstLockMgrLock + i);
1294 * ProcWaitForSignal - wait for a signal from another backend.
1296 * This can share the semaphore normally used for waiting for locks,
1297 * since a backend could never be waiting for a lock and a signal at
1298 * the same time. As with locks, it's OK if the signal arrives just
1299 * before we actually reach the waiting state. Also as with locks,
1300 * it's necessary that the caller be robust against bogus wakeups:
1301 * always check that the desired state has occurred, and wait again
1302 * if not. This copes with possible "leftover" wakeups.
1305 ProcWaitForSignal(void)
1307 PGSemaphoreLock(&MyProc->sem, true);
1311 * ProcSendSignal - send a signal to a backend identified by PID
1314 ProcSendSignal(int pid)
1316 PGPROC *proc = NULL;
1318 if (RecoveryInProgress())
1320 /* use volatile pointer to prevent code rearrangement */
1321 volatile PROC_HDR *procglobal = ProcGlobal;
1323 SpinLockAcquire(ProcStructLock);
1326 * Check to see whether it is the Startup process we wish to signal.
1327 * This call is made by the buffer manager when it wishes to wake
1328 * up a process that has been waiting for a pin in so it can obtain a
1329 * cleanup lock using LockBufferForCleanup(). Startup is not a normal
1330 * backend, so BackendPidGetProc() will not return any pid at all.
1331 * So we remember the information for this special case.
1333 if (pid == procglobal->startupProcPid)
1334 proc = procglobal->startupProc;
1336 SpinLockRelease(ProcStructLock);
1340 proc = BackendPidGetProc(pid);
1343 PGSemaphoreUnlock(&proc->sem);
1347 /*****************************************************************************
1348 * SIGALRM interrupt support
1350 * Maybe these should be in pqsignal.c?
1351 *****************************************************************************/
1354 * Enable the SIGALRM interrupt to fire after the specified delay
1356 * Delay is given in milliseconds. Caller should be sure a SIGALRM
1357 * signal handler is installed before this is called.
1359 * This code properly handles nesting of deadlock timeout alarms within
1360 * statement timeout alarms.
1362 * Returns TRUE if okay, FALSE on failure.
1365 enable_sig_alarm(int delayms, bool is_statement_timeout)
1367 TimestampTz fin_time;
1368 struct itimerval timeval;
1370 if (is_statement_timeout)
1373 * Begin statement-level timeout
1375 * Note that we compute statement_fin_time with reference to the
1376 * statement_timestamp, but apply the specified delay without any
1377 * correction; that is, we ignore whatever time has elapsed since
1378 * statement_timestamp was set. In the normal case only a small
1379 * interval will have elapsed and so this doesn't matter, but there
1380 * are corner cases (involving multi-statement query strings with
1381 * embedded COMMIT or ROLLBACK) where we might re-initialize the
1382 * statement timeout long after initial receipt of the message. In
1383 * such cases the enforcement of the statement timeout will be a bit
1384 * inconsistent. This annoyance is judged not worth the cost of
1385 * performing an additional gettimeofday() here.
1387 Assert(!deadlock_timeout_active);
1388 fin_time = GetCurrentStatementStartTimestamp();
1389 fin_time = TimestampTzPlusMilliseconds(fin_time, delayms);
1390 statement_fin_time = fin_time;
1391 cancel_from_timeout = false;
1392 statement_timeout_active = true;
1394 else if (statement_timeout_active)
1397 * Begin deadlock timeout with statement-level timeout active
1399 * Here, we want to interrupt at the closer of the two timeout times.
1400 * If fin_time >= statement_fin_time then we need not touch the
1401 * existing timer setting; else set up to interrupt at the deadlock
1404 * NOTE: in this case it is possible that this routine will be
1405 * interrupted by the previously-set timer alarm. This is okay
1406 * because the signal handler will do only what it should do according
1407 * to the state variables. The deadlock checker may get run earlier
1408 * than normal, but that does no harm.
1410 timeout_start_time = GetCurrentTimestamp();
1411 fin_time = TimestampTzPlusMilliseconds(timeout_start_time, delayms);
1412 deadlock_timeout_active = true;
1413 if (fin_time >= statement_fin_time)
1418 /* Begin deadlock timeout with no statement-level timeout */
1419 deadlock_timeout_active = true;
1420 /* GetCurrentTimestamp can be expensive, so only do it if we must */
1422 timeout_start_time = GetCurrentTimestamp();
1425 /* If we reach here, okay to set the timer interrupt */
1426 MemSet(&timeval, 0, sizeof(struct itimerval));
1427 timeval.it_value.tv_sec = delayms / 1000;
1428 timeval.it_value.tv_usec = (delayms % 1000) * 1000;
1429 if (setitimer(ITIMER_REAL, &timeval, NULL))
1435 * Cancel the SIGALRM timer, either for a deadlock timeout or a statement
1436 * timeout. If a deadlock timeout is canceled, any active statement timeout
1439 * Returns TRUE if okay, FALSE on failure.
1442 disable_sig_alarm(bool is_statement_timeout)
1445 * Always disable the interrupt if it is active; this avoids being
1446 * interrupted by the signal handler and thereby possibly getting
1449 * We will re-enable the interrupt if necessary in CheckStatementTimeout.
1451 if (statement_timeout_active || deadlock_timeout_active)
1453 struct itimerval timeval;
1455 MemSet(&timeval, 0, sizeof(struct itimerval));
1456 if (setitimer(ITIMER_REAL, &timeval, NULL))
1458 statement_timeout_active = false;
1459 cancel_from_timeout = false;
1460 deadlock_timeout_active = false;
1465 /* Always cancel deadlock timeout, in case this is error cleanup */
1466 deadlock_timeout_active = false;
1468 /* Cancel or reschedule statement timeout */
1469 if (is_statement_timeout)
1471 statement_timeout_active = false;
1472 cancel_from_timeout = false;
1474 else if (statement_timeout_active)
1476 if (!CheckStatementTimeout())
1484 * Check for statement timeout. If the timeout time has come,
1485 * trigger a query-cancel interrupt; if not, reschedule the SIGALRM
1486 * interrupt to occur at the right time.
1488 * Returns true if okay, false if failed to set the interrupt.
1491 CheckStatementTimeout(void)
1495 if (!statement_timeout_active)
1496 return true; /* do nothing if not active */
1498 now = GetCurrentTimestamp();
1500 if (now >= statement_fin_time)
1503 statement_timeout_active = false;
1504 cancel_from_timeout = true;
1506 /* try to signal whole process group */
1507 kill(-MyProcPid, SIGINT);
1509 kill(MyProcPid, SIGINT);
1513 /* Not time yet, so (re)schedule the interrupt */
1516 struct itimerval timeval;
1518 TimestampDifference(now, statement_fin_time,
1522 * It's possible that the difference is less than a microsecond;
1523 * ensure we don't cancel, rather than set, the interrupt.
1525 if (secs == 0 && usecs == 0)
1527 MemSet(&timeval, 0, sizeof(struct itimerval));
1528 timeval.it_value.tv_sec = secs;
1529 timeval.it_value.tv_usec = usecs;
1530 if (setitimer(ITIMER_REAL, &timeval, NULL))
1539 * Signal handler for SIGALRM
1541 * Process deadlock check and/or statement timeout check, as needed.
1542 * To avoid various edge cases, we must be careful to do nothing
1543 * when there is nothing to be done. We also need to be able to
1544 * reschedule the timer interrupt if called before end of statement.
1547 handle_sig_alarm(SIGNAL_ARGS)
1549 int save_errno = errno;
1551 if (deadlock_timeout_active)
1553 deadlock_timeout_active = false;
1557 if (statement_timeout_active)
1558 (void) CheckStatementTimeout();