Using WaitEventSet in the postmaster - Mailing list pgsql-hackers
| From | Thomas Munro |
|---|---|
| Subject | Using WaitEventSet in the postmaster |
| Date | |
| Msg-id | CA+hUKG+Z-HpOj1JsO9eWUP+ar7npSVinsC_npxSy+jdOMsx=Gg@mail.gmail.com Whole thread Raw |
| Responses |
Re: Using WaitEventSet in the postmaster
|
| List | pgsql-hackers |
Hi, Here's a work-in-progress patch that uses WaitEventSet for the main event loop in the postmaster, with a latch as the wakeup mechanism for "PM signals" (requests from backends to do things like start a background worker, etc). There are still raw signals that are part of the external interface (SIGHUP etc), but those handlers just set a flag and set the latch, instead of doing the state machine work. Some advantages I can think of: 1. Inherits various slightly more efficient modern kernel APIs for multiplexing. 2. Will automatically benefit from later improvements to WaitEventSet. 3. Looks much more like the rest of our code. 4. Requires no obscure signal programming knowledge to understand. 5. Removes the strange call stacks we have, where most of postgres is forked from inside a signal handler. 6. Might help with weirdness and bugs in some signal implementations (Cygwin, NetBSD?). 7. Removes the need to stat() PROMOTE_SIGNAL_FILE and LOGROTATE_SIGNAL_FILE whenever PM signals are sent, now that SIGUSR1 is less overloaded. 8. It's a small step towards removing the need to emulate signals on Windows. In order to avoid adding a new dependency on the contents of shared memory, I introduced SetLatchRobustly() that will always use the slow path kernel wakeup primitive, even in cases where SetLatch() would not. The idea here is that if one backend trashes shared memory, others backends can still wake the postmaster even though it may appear that the postmaster isn't waiting or the latch is already set. It would be possible to go further and have a robust wait mode that doesn't read is_set too. It was indecision here that stopped me proposing this sooner... One thing that might need more work is cleanup of the PM's WES in child processes. Also I noticed in passing that the Windows kernel event handles for latches are probably leaked on crash-reinit, but that was already true, this just adds one more. Also the way I re-add the latch every time through the event loop in case there was a crash-reinit is stupid, I'll tidy that up. This is something I extracted and rejuvenated from a larger set of patches I was hacking on a year or two ago to try to get rid of lots of users of raw signals. The recent thread about mamba's struggles and the possibility that latches might help reminded me to dust this part off, and potentially avoid some duplicated effort. I'm not saying this is free of bugs, but it's passing on CI and seems like enough to share and see what people think. (Some other ideas I thought about back then: we could invent WL_SIGNAL, and not need all those global flag variables or the handlers that set the latch. For eg kqueue it's trivial, and for ancient Unixes you could do a sort of home-made signalfd with a single generic signal handler that just does write(self_pipe, &siginfo, sizeof(siginfo)). But that starts to seems like refactoring for refactoring's sake; that's probably how I'd write a native kqueue program, but it's not even that obvious to me that we really should be pretending that Windows has signals, which put me off that idea. Perhaps in a post-fake-signals world we just have the postmaster's event loop directly consume commands from pg_ctl from a control pipe? Too many decisions at once, I gave that line of thinking up for now.)
Attachment
pgsql-hackers by date: