• Tom Lane's avatar
    Restructure the shutdown procedure for the archiver process to allow it to · e6a442c7
    Tom Lane authored
    finish archiving everything (when there's no error), and to eliminate various
    hazards as best we can.  This fixes a previous 8.3 patch that caused the
    postmaster to kill and then restart the archiver during shutdown (!?).
    
    The new behavior is that the archiver is allowed to run unmolested until
    the bgwriter has exited; then it is sent SIGUSR2 to tell it to do a final
    archiving cycle and quit.  We only SIGQUIT the archiver if we want a panic
    stop; this is important since SIGQUIT will also be sent to any active
    archive_command.  The postmaster also now doesn't SIGQUIT the stats collector
    until the bgwriter is done, since the bgwriter can send stats messages in 8.3.
    The postmaster will not exit until both the archiver and stats collector are
    gone; this provides some defense (not too bulletproof) against conflicting
    archiver or stats collector processes being started by a new postmaster
    instance.  We continue the prior practice that the archiver will check
    for postmaster death immediately before issuing any archive_command; that
    gives some additional protection against conflicting archivers.
    
    Also, modify the archiver process to notice SIGTERM and refuse to issue any
    more archive commands if it gets it.  The postmaster doesn't ever send it
    SIGTERM; we assume that any such signal came from init and is a notice of
    impending whole-system shutdown.  In this situation it seems imprudent to try
    to start new archive commands --- if they aren't extremely quick they're
    likely to get SIGKILL'd by init.
    
    All per discussion.
    e6a442c7
pgarch.c 17.8 KB