LCOV - code coverage report
Current view: top level - src/backend/postmaster - syslogger.c (source / functions) Hit Total Coverage
Test: PostgreSQL 15devel Lines: 214 352 60.8 %
Date: 2021-12-09 03:08:47 Functions: 14 14 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*-------------------------------------------------------------------------
       2             :  *
       3             :  * syslogger.c
       4             :  *
       5             :  * The system logger (syslogger) appeared in Postgres 8.0. It catches all
       6             :  * stderr output from the postmaster, backends, and other subprocesses
       7             :  * by redirecting to a pipe, and writes it to a set of logfiles.
       8             :  * It's possible to have size and age limits for the logfile configured
       9             :  * in postgresql.conf. If these limits are reached or passed, the
      10             :  * current logfile is closed and a new one is created (rotated).
      11             :  * The logfiles are stored in a subdirectory (configurable in
      12             :  * postgresql.conf), using a user-selectable naming scheme.
      13             :  *
      14             :  * Author: Andreas Pflug <pgadmin@pse-consulting.de>
      15             :  *
      16             :  * Copyright (c) 2004-2021, PostgreSQL Global Development Group
      17             :  *
      18             :  *
      19             :  * IDENTIFICATION
      20             :  *    src/backend/postmaster/syslogger.c
      21             :  *
      22             :  *-------------------------------------------------------------------------
      23             :  */
      24             : #include "postgres.h"
      25             : 
      26             : #include <fcntl.h>
      27             : #include <limits.h>
      28             : #include <signal.h>
      29             : #include <time.h>
      30             : #include <unistd.h>
      31             : #include <sys/stat.h>
      32             : #include <sys/time.h>
      33             : 
      34             : #include "common/file_perm.h"
      35             : #include "lib/stringinfo.h"
      36             : #include "libpq/pqsignal.h"
      37             : #include "miscadmin.h"
      38             : #include "nodes/pg_list.h"
      39             : #include "pgstat.h"
      40             : #include "pgtime.h"
      41             : #include "port/pg_bitutils.h"
      42             : #include "postmaster/fork_process.h"
      43             : #include "postmaster/interrupt.h"
      44             : #include "postmaster/postmaster.h"
      45             : #include "postmaster/syslogger.h"
      46             : #include "storage/dsm.h"
      47             : #include "storage/fd.h"
      48             : #include "storage/ipc.h"
      49             : #include "storage/latch.h"
      50             : #include "storage/pg_shmem.h"
      51             : #include "tcop/tcopprot.h"
      52             : #include "utils/guc.h"
      53             : #include "utils/ps_status.h"
      54             : #include "utils/timestamp.h"
      55             : 
      56             : /*
      57             :  * We read() into a temp buffer twice as big as a chunk, so that any fragment
      58             :  * left after processing can be moved down to the front and we'll still have
      59             :  * room to read a full chunk.
      60             :  */
      61             : #define READ_BUF_SIZE (2 * PIPE_CHUNK_SIZE)
      62             : 
      63             : /* Log rotation signal file path, relative to $PGDATA */
      64             : #define LOGROTATE_SIGNAL_FILE   "logrotate"
      65             : 
      66             : 
      67             : /*
      68             :  * GUC parameters.  Logging_collector cannot be changed after postmaster
      69             :  * start, but the rest can change at SIGHUP.
      70             :  */
      71             : bool        Logging_collector = false;
      72             : int         Log_RotationAge = HOURS_PER_DAY * MINS_PER_HOUR;
      73             : int         Log_RotationSize = 10 * 1024;
      74             : char       *Log_directory = NULL;
      75             : char       *Log_filename = NULL;
      76             : bool        Log_truncate_on_rotation = false;
      77             : int         Log_file_mode = S_IRUSR | S_IWUSR;
      78             : 
      79             : extern bool redirection_done;
      80             : 
      81             : /*
      82             :  * Private state
      83             :  */
      84             : static pg_time_t next_rotation_time;
      85             : static bool pipe_eof_seen = false;
      86             : static bool rotation_disabled = false;
      87             : static FILE *syslogFile = NULL;
      88             : static FILE *csvlogFile = NULL;
      89             : NON_EXEC_STATIC pg_time_t first_syslogger_file_time = 0;
      90             : static char *last_sys_file_name = NULL;
      91             : static char *last_csv_file_name = NULL;
      92             : 
      93             : /*
      94             :  * Buffers for saving partial messages from different backends.
      95             :  *
      96             :  * Keep NBUFFER_LISTS lists of these, with the entry for a given source pid
      97             :  * being in the list numbered (pid % NBUFFER_LISTS), so as to cut down on
      98             :  * the number of entries we have to examine for any one incoming message.
      99             :  * There must never be more than one entry for the same source pid.
     100             :  *
     101             :  * An inactive buffer is not removed from its list, just held for re-use.
     102             :  * An inactive buffer has pid == 0 and undefined contents of data.
     103             :  */
     104             : typedef struct
     105             : {
     106             :     int32       pid;            /* PID of source process */
     107             :     StringInfoData data;        /* accumulated data, as a StringInfo */
     108             : } save_buffer;
     109             : 
     110             : #define NBUFFER_LISTS 256
     111             : static List *buffer_lists[NBUFFER_LISTS];
     112             : 
     113             : /* These must be exported for EXEC_BACKEND case ... annoying */
     114             : #ifndef WIN32
     115             : int         syslogPipe[2] = {-1, -1};
     116             : #else
     117             : HANDLE      syslogPipe[2] = {0, 0};
     118             : #endif
     119             : 
     120             : #ifdef WIN32
     121             : static HANDLE threadHandle = 0;
     122             : static CRITICAL_SECTION sysloggerSection;
     123             : #endif
     124             : 
     125             : /*
     126             :  * Flags set by interrupt handlers for later service in the main loop.
     127             :  */
     128             : static volatile sig_atomic_t rotation_requested = false;
     129             : 
     130             : 
     131             : /* Local subroutines */
     132             : #ifdef EXEC_BACKEND
     133             : static int  syslogger_fdget(FILE *file);
     134             : static FILE *syslogger_fdopen(int fd);
     135             : static pid_t syslogger_forkexec(void);
     136             : static void syslogger_parseArgs(int argc, char *argv[]);
     137             : #endif
     138             : NON_EXEC_STATIC void SysLoggerMain(int argc, char *argv[]) pg_attribute_noreturn();
     139             : static void process_pipe_input(char *logbuffer, int *bytes_in_logbuffer);
     140             : static void flush_pipe_input(char *logbuffer, int *bytes_in_logbuffer);
     141             : static FILE *logfile_open(const char *filename, const char *mode,
     142             :                           bool allow_errors);
     143             : 
     144             : #ifdef WIN32
     145             : static unsigned int __stdcall pipeThread(void *arg);
     146             : #endif
     147             : static void logfile_rotate(bool time_based_rotation, int size_rotation_for);
     148             : static bool logfile_rotate_dest(bool time_based_rotation,
     149             :                                 int size_rotation_for, pg_time_t fntime,
     150             :                                 int target_dest, char **last_file_name,
     151             :                                 FILE **logFile);
     152             : static char *logfile_getname(pg_time_t timestamp, const char *suffix);
     153             : static void set_next_rotation_time(void);
     154             : static void sigUsr1Handler(SIGNAL_ARGS);
     155             : static void update_metainfo_datafile(void);
     156             : 
     157             : 
     158             : /*
     159             :  * Main entry point for syslogger process
     160             :  * argc/argv parameters are valid only in EXEC_BACKEND case.
     161             :  */
     162             : NON_EXEC_STATIC void
     163           2 : SysLoggerMain(int argc, char *argv[])
     164             : {
     165             : #ifndef WIN32
     166             :     char        logbuffer[READ_BUF_SIZE];
     167           2 :     int         bytes_in_logbuffer = 0;
     168             : #endif
     169             :     char       *currentLogDir;
     170             :     char       *currentLogFilename;
     171             :     int         currentLogRotationAge;
     172             :     pg_time_t   now;
     173             :     WaitEventSet *wes;
     174             : 
     175           2 :     now = MyStartTime;
     176             : 
     177             : #ifdef EXEC_BACKEND
     178             :     syslogger_parseArgs(argc, argv);
     179             : #endif                          /* EXEC_BACKEND */
     180             : 
     181           2 :     MyBackendType = B_LOGGER;
     182           2 :     init_ps_display(NULL);
     183             : 
     184             :     /*
     185             :      * If we restarted, our stderr is already redirected into our own input
     186             :      * pipe.  This is of course pretty useless, not to mention that it
     187             :      * interferes with detecting pipe EOF.  Point stderr to /dev/null. This
     188             :      * assumes that all interesting messages generated in the syslogger will
     189             :      * come through elog.c and will be sent to write_syslogger_file.
     190             :      */
     191           2 :     if (redirection_done)
     192             :     {
     193           0 :         int         fd = open(DEVNULL, O_WRONLY, 0);
     194             : 
     195             :         /*
     196             :          * The closes might look redundant, but they are not: we want to be
     197             :          * darn sure the pipe gets closed even if the open failed.  We can
     198             :          * survive running with stderr pointing nowhere, but we can't afford
     199             :          * to have extra pipe input descriptors hanging around.
     200             :          *
     201             :          * As we're just trying to reset these to go to DEVNULL, there's not
     202             :          * much point in checking for failure from the close/dup2 calls here,
     203             :          * if they fail then presumably the file descriptors are closed and
     204             :          * any writes will go into the bitbucket anyway.
     205             :          */
     206           0 :         close(fileno(stdout));
     207           0 :         close(fileno(stderr));
     208           0 :         if (fd != -1)
     209             :         {
     210           0 :             (void) dup2(fd, fileno(stdout));
     211           0 :             (void) dup2(fd, fileno(stderr));
     212           0 :             close(fd);
     213             :         }
     214             :     }
     215             : 
     216             :     /*
     217             :      * Syslogger's own stderr can't be the syslogPipe, so set it back to text
     218             :      * mode if we didn't just close it. (It was set to binary in
     219             :      * SubPostmasterMain).
     220             :      */
     221             : #ifdef WIN32
     222             :     else
     223             :         _setmode(_fileno(stderr), _O_TEXT);
     224             : #endif
     225             : 
     226             :     /*
     227             :      * Also close our copy of the write end of the pipe.  This is needed to
     228             :      * ensure we can detect pipe EOF correctly.  (But note that in the restart
     229             :      * case, the postmaster already did this.)
     230             :      */
     231             : #ifndef WIN32
     232           2 :     if (syslogPipe[1] >= 0)
     233           2 :         close(syslogPipe[1]);
     234           2 :     syslogPipe[1] = -1;
     235             : #else
     236             :     if (syslogPipe[1])
     237             :         CloseHandle(syslogPipe[1]);
     238             :     syslogPipe[1] = 0;
     239             : #endif
     240             : 
     241             :     /*
     242             :      * Properly accept or ignore signals the postmaster might send us
     243             :      *
     244             :      * Note: we ignore all termination signals, and instead exit only when all
     245             :      * upstream processes are gone, to ensure we don't miss any dying gasps of
     246             :      * broken backends...
     247             :      */
     248             : 
     249           2 :     pqsignal(SIGHUP, SignalHandlerForConfigReload); /* set flag to read config
     250             :                                                      * file */
     251           2 :     pqsignal(SIGINT, SIG_IGN);
     252           2 :     pqsignal(SIGTERM, SIG_IGN);
     253           2 :     pqsignal(SIGQUIT, SIG_IGN);
     254           2 :     pqsignal(SIGALRM, SIG_IGN);
     255           2 :     pqsignal(SIGPIPE, SIG_IGN);
     256           2 :     pqsignal(SIGUSR1, sigUsr1Handler);  /* request log rotation */
     257           2 :     pqsignal(SIGUSR2, SIG_IGN);
     258             : 
     259             :     /*
     260             :      * Reset some signals that are accepted by postmaster but not here
     261             :      */
     262           2 :     pqsignal(SIGCHLD, SIG_DFL);
     263             : 
     264           2 :     PG_SETMASK(&UnBlockSig);
     265             : 
     266             : #ifdef WIN32
     267             :     /* Fire up separate data transfer thread */
     268             :     InitializeCriticalSection(&sysloggerSection);
     269             :     EnterCriticalSection(&sysloggerSection);
     270             : 
     271             :     threadHandle = (HANDLE) _beginthreadex(NULL, 0, pipeThread, NULL, 0, NULL);
     272             :     if (threadHandle == 0)
     273             :         elog(FATAL, "could not create syslogger data transfer thread: %m");
     274             : #endif                          /* WIN32 */
     275             : 
     276             :     /*
     277             :      * Remember active logfiles' name(s).  We recompute 'em from the reference
     278             :      * time because passing down just the pg_time_t is a lot cheaper than
     279             :      * passing a whole file path in the EXEC_BACKEND case.
     280             :      */
     281           2 :     last_sys_file_name = logfile_getname(first_syslogger_file_time, NULL);
     282           2 :     if (csvlogFile != NULL)
     283           2 :         last_csv_file_name = logfile_getname(first_syslogger_file_time, ".csv");
     284             : 
     285             :     /* remember active logfile parameters */
     286           2 :     currentLogDir = pstrdup(Log_directory);
     287           2 :     currentLogFilename = pstrdup(Log_filename);
     288           2 :     currentLogRotationAge = Log_RotationAge;
     289             :     /* set next planned rotation time */
     290           2 :     set_next_rotation_time();
     291           2 :     update_metainfo_datafile();
     292             : 
     293             :     /*
     294             :      * Reset whereToSendOutput, as the postmaster will do (but hasn't yet, at
     295             :      * the point where we forked).  This prevents duplicate output of messages
     296             :      * from syslogger itself.
     297             :      */
     298           2 :     whereToSendOutput = DestNone;
     299             : 
     300             :     /*
     301             :      * Set up a reusable WaitEventSet object we'll use to wait for our latch,
     302             :      * and (except on Windows) our socket.
     303             :      *
     304             :      * Unlike all other postmaster child processes, we'll ignore postmaster
     305             :      * death because we want to collect final log output from all backends and
     306             :      * then exit last.  We'll do that by running until we see EOF on the
     307             :      * syslog pipe, which implies that all other backends have exited
     308             :      * (including the postmaster).
     309             :      */
     310           2 :     wes = CreateWaitEventSet(CurrentMemoryContext, 2);
     311           2 :     AddWaitEventToSet(wes, WL_LATCH_SET, PGINVALID_SOCKET, MyLatch, NULL);
     312             : #ifndef WIN32
     313           2 :     AddWaitEventToSet(wes, WL_SOCKET_READABLE, syslogPipe[0], NULL, NULL);
     314             : #endif
     315             : 
     316             :     /* main worker loop */
     317             :     for (;;)
     318          38 :     {
     319          40 :         bool        time_based_rotation = false;
     320          40 :         int         size_rotation_for = 0;
     321             :         long        cur_timeout;
     322             :         WaitEvent   event;
     323             : 
     324             : #ifndef WIN32
     325             :         int         rc;
     326             : #endif
     327             : 
     328             :         /* Clear any already-pending wakeups */
     329          40 :         ResetLatch(MyLatch);
     330             : 
     331             :         /*
     332             :          * Process any requests or signals received recently.
     333             :          */
     334          40 :         if (ConfigReloadPending)
     335             :         {
     336           0 :             ConfigReloadPending = false;
     337           0 :             ProcessConfigFile(PGC_SIGHUP);
     338             : 
     339             :             /*
     340             :              * Check if the log directory or filename pattern changed in
     341             :              * postgresql.conf. If so, force rotation to make sure we're
     342             :              * writing the logfiles in the right place.
     343             :              */
     344           0 :             if (strcmp(Log_directory, currentLogDir) != 0)
     345             :             {
     346           0 :                 pfree(currentLogDir);
     347           0 :                 currentLogDir = pstrdup(Log_directory);
     348           0 :                 rotation_requested = true;
     349             : 
     350             :                 /*
     351             :                  * Also, create new directory if not present; ignore errors
     352             :                  */
     353           0 :                 (void) MakePGDirectory(Log_directory);
     354             :             }
     355           0 :             if (strcmp(Log_filename, currentLogFilename) != 0)
     356             :             {
     357           0 :                 pfree(currentLogFilename);
     358           0 :                 currentLogFilename = pstrdup(Log_filename);
     359           0 :                 rotation_requested = true;
     360             :             }
     361             : 
     362             :             /*
     363             :              * Force a rotation if CSVLOG output was just turned on or off and
     364             :              * we need to open or close csvlogFile accordingly.
     365             :              */
     366           0 :             if (((Log_destination & LOG_DESTINATION_CSVLOG) != 0) !=
     367             :                 (csvlogFile != NULL))
     368           0 :                 rotation_requested = true;
     369             : 
     370             :             /*
     371             :              * If rotation time parameter changed, reset next rotation time,
     372             :              * but don't immediately force a rotation.
     373             :              */
     374           0 :             if (currentLogRotationAge != Log_RotationAge)
     375             :             {
     376           0 :                 currentLogRotationAge = Log_RotationAge;
     377           0 :                 set_next_rotation_time();
     378             :             }
     379             : 
     380             :             /*
     381             :              * If we had a rotation-disabling failure, re-enable rotation
     382             :              * attempts after SIGHUP, and force one immediately.
     383             :              */
     384           0 :             if (rotation_disabled)
     385             :             {
     386           0 :                 rotation_disabled = false;
     387           0 :                 rotation_requested = true;
     388             :             }
     389             : 
     390             :             /*
     391             :              * Force rewriting last log filename when reloading configuration.
     392             :              * Even if rotation_requested is false, log_destination may have
     393             :              * been changed and we don't want to wait the next file rotation.
     394             :              */
     395           0 :             update_metainfo_datafile();
     396             :         }
     397             : 
     398          40 :         if (Log_RotationAge > 0 && !rotation_disabled)
     399             :         {
     400             :             /* Do a logfile rotation if it's time */
     401           0 :             now = (pg_time_t) time(NULL);
     402           0 :             if (now >= next_rotation_time)
     403           0 :                 rotation_requested = time_based_rotation = true;
     404             :         }
     405             : 
     406          40 :         if (!rotation_requested && Log_RotationSize > 0 && !rotation_disabled)
     407             :         {
     408             :             /* Do a rotation if file is too big */
     409          38 :             if (ftell(syslogFile) >= Log_RotationSize * 1024L)
     410             :             {
     411           0 :                 rotation_requested = true;
     412           0 :                 size_rotation_for |= LOG_DESTINATION_STDERR;
     413             :             }
     414          38 :             if (csvlogFile != NULL &&
     415          38 :                 ftell(csvlogFile) >= Log_RotationSize * 1024L)
     416             :             {
     417           0 :                 rotation_requested = true;
     418           0 :                 size_rotation_for |= LOG_DESTINATION_CSVLOG;
     419             :             }
     420             :         }
     421             : 
     422          40 :         if (rotation_requested)
     423             :         {
     424             :             /*
     425             :              * Force rotation when both values are zero. It means the request
     426             :              * was sent by pg_rotate_logfile() or "pg_ctl logrotate".
     427             :              */
     428           2 :             if (!time_based_rotation && size_rotation_for == 0)
     429           2 :                 size_rotation_for = LOG_DESTINATION_STDERR | LOG_DESTINATION_CSVLOG;
     430           2 :             logfile_rotate(time_based_rotation, size_rotation_for);
     431             :         }
     432             : 
     433             :         /*
     434             :          * Calculate time till next time-based rotation, so that we don't
     435             :          * sleep longer than that.  We assume the value of "now" obtained
     436             :          * above is still close enough.  Note we can't make this calculation
     437             :          * until after calling logfile_rotate(), since it will advance
     438             :          * next_rotation_time.
     439             :          *
     440             :          * Also note that we need to beware of overflow in calculation of the
     441             :          * timeout: with large settings of Log_RotationAge, next_rotation_time
     442             :          * could be more than INT_MAX msec in the future.  In that case we'll
     443             :          * wait no more than INT_MAX msec, and try again.
     444             :          */
     445          40 :         if (Log_RotationAge > 0 && !rotation_disabled)
     446           0 :         {
     447             :             pg_time_t   delay;
     448             : 
     449           0 :             delay = next_rotation_time - now;
     450           0 :             if (delay > 0)
     451             :             {
     452           0 :                 if (delay > INT_MAX / 1000)
     453           0 :                     delay = INT_MAX / 1000;
     454           0 :                 cur_timeout = delay * 1000L;    /* msec */
     455             :             }
     456             :             else
     457           0 :                 cur_timeout = 0;
     458             :         }
     459             :         else
     460          40 :             cur_timeout = -1L;
     461             : 
     462             :         /*
     463             :          * Sleep until there's something to do
     464             :          */
     465             : #ifndef WIN32
     466          40 :         rc = WaitEventSetWait(wes, cur_timeout, &event, 1,
     467             :                               WAIT_EVENT_SYSLOGGER_MAIN);
     468             : 
     469          40 :         if (rc == 1 && event.events == WL_SOCKET_READABLE)
     470             :         {
     471             :             int         bytesRead;
     472             : 
     473          38 :             bytesRead = read(syslogPipe[0],
     474             :                              logbuffer + bytes_in_logbuffer,
     475             :                              sizeof(logbuffer) - bytes_in_logbuffer);
     476          38 :             if (bytesRead < 0)
     477             :             {
     478           0 :                 if (errno != EINTR)
     479           0 :                     ereport(LOG,
     480             :                             (errcode_for_socket_access(),
     481             :                              errmsg("could not read from logger pipe: %m")));
     482             :             }
     483          38 :             else if (bytesRead > 0)
     484             :             {
     485          36 :                 bytes_in_logbuffer += bytesRead;
     486          36 :                 process_pipe_input(logbuffer, &bytes_in_logbuffer);
     487          36 :                 continue;
     488             :             }
     489             :             else
     490             :             {
     491             :                 /*
     492             :                  * Zero bytes read when select() is saying read-ready means
     493             :                  * EOF on the pipe: that is, there are no longer any processes
     494             :                  * with the pipe write end open.  Therefore, the postmaster
     495             :                  * and all backends are shut down, and we are done.
     496             :                  */
     497           2 :                 pipe_eof_seen = true;
     498             : 
     499             :                 /* if there's any data left then force it out now */
     500           2 :                 flush_pipe_input(logbuffer, &bytes_in_logbuffer);
     501             :             }
     502             :         }
     503             : #else                           /* WIN32 */
     504             : 
     505             :         /*
     506             :          * On Windows we leave it to a separate thread to transfer data and
     507             :          * detect pipe EOF.  The main thread just wakes up to handle SIGHUP
     508             :          * and rotation conditions.
     509             :          *
     510             :          * Server code isn't generally thread-safe, so we ensure that only one
     511             :          * of the threads is active at a time by entering the critical section
     512             :          * whenever we're not sleeping.
     513             :          */
     514             :         LeaveCriticalSection(&sysloggerSection);
     515             : 
     516             :         (void) WaitEventSetWait(wes, cur_timeout, &event, 1,
     517             :                                 WAIT_EVENT_SYSLOGGER_MAIN);
     518             : 
     519             :         EnterCriticalSection(&sysloggerSection);
     520             : #endif                          /* WIN32 */
     521             : 
     522           4 :         if (pipe_eof_seen)
     523             :         {
     524             :             /*
     525             :              * seeing this message on the real stderr is annoying - so we make
     526             :              * it DEBUG1 to suppress in normal use.
     527             :              */
     528           2 :             ereport(DEBUG1,
     529             :                     (errmsg_internal("logger shutting down")));
     530             : 
     531             :             /*
     532             :              * Normal exit from the syslogger is here.  Note that we
     533             :              * deliberately do not close syslogFile before exiting; this is to
     534             :              * allow for the possibility of elog messages being generated
     535             :              * inside proc_exit.  Regular exit() will take care of flushing
     536             :              * and closing stdio channels.
     537             :              */
     538           2 :             proc_exit(0);
     539             :         }
     540             :     }
     541             : }
     542             : 
     543             : /*
     544             :  * Postmaster subroutine to start a syslogger subprocess.
     545             :  */
     546             : int
     547         940 : SysLogger_Start(void)
     548             : {
     549             :     pid_t       sysloggerPid;
     550             :     char       *filename;
     551             : 
     552         940 :     if (!Logging_collector)
     553         938 :         return 0;
     554             : 
     555             :     /*
     556             :      * If first time through, create the pipe which will receive stderr
     557             :      * output.
     558             :      *
     559             :      * If the syslogger crashes and needs to be restarted, we continue to use
     560             :      * the same pipe (indeed must do so, since extant backends will be writing
     561             :      * into that pipe).
     562             :      *
     563             :      * This means the postmaster must continue to hold the read end of the
     564             :      * pipe open, so we can pass it down to the reincarnated syslogger. This
     565             :      * is a bit klugy but we have little choice.
     566             :      *
     567             :      * Also note that we don't bother counting the pipe FDs by calling
     568             :      * Reserve/ReleaseExternalFD.  There's no real need to account for them
     569             :      * accurately in the postmaster or syslogger process, and both ends of the
     570             :      * pipe will wind up closed in all other postmaster children.
     571             :      */
     572             : #ifndef WIN32
     573           2 :     if (syslogPipe[0] < 0)
     574             :     {
     575           2 :         if (pipe(syslogPipe) < 0)
     576           0 :             ereport(FATAL,
     577             :                     (errcode_for_socket_access(),
     578             :                      errmsg("could not create pipe for syslog: %m")));
     579             :     }
     580             : #else
     581             :     if (!syslogPipe[0])
     582             :     {
     583             :         SECURITY_ATTRIBUTES sa;
     584             : 
     585             :         memset(&sa, 0, sizeof(SECURITY_ATTRIBUTES));
     586             :         sa.nLength = sizeof(SECURITY_ATTRIBUTES);
     587             :         sa.bInheritHandle = TRUE;
     588             : 
     589             :         if (!CreatePipe(&syslogPipe[0], &syslogPipe[1], &sa, 32768))
     590             :             ereport(FATAL,
     591             :                     (errcode_for_file_access(),
     592             :                      errmsg("could not create pipe for syslog: %m")));
     593             :     }
     594             : #endif
     595             : 
     596             :     /*
     597             :      * Create log directory if not present; ignore errors
     598             :      */
     599           2 :     (void) MakePGDirectory(Log_directory);
     600             : 
     601             :     /*
     602             :      * The initial logfile is created right in the postmaster, to verify that
     603             :      * the Log_directory is writable.  We save the reference time so that the
     604             :      * syslogger child process can recompute this file name.
     605             :      *
     606             :      * It might look a bit strange to re-do this during a syslogger restart,
     607             :      * but we must do so since the postmaster closed syslogFile after the
     608             :      * previous fork (and remembering that old file wouldn't be right anyway).
     609             :      * Note we always append here, we won't overwrite any existing file.  This
     610             :      * is consistent with the normal rules, because by definition this is not
     611             :      * a time-based rotation.
     612             :      */
     613           2 :     first_syslogger_file_time = time(NULL);
     614             : 
     615           2 :     filename = logfile_getname(first_syslogger_file_time, NULL);
     616             : 
     617           2 :     syslogFile = logfile_open(filename, "a", false);
     618             : 
     619           2 :     pfree(filename);
     620             : 
     621             :     /*
     622             :      * Likewise for the initial CSV log file, if that's enabled.  (Note that
     623             :      * we open syslogFile even when only CSV output is nominally enabled,
     624             :      * since some code paths will write to syslogFile anyway.)
     625             :      */
     626           2 :     if (Log_destination & LOG_DESTINATION_CSVLOG)
     627             :     {
     628           2 :         filename = logfile_getname(first_syslogger_file_time, ".csv");
     629             : 
     630           2 :         csvlogFile = logfile_open(filename, "a", false);
     631             : 
     632           2 :         pfree(filename);
     633             :     }
     634             : 
     635             : #ifdef EXEC_BACKEND
     636             :     switch ((sysloggerPid = syslogger_forkexec()))
     637             : #else
     638           2 :     switch ((sysloggerPid = fork_process()))
     639             : #endif
     640             :     {
     641           0 :         case -1:
     642           0 :             ereport(LOG,
     643             :                     (errmsg("could not fork system logger: %m")));
     644           0 :             return 0;
     645             : 
     646             : #ifndef EXEC_BACKEND
     647           2 :         case 0:
     648             :             /* in postmaster child ... */
     649           2 :             InitPostmasterChild();
     650             : 
     651             :             /* Close the postmaster's sockets */
     652           2 :             ClosePostmasterPorts(true);
     653             : 
     654             :             /* Drop our connection to postmaster's shared memory, as well */
     655           2 :             dsm_detach_all();
     656           2 :             PGSharedMemoryDetach();
     657             : 
     658             :             /* do the work */
     659           2 :             SysLoggerMain(0, NULL);
     660             :             break;
     661             : #endif
     662             : 
     663           2 :         default:
     664             :             /* success, in postmaster */
     665             : 
     666             :             /* now we redirect stderr, if not done already */
     667           2 :             if (!redirection_done)
     668             :             {
     669             : #ifdef WIN32
     670             :                 int         fd;
     671             : #endif
     672             : 
     673             :                 /*
     674             :                  * Leave a breadcrumb trail when redirecting, in case the user
     675             :                  * forgets that redirection is active and looks only at the
     676             :                  * original stderr target file.
     677             :                  */
     678           2 :                 ereport(LOG,
     679             :                         (errmsg("redirecting log output to logging collector process"),
     680             :                          errhint("Future log output will appear in directory \"%s\".",
     681             :                                  Log_directory)));
     682             : 
     683             : #ifndef WIN32
     684           2 :                 fflush(stdout);
     685           2 :                 if (dup2(syslogPipe[1], fileno(stdout)) < 0)
     686           0 :                     ereport(FATAL,
     687             :                             (errcode_for_file_access(),
     688             :                              errmsg("could not redirect stdout: %m")));
     689           2 :                 fflush(stderr);
     690           2 :                 if (dup2(syslogPipe[1], fileno(stderr)) < 0)
     691           0 :                     ereport(FATAL,
     692             :                             (errcode_for_file_access(),
     693             :                              errmsg("could not redirect stderr: %m")));
     694             :                 /* Now we are done with the write end of the pipe. */
     695           2 :                 close(syslogPipe[1]);
     696           2 :                 syslogPipe[1] = -1;
     697             : #else
     698             : 
     699             :                 /*
     700             :                  * open the pipe in binary mode and make sure stderr is binary
     701             :                  * after it's been dup'ed into, to avoid disturbing the pipe
     702             :                  * chunking protocol.
     703             :                  */
     704             :                 fflush(stderr);
     705             :                 fd = _open_osfhandle((intptr_t) syslogPipe[1],
     706             :                                      _O_APPEND | _O_BINARY);
     707             :                 if (dup2(fd, _fileno(stderr)) < 0)
     708             :                     ereport(FATAL,
     709             :                             (errcode_for_file_access(),
     710             :                              errmsg("could not redirect stderr: %m")));
     711             :                 close(fd);
     712             :                 _setmode(_fileno(stderr), _O_BINARY);
     713             : 
     714             :                 /*
     715             :                  * Now we are done with the write end of the pipe.
     716             :                  * CloseHandle() must not be called because the preceding
     717             :                  * close() closes the underlying handle.
     718             :                  */
     719             :                 syslogPipe[1] = 0;
     720             : #endif
     721           2 :                 redirection_done = true;
     722             :             }
     723             : 
     724             :             /* postmaster will never write the file(s); close 'em */
     725           2 :             fclose(syslogFile);
     726           2 :             syslogFile = NULL;
     727           2 :             if (csvlogFile != NULL)
     728             :             {
     729           2 :                 fclose(csvlogFile);
     730           2 :                 csvlogFile = NULL;
     731             :             }
     732           2 :             return (int) sysloggerPid;
     733             :     }
     734             : 
     735             :     /* we should never reach here */
     736             :     return 0;
     737             : }
     738             : 
     739             : 
     740             : #ifdef EXEC_BACKEND
     741             : 
     742             : /*
     743             :  * syslogger_fdget() -
     744             :  *
     745             :  * Utility wrapper to grab the file descriptor of an opened error output
     746             :  * file.  Used when building the command to fork the logging collector.
     747             :  */
     748             : static int
     749             : syslogger_fdget(FILE *file)
     750             : {
     751             : #ifndef WIN32
     752             :     if (file != NULL)
     753             :         return fileno(file);
     754             :     else
     755             :         return -1;
     756             : #else
     757             :     if (file != NULL)
     758             :         return (int) _get_osfhandle(_fileno(file));
     759             :     else
     760             :         return 0;
     761             : #endif                          /* WIN32 */
     762             : }
     763             : 
     764             : /*
     765             :  * syslogger_fdopen() -
     766             :  *
     767             :  * Utility wrapper to re-open an error output file, using the given file
     768             :  * descriptor.  Used when parsing arguments in a forked logging collector.
     769             :  */
     770             : static FILE *
     771             : syslogger_fdopen(int fd)
     772             : {
     773             :     FILE       *file = NULL;
     774             : 
     775             : #ifndef WIN32
     776             :     if (fd != -1)
     777             :     {
     778             :         file = fdopen(fd, "a");
     779             :         setvbuf(file, NULL, PG_IOLBF, 0);
     780             :     }
     781             : #else                           /* WIN32 */
     782             :     if (fd != 0)
     783             :     {
     784             :         fd = _open_osfhandle(fd, _O_APPEND | _O_TEXT);
     785             :         if (fd > 0)
     786             :         {
     787             :             file = fdopen(fd, "a");
     788             :             setvbuf(file, NULL, PG_IOLBF, 0);
     789             :         }
     790             :     }
     791             : #endif                          /* WIN32 */
     792             : 
     793             :     return file;
     794             : }
     795             : 
     796             : /*
     797             :  * syslogger_forkexec() -
     798             :  *
     799             :  * Format up the arglist for, then fork and exec, a syslogger process
     800             :  */
     801             : static pid_t
     802             : syslogger_forkexec(void)
     803             : {
     804             :     char       *av[10];
     805             :     int         ac = 0;
     806             :     char        filenobuf[32];
     807             :     char        csvfilenobuf[32];
     808             : 
     809             :     av[ac++] = "postgres";
     810             :     av[ac++] = "--forklog";
     811             :     av[ac++] = NULL;            /* filled in by postmaster_forkexec */
     812             : 
     813             :     /* static variables (those not passed by write_backend_variables) */
     814             :     snprintf(filenobuf, sizeof(filenobuf), "%d",
     815             :              syslogger_fdget(syslogFile));
     816             :     av[ac++] = filenobuf;
     817             :     snprintf(csvfilenobuf, sizeof(csvfilenobuf), "%d",
     818             :              syslogger_fdget(csvlogFile));
     819             :     av[ac++] = csvfilenobuf;
     820             : 
     821             :     av[ac] = NULL;
     822             :     Assert(ac < lengthof(av));
     823             : 
     824             :     return postmaster_forkexec(ac, av);
     825             : }
     826             : 
     827             : /*
     828             :  * syslogger_parseArgs() -
     829             :  *
     830             :  * Extract data from the arglist for exec'ed syslogger process
     831             :  */
     832             : static void
     833             : syslogger_parseArgs(int argc, char *argv[])
     834             : {
     835             :     int         fd;
     836             : 
     837             :     Assert(argc == 5);
     838             :     argv += 3;
     839             : 
     840             :     /*
     841             :      * Re-open the error output files that were opened by SysLogger_Start().
     842             :      *
     843             :      * We expect this will always succeed, which is too optimistic, but if it
     844             :      * fails there's not a lot we can do to report the problem anyway.  As
     845             :      * coded, we'll just crash on a null pointer dereference after failure...
     846             :      */
     847             :     fd = atoi(*argv++);
     848             :     syslogFile = syslogger_fdopen(fd);
     849             :     fd = atoi(*argv++);
     850             :     csvlogFile = syslogger_fdopen(fd);
     851             : }
     852             : #endif                          /* EXEC_BACKEND */
     853             : 
     854             : 
     855             : /* --------------------------------
     856             :  *      pipe protocol handling
     857             :  * --------------------------------
     858             :  */
     859             : 
     860             : /*
     861             :  * Process data received through the syslogger pipe.
     862             :  *
     863             :  * This routine interprets the log pipe protocol which sends log messages as
     864             :  * (hopefully atomic) chunks - such chunks are detected and reassembled here.
     865             :  *
     866             :  * The protocol has a header that starts with two nul bytes, then has a 16 bit
     867             :  * length, the pid of the sending process, and a flag to indicate if it is
     868             :  * the last chunk in a message. Incomplete chunks are saved until we read some
     869             :  * more, and non-final chunks are accumulated until we get the final chunk.
     870             :  *
     871             :  * All of this is to avoid 2 problems:
     872             :  * . partial messages being written to logfiles (messes rotation), and
     873             :  * . messages from different backends being interleaved (messages garbled).
     874             :  *
     875             :  * Any non-protocol messages are written out directly. These should only come
     876             :  * from non-PostgreSQL sources, however (e.g. third party libraries writing to
     877             :  * stderr).
     878             :  *
     879             :  * logbuffer is the data input buffer, and *bytes_in_logbuffer is the number
     880             :  * of bytes present.  On exit, any not-yet-eaten data is left-justified in
     881             :  * logbuffer, and *bytes_in_logbuffer is updated.
     882             :  */
     883             : static void
     884          36 : process_pipe_input(char *logbuffer, int *bytes_in_logbuffer)
     885             : {
     886          36 :     char       *cursor = logbuffer;
     887          36 :     int         count = *bytes_in_logbuffer;
     888          36 :     int         dest = LOG_DESTINATION_STDERR;
     889             : 
     890             :     /* While we have enough for a header, process data... */
     891         100 :     while (count >= (int) (offsetof(PipeProtoHeader, data) + 1))
     892             :     {
     893             :         PipeProtoHeader p;
     894             :         int         chunklen;
     895             :         bits8       dest_flags;
     896             : 
     897             :         /* Do we have a valid header? */
     898          64 :         memcpy(&p, cursor, offsetof(PipeProtoHeader, data));
     899          64 :         dest_flags = p.flags & (PIPE_PROTO_DEST_STDERR | PIPE_PROTO_DEST_CSVLOG);
     900          64 :         if (p.nuls[0] == '\0' && p.nuls[1] == '\0' &&
     901          64 :             p.len > 0 && p.len <= PIPE_MAX_PAYLOAD &&
     902         128 :             p.pid != 0 &&
     903          64 :             pg_popcount((char *) &dest_flags, 1) == 1)
     904          64 :         {
     905             :             List       *buffer_list;
     906             :             ListCell   *cell;
     907          64 :             save_buffer *existing_slot = NULL,
     908          64 :                        *free_slot = NULL;
     909             :             StringInfo  str;
     910             : 
     911          64 :             chunklen = PIPE_HEADER_SIZE + p.len;
     912             : 
     913             :             /* Fall out of loop if we don't have the whole chunk yet */
     914          64 :             if (count < chunklen)
     915           0 :                 break;
     916             : 
     917          64 :             if ((p.flags & PIPE_PROTO_DEST_STDERR) != 0)
     918          32 :                 dest = LOG_DESTINATION_STDERR;
     919          32 :             else if ((p.flags & PIPE_PROTO_DEST_CSVLOG) != 0)
     920          32 :                 dest = LOG_DESTINATION_CSVLOG;
     921             :             else
     922             :             {
     923             :                 /* this should never happen as of the header validation */
     924             :                 Assert(false);
     925             :             }
     926             : 
     927             :             /* Locate any existing buffer for this source pid */
     928          64 :             buffer_list = buffer_lists[p.pid % NBUFFER_LISTS];
     929          64 :             foreach(cell, buffer_list)
     930             :             {
     931           0 :                 save_buffer *buf = (save_buffer *) lfirst(cell);
     932             : 
     933           0 :                 if (buf->pid == p.pid)
     934             :                 {
     935           0 :                     existing_slot = buf;
     936           0 :                     break;
     937             :                 }
     938           0 :                 if (buf->pid == 0 && free_slot == NULL)
     939           0 :                     free_slot = buf;
     940             :             }
     941             : 
     942          64 :             if ((p.flags & PIPE_PROTO_IS_LAST) == 0)
     943             :             {
     944             :                 /*
     945             :                  * Save a complete non-final chunk in a per-pid buffer
     946             :                  */
     947           0 :                 if (existing_slot != NULL)
     948             :                 {
     949             :                     /* Add chunk to data from preceding chunks */
     950           0 :                     str = &(existing_slot->data);
     951           0 :                     appendBinaryStringInfo(str,
     952           0 :                                            cursor + PIPE_HEADER_SIZE,
     953           0 :                                            p.len);
     954             :                 }
     955             :                 else
     956             :                 {
     957             :                     /* First chunk of message, save in a new buffer */
     958           0 :                     if (free_slot == NULL)
     959             :                     {
     960             :                         /*
     961             :                          * Need a free slot, but there isn't one in the list,
     962             :                          * so create a new one and extend the list with it.
     963             :                          */
     964           0 :                         free_slot = palloc(sizeof(save_buffer));
     965           0 :                         buffer_list = lappend(buffer_list, free_slot);
     966           0 :                         buffer_lists[p.pid % NBUFFER_LISTS] = buffer_list;
     967             :                     }
     968           0 :                     free_slot->pid = p.pid;
     969           0 :                     str = &(free_slot->data);
     970           0 :                     initStringInfo(str);
     971           0 :                     appendBinaryStringInfo(str,
     972           0 :                                            cursor + PIPE_HEADER_SIZE,
     973           0 :                                            p.len);
     974             :                 }
     975             :             }
     976             :             else
     977             :             {
     978             :                 /*
     979             :                  * Final chunk --- add it to anything saved for that pid, and
     980             :                  * either way write the whole thing out.
     981             :                  */
     982          64 :                 if (existing_slot != NULL)
     983             :                 {
     984           0 :                     str = &(existing_slot->data);
     985           0 :                     appendBinaryStringInfo(str,
     986           0 :                                            cursor + PIPE_HEADER_SIZE,
     987           0 :                                            p.len);
     988           0 :                     write_syslogger_file(str->data, str->len, dest);
     989             :                     /* Mark the buffer unused, and reclaim string storage */
     990           0 :                     existing_slot->pid = 0;
     991           0 :                     pfree(str->data);
     992             :                 }
     993             :                 else
     994             :                 {
     995             :                     /* The whole message was one chunk, evidently. */
     996          64 :                     write_syslogger_file(cursor + PIPE_HEADER_SIZE, p.len,
     997             :                                          dest);
     998             :                 }
     999             :             }
    1000             : 
    1001             :             /* Finished processing this chunk */
    1002          64 :             cursor += chunklen;
    1003          64 :             count -= chunklen;
    1004             :         }
    1005             :         else
    1006             :         {
    1007             :             /* Process non-protocol data */
    1008             : 
    1009             :             /*
    1010             :              * Look for the start of a protocol header.  If found, dump data
    1011             :              * up to there and repeat the loop.  Otherwise, dump it all and
    1012             :              * fall out of the loop.  (Note: we want to dump it all if at all
    1013             :              * possible, so as to avoid dividing non-protocol messages across
    1014             :              * logfiles.  We expect that in many scenarios, a non-protocol
    1015             :              * message will arrive all in one read(), and we want to respect
    1016             :              * the read() boundary if possible.)
    1017             :              */
    1018           0 :             for (chunklen = 1; chunklen < count; chunklen++)
    1019             :             {
    1020           0 :                 if (cursor[chunklen] == '\0')
    1021           0 :                     break;
    1022             :             }
    1023             :             /* fall back on the stderr log as the destination */
    1024           0 :             write_syslogger_file(cursor, chunklen, LOG_DESTINATION_STDERR);
    1025           0 :             cursor += chunklen;
    1026           0 :             count -= chunklen;
    1027             :         }
    1028             :     }
    1029             : 
    1030             :     /* We don't have a full chunk, so left-align what remains in the buffer */
    1031          36 :     if (count > 0 && cursor != logbuffer)
    1032           0 :         memmove(logbuffer, cursor, count);
    1033          36 :     *bytes_in_logbuffer = count;
    1034          36 : }
    1035             : 
    1036             : /*
    1037             :  * Force out any buffered data
    1038             :  *
    1039             :  * This is currently used only at syslogger shutdown, but could perhaps be
    1040             :  * useful at other times, so it is careful to leave things in a clean state.
    1041             :  */
    1042             : static void
    1043           2 : flush_pipe_input(char *logbuffer, int *bytes_in_logbuffer)
    1044             : {
    1045             :     int         i;
    1046             : 
    1047             :     /* Dump any incomplete protocol messages */
    1048         514 :     for (i = 0; i < NBUFFER_LISTS; i++)
    1049             :     {
    1050         512 :         List       *list = buffer_lists[i];
    1051             :         ListCell   *cell;
    1052             : 
    1053         512 :         foreach(cell, list)
    1054             :         {
    1055           0 :             save_buffer *buf = (save_buffer *) lfirst(cell);
    1056             : 
    1057           0 :             if (buf->pid != 0)
    1058             :             {
    1059           0 :                 StringInfo  str = &(buf->data);
    1060             : 
    1061           0 :                 write_syslogger_file(str->data, str->len,
    1062             :                                      LOG_DESTINATION_STDERR);
    1063             :                 /* Mark the buffer unused, and reclaim string storage */
    1064           0 :                 buf->pid = 0;
    1065           0 :                 pfree(str->data);
    1066             :             }
    1067             :         }
    1068             :     }
    1069             : 
    1070             :     /*
    1071             :      * Force out any remaining pipe data as-is; we don't bother trying to
    1072             :      * remove any protocol headers that may exist in it.
    1073             :      */
    1074           2 :     if (*bytes_in_logbuffer > 0)
    1075           0 :         write_syslogger_file(logbuffer, *bytes_in_logbuffer,
    1076             :                              LOG_DESTINATION_STDERR);
    1077           2 :     *bytes_in_logbuffer = 0;
    1078           2 : }
    1079             : 
    1080             : 
    1081             : /* --------------------------------
    1082             :  *      logfile routines
    1083             :  * --------------------------------
    1084             :  */
    1085             : 
    1086             : /*
    1087             :  * Write text to the currently open logfile
    1088             :  *
    1089             :  * This is exported so that elog.c can call it when MyBackendType is B_LOGGER.
    1090             :  * This allows the syslogger process to record elog messages of its own,
    1091             :  * even though its stderr does not point at the syslog pipe.
    1092             :  */
    1093             : void
    1094          64 : write_syslogger_file(const char *buffer, int count, int destination)
    1095             : {
    1096             :     int         rc;
    1097             :     FILE       *logfile;
    1098             : 
    1099             :     /*
    1100             :      * If we're told to write to csvlogFile, but it's not open, dump the data
    1101             :      * to syslogFile (which is always open) instead.  This can happen if CSV
    1102             :      * output is enabled after postmaster start and we've been unable to open
    1103             :      * csvlogFile.  There are also race conditions during a parameter change
    1104             :      * whereby backends might send us CSV output before we open csvlogFile or
    1105             :      * after we close it.  Writing CSV-formatted output to the regular log
    1106             :      * file isn't great, but it beats dropping log output on the floor.
    1107             :      *
    1108             :      * Think not to improve this by trying to open csvlogFile on-the-fly.  Any
    1109             :      * failure in that would lead to recursion.
    1110             :      */
    1111          96 :     logfile = (destination == LOG_DESTINATION_CSVLOG &&
    1112          64 :                csvlogFile != NULL) ? csvlogFile : syslogFile;
    1113             : 
    1114          64 :     rc = fwrite(buffer, 1, count, logfile);
    1115             : 
    1116             :     /*
    1117             :      * Try to report any failure.  We mustn't use ereport because it would
    1118             :      * just recurse right back here, but write_stderr is OK: it will write
    1119             :      * either to the postmaster's original stderr, or to /dev/null, but never
    1120             :      * to our input pipe which would result in a different sort of looping.
    1121             :      */
    1122          64 :     if (rc != count)
    1123           0 :         write_stderr("could not write to log file: %s\n", strerror(errno));
    1124          64 : }
    1125             : 
    1126             : #ifdef WIN32
    1127             : 
    1128             : /*
    1129             :  * Worker thread to transfer data from the pipe to the current logfile.
    1130             :  *
    1131             :  * We need this because on Windows, WaitForMultipleObjects does not work on
    1132             :  * unnamed pipes: it always reports "signaled", so the blocking ReadFile won't
    1133             :  * allow for SIGHUP; and select is for sockets only.
    1134             :  */
    1135             : static unsigned int __stdcall
    1136             : pipeThread(void *arg)
    1137             : {
    1138             :     char        logbuffer[READ_BUF_SIZE];
    1139             :     int         bytes_in_logbuffer = 0;
    1140             : 
    1141             :     for (;;)
    1142             :     {
    1143             :         DWORD       bytesRead;
    1144             :         BOOL        result;
    1145             : 
    1146             :         result = ReadFile(syslogPipe[0],
    1147             :                           logbuffer + bytes_in_logbuffer,
    1148             :                           sizeof(logbuffer) - bytes_in_logbuffer,
    1149             :                           &bytesRead, 0);
    1150             : 
    1151             :         /*
    1152             :          * Enter critical section before doing anything that might touch
    1153             :          * global state shared by the main thread. Anything that uses
    1154             :          * palloc()/pfree() in particular are not safe outside the critical
    1155             :          * section.
    1156             :          */
    1157             :         EnterCriticalSection(&sysloggerSection);
    1158             :         if (!result)
    1159             :         {
    1160             :             DWORD       error = GetLastError();
    1161             : 
    1162             :             if (error == ERROR_HANDLE_EOF ||
    1163             :                 error == ERROR_BROKEN_PIPE)
    1164             :                 break;
    1165             :             _dosmaperr(error);
    1166             :             ereport(LOG,
    1167             :                     (errcode_for_file_access(),
    1168             :                      errmsg("could not read from logger pipe: %m")));
    1169             :         }
    1170             :         else if (bytesRead > 0)
    1171             :         {
    1172             :             bytes_in_logbuffer += bytesRead;
    1173             :             process_pipe_input(logbuffer, &bytes_in_logbuffer);
    1174             :         }
    1175             : 
    1176             :         /*
    1177             :          * If we've filled the current logfile, nudge the main thread to do a
    1178             :          * log rotation.
    1179             :          */
    1180             :         if (Log_RotationSize > 0)
    1181             :         {
    1182             :             if (ftell(syslogFile) >= Log_RotationSize * 1024L ||
    1183             :                 (csvlogFile != NULL && ftell(csvlogFile) >= Log_RotationSize * 1024L))
    1184             :                 SetLatch(MyLatch);
    1185             :         }
    1186             :         LeaveCriticalSection(&sysloggerSection);
    1187             :     }
    1188             : 
    1189             :     /* We exit the above loop only upon detecting pipe EOF */
    1190             :     pipe_eof_seen = true;
    1191             : 
    1192             :     /* if there's any data left then force it out now */
    1193             :     flush_pipe_input(logbuffer, &bytes_in_logbuffer);
    1194             : 
    1195             :     /* set the latch to waken the main thread, which will quit */
    1196             :     SetLatch(MyLatch);
    1197             : 
    1198             :     LeaveCriticalSection(&sysloggerSection);
    1199             :     _endthread();
    1200             :     return 0;
    1201             : }
    1202             : #endif                          /* WIN32 */
    1203             : 
    1204             : /*
    1205             :  * Open a new logfile with proper permissions and buffering options.
    1206             :  *
    1207             :  * If allow_errors is true, we just log any open failure and return NULL
    1208             :  * (with errno still correct for the fopen failure).
    1209             :  * Otherwise, errors are treated as fatal.
    1210             :  */
    1211             : static FILE *
    1212           8 : logfile_open(const char *filename, const char *mode, bool allow_errors)
    1213             : {
    1214             :     FILE       *fh;
    1215             :     mode_t      oumask;
    1216             : 
    1217             :     /*
    1218             :      * Note we do not let Log_file_mode disable IWUSR, since we certainly want
    1219             :      * to be able to write the files ourselves.
    1220             :      */
    1221           8 :     oumask = umask((mode_t) ((~(Log_file_mode | S_IWUSR)) & (S_IRWXU | S_IRWXG | S_IRWXO)));
    1222           8 :     fh = fopen(filename, mode);
    1223           8 :     umask(oumask);
    1224             : 
    1225           8 :     if (fh)
    1226             :     {
    1227           8 :         setvbuf(fh, NULL, PG_IOLBF, 0);
    1228             : 
    1229             : #ifdef WIN32
    1230             :         /* use CRLF line endings on Windows */
    1231             :         _setmode(_fileno(fh), _O_TEXT);
    1232             : #endif
    1233             :     }
    1234             :     else
    1235             :     {
    1236           0 :         int         save_errno = errno;
    1237             : 
    1238           0 :         ereport(allow_errors ? LOG : FATAL,
    1239             :                 (errcode_for_file_access(),
    1240             :                  errmsg("could not open log file \"%s\": %m",
    1241             :                         filename)));
    1242           0 :         errno = save_errno;
    1243             :     }
    1244             : 
    1245           8 :     return fh;
    1246             : }
    1247             : 
    1248             : /*
    1249             :  * Do logfile rotation for a single destination, as specified by target_dest.
    1250             :  * The information stored in *last_file_name and *logFile is updated on a
    1251             :  * successful file rotation.
    1252             :  *
    1253             :  * Returns false if the rotation has been stopped, or true to move on to
    1254             :  * the processing of other formats.
    1255             :  */
    1256             : static bool
    1257           4 : logfile_rotate_dest(bool time_based_rotation, int size_rotation_for,
    1258             :                     pg_time_t fntime, int target_dest,
    1259             :                     char **last_file_name, FILE **logFile)
    1260             : {
    1261           4 :     char       *logFileExt = NULL;
    1262             :     char       *filename;
    1263             :     FILE       *fh;
    1264             : 
    1265             :     /*
    1266             :      * If the target destination was just turned off, close the previous file
    1267             :      * and unregister its data.  This cannot happen for stderr as syslogFile
    1268             :      * is assumed to be always opened even if stderr is disabled in
    1269             :      * log_destination.
    1270             :      */
    1271           4 :     if ((Log_destination & target_dest) == 0 &&
    1272             :         target_dest != LOG_DESTINATION_STDERR)
    1273             :     {
    1274           0 :         if (*logFile != NULL)
    1275           0 :             fclose(*logFile);
    1276           0 :         *logFile = NULL;
    1277           0 :         if (*last_file_name != NULL)
    1278           0 :             pfree(*last_file_name);
    1279           0 :         *last_file_name = NULL;
    1280           0 :         return true;
    1281             :     }
    1282             : 
    1283             :     /*
    1284             :      * Leave if it is not time for a rotation or if the target destination has
    1285             :      * no need to do a rotation based on the size of its file.
    1286             :      */
    1287           4 :     if (!time_based_rotation && (size_rotation_for & target_dest) == 0)
    1288           0 :         return true;
    1289             : 
    1290             :     /* file extension depends on the destination type */
    1291           4 :     if (target_dest == LOG_DESTINATION_STDERR)
    1292           2 :         logFileExt = NULL;
    1293           2 :     else if (target_dest == LOG_DESTINATION_CSVLOG)
    1294           2 :         logFileExt = ".csv";
    1295             :     else
    1296             :     {
    1297             :         /* cannot happen */
    1298             :         Assert(false);
    1299             :     }
    1300             : 
    1301             :     /* build the new file name */
    1302           4 :     filename = logfile_getname(fntime, logFileExt);
    1303             : 
    1304             :     /*
    1305             :      * Decide whether to overwrite or append.  We can overwrite if (a)
    1306             :      * Log_truncate_on_rotation is set, (b) the rotation was triggered by
    1307             :      * elapsed time and not something else, and (c) the computed file name is
    1308             :      * different from what we were previously logging into.
    1309             :      */
    1310           4 :     if (Log_truncate_on_rotation && time_based_rotation &&
    1311           0 :         *last_file_name != NULL &&
    1312           0 :         strcmp(filename, *last_file_name) != 0)
    1313           0 :         fh = logfile_open(filename, "w", true);
    1314             :     else
    1315           4 :         fh = logfile_open(filename, "a", true);
    1316             : 
    1317           4 :     if (!fh)
    1318             :     {
    1319             :         /*
    1320             :          * ENFILE/EMFILE are not too surprising on a busy system; just keep
    1321             :          * using the old file till we manage to get a new one.  Otherwise,
    1322             :          * assume something's wrong with Log_directory and stop trying to
    1323             :          * create files.
    1324             :          */
    1325           0 :         if (errno != ENFILE && errno != EMFILE)
    1326             :         {
    1327           0 :             ereport(LOG,
    1328             :                     (errmsg("disabling automatic rotation (use SIGHUP to re-enable)")));
    1329           0 :             rotation_disabled = true;
    1330             :         }
    1331             : 
    1332           0 :         if (filename)
    1333           0 :             pfree(filename);
    1334           0 :         return false;
    1335             :     }
    1336             : 
    1337             :     /* fill in the new information */
    1338           4 :     if (*logFile != NULL)
    1339           4 :         fclose(*logFile);
    1340           4 :     *logFile = fh;
    1341             : 
    1342             :     /* instead of pfree'ing filename, remember it for next time */
    1343           4 :     if (*last_file_name != NULL)
    1344           4 :         pfree(*last_file_name);
    1345           4 :     *last_file_name = filename;
    1346             : 
    1347           4 :     return true;
    1348             : }
    1349             : 
    1350             : /*
    1351             :  * perform logfile rotation
    1352             :  */
    1353             : static void
    1354           2 : logfile_rotate(bool time_based_rotation, int size_rotation_for)
    1355             : {
    1356             :     pg_time_t   fntime;
    1357             : 
    1358           2 :     rotation_requested = false;
    1359             : 
    1360             :     /*
    1361             :      * When doing a time-based rotation, invent the new logfile name based on
    1362             :      * the planned rotation time, not current time, to avoid "slippage" in the
    1363             :      * file name when we don't do the rotation immediately.
    1364             :      */
    1365           2 :     if (time_based_rotation)
    1366           0 :         fntime = next_rotation_time;
    1367             :     else
    1368           2 :         fntime = time(NULL);
    1369             : 
    1370             :     /* file rotation for stderr */
    1371           2 :     if (!logfile_rotate_dest(time_based_rotation, size_rotation_for, fntime,
    1372             :                              LOG_DESTINATION_STDERR, &last_sys_file_name,
    1373             :                              &syslogFile))
    1374           0 :         return;
    1375             : 
    1376             :     /* file rotation for csvlog */
    1377           2 :     if (!logfile_rotate_dest(time_based_rotation, size_rotation_for, fntime,
    1378             :                              LOG_DESTINATION_CSVLOG, &last_csv_file_name,
    1379             :                              &csvlogFile))
    1380           0 :         return;
    1381             : 
    1382           2 :     update_metainfo_datafile();
    1383             : 
    1384           2 :     set_next_rotation_time();
    1385             : }
    1386             : 
    1387             : 
    1388             : /*
    1389             :  * construct logfile name using timestamp information
    1390             :  *
    1391             :  * If suffix isn't NULL, append it to the name, replacing any ".log"
    1392             :  * that may be in the pattern.
    1393             :  *
    1394             :  * Result is palloc'd.
    1395             :  */
    1396             : static char *
    1397          12 : logfile_getname(pg_time_t timestamp, const char *suffix)
    1398             : {
    1399             :     char       *filename;
    1400             :     int         len;
    1401             : 
    1402          12 :     filename = palloc(MAXPGPATH);
    1403             : 
    1404          12 :     snprintf(filename, MAXPGPATH, "%s/", Log_directory);
    1405             : 
    1406          12 :     len = strlen(filename);
    1407             : 
    1408             :     /* treat Log_filename as a strftime pattern */
    1409          12 :     pg_strftime(filename + len, MAXPGPATH - len, Log_filename,
    1410          12 :                 pg_localtime(&timestamp, log_timezone));
    1411             : 
    1412          12 :     if (suffix != NULL)
    1413             :     {
    1414           6 :         len = strlen(filename);
    1415           6 :         if (len > 4 && (strcmp(filename + (len - 4), ".log") == 0))
    1416           6 :             len -= 4;
    1417           6 :         strlcpy(filename + len, suffix, MAXPGPATH - len);
    1418             :     }
    1419             : 
    1420          12 :     return filename;
    1421             : }
    1422             : 
    1423             : /*
    1424             :  * Determine the next planned rotation time, and store in next_rotation_time.
    1425             :  */
    1426             : static void
    1427           4 : set_next_rotation_time(void)
    1428             : {
    1429             :     pg_time_t   now;
    1430             :     struct pg_tm *tm;
    1431             :     int         rotinterval;
    1432             : 
    1433             :     /* nothing to do if time-based rotation is disabled */
    1434           4 :     if (Log_RotationAge <= 0)
    1435           4 :         return;
    1436             : 
    1437             :     /*
    1438             :      * The requirements here are to choose the next time > now that is a
    1439             :      * "multiple" of the log rotation interval.  "Multiple" can be interpreted
    1440             :      * fairly loosely.  In this version we align to log_timezone rather than
    1441             :      * GMT.
    1442             :      */
    1443           0 :     rotinterval = Log_RotationAge * SECS_PER_MINUTE;    /* convert to seconds */
    1444           0 :     now = (pg_time_t) time(NULL);
    1445           0 :     tm = pg_localtime(&now, log_timezone);
    1446           0 :     now += tm->tm_gmtoff;
    1447           0 :     now -= now % rotinterval;
    1448           0 :     now += rotinterval;
    1449           0 :     now -= tm->tm_gmtoff;
    1450           0 :     next_rotation_time = now;
    1451             : }
    1452             : 
    1453             : /*
    1454             :  * Store the name of the file(s) where the log collector, when enabled, writes
    1455             :  * log messages.  Useful for finding the name(s) of the current log file(s)
    1456             :  * when there is time-based logfile rotation.  Filenames are stored in a
    1457             :  * temporary file and which is renamed into the final destination for
    1458             :  * atomicity.  The file is opened with the same permissions as what gets
    1459             :  * created in the data directory and has proper buffering options.
    1460             :  */
    1461             : static void
    1462           4 : update_metainfo_datafile(void)
    1463             : {
    1464             :     FILE       *fh;
    1465             :     mode_t      oumask;
    1466             : 
    1467           4 :     if (!(Log_destination & LOG_DESTINATION_STDERR) &&
    1468           0 :         !(Log_destination & LOG_DESTINATION_CSVLOG))
    1469             :     {
    1470           0 :         if (unlink(LOG_METAINFO_DATAFILE) < 0 && errno != ENOENT)
    1471           0 :             ereport(LOG,
    1472             :                     (errcode_for_file_access(),
    1473             :                      errmsg("could not remove file \"%s\": %m",
    1474             :                             LOG_METAINFO_DATAFILE)));
    1475           0 :         return;
    1476             :     }
    1477             : 
    1478             :     /* use the same permissions as the data directory for the new file */
    1479           4 :     oumask = umask(pg_mode_mask);
    1480           4 :     fh = fopen(LOG_METAINFO_DATAFILE_TMP, "w");
    1481           4 :     umask(oumask);
    1482             : 
    1483           4 :     if (fh)
    1484             :     {
    1485           4 :         setvbuf(fh, NULL, PG_IOLBF, 0);
    1486             : 
    1487             : #ifdef WIN32
    1488             :         /* use CRLF line endings on Windows */
    1489             :         _setmode(_fileno(fh), _O_TEXT);
    1490             : #endif
    1491             :     }
    1492             :     else
    1493             :     {
    1494           0 :         ereport(LOG,
    1495             :                 (errcode_for_file_access(),
    1496             :                  errmsg("could not open file \"%s\": %m",
    1497             :                         LOG_METAINFO_DATAFILE_TMP)));
    1498           0 :         return;
    1499             :     }
    1500             : 
    1501           4 :     if (last_sys_file_name && (Log_destination & LOG_DESTINATION_STDERR))
    1502             :     {
    1503           4 :         if (fprintf(fh, "stderr %s\n", last_sys_file_name) < 0)
    1504             :         {
    1505           0 :             ereport(LOG,
    1506             :                     (errcode_for_file_access(),
    1507             :                      errmsg("could not write file \"%s\": %m",
    1508             :                             LOG_METAINFO_DATAFILE_TMP)));
    1509           0 :             fclose(fh);
    1510           0 :             return;
    1511             :         }
    1512             :     }
    1513             : 
    1514           4 :     if (last_csv_file_name && (Log_destination & LOG_DESTINATION_CSVLOG))
    1515             :     {
    1516           4 :         if (fprintf(fh, "csvlog %s\n", last_csv_file_name) < 0)
    1517             :         {
    1518           0 :             ereport(LOG,
    1519             :                     (errcode_for_file_access(),
    1520             :                      errmsg("could not write file \"%s\": %m",
    1521             :                             LOG_METAINFO_DATAFILE_TMP)));
    1522           0 :             fclose(fh);
    1523           0 :             return;
    1524             :         }
    1525             :     }
    1526           4 :     fclose(fh);
    1527             : 
    1528           4 :     if (rename(LOG_METAINFO_DATAFILE_TMP, LOG_METAINFO_DATAFILE) != 0)
    1529           0 :         ereport(LOG,
    1530             :                 (errcode_for_file_access(),
    1531             :                  errmsg("could not rename file \"%s\" to \"%s\": %m",
    1532             :                         LOG_METAINFO_DATAFILE_TMP, LOG_METAINFO_DATAFILE)));
    1533             : }
    1534             : 
    1535             : /* --------------------------------
    1536             :  *      signal handler routines
    1537             :  * --------------------------------
    1538             :  */
    1539             : 
    1540             : /*
    1541             :  * Check to see if a log rotation request has arrived.  Should be
    1542             :  * called by postmaster after receiving SIGUSR1.
    1543             :  */
    1544             : bool
    1545           2 : CheckLogrotateSignal(void)
    1546             : {
    1547             :     struct stat stat_buf;
    1548             : 
    1549           2 :     if (stat(LOGROTATE_SIGNAL_FILE, &stat_buf) == 0)
    1550           2 :         return true;
    1551             : 
    1552           0 :     return false;
    1553             : }
    1554             : 
    1555             : /*
    1556             :  * Remove the file signaling a log rotation request.
    1557             :  */
    1558             : void
    1559         942 : RemoveLogrotateSignalFiles(void)
    1560             : {
    1561         942 :     unlink(LOGROTATE_SIGNAL_FILE);
    1562         942 : }
    1563             : 
    1564             : /* SIGUSR1: set flag to rotate logfile */
    1565             : static void
    1566           2 : sigUsr1Handler(SIGNAL_ARGS)
    1567             : {
    1568           2 :     int         save_errno = errno;
    1569             : 
    1570           2 :     rotation_requested = true;
    1571           2 :     SetLatch(MyLatch);
    1572             : 
    1573           2 :     errno = save_errno;
    1574           2 : }

Generated by: LCOV version 1.14