| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, David Pacheco <dap(at)joyent(dot)com>, PostgreSQL mailing lists <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: postmaster deadlock while logging after syslogger exited |
| Date: | 2017-11-17 02:14:17 |
| Message-ID: | 20171117021417.7wg3qlzhvmijw4b3@alap3.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 2017-11-17 11:09:56 +0900, Michael Paquier wrote:
> On Fri, Nov 17, 2017 at 10:50 AM, Andres Freund <andres(at)anarazel(dot)de> wrote:
> > On 2017-11-06 15:35:03 -0500, Tom Lane wrote:
> >> David Pacheco <dap(at)joyent(dot)com> writes:
> >> > I ran into what appears to be a deadlock in the logging subsystem. It
> >> > looks like what happened was that the syslogger process exited because it
> >> > ran out of memory. But before the postmaster got a chance to handle the
> >> > SIGCLD to restart it, it handled a SIGUSR1 to start an autovacuum worker.
> >> > That also failed, and the postmaster went to log a message about it, but
> >> > it's blocked on the pipe that's normally connected to the syslogger,
> >> > presumably because the pipe is full because the syslogger is gone and
> >> > hasn't read from it.
> >>
> >> Ugh.
> >
> > I'm somewhat inclined to say that one has to live with this if the
> > system is so resource constrainted that processes barely using memory
> > get killed.
> >
> > We could work around a situation like that if we made postmaster use a
> > *different* pipe as stderr than the one we're handing to normal
> > backends. If postmaster created a new pipe and closed the read end
> > whenever forking a syslogger, we should get EPIPEs when writing after
> > syslogger died and could fall back to proper stderr or such.
>
> I don't have the code on top of my mind, but isn't a custom fd causing
> a small penalty
Sure, there's some minor overhead because every process would need to
close another fd after forking.
> when redirection_done is switched to true because the first process
> generating a message to the syslogger pipe needs to open it first if
> not done yet?
I can't follow. The syslogger pipe is created when the first syslogger
is started (before it's forked!). Which happens before other processes
are created, because they all need to inherit that file descriptor.
> So you'd need proper locking to save from race conditions.
I completely fail to see why this'd be the case. All I'm talking about
is using another pipe between syslogger and postmaster than between
other-processes and syslogger.
Greetings,
Andres Freund
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2017-11-17 02:16:14 | Re: postmaster deadlock while logging after syslogger exited |
| Previous Message | Michael Paquier | 2017-11-17 02:09:56 | Re: postmaster deadlock while logging after syslogger exited |