From: | Nico Williams <nico(at)cryptonector(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Andres Freund <andres(at)anarazel(dot)de>, Jimmy Yih <jyih(at)pivotal(dot)io>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: [HACKERS] possible self-deadlock window after bad ProcessStartupPacket |
Date: | 2018-07-19 20:04:15 |
Message-ID: | 20180719200414.GK9712@localhost |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Thu, Jun 22, 2017 at 03:10:31PM -0400, Tom Lane wrote:
> Andres Freund <andres(at)anarazel(dot)de> writes:
> > Or, probably more robust: Simply _exit(2) without further ado, and rely
> > on postmaster to output an appropriate error message. Arguably it's not
> > actually useful to see hundreds of "WARNING: terminating connection because of
> > crash of another server process" messages in the log anyway.
>
> At that point you might as well skip the entire mechanism and go straight
> to SIGKILL. IMO the only reason quickdie() exists at all is to try to
> send a helpful message to the client. And it is helpful --- your attempt
> to claim that it isn't sounds very much like wishful thinking.
I dunno if it is or isn't helpful. But I do know that this must be done
in an async-signal-safe way.
Besides making ereport() async-signal-safe, which is tricky, you could
write(2) the arguments to a pipe that another thread in the same process
is reading from and which will then call ereport() and exit(3). This
would be less work if you're willing to use a thread for that (the
thread would only block in read(2) on that pipe, and would only provide
this one service).
Nico
--
From | Date | Subject | |
---|---|---|---|
Next Message | Nico Williams | 2018-07-19 20:07:28 | Re: [HACKERS] possible self-deadlock window after bad ProcessStartupPacket |
Previous Message | Tom Lane | 2018-07-19 20:04:01 | Re: [HACKERS] possible self-deadlock window after bad ProcessStartupPacket |