| From: | Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com> |
|---|---|
| To: | Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com> |
| Cc: | Srinath Reddy Sadipiralla <srinath2133(at)gmail(dot)com>, SATYANARAYANA NARLAPURAM <satyanarlapuram(at)gmail(dot)com>, "Hayato Kuroda (Fujitsu)" <kuroda(dot)hayato(at)fujitsu(dot)com>, John H <johnhyvr(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Introduce XID age based replication slot invalidation |
| Date: | 2026-04-06 17:42:03 |
| Message-ID: | CALj2ACV_PV5LiL55O02UYJ_zfZw0CUKnR_nW83mpm0ZuYkbM8g@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On Mon, Apr 6, 2026 at 1:45 AM Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com> wrote:
>
> > I took a look at the v10 patch and it LGTM. I tested it - make
> > check-world passes, pgindent doesn't complain.
>
> While reviewing the patch, I found that with this patch, backend
> processes and autovacuum workers can simultaneously attempt to
> invalidate the same slot for the same reason. When invalidating a
> slot, we send a signal to the process owning the slot and wait for it
> to exit and release the slot. If the process takes a long time to exit
> for some reason, subsequent autovacuum workers attempting to
> invalidate the same slot will also send a SIGTERM and get stuck at
> InvalidatePossiblyObsoleteSlot(). In the worst case, this could result
> in all autovacuum activity being blocked. I think we need to address
> this problem.
Thank you!
You're right that multiple autovacuum workers can wait on the same
slot for SIGTERM to take effect on the process (mainly walsenders)
holding the slot. Once the process holding the slot exits, one worker
finishes the invalidation and the others see it's done and move on.
However, IMHO, this is unlikely to be a problem in practice.
First, SIGTERM must take a long time to terminate the process holding
the slot. This seems unlikely unless I'm missing some cases.
Second, the slot's xmin must be very old (past XID age) while the
process is still running but slow to exit. If we set max_slot_xid_age
close to vacuum_failsafe_age (e.g., 1.6 billion. I've added this note
in the docs), it seems unlikely that the replication connection would
still be active at that point.
Also, concurrent invalidation can already happen today between the
startup process and checkpointer on standby.
If needed, we could add a flag to skip extra invalidation attempts
based on field experience. Since this feature is off by default, I'd
prefer to keep things simple, but I'm open to other approaches.
Thoughts?
--
Bharath Rupireddy
Amazon Web Services: https://aws.amazon.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Haibo Yan | 2026-04-06 17:51:43 | Re: Extract numeric filed in JSONB more effectively |
| Previous Message | Daniel Gustafsson | 2026-04-06 17:34:44 | Re: Changing the state of data checksums in a running cluster |