[moved to -hackers] On tor, 2009-11-12 at 22:37 +0200, Marko Kreen wrote: > On 11/12/09, Tom Lane <t...@sss.pgh.pa.us> wrote: > > Marko Kreen <mark...@gmail.com> writes: > > > You talked about blocking in quickdie(), but you'd need > > > to block in elog(). > > > > I'm not really particularly worried about that case. By that logic, > > we could not use quickdie at all, because any part of the system > > might be doing something that wouldn't survive being interrupted. > > Not really - we'd need to care only about parts that quickdie() > (or any other signal handler) wants to use. Which basically means > elog() only. > > OK, full elog() is a beast, but why would SIGQUIT handler need full > elog()? How about we export minimal log-writing function and make > that signal-safe - that is, drop message if already active. This > will excange potential crash/deadlock with lost msg which seems > slightly better behaviour.
Yeah, on reflection, calling elog in the SIGQUIT handler is just waiting for trouble. The call could block for any number of reasons, because there is a boatload of functionality that comes with a logging call. In the overall scheme of things, you don't really lose much if you just delete the call altogether, because in the event that it's called the postmaster will already have logged that it is going to kill all children. Or there ought to be some kind of alarm that would abort the thing if it takes too long. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers