Re: asynchronous commit risk window is overly optimistic

Поиск
Список
Период
Сортировка
От Bruce Momjian
Тема Re: asynchronous commit risk window is overly optimistic
Дата
Msg-id 20190409214412.pew7tgfzn2y7k334@momjian.us
обсуждение исходный текст
Ответ на asynchronous commit risk window is overly optimistic  (Jeff Janes <jeff.janes@gmail.com>)
Список pgsql-docs
Дерево обсуждения 
On Wed, Mar 20, 2019 at 02:50:21PM -0400, Jeff Janes wrote:
> https://www.postgresql.org/docs/current/wal-async-commit.html:
> 
> "If the database crashes during the risk window between an asynchronous commit
> and the writing of the transaction's WAL records, then changes made during that
> transaction will be lost. The duration of the risk window is limited because a
> background process (the “WAL writer”) flushes unwritten WAL records to disk
> every wal_writer_delay milliseconds. The actual maximum duration of the risk
> window is three times wal_writer_delay because the WAL writer is designed to
> favor writing whole pages at a time during busy periods."
> 
> I think the phrase "actual maximum duration" here is far too reassuring. There
> is no guarantee that the kernel will wake WAL writer three times in a row at
> the times it requested, or even any other smalish multiple of that time. Even
> if the wal_writer does repeatedly wake on schedule and requests a fsync, that
> fsync itself can take a very large multiple of wal_writer_delay milliseconds
> before it takes effect.
> 
> If your server experiences a sudden power failure during normal operations with
> uncongested IO, then it is very likely that anything asynchronously committed
> more than three wal_writer_delay (plus two disk rotations) ago has made it to
> disk.  But if it crashes for some other reason than a sudden power failure, it
> is less likely to be on disk.  A stricken server can go wobbly for a long time
> before finally falling over.
> 
> Maybe it should be replaced with something less confident, like "Under normal
> conditions, the flush will be initiated within three times wal_writer_delay
> because the WAL writer is designed to favor writing whole pages at a time
> during busy periods."
> 
> Although the whole "because" clause seems to be more inside baseball than is
> warranted here.

I think we can go with:

    "Under normal conditions, the flush will be initiated within
    roughly three times wal_writer_delay".

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +

В списке pgsql-docs по дате отправления:

Предыдущее
От: Jind?ich Vavru?ka
Дата:
Сообщение: RE: Section 4.1.2.7 contains false information
Следующее
От: "David G. Johnston"
Дата:
Сообщение: Re: Section 4.1.2.7 contains false information