From 5f29c2c22ef09854687ca3dda6c7648090684648 Mon Sep 17 00:00:00 2001 From: Andres Freund Date: Wed, 19 Mar 2025 13:17:41 -0400 Subject: [PATCH v2.11 03/27] Redefine max_files_per_process to control additionally opened files Until now max_files_per_process=N limited each backend to open N files in total (minus a safety factor), even if there were already more files opened in postmaster and inherited by backends. Change max_files_per_process to control how many additional files each process is allowed to open. The main motivation for this is the patch to add io_method=io_uring, which needs to open one file for each backend. Without this patch, even if RLIMIT_NOFILE is high enough, postmaster will fail in set_max_safe_fds() if started with a high max_connections. The cause of the failure is that, until now, set_max_safe_fds() subtracted the already open files from max_files_per_process. Discussion: https://postgr.es/m/w6uiicyou7hzq47mbyejubtcyb2rngkkf45fk4q7inue5kfbeo@bbfad3qyubvs Discussion: https://postgr.es/m/CAGECzQQh6VSy3KG4pN1d=h9J=D1rStFCMR+t7yh_Kwj-g87aLQ@mail.gmail.com --- src/backend/storage/file/fd.c | 14 ++++++++------ src/backend/utils/misc/guc_tables.c | 2 +- doc/src/sgml/config.sgml | 8 ++++++-- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/src/backend/storage/file/fd.c b/src/backend/storage/file/fd.c index 62f1185859f..0c3a2a756e7 100644 --- a/src/backend/storage/file/fd.c +++ b/src/backend/storage/file/fd.c @@ -1047,16 +1047,17 @@ set_max_safe_fds(void) /*---------- * We want to set max_safe_fds to - * MIN(usable_fds, max_files_per_process - already_open) + * MIN(usable_fds, max_files_per_process) * less the slop factor for files that are opened without consulting - * fd.c. This ensures that we won't exceed either max_files_per_process - * or the experimentally-determined EMFILE limit. + * fd.c. This ensures that we won't allow to open more than + * max_files_per_process, or the experimentally-determined EMFILE limit, + * additional files. *---------- */ count_usable_fds(max_files_per_process, &usable_fds, &already_open); - max_safe_fds = Min(usable_fds, max_files_per_process - already_open); + max_safe_fds = Min(usable_fds, max_files_per_process); /* * Take off the FDs reserved for system() etc. @@ -1070,9 +1071,10 @@ set_max_safe_fds(void) ereport(FATAL, (errcode(ERRCODE_INSUFFICIENT_RESOURCES), errmsg("insufficient file descriptors available to start server process"), - errdetail("System allows %d, server needs at least %d.", + errdetail("System allows %d, server needs at least %d, %d files are already open.", max_safe_fds + NUM_RESERVED_FDS, - FD_MINFREE + NUM_RESERVED_FDS))); + FD_MINFREE + NUM_RESERVED_FDS, + already_open))); elog(DEBUG2, "max_safe_fds = %d, usable_fds = %d, already_open = %d", max_safe_fds, usable_fds, already_open); diff --git a/src/backend/utils/misc/guc_tables.c b/src/backend/utils/misc/guc_tables.c index 97cfd6e5a82..75bb0acdf0f 100644 --- a/src/backend/utils/misc/guc_tables.c +++ b/src/backend/utils/misc/guc_tables.c @@ -2680,7 +2680,7 @@ struct config_int ConfigureNamesInt[] = { {"max_files_per_process", PGC_POSTMASTER, RESOURCES_KERNEL, - gettext_noop("Sets the maximum number of simultaneously open files for each server process."), + gettext_noop("Sets the maximum number of files each server process is allowed to open simultaneously."), NULL }, &max_files_per_process, diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml index bdcefa8140b..c704f3f98f1 100644 --- a/doc/src/sgml/config.sgml +++ b/doc/src/sgml/config.sgml @@ -2378,8 +2378,12 @@ include_dir 'conf.d' - Sets the maximum number of simultaneously open files allowed to each - server subprocess. The default is one thousand files. If the kernel is enforcing + Sets the maximum number of open files each server subprocess is + allowed to open simultaneously, in addition to the files already open + in postmaster. The default is one thousand files. + + + If the kernel is enforcing a safe per-process limit, you don't need to worry about this setting. But on some platforms (notably, most BSD systems), the kernel will allow individual processes to open many more files than the system -- 2.48.1.76.g4e746b1a31.dirty