-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle SIGPIPE gracefully #1466
Comments
Handling SIGPIPE made restic abort when a TCP connection was reset by a server. This happened on DigitalOcean Spaces, which uses the s3 backend.
@fd0 you're right, the best thing to do is to always ignore the signal, and do complete error handling + cleanup on EPIPE (or any other non-Timeout) errors from stdin/out/err. That's also what the runtime does. |
Good points, thanks for the analysis. I'll add an entry to the CHANGELOG now. We'll leave this issue open until writing stdout/stderr failures are checked everywhere and handled correctly. @armhold you mentioned in #1413 that sometimes your backups fail and leave a lock file. How do you typically run restic? |
I think most (perhaps all?) of the lock situations I encountered were due to me flubbing a command line where I was piping restic output to a filter of some sort. Like this:
This results in "command not found" and also a lock not cleaned up. |
This hit me today. When trying to automate restic I run
to see if there's any snapshots that'd be cleaned up. This causes the repository to get locked. Temporary workaround is to use
but it'd be nice not having to scratch my head wondering what's happening.
to make sure it won't happen. |
As per #1814, this should probably be treated as bug. Are there any plans on fixing it? |
Okay, so can we do what @FiloSottile suggested (reimplementing the SIGPIPE handling but only acting on it for file descriptors 1 and 2 (stdout and stderr), so everything > 2 is ignored)? Or won't that work for some reason I'm not seeing? |
Judging from the go source code, the default behavior is currently to first ignore the But what we could do is, to replace I've also tried to come up with a solution that tries to route the error through restic, but that just ended up being quite horrible. |
The SIGPIPE issue in #1457 will occur for all backends, it's just that some are... less reliable than others ;)
The problem is that registering a SIGPIPE handler removes the Go runtime logic that only crashes on SIGPIPE on fd 0/1/2, and not on SIGPIPE caused by i.e. TCP connection resets.
https://github.com/golang/go/blob/78074f6850c34a955d69f578e363d1d3f3e00e25/src/os/signal/doc.go#L91-L110
This was reverted in 2579fe6, but for a solution that also fixes #1413, you can check the file descriptor like the runtime does, and ignore for > 2.
Also, I think the fix in 2579fe6 should have its own CHANGELOG line and maybe even a minor version release, as I basically can't finish a backup to B2 without a TCP reset.
(Some decent background reading is also https://stackoverflow.com/questions/108183/how-to-prevent-sigpipes-or-handle-them-properly)
The text was updated successfully, but these errors were encountered: