[
https://issues.apache.org/jira/browse/LOG4J2-1350?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15223790#comment-15223790
]
Remko Popma commented on LOG4J2-1350:
-------------------------------------
Perhaps some of the work done for LOG4J2-1080 will give you the building blocks
to implement a custom circuit breaker. (Note that this is not in 2.5 but will
be included in 2.6.)
How does this work:
Async Loggers will try to publish a log event to the ring buffer, but if the
ring buffer is full, it will consult the configured {{AsyncEventRouter}}
whether to discard the event, log it synchronously or enqueue it (block until a
space in the ring buffer becomes available).
You can install a custom {{AsyncEventRouter}} by specifying the fully qualified
class name of a custom class implementing the
{{org.apache.logging.log4j.core.async.AsyncEventRouter}} interface for system
property {{log4j2.AsyncEventRouter}}. (See AsyncEventRouterFactory).
> Circuit Breaker for log system to avoid DOS by recursion
> --------------------------------------------------------
>
> Key: LOG4J2-1350
> URL: https://issues.apache.org/jira/browse/LOG4J2-1350
> Project: Log4j 2
> Issue Type: Improvement
> Components: Core
> Affects Versions: 2.5
> Reporter: Steffen Offermann
>
> We have encountered the following situation: A method in an application
> thread was recursively calling itself again and again, until the inevitable
> {{StackOverflowException}} occurred. Other application threads worked fine,
> but since we use asynchronous logging, the Log4j ring buffer ran full because
> of the thread that was running amok. As a consequence none of the other
> threads could issue any log messages any more.
> In production systems we MUST be able to see log messages, otherwise we have
> hardly a means to tell when something goes wrong and to discover problems
> like this.
> So my suggestion would be to add a circuit breaker pattern to the Log4j core
> system (unless there already is one that I'm not aware of), that would track
> the frequency of log events per thread and open once a dangerous threshold
> has been reached or exceeded. That way other threads would still be able to
> send log events once the ring buffer is free again.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
