Re: [PATCH] V3: Idle in transaction cancellation

Robert Haas <robertmhaas@gmail.com>

From: Robert Haas <robertmhaas@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Greg Smith <greg@2ndquadrant.com>, Andres Freund <andres@anarazel.de>, Alvaro Herrera <alvherre@commandprompt.com>, pgsql-hackers <pgsql-hackers@postgresql.org>, Kevin Grittner <kevin.grittner@wicourts.gov>
Date: 2010-12-16T20:32:17Z
Lists: pgsql-hackers
On Thu, Dec 16, 2010 at 3:18 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Robert Haas <robertmhaas@gmail.com> writes:
>> Hmm.  It's seeming to me that what we want to do is something like this:
>
>> 1. If an error is thrown while DoingCommandRead, it gets upgraded to
>> FATAL.  I don't think we have much choice about this because, per your
>> previous comments, we can't longjmp() here without risking protocol
>> breakage, and we certainly can't return from an elog(ERROR) or
>> ereport(ERROR).
>
> Um, if that's the ground rules then we have no advance over the current
> situation.
>
> I guess you misunderstood what I said.  What I meant was that we cannot
> longjmp *out to the outer level*, ie we cannot take control away from
> the input stack.  We could however have a TRY block inside the interrupt
> handler that catches and handles (queues) any errors occurring during
> transaction abort.  As long as we eventually return control to openssl
> I think it should work.

Is there any real advantage to that?  How often do we hit an error
trying to abort a transaction?  And how will we report the error
anyway?  I thought the next thing we'd report would be the recovery
conflict, not any bizarre can't-abort-the-transaction scenario.

> (Hm, but I wonder whether there are any hard
> timing constraints in the ssl protocol ... although hopefully xact abort
> won't ever take long enough that that's a real problem.)

That would be incredibly broken.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company