From: | Andres Freund <andres(at)2ndquadrant(dot)com> |
---|---|
To: | Simon Riggs <simon(at)2ndQuadrant(dot)com> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Dimitri Fontaine <dimitri(at)2ndquadrant(dot)fr>, Josh Berkus <josh(at)agliodbs(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: ALTER TABLE ... NOREWRITE option |
Date: | 2012-12-06 19:04:13 |
Message-ID: | 20121206190413.GD20926@awork2.anarazel.de |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 2012-12-06 18:42:22 +0000, Simon Riggs wrote:
> On 6 December 2012 18:31, Andres Freund <andres(at)2ndquadrant(dot)com> wrote:
> > On 2012-12-06 18:21:09 +0000, Simon Riggs wrote:
> >> On 6 December 2012 00:46, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> >> > On Wed, Dec 5, 2012 at 6:45 PM, Simon Riggs <simon(at)2ndquadrant(dot)com> wrote:
> >> >> Yes, but it is also the trigger writers problem.
> >> >
> >> > Maybe to some degree. I don't think that a server crash or something
> >> > like a block-read error is ever tolerable though, no matter how silly
> >> > the user is with their event trigger logic. If we go down that road
> >> > it will be impossible to know whether errors that are currently
> >> > reliable indicators of software or hardware problems are in fact
> >> > caused by event triggers. Of course, if an event trigger causes the
> >> > system to error out in some softer way, that's perfectly fine...
> >>
> >> How are event triggers more dangerous than normal triggers/functions?
> >
> > Normal triggers aren't run when the catalog is in an in-between state
> > because they aren't run while catalog modifications are taking place.
>
> "in-between state" means what? And what danger do you see?
For example during table rewrites we have a temporary pg_class entry
thats a full copy of the table, with a separate oid, relfilenode and
everything. That gets dropped rather unceremonially, without the usual
safety checks. If the user did anything referencing that table we would
possibly have a corrupt catalog or even a segfault at our hands.
For normal triggers the code takes quite some care to avoid such
dangers.
> If its just "someone might write bad code" that horse has already
> bolted - functions, triggers, executor hooks, operators, indexes etc
Not sure what you mean by that. Those don't get called in situation
where they don't have a reliable work-environment.
> I don't see any difference between an event trigger and these statements...
>
> BEGIN;
> ALTER TABLE x ...;
> SELECT somefunction();
> ALTER TABLE y ...;
> COMMIT;
Event triggers get called *during* the ALTER TABLE. So if were not
careful they see something thats not easy to handle.
I am for example not sure what would happen if we had a "rewrite" event
trigger which inserts a log entry into a logtable. Not a stupid idea,
right?
Now imagine we had a deferred unique key on that logtable and the
logtable is the one that gets rewritten...
Greetings,
Andres Freund
--
Andres Freund http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2012-12-06 19:04:44 | Re: why can't plpgsql return a row-expression? |
Previous Message | Tom Lane | 2012-12-06 18:59:32 | Re: How to check whether the row was modified by this transaction before? |